Security Assessment

After you have applied all your security steps, you can use some tools to test whether there are still potential security risks within the system. Listed below is some basic information about how to use some of the common tools. You will find there are more tools available to perform security assessments.

System log files

Linux systems come with log files to record all system activities under '/var/log'. You can examine the 'auth.log' file to check SSH logins, and examine the 'syslog' file for any system wide activities.

OpenVAS

Open Vulnerability Assessment System (OpenVAS) is a set of tools and services that can be used to scan for vulnerabilities and vulnerability management. OpenVAS uses a security scanner that makes use of over 33 thousand daily-updated tests to conduct the security test. You can download and install the software from its website and also if you want to learn more about it, you can look at its documentation link.

Nmap

Nmap is a tool that you can use to determine the layout of a network and it is very useful to collect information about the system for security use. You can run man nmap to get more detailed descriptions of its options and usage. You can also find out open ports on the system and to check whether any ports have potential security risks. It is a good starting point for making a security policy and restricting unused services.

To install Nmap, run the yum install nmap or apt-get install nmap command as the root user.

To scan a host, you can use nmap <hostname>

The results return a list ports of listening or waiting services, and this can help to close unnecessary or unused services.

To find out more information, you can see the official homepage at the following URL: http://www.insecure.org/