yasat/0000750000175000017500000000000011756443021012427 5ustar montjoiemontjoieyasat/COPYRIGHT0000640000175000017500000000157111677022150013725 0ustar montjoiemontjoieFor all files: Copyright (c) 2008-2012 LABBE Corentin All rights reserved. Except for some part of the osdetection file and the common file what are Copyright (c) Michael Boelen (michael@rootkit.nl) (original project lynis) This file is part of YASAT. YASAT is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. YASAT is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with YASAT. If not, see . yasat/yasat0000750000175000017500000002154311756443021013503 0ustar montjoiemontjoie#!/bin/sh ################################################################################ # # # Copyright (C) 2008-2012 LABBE Corentin # # YASAT is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # YASAT is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with YASAT. If not, see . # # ################################################################################ umask 027 #test SHELL variable and/or /bin/sh link to "set -o nounset" if we are using bash #if [ "$SHELL" = '/bin/bash' ] ; then # set -o nounset #fi #TODO use http://wiki.apache.org/httpd/DistrosDefaultLayout for missing APACHE_CONF_REP="/etc/apache2" POSSIBLE_APACHE_CONFIG_LOCATION="/etc/apache2/ /etc/apache22/ /etc/apache13/ /etc/apache/ /usr/local/etc/httpd/ /usr/local/etc/apache22/ /usr/apache22/etc/ /usr/local/apache2/conf /etc/httpd/conf/ /etc/httpd/ /usr/pkg/etc/httpd/ /usr/local/etc/apache2/ /var/www/conf/" POSSIBLE_SNMP_DAEMON_CONFIG_LOCATION="/etc/snmpd /etc/snmp /usr/local/etc/snmpd /usr/local/etc/snmp /usr/local/etc" POSSIBLE_PHP_CONF_REP="/etc/php.ini /etc/php5/apache2/php.ini /private/etc/php.ini /etc/php/apache2-php5/php.ini /usr/local/etc/php.ini /usr/local/lib/php.ini /var/www/conf/php.ini /etc/php/apache2-php5.3/php.ini" POSSIBLE_MYSQL_CONF_REP="/etc/mysql/my.cnf /usr/local/etc/mysql/my.cnf" POSSIBLE_APACHE_BIN="/usr/sbin/apache2 /usr/local/sbin/httpd /usr/local/sbin/apache2 /usr/sbin/httpd" DEBUG=0 TEMPYASATDIR="`echo ~/.yasat/`" HTML_OUTPUT="" ERROR_OUTPUT_FILE="`echo ~/.yasat/yasat.err`" REPORT_OUTPUT="`echo ~/.yasat/yasat.report`" CORRECT_FILE="`echo ~/.yasat/yasat_correct.shell`" ADVICELANG="EN" PLUGINS_REP="./plugins" SCANTYPE="" NOPAUSE='no' ONEPLUGIN='' SKIPPED_TESTS='' #by default common is on the same place that yasat #but it can be copied to $DESTDIR/$PREFIX/share/yasat/common YASAT_ROOT='.' COL_WIDTH=80 #info = 0 green =1 warning,orange=2 red,error =3 PRINT_LEVEL=0 YASAT_VERSION=526 if [ -e '/etc/yasat/yasat.conf' ] then . /etc/yasat/yasat.conf echo 'Found /etc/yasat/yasat.conf' fi if [ -e '/usr/local/etc/yasat/yasat.conf' ] then . /usr/local/etc/yasat/yasat.conf echo 'Found /usr/local/etc/yasat/yasat.conf' fi if [ -e "$TEMPYASATDIR/yasat.conf" ] then . $TEMPYASATDIR/yasat.conf echo "Found $TEMPYASATDIR/yasat.conf" fi if [ -e "$REPORT_OUTPUT" ] ;then rm $REPORT_OUTPUT fi if [ -e "$CORRECT_FILE" ] ;then rm $CORRECT_FILE fi . ${YASAT_ROOT}/common if [ -z "$1" ] then print_help exit 0; fi trap armageddon INT while [ $# -ge 1 ]; do case $1 in --help) shift print_help exit 0; ;; -h) shift print_help exit 0; ;; --debug) shift DEBUG=1 ;; -d) shift DEBUG=1 ;; --full-scan) shift SCANTYPE='FULL' echo "Enabling FULL SCAN" ;; -f) shift SCANTYPE='FULL' echo "Enabling FULL SCAN" ;; --nopause) shift NOPAUSE='yes' ;; -a) shift NOPAUSE='yes' ;; -s) shift ;; --standard) shift ;; -l) shift if [ -d "$PLUGINS_REP" ] then ls $PLUGINS_REP/ | grep '.test' exit 0; fi ;; --list) shift if [ -d "$PLUGINS_REP" ] then ls $PLUGINS_REP/ | grep '.test' exit 0; fi ;; --skip) shift for TEST in `echo $1 | sed 's/,/\n/g'`; do if [ -f "${PLUGINS_REP}/${TEST}.test" ]; then SKIPPED_TESTS="${SKIPPED_TESTS}${TEST}" else echo "Invalid test $TEST" echo "see $0 --list for all tests" exit 1 fi done shift ;; --plugin) shift if [ -z "$1" ] ;then echo "Missing parameter for --plugin" print_help exit 1; fi ONEPLUGIN="$1" if [ ! -e "$1" ] ; then if [ ! -e "$PLUGINS_REP/$1" ] ; then if [ ! -e "$PLUGINS_REP/$1.test" ] ; then echo "$1 do not exists" exit 1; else ONEPLUGIN="$PLUGINS_REP/$1.test" fi else ONEPLUGIN="$PLUGINS_REP/$1" fi fi shift ;; -1) shift if [ "$1x" = "x" ] ; then echo "Missing parameter for --plugin" print_help exit 1; fi ONEPLUGIN="$1" if [ ! -e "$1" ] ; then if [ ! -e "$PLUGINS_REP/$1" ] ; then if [ ! -e "$PLUGINS_REP/$1.test" ] ; then echo "$1 do not exists" exit 1; else ONEPLUGIN="$PLUGINS_REP/$1.test" fi else ONEPLUGIN="$PLUGINS_REP/$1" fi fi shift ;; -p) shift if [ -z "$1" ] ;then echo "Missing parameter for --Plugin" print_help exit 1; fi ONEPLUGIN="$PLUGINS_REP/$1" if [ ! -e "$ONEPLUGIN" ] ;then echo "$1 do not exists" exit 1; fi shift ;; -H) shift HTML_OUTPUT="`echo ~/.yasat/yasat.html`" echo "Enabling output in $HTML_OUTPUT" ;; --html) shift HTML_OUTPUT="`echo ~/.yasat/yasat.html`" echo "Enabling output in $HTML_OUTPUT" ;; --html-output ) shift if [ "$1x" = "x" ] then echo "Missing parameter for --html-output" print_help exit 1; fi HTML_OUTPUT="$1" shift echo "HTML output is $HTML_OUTPUT" echo "" > "$HTML_OUTPUT" ;; --advice-lang ) shift if [ "$1x" = "x" ] then echo "Missing parameter for --advice-lang" print_help exit 1; fi ADVICELANG=$1 shift echo "ADVICELANG is $ADVICELANG" ;; --print-level) shift if [ -z "$1" ] then echo 'Missing parameter for --print-level' print_help exit 1; fi if [ $1 -ge 4 -o $1 -lt 0 ] then echo 'The level must be between 0 and 3' exit 1 fi PRINT_LEVEL=$1 shift ;; -P) shift if [ -z "$1" ] ;then echo 'Missing parameter for --plugins-dir' print_help exit 1; fi if [ ! -e "$1" ] ; then echo "$1 do not exist" exit 1 fi PLUGINS_REP="$1" shift echo "PLUGINS_REP is now $PLUGINS_REP" ;; --plugins-dir) shift if [ -z "$1" ] ;then echo 'Missing parameter for --plugins-dir' print_help exit 1; fi if [ ! -e "$1" ] ; then echo "$1 do not exist" exit 1 fi PLUGINS_REP="$1" shift echo "PLUGINS_REP is now $PLUGINS_REP" ;; --check-update) shift Check_for_update ;; --send-support) shift send_support ;; --listtest) shift list_all_yasat_test exit 0 ;; *) echo "unrecognized option $1" print_help exit 1 ;; esac done mkdir -p ~/.yasat if [ "`id -u`" = "0" ] then Display --indent 2 --text "Using YASAT with UID=0" --result OK --color GREEN else Display --indent 2 --text "Using YASAT with UID!=0 Some test mail fail" --result WARNING --color ORANGE if [ $NOPAUSE = "no" ] then echo "" echo "Press ENTER to continue Ctrl/C to quit" read void fi fi SELINUX_CONTEXT="`id -Z 2> /dev/null`" if [ $? -ne 0 ] then Display --indent 2 --text "Using YASAT without SELinux" --result OK --color BLUE else Display --indent 2 --text "Using YASAT with SELinux context=$SELINUX_CONTEXT" --result OK --color BLUE fi . ${YASAT_ROOT}/osdetection Display --indent 2 --text "Detecting OS... " --result DONE --color GREEN echo " ${LINUX_VERSION} ${OS} $OS_FULLNAME" COL_WIDTH="`tput cols`" if [ ! -z "$COL_WIDTH" ] then Display --indent 2 --text "Detecting TERM width... " --result "$COL_WIDTH" --color GREEN else Display --indent 2 --text "Detecting TERM width... " --result "ERROR" --color RED Debug "TODO" COL_WIDTH=79 fi print_color_chart if [ ! -z "$SKIPPED_TESTS" ]; then echo "Skipped tests" for TEST in `echo $SKIPPED_TESTS`; do echo " $TEST" done echo "" fi if [ ! -z $REPORT_OUTPUT ] then echo "" echo "At the end of the audit, a report would be viewable at $REPORT_OUTPUT" echo "" fi if [ ! -z "$HTML_OUTPUT" ] then echo 'YASAT report'> "${HTML_OUTPUT}" echo "Generated by YASAT $YASAT_VERSION " >> "${HTML_OUTPUT}" cp "${YASAT_ROOT}/yasat.css" "`dirname ${HTML_OUTPUT}`" fi if [ -d "$PLUGINS_REP" ] ; then LISTE_ADVICE="`ls $PLUGINS_REP/*.advice`" cat $LISTE_ADVICE | grep $ADVICELANG > ${YASAT_ROOT}/yasat.advices if [ -z "$ONEPLUGIN" ] ; then Debug "Analyse de $PLUGINS_REP" if [ -z "$SKIPPED_TESTS" ] ; then LISTE_PLUGINS=`ls $PLUGINS_REP/*test` else SKIPPED_TESTS=`echo $SKIPPED_TESTS | tr " " "|"` LISTE_PLUGINS=`ls $PLUGINS_REP/*test | grep -Ev $SKIPPED_TESTS` fi for A_PLUGIN in $LISTE_PLUGINS do . $A_PLUGIN # Title "run $0 --plugin $A_PLUGIN to replay this test" Debug "End of $A_PLUGIN" if [ "$NOPAUSE" = 'no' ] ; then echo "" echo "Press ENTER to continue Ctrl/C to quit" read void fi done else . $ONEPLUGIN fi fi if [ ! -z "$HTML_OUTPUT" ] then echo '' >> "$HTML_OUTPUT" fi yasat/osdetection0000640000175000017500000002234111754404464014703 0ustar montjoiemontjoie################################################################################ # # # Copyright (C) 2008-2012 LABBE Corentin # # YASAT is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # YASAT is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with YASAT. If not, see . # # ################################################################################ # # This function is originated from Copyright 2007-2009, Michael Boelen (michael@rootkit.nl), The Netherlands # Web site: http://www.rootkit.nl # ################################################################################# # # Operating System detection # ################################################################################# # #default value ORWX="/o=rwx" CORRECT_ORWX="o-rwx" PERM_GW="/g=w" PERM_GX="/g=x" PERM_OW="/o+w" STAT_RIGHT="--format=%a" STAT_FULL_RIGHT="--format=%a" STAT_USER="--format=%U" STAT_GROUP="--format=%G" FIND_SETUID="+06000" SNMPD_CONF_REP="/etc/snmpd/" ROOTGROUP="root" BSD_SYSCTL='sysctl' #OS_TYPE is Linux BSD other OS_TYPE='unknown' OS_NICKNAME="unknwn" DEFAULT_APACHE_DOCROOT="/var/www/" #package names SNMPD_PACKAGE_NAME='net-snmp' APACHE_PACKAGE_NAME='apache' MYSQLD_PACKAGE_NAME='mysql-server' BIND_PACKAGE_NAME='bind' # Check operating system case `uname` in # IBM AIX AIX) OS="AIX" OS_NAME="AIX" OS_TYPE='other' OS_FULLNAME=`uname -s -r` OS_VERSION=`uname -r` CPU=`uname -p` HARDWARE=`uname -M` FIND_BINARIES="whereis -b" ;; # Mac OS X Darwin) OS="MacOS" OS_TYPE='other' if [ -x /usr/bin/sw_vers ]; then OS_NAME=`/usr/bin/sw_vers -productName` OS_VERSION=`/usr/bin/sw_vers -productVersion` OS_FULLNAME="${OS_NAME} ${OS_VERSION}" else # Fall back to pretty safe name OS_NAME="Mac OS X" OS_FULLNAME=`uname -s -r` OS_VERSION=`uname -r` fi HARDWARE=`uname -m` HOMEDIRS="/Users" FIND_BINARIES="whereis" OS_KERNELVERSION=`uname -r` ;; # FreeBSD FreeBSD) OS="FreeBSD" OS_TYPE='BSD' OS_NAME="FreeBSD" OS_FULLNAME=`uname -s -r` OS_VERSION=`uname -r` HARDWARE=`uname -m` HOMEDIRS="/home /root" FIND_BINARIES="whereis -q -a -b" OS_KERNELVERSION=`uname -i` ORWX="+007" PERM_GW="+020" PERM_GX="+010" PERM_OW='+002' STAT_RIGHT="-f %Lp" STAT_FULL_RIGHT="-f %Mp%Lp" STAT_USER="-f %Su" STAT_GROUP="-f %Sg" ROOTGROUP="wheel" LIST_PKG="pkg_" BSD_SYSCTL='sysctl -e' ;; # HP-UX HP-UX) OS="HP-UX" OS_NAME="HP-UX" OS_TYPE='other' OS_FULLNAME=`uname -s -r` OS_VERSION=`uname -r` HARDWARE=`uname -m` FIND_BINARIES="whereis -b" ;; # Linux Linux) OS="Linux" OS_TYPE='Linux' OS_NAME="Linux" OS_FULLNAME="" OS_VERSION=`uname -r` LINUX_VERSION="" LINUX_PKG="" HARDWARE=`uname -m` HOMEDIRS="/home" FIND_BINARIES="whereis -b" OS_KERNELVERSION=`uname -r` # Cobalt if [ -e "/etc/cobalt-release" ]; then OS_FULLNAME=`cat /etc/cobalt-release`; fi # CPUBuilders Linux if [ -e "/etc/cpub-release" ]; then OS_FULLNAME=`cat /etc/cpub-release`; fi if [ -e "/etc/debian_version" -a ! -e /etc/lsb-release ] ;then LIST_PKG="apt-get" OS_VERSION=`cat /etc/debian_version` LINUX_VERSION="Debian" SNMPD_PACKAGE_NAME='snmpd' APACHE_PACKAGE_NAME='apache2' BIND_PACKAGE_NAME='bind9' #under debian my.cnf is owned by mysql-common MYSQLD_PACKAGE_NAME='mysql-common' if [ ! -z `echo $OS_VERSION |grep '^5[\.0-9]*'` ] ;then OS_NICKNAME="Lenny" OS_FULLNAME="Debian Lenny ${OS_VERSION}" fi if [ ! -z `echo $OS_VERSION |grep '^4[\.0-9]*'` ] ;then OS_NICKNAME="Etch" OS_FULLNAME="Debian Etch ${OS_VERSION}" fi if [ ! -z `echo $OS_VERSION |grep '^6[\.0-9]*'` ] ;then OS_NICKNAME="Squeeze" OS_FULLNAME="Debian Squeeze ${OS_VERSION}" fi if [ ! -z "`echo $OS_VERSION |grep '^7[\.0-9]*'`" -o ! -z "`echo $OS_VERSION |grep -i wheezy`" ] ;then OS_NICKNAME="Wheezy" OS_FULLNAME="Debian Wheezy ${OS_VERSION}" fi fi # Debian/Ubuntu if [ -e "/etc/debian_version" -a -e /etc/lsb-release ]; then LIST_PKG="apt-get" OS_VERSION=`cat /etc/debian_version` SNMPD_PACKAGE_NAME='snmpd' APACHE_PACKAGE_NAME='apache2' BIND_PACKAGE_NAME='bind9' #under debian my.cnf is owned by mysql-common MYSQLD_PACKAGE_NAME='mysql-common' FIND=`grep "^DISTRIB_ID=" /etc/lsb-release | cut -d '=' -f2` if [ "${FIND}" = "Ubuntu" ]; then # OS_NAME="Ubuntu" OS_VERSION=`grep "^DISTRIB_RELEASE=" /etc/lsb-release | cut -d '=' -f2` OS_FULLNAME="Ubuntu ${OS_VERSION}" LINUX_VERSION="Ubuntu" else # OS_NAME="Debian" LINUX_VERSION="Debian" OS_FULLNAME="Debian ${OS_VERSION}" if [ ! -z `echo $OS_VERSION |grep '^5[\.0-9]*' ` ] then OS_NICKNAME="Lenny" OS_FULLNAME="Debian Lenny ${OS_VERSION}" fi if [ ! -z `echo $OS_VERSION |grep '^4[\.0-9]*' ` ] then OS_NICKNAME="Etch" OS_FULLNAME="Debian Etch ${OS_VERSION}" fi fi # Ubuntu test (optional) `cat /proc/version | grep "[Uu]buntu"` fi # E-smith if [ -e "/etc/e-smith-release" ]; then OS_FULLNAME=`cat /etc/e-smith-release`; fi # Gentoo if [ -e "/etc/gentoo-release" ]; then OS_FULLNAME=`cat /etc/gentoo-release | awk '{ print $5 }' | cut -d '.' -f1,2`; LINUX_VERSION="Gentoo" ; LIST_PKG="emerge" APACHE_PACKAGE_NAME='apache' MYSQLD_PACKAGE_NAME='mysql' DEFAULT_APACHE_DOCROOT="/var/www/localhost/htdocs/" fi # Red Hat and others # I test /etc/debian_version because installing rpm under debian put the /etc/redhat-release file if [ -e "/etc/redhat-release" -a ! -e "/etc/debian_version" ]; then LIST_PKG="rpm" APACHE_PACKAGE_NAME='httpd' # CentOS FIND=`grep "CentOS" /etc/redhat-release` if [ ! "${FIND}" = "" ]; then # OS_NAME="CentOS" OS_FULLNAME=`cat /etc/redhat-release | grep "CentOS"` LINUX_VERSION="CentOS" OS_VERSION="${OS_FULLNAME}" fi # Fedora FIND=`grep "Fedora" /etc/redhat-release` if [ ! "${FIND}" = "" ]; then # OS_NAME="Fedora" OS_FULLNAME=`cat /etc/redhat-release | grep "Fedora"` OS_VERSION="${OS_FULLNAME}" LINUX_VERSION="Fedora" fi # Oracle Enterprise Linux FIND=`grep "Enterprise Linux Enterprise Linux Server" /etc/redhat-release` if [ ! "${FIND}" = "" ]; then OS_NAME="Oracle Enterprise Linux"; OS_FULLNAME=`cat /etc/redhat-release | grep "Enterprise Linux"`; OS_VERSION="${OS_FULLNAME}"; fi # Red Hat FIND=`grep "Red Hat" /etc/redhat-release` if [ ! "${FIND}" = "" ]; then # OS_NAME="Red Hat" OS_FULLNAME=`cat /etc/redhat-release | grep "Red Hat"` OS_VERSION="${OS_FULLNAME}" LINUX_VERSION="Red Hat" fi fi if [ -e "/etc/SLOX-release" ]; then OS_FULLNAME=`cat /etc/SLOX-release | grep "SuSE Linux"`; fi # Slackware if [ -e "/etc/slackware-version" ]; then OS_FULLNAME=`cat /etc/slackware-version`; LINUX_VERSION="Slackware"; fi # SuSE if [ -e "/etc/SuSE-release" ]; then OS_VERSION=`cat /etc/SuSE-release | head -n 1`; LINUX_VERSION="SuSE"; fi # Turbo Linux if [ -e "/etc/turbolinux-release" ]; then OS_FULLNAME=`cat /etc/turbolinux-release`; fi # YellowDog if [ -e "/etc/yellowdog-release" ]; then OS_FULLNAME=`cat /etc/yellowdog-release`; fi if [ -e /etc/arch-release ] ;then #/etc/arch-release is empty LINUX_VERSION="arch" OS_FULLNAME="ArchLinux" LIST_PKG="pacman" fi # If Linux version is unknown, use uname value if [ "${OS_FULLNAME}" = "" ]; then OS_FULLNAME=`uname -s -r`; fi ;; # NetBSD NetBSD) OS="NetBSD" OS_TYPE='BSD' OS_NAME="NetBSD" OS_FULLNAME=`uname -s -r` OS_KERNELVERSION=`uname -v` OS_VERSION=`uname -r` HARDWARE=`uname -m` FIND_BINARIES="whereis" LIST_PKG="pkg_" ;; # OpenBSD OpenBSD) OS="OpenBSD" OS_TYPE='BSD' OS_NAME="OpenBSD" OS_FULLNAME=`uname -s -r` OS_KERNELVERSION=`uname -v` OS_VERSION=`uname -r` HARDWARE=`uname -m` FIND_BINARIES="whereis" LIST_PKG="pkg_" ORWX="-007" PERM_GW="-020" PERM_GX="-010" PERM_OW='-002' STAT_RIGHT="-f %Lp" STAT_FULL_RIGHT="-f %Mp%Lp" STAT_USER="-f %Su" STAT_GROUP="-f %Sg" ROOTGROUP="wheel" FIND_SETUID="-06000" ;; # Solaris / OpenSolaris SunOS) OS="Solaris" OS_TYPE='other' OS_NAME="Sun Solaris" OS_FULLNAME=`uname -s -r` OS_VERSION=`uname -r` HARDWARE=`uname -m` if [ -x /usr/bin/isainfo ]; then # Returns 32, 64 OS_MODE=`/usr/bin/isainfo -b` fi ;; # Unknown or unsupported systems *) echo "[ ${WARNING}WARNING${NORMAL} ]" echo "${WARNING}Error${NORMAL}: ${WHITE}Unknown OS found. No support available for this OS or platform...${NORMAL}" exit 1 ;; esac yasat/plugins/0000750000175000017500000000000011755740140014111 5ustar montjoiemontjoieyasat/plugins/system_rights.test0000640000175000017500000001142111744527005017717 0ustar montjoiemontjoie#!/bin/sh ################################################################################ # # # Copyright (C) 2008-2012 LABBE Corentin # # YASAT is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # YASAT is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with YASAT. If not, see . # # ################################################################################ CONF_FILE="system_rights.data" if [ "${OS_TYPE}" = 'BSD' ] then CONF_FILE="system_rights_bsd.data" fi Title "Check system rights $LINUX_VERSION" if [ -f $PLUGINS_REP/$CONF_FILE ] then for i in `grep -v '^#' $PLUGINS_REP/$CONF_FILE |grep -v "!