Free statements on auditing standards software for linux

SLAD is a tool for performing local security checks against GNU/Linux systems.

SLAD has been primarily developed for the BOSS project to work together with Nessus to enhance its local scanning capabilities. For example, scanning for weak passwords with a tool like John-the-Ripper is something that simply cannot be achieved by a network scan.

Therefore, SLAD is required to be installed on every GNU/Linux system where local auditing needs to be done. SLAD can then be used as a stand-alone application or more conveniently through Nessus. For usage with Nessus two NASL plugins are provided for interfacing between Nessus and SLAD

The Version 2.0 provides a XML Interface for Parameters and easy integration of additional audit-parameters and tools. To help the administrator to integrate a new feature-set, a development-documentation is provided with the cvs.

SLAD has been tested and verified on the following platforms:

RedHat Fedora Core 3
SuSe 9.2
Debian 3.0 (woody)
Debian 3.1 (sarge)
ERPOSS3
Gentoo Linux 2004.3

SLAD is implemented in Perl and provides an extendable plugin architecture allowing to use various GPL-based security scanners and auditing tools under one common framework. Currently, SLAD comes packaged with

John-the-Ripper
Chkrootkit
LSOF
ClamAV
Tripwire
TIGER

As a result SLAD delivers reports of these locally installed auditing and analysis tools. When used with Nessus the individual reports are wrapped into a standard Nessus report.

SLAD as well as the SLAD NASL Plugins can be downloaded from this Website in their current stable release V2.0.

Installation:

You can use our "easy-to-use" GTK installer, this installer downloads the lastest SLAD Release Binary, and install it on the target system. You only need to provide the login for the traget system.

Lemonldap::Portal::Standard is a Perl extension for the Lemonldap SSO system.

SYNOPSIS

use Lemonldap::Portal::Standard;
sub my_method {
my $self = shift;
my $user = $self->{user};
$user.="-cp" if $user !~ /-cp$/;
$self->{user} = $user;
return ;
}

my $message = ;
my %params =Vars;
my $stack_user=Lemonldap::Portal::Standard->new(formateUser => &my_method);
my $urlc;
my $urldc;
$retour=$stack_user->process(param => %params,
server => $ReverseProxyConfig::ldap_serveur,
port => $ReverseProxyConfig::ldap_port,
DnManager => $ReverseProxyConfig::ldap_admin_dn,
passwordManager => $ReverseProxyConfig::ldap_admin_pd,
branch => $ReverseProxyConfig::ldap_branch_people
);
if ($retour) {
$message=$retour->message;
$erreur=$retour->error;
}

See in directory examples for more details

Lemonldap is a SSO system under GPL. The authentification phase need to display a form with user / password . Standard.pm manage all the cycle of authentification :

step 0 : setting configuration
step 1 : manage the source of request
step 2 : manage timeout
step 3 : control the input form of user and password
step 4 : formate the userid if needing
step 5 : build the filter for the search
step 6 : build subtree for the search ldap
step 7 : make socket upon ldap server
step 8 : bind operation
step 9 : make search
step 10 : confection of %session from ldap infos
step 11 : unbind
step 12 : re-bind for validing users credentials
Any step can bee overload for include your custom method.
standards errors messages :

1 => Your connection has expired; You must to be authentified once again,
2 => User and password fields must be filled,
3 => Wrong directory manager account or password ,
4 => not found in directory,
5 => wrong credentials ,

warning the value 9 for error message is returned then the form is empty ist not an real error , perhaps its the initial request.

The Linux Security Auditing Tool (LSAT) is a post install security auditor for Linux/Unix.
Linux Security Auditing Tool checks many system configurations and local network settings on the system for common security/config errors and for packages that are not needed.
It (for now) works under Linux (x86: Gentoo, RedHat, Debian, Mandrake; Sparc: SunOS (2.x), Redhat sparc, Mandrake Sparc; Apple OS X).
Enhancements:
- The dependency on the popt library has been removed.
- This release adds extra passwd and group checks under Linux, a check for failed logins under Linux/Solaris, a check for kernel modules under Solaris, network interface stats, and routing checks. It fixes a problem in checknetforward giving false positives, and an issue where verbose output was not very consistent.
- The kernel module check under Linux has been modified.

