tool to check security

[ESGLinux]

Thanks you for your answers

First, I can´t update to 5.6 because dependencies of the applications
installed on it.

Second,

I have run nessus and nmap from outside the machine to get the problems that
a remote user can check.

What I want now is to check the problems like:
- current kernel 2.6.18-53.el5 has pottential security problems... (CVE,
....)
- the user John has not password and a valid shell....
- given a package which CVEs affects this package

Something like these.

I´m going to give a try to bastille although the tool I´m looking for was a
shell command....

Thanks again,

ESG












2011/2/1 <m.roth at 5-cent.us>

> ESGLinux wrote:
> >
> > I have received a machine with RHEL 5.1installed and I have to put in a
> > production enviroment with other machines I have installed.
>
> First, I'd yum update or up2date it to the current 5.5 (5.6?).
> >
> > I haven´t installed this machine and I want to check if it is secured and
> > it can´t make problems with my systems.
> >
> > Long time ago I used a tool that your run on a system (perhaps it was a
> > Suse... I used to work with Suse in the past) and it gave me a report for
> > possible security problems but I can´t remmember which tool was.
> >
> > Any one knows a tool that makes this work?
>
> There are a number of tools, but it depends on what you want to do with
> the box. For example, nmap will scan ports. On the other hand, there's my
> favorite, Bastille Linux, which is not a distro, but a package that's a
> set of hardening scripts, and will walk you through shutting down or
> removing everything you don't need. I've used that on a box I was using
> for years as a firewall/router.
>
> So, what do you want to do with the box?
>
>         mark
>
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
>