$OS_NICKNAME" | sed 's/#.*//g'` do # echo "TEST ==== $i" lepath="`echo $i | cut -f1 -d\|`" lesdroits=`echo $i | cut -f2 -d\|` luser=`echo $i | cut -f3 -d\|` lgroup=`echo $i | cut -f4 -d\|` loption=`echo $i | cut -f5 -d\|` ldistrib=`echo $i | cut -f6 -d\|` loption2=`echo $i | cut -f7 -d\|` if [ "$OS_TYPE" = "BSD" ] then if [ $lgroup = 'root' ] then lgroup='wheel'; fi fi if [ "${ldistrib}x" != "x" ] ;then if [ "$ldistrib" != "$LINUX_VERSION" -a "$ldistrib" != "$OS_NICKNAME" ] ;then continue fi fi if [ "$loption" = "N" ] ;then if [ ! -e "$lepath" ] ; then Display --indent 2 --text "Error $lepath do not exists" --result ERROR --color RED fi fi if [ ! -e "$lepath" ];then lepath="/usr/local/$lepath" fi if [ -e "$lepath" ] ;then #echo -n "check $lepath => $lesdroits $luser $lgroup $loption" case $loption in R) #check for files with other rights TMP_RESULT="${TEMPYASATDIR}/system_right.tmp" check_directory_others $lepath $TMP_RESULT 4 GLOBAL_FILE_OTHER_READABLE # RESULTAT="`find $lepath ! -type l -perm $ORWX`" # if [ ! -z "$RESULTAT" ] # then # Display --indent 2 --text "Files with others rights in $lepath " --result WARNING --color RED # find $lepath ! -type l -perm $ORWX | # while read line # do # Display --indent 4 --text "$line" --result "`stat $STAT_RIGHT $line`" --color RED # done # fi #TODO tests if [ "$loption2" != "gw" ] then RESULTAT="`find $lepath ! -type l -perm $PERM_GW `" if [ ! -z "$RESULTAT" ] then Display --indent 2 --text "Group writable files in $lepath" --result WARNING --color RED find $lepath ! -type l -perm $PERM_GW | while read line do Display --indent 4 --text "$line" --result "`stat $STAT_RIGHT $line`" --color RED done fi fi # find $lepath -type f -perm $PERM_GX -ls; #check the owner of the files RESULTATUSER="`find $lepath ! -user $luser -ls`" if [ ! -z "$RESULTATUSER" ] then Display --indent 2 --text "Bad owner $lepath (must be $luser)" --result WARNING --color RED find $lepath ! -user $luser | while read line do Display --indent 4 --text "$line" --result "`stat $STAT_USER $line`" --color RED # echo " $line" done fi RESULTATGROUPE="`find $lepath ! -group $lgroup`" if [ ! -z "$RESULTATGROUPE" ] then Display --indent 2 --text "Bad group $lepath (must be $lgroup)" --result WARNING --color RED find $lepath ! -group $lgroup | while read line do Display --indent 4 --text "$line" --result "`stat $STAT_GROUP $line`" --color RED # echo " $line" done fi # echo "" ;; *) ACTUAL_RIGHT="`stat $STAT_RIGHT $lepath`" if [ "${ACTUAL_RIGHT}" != $lesdroits -o `stat $STAT_GROUP $lepath` != $lgroup -o `stat $STAT_USER $lepath` != $luser ] then #check for stricter right than we want (example we want 640 but local have 600) if [ $lesdroits = 640 -a "${ACTUAL_RIGHT}" = 600 ] ; then Display --indent 2 --text "$lepath $lesdroits $luser $lgroup is more strict than i want" --result OK --color GREEN else Display --indent 2 --text "$lepath is not $lesdroits $luser $lgroup " --result WARNING --color RED fi else Display --indent 2 --text "$lepath => $lesdroits $luser $lgroup " --result OK --color GREEN fi esac fi done fi #/etc/security/console.perms.d/50-default.perms TOTHINK #if [ "$LINUX_VERSION" = 'Red Hat' ] #then # #fi yasat/plugins/logging.test0000750000175000017500000001146111677023062016446 0ustar montjoiemontjoie#!/bin/sh ################################################################################ # # # Copyright (C) 2008-2012 LABBE Corentin # # YASAT is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # YASAT is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with YASAT. If not, see . # # ################################################################################ Title "Check logging" #TODO check sysstat http://pagesperso-orange.fr/sebastien.godard/ FOUND_SYSTEM_LOGGER=0 ACTUAL_SYSTEM_LOGGER='' #found in portage POSSIBLE_SYSLOG_BINARIES="syslog-ng syslogd newsyslog rsyslogd metalog" for LOGGER_TO_TEST in $POSSIBLE_SYSLOG_BINARIES do RESULTAT="`ps aux |grep -i [^[:alpha:]]$LOGGER_TO_TEST |grep -v grep |grep -v supervising`" if [ ! -z "$RESULTAT" ] then