SQL-Ledger Accounting project is a double entry accounting system. Accounting data is stored in a SQL Server, for the display any text or GUI browser can be used. The entire system is linked through a chart of accounts. Each item in inventory is linked to income, expense, inventory and tax accounts. When items are sold and purchased the accounts are automatically updated.
With the assembly feature you can build manufactured goods from parts, services, labor units and assemblies. When the assembly is sold all the accounts linked to the individual parts, services, labor units and assemblies are updated and stock levels adjusted accordingly.
Invoices, Packing List, Income Statement, Balance Sheet, Sales, Work and Purchase Order, Statements, Receipts and Checks are generated from templates and can be changed to suit your needs. Templates are provided in html, tex and text format. The tex templates are processed with latex to produce postscript and PDF documents. Documents can be sent to a printer, file or fax, displayed with a PDF viewer or sent by email.
The translation mechanism for items and foreign language templates can be set for each customer/vendor so it is possible to generate invoices in a foreign language without knowledge of a foreign language. This translation facility can also be used to generate different forms for a group of customers/vendors.
DWS Systems Inc. is the developer of SQL-Ledger and provides ongoing support and customizations. SQL-Ledger is licensed under the GPL license, and is free software.
SQL-Ledger can be used on any UNIX, Mac OS X and Windows computer.
SQL-Ledger is written in Perl, developed on FreeBSD and Linux with Galeon, Konqueror, Netscape, Lynx, Links, W3M, Voyager, Explorer to render the display, Apache, thttpd, boa to communicate between the server and the browser, and PostgreSQL, Oracle, or DB2 to store accounting data.
Languages:
- English
- Arabic (Egypt)
- Bahasa Indonesia
- Brazilian Portuguese
- Catalan
- Chinese (Simplified)
- Chinese (Traditional)
- Czech
- Danish
- Dutch
- Estonian
- Finnish
- French
- German
- Greek
- Hungarian
- Icelandic
- Italian
- Latvian
- Lithuanian
- Norwegian
- Polish
- Portuguese
- Russian
- Spanish
- Swedish
- Turkish
- Ukrainian
Main features:
- Accounts Receivable
- Accounts Payable
- General Ledger
- Inventory Control
- Billing / Invoicing
- Time Cards
- Recurring Invoices
- POS
- Check Printing
- Purchase / Sales Orders
- Customizable Taxes
- Multi-user
- Multi-company
- Audit Control
- Foreign Currency
- Internationalization
- Access Control
- SQL server backend
- Customizable Templates
- Customers
- Vendors
- Assemblies (BOM, kits)
- Chart of Accounts
- Customizable Reports
- Financial Statements
- Administration Module
- Backup to file/email
- Application Interface
- Use on Handheld

Spike PHP Security Audit Tool project is a tool that performs a static analysis of PHP code for security exploits.
Usage:
To install, unzip Spike phpSecAudit package.
> unzip spike_phpSecAudit.zip
Change directory to your php repository.
> cd /path/to/code/to/audit
Execute the run.php, passing the file name or directory to audit.
> php /path/to/spike_phpSecAudit/run.php test_file.php
or
> php /path/to/spike_phpSecAudit/run.php dir_name
Enhancements:
- Modified to be PHP 4 friendly.
- A few functions have been added to the knowledge base: extract, shell_exec, pcntl_exec, and exec.
- The organization of the knowledge base file (vuln_db.xml) has been slightly improved.
- The _getAllPhpFiles function may miss a few (unverified).
- The tokenizer needs to be able to differentiate between a native function call and class method call of the same name, i.e. mail() and $class->mail().

Qmail Auditor consists of a email auditing tool.
QMail Auditor provides simple a method for auditing emails. It is easy to configure and uses regular expressions as rules.
The format of audit file is :
Any e-mail (outbound or inbound) have passed at this filter.
The valids "field header"(s) :
all - field from or to of e-mails
to - field to
from - field from
In case of regular expression you read the
# man re_format
# man regex
E-mail to forward is a valid mail account to redirect.
Example of this :
from nelio@walk.* auditoria@spyware.walk.com.br
to nelio@spyware.* auditoria@spyware.walk.com.br
Enhancements:
- Now the config file name has renamed.
- From audit (in /var/qmail/control for /var/qmail/control/auditor) and qmail-queue-real-audit for qmail-queue-real-auditor.

Database Fishing Tool is short DaFT is a front-end to any database that can be connected to with an ODBC driver. DaFT allows you to browse the database objects, view data in tables and views, and create and execute SQL statements, also as a script, including variable scanning.
DaFT contains a database objects list (tables and views), list of columns and column properties, a table for data snapshots, detailed data view, a notepad, a table for viewing the outcome of select statements, T-SQL or PL/SQL statements, a SQL statement editor with syntax highlighting, and a screen to follow all ODBC driver messages (errors etc.).
All selected data can be saved into a file. The supported file formats are HTML, XLS, CSV, SyLK, and DIF. The SQL statements can be saved into a text file.
Enhancements:
- Handle Tables, Views, and colums with names (partly) in capitals with surrounding quotes.
- Some bug fixes...

logindpostgres is a script that reads SQL select statements from PostgreSQL logs and generates all the indices to optimize the database for each request.

logindpostgres has been tested on 1.2 GB of logs.