Display --indent 2 --text "$LOGGER_TO_TEST" --result FOUND --color GREEN if [ $FOUND_SYSTEM_LOGGER -eq 1 ] then Display --indent 4 --text "Two system loggers" --result FOUND --color ORANGE --advice SYSTEM_LOG_TWO_LOGGERS fi FOUND_SYSTEM_LOGGER=1 ACTUAL_SYSTEM_LOGGER="$LOGGER_TO_TEST" fi done if [ $FOUND_SYSTEM_LOGGER -eq 0 ] then Display --indent 2 --text "System logger" --result NOTFOUND --color RED --advice SYSTEM_LOG_NO_LOGGERS else Display --indent 2 --text "System logger is $ACTUAL_SYSTEM_LOGGER" --result FOUND --color GREEN fi #syslog-ng /etc/syslog-ng/syslog-ng.conf destination name { tcp( "somehost" port(514)) ; } ; #syslog-ng /etc/syslog-ng/syslog-ng.conf destination name { udp( "somehost" port(514)) ; } ; if [ "$ACTUAL_SYSTEM_LOGGER" = 'syslog-ng' ] ; then SYSLOGNG_CONF="/etc/syslog-ng/syslog-ng.conf" if [ -e $SYSLOGNG_CONF ] ; then #TODO found real place for conf TMP_RESULT="${TEMPYASATDIR}/loghost.tmp" LOGHOST_FOUND=0 grep '^[[:space:]]*destination.*[tu][cd]p(' $SYSLOGNG_CONF | sed 's/[[:space:]][[:space:]]*/ /g'> $TMP_RESULT while read line do LOGHOST_FOUND=1 # echo $line # RULENAME="`echo $line | cut -d\ -f2`" # REMOTEHOST="`echo $line | cut -d\ -f4`" done < $TMP_RESULT if [ $LOGHOST_FOUND -eq 0 ] ; then Display --indent 2 --text "Logging to a remote host" --result NOTFOUND --color RED --advice SYSLOGNG_NOLOGHOST else Display --indent 2 --text "Logging to a remote host" --result FOUND --color GREEN fi rm $TMP_RESULT else Display --indent 2 --text "Config file" --result NOTFOUND --color RED fi fi #syslog /etc/syslog.conf *.* @somehost if [ "$ACTUAL_SYSTEM_LOGGER" = 'syslogd' ] ; then SYSLOG_CONF="/etc/syslog.conf" if [ -e $SYSLOG_CONF ] ; then #TODO found real place for conf TMP_RESULT="${TEMPYASATDIR}/loghost.tmp" LOGHOST_FOUND=0 #TODO regex could be better grep '^[[:space:]]*\.*@[a-zA-Z0-9]' $SYSLOG_CONF | sed 's/[[:space:]][[:space:]]*/ /g'> $TMP_RESULT while read line do LOGHOST_FOUND=1 # echo $line # RULENAME="`echo $line | cut -d\ -f2`" # REMOTEHOST="`echo $line | cut -d\ -f4`" done < $TMP_RESULT if [ $LOGHOST_FOUND -eq 0 ] ; then Display --indent 2 --text "Logging to a remote host" --result NOTFOUND --color RED --advice SYSLOG_NOLOGHOST else Display --indent 2 --text "Logging to a remote host" --result FOUND --color GREEN fi rm $TMP_RESULT else Display --indent 2 --text "Config file" --result NOTFOUND --color RED fi fi #rsyslog /etc/rsyslog.conf *.* @@somehost:514 if [ "$ACTUAL_SYSTEM_LOGGER" = 'rsyslogd' ] ; then RSYSLOG_CONF="/etc/rsyslog.conf" if [ -e $RSYSLOG_CONF ] ; then #TODO found real place for conf TMP_RESULT="${TEMPYASATDIR}/loghost.tmp" LOGHOST_FOUND=0 #TODO regex could be better grep '^[[:space:]]*\.*@[a-zA-Z0-9]' $RSYSLOG_CONF | sed 's/[[:space:]][[:space:]]*/ /g'> $TMP_RESULT while read line do LOGHOST_FOUND=1 # echo $line # RULENAME="`echo $line | cut -d\ -f2`" # REMOTEHOST="`echo $line | cut -d\ -f4`" done < $TMP_RESULT if [ $LOGHOST_FOUND -eq 0 ] ; then Display --indent 2 --text "Logging to a remote host" --result NOTFOUND --color RED --advice RSYSLOG_NOLOGHOST else Display --indent 2 --text "Logging to a remote host" --result FOUND --color GREEN fi rm $TMP_RESULT else Display --indent 2 --text "Config file" --result NOTFOUND --color RED fi fi #TODO remote logging for other syslog daemon return 0; yasat/plugins/mysql.test0000640000175000017500000001530611677022127016166 0ustar montjoiemontjoie#!/bin/sh ################################################################################ # # # Copyright (C) 2008-2012 LABBE Corentin # # YASAT is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # YASAT is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with YASAT. If not, see . # # ################################################################################ #TODO check mysql_history #TODO check ~/.my.cnf #TODO check if DATADIR is a separate partition #TODO SSL #TODO check test databases (hint to remove it) #TODO check test/guest user #TODO check empty password and password lenght #TODO skip-networking #TODO check socket = ???? #TODO set-variable=local-infile=0 in [mysqld] http://dev.mysql.com/doc/refman/5.1/en/load-data-local.html #TODO innodb_support_xa sync_binlog #TODO set-variable=local-infile=0 MYSQL_CONF="/etc/mysql/my.cnf" for LOCATION in ${POSSIBLE_MYSQL_CONF_REP} do if [ -e "${LOCATION}/" ] then MYSQL_CONF="${LOCATION}" fi done Title "Check mysql" if [ ! -e "$MYSQL_CONF" ] then return 1; fi #TODO check includedir FindValueOfEqual $MYSQL_CONF '!includedir' JUSTTEST if [ ! -z "$RESULTAT" ] ; then Display --indent 2 --text "includedir" --result $RESULTAT --color BLUE fi FindValueOfEqual $MYSQL_CONF user JUSTTEST if [ ! -z "$RESULTAT" ] ; then if [ "$RESULTAT" = "root" ] ; then Display --indent 2 --text "user" --result $RESULTAT --color RED --advice MYSQL_RUN_AS_ROOT else Display --indent 2 --text "user" --result $RESULTAT --color GREEN #I dont use getent because i think that mysql will be never on LDAP or such MYSQLSHELL=`grep "$RESULTAT" /etc/passwd | cut -d\: -f7` if [ `echo $MYSQLSHELL |grep 'sh' ` ] then Display --indent 2 --text "Shell de mysql $MYSQLSHELL Incorrect " --result WARNING --color RED --advice MYSQL_USER_HAVE_SHELL else Display --indent 2 --text "Shell de mysql $MYSQLSHELL Correct " --result OK --color GREEN fi fi else Display --indent 2 --text "user" --result NOTFOUND --color RED fi #my.cnf is used by other client app than mysqld, so perhaps 644 is needed #MYSQL_CONF_RIGHT="`stat $STAT_RIGHT $MYSQL_CONF`" #if [ "$MYSQL_CONF_RIGHT" -ge 640 ] #then # Display --indent 2 --text "Rights of $MYSQL_CONF" --result "$MYSQL_CONF_RIGHT" --color RED --advice GLOBAL_FILE_CHMOD640 #else # Display --indent 2 --text "Rights of $MYSQL_CONF" --result OK --color GREEN #fi if [ -e /etc/mysql/debian.cnf ] then MYSQL_CONF_RIGHT="`stat $STAT_RIGHT /etc/mysql/debian.cnf`" if [ "$MYSQL_CONF_RIGHT" -ge 600 ] then Display --indent 2 --text "Rights of /etc/mysql/debian.cnf" --result "$MYSQL_CONF_RIGHT" --color RED --advice GLOBAL_FILE_CHMOD600 else Display --indent 2 --text "Rights of /etc/mysql/debian.cnf" --result OK --color GREEN fi fi #log is full log of requests, FindValueOfEqual $MYSQL_CONF log JUSTTEST if [ ! -z "$RESULTAT" ] ; then Display --indent 2 --text "presence de log" --result FOUND --color RED --advice MYSQL_LOG else Display --indent 2 --text "presence de log" --result NOTFOUND --color GREEN fi CheckPresenceOf $MYSQL_CONF innodb_file_per_table JUSTTEST if [ ! -z "$RESULTAT" ] then Display --indent 2 --text "presence de innodb_file_per_table" --result OK --color GREEN else Display --indent 2 --text "No innodb_file_per_table" --result CONSEIL --color ORANGE fi FindValueOfEqual $MYSQL_CONF bind-address JUSTTEST if [ ! -z "$RESULTAT" ] then if [ "$RESULTAT" = "127.0.0.1" ] then Display --indent 2 --text "bind-address" --result $RESULTAT --color GREEN else Display --indent 2 --text "bind-address" --result $RESULTAT --color ORANGE fi else Display --indent 2 --text "bind-address" --result NOTFOUND --color RED --advice MYSQL_CONF_BIND fi #log_slow_queries = /var/log/mysql/mysql-slow.log #long_query_time = 2 #log-queries-not-using-indexes #if log-bin presence then there must be expire_logs_days FindValueOfEqual $MYSQL_CONF log-bin JUSTTEST if [ ! -z "`cat $MYSQL_CONF | grep '^log-bin$' `" ] then RESULTAT='on' fi if [ ! -z "$RESULTAT" ] then Display --indent 2 --text "log-bin" --result $RESULTAT --color BLUE --advice MYSQL_CONF_BINLOGS if [ -z "`cat $MYSQL_CONF | grep '^expire_logs_days' `" ] then Display --indent 4 --text "log-bin without expire_logs_days" --result NOTFOUND --color RED --advice MYSQL_CONF_NO_EXPIRELOGSDAYS else Display --indent 4 --text "expire_logs_days" --result FOUND --color GREEN fi fi FindValueOfEqual $MYSQL_CONF log_slow_queries JUSTTEST if [ ! -z "$RESULTAT" ] ; then Display --indent 2 --text "log_slow_queries" --result $RESULTAT --color GREEN else Display --indent 2 --text "log_slow_queries" --result NOTFOUND --color RED --advice MYSQL_CONF_NO_SLOWQUERY_LOG fi FindValueOfEqual $MYSQL_CONF innodb_support_xa JUSTTEST if [ ! -z "$RESULTAT" ] ; then Display --indent 2 --text "innodb_support_xa" --result $RESULTAT --color BLUE else Display --indent 2 --text "innodb_support_xa" --result NOTFOUND --color BLUE fi FindValueOfEqual $MYSQL_CONF sync_binlog JUSTTEST if [ ! -z "$RESULTAT" ] ; then Display --indent 2 --text "sync_binlog" --result $RESULTAT --color BLUE else Display --indent 2 --text "sync_binlog" --result NOTFOUND --color BLUE fi #Check_auto_start $MYSQLD_PACKAGE_NAME #if [ "$RESULTAT" = 'NOTIMPLEMENTED' -o "$RESULTAT" = 'ERROR' ] #then # Display --indent 2 --text "$MYSQLD_PACKAGE_NAME is started at boot" --result UNKNOWN --color BLUE #else # if [ "$RESULTAT" = "yes" ] # then # Display --indent 2 --text "$MYSQLD_PACKAGE_NAME is started at boot" --result YES --color BLUE # else # Display --indent 2 --text "$MYSQLD_PACKAGE_NAME is started at boot" --result NO --color GREEN # fi #fi Is_installed_via_package_manager $MYSQLD_PACKAGE_NAME if [ "$RESULTAT" = 'NOTIMPLEMENTED' -o "$RESULTAT" = 'ERROR' ] then Display --indent 2 --text "$MYSQLD_PACKAGE_NAME installation" --result UNKNOWN --color BLUE else if [ "$RESULTAT" = "yes" ] then Display --indent 2 --text "$MYSQLD_PACKAGE_NAME is installed by package" --result GOOD --color GREEN else Display --indent 2 --text "$MYSQLD_PACKAGE_NAME is installed at hand" --result BAD --color ORANGE --advice GLOBAL_PACKAGE_INSTALLED_AT_HAND fi fi return 0; yasat/plugins/nfs.data0000640000175000017500000000043411677022127015535 0ustar montjoiemontjoie#nfs option,ADVICE #rw||| subtree_check,NFS_EXPORT_SUBTREE_CHECK no_subtree_check, no_root_squash,NFS_EXPORT_NO_ROOT_SQUASH sync, async, udp,NFS_EXPORT_UDP proto=udp,NFS_EXPORT_UDP tcp, proto=tcp, intr, hard, defaults, noatime, nodiratime, nodev, noexec, nosuid, noac,NFS_CLIENT_NOAC yasat/plugins/squid.test0000640000175000017500000001505111677022127016143 0ustar montjoiemontjoie#!/bin/sh ################################################################################ # # # Copyright (C) 2008-2012 LABBE Corentin # # YASAT is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # YASAT is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with YASAT. If not, see . # # ################################################################################ POSSIBLE_SQUID_CONF="/etc/squid/squid.conf /usr/local/etc/squid/squid.conf" SQUID_CONF="/etc/squid/squid.conf" for LOCATION in ${POSSIBLE_SQUID_CONF} do if [ -e "${LOCATION}" ] then SQUID_CONF="${LOCATION}" fi done SQUID_CONF="`dirname $SQUID_CONF`/squid.conf" Title "Check Squid" if [ ! -e "$SQUID_CONF" ] then return 1; fi SQUIDUSER='squid' SQUID_SHELL="`getent passwd $SQUIDUSER | cut -d\: -f7`" if [ ! -z "`echo $SQUID_SHELL |grep 'sh'`" ] then Display --indent 2 --text "Shell de squid $SQUID_SHELL Incorrect " --result WARNING --color RED --advice SQUID_USER_BAD_SHELL else Display --indent 2 --text "Shell de squid $SQUID_SHELL Correct " --result OK --color GREEN fi Display --indent 2 --text "$SQUID_CONF" --result FOUND --color GREEN get_simple_right "$SQUID_CONF" if [ "$RESULTAT" = '640' ] then Display --indent 4 --text "Right of $SQUID_CONF" --result OK --color GREEN else Display --indent 4 --text "Right of $SQUID_CONF" --result "$RESULTAT" --color RED --advice GLOBAL_FILE_CHMOD640 fi FindValueOf "$SQUID_CONF" request_header_max_size JUSTTEST if [ -z "$RESULTAT" ] then RESULTAT=20 fi if [ "$RESULTAT" -le 20 ] then Display --indent 4 --text "request_header_max_size <= 20kb" --result GOOD --color GREEN else Display --indent 4 --text "request_header_max_size > 20kb" --result BAD --color ORANGE fi FindValueOf "$SQUID_CONF" reply_header_max_size JUSTTEST if [ -z "$RESULTAT" ] then RESULTAT=20 fi if [ "$RESULTAT" -le 20 ] then Display --indent 4 --text "reply_header_max_size <= 20kb" --result GOOD --color GREEN else Display --indent 4 --text "reply_header_max_size > 20kb" --result BAD --color ORANGE fi FindValueOf "$SQUID_CONF" check_hostnames JUSTTEST if [ -z "$RESULTAT" ] then RESULTAT='off' fi if [ "$RESULTAT" = 'on' ] then Display --indent 4 --text "check_hostnames on" --result GOOD --color GREEN else Display --indent 4 --text "check_hostnames off" --result BAD --color RED --advice SQUID_CHECK_HOSTNAMES fi FindValueOf "$SQUID_CONF" ignore_unknown_nameservers JUSTTEST if [ -z "$RESULTAT" ] then RESULTAT='on' fi if [ "$RESULTAT" = 'on' ] then Display --indent 4 --text "ignore_unknown_nameservers on" --result GOOD --color GREEN else Display --indent 4 --text "ignore_unknown_nameservers off" --result BAD --color RED --advice SQUID_UNKNOWN_NAMESERVER fi FindValueOf "$SQUID_CONF" ftp_sanitycheck JUSTTEST if [ -z "$RESULTAT" ] then RESULTAT='on' fi if [ "$RESULTAT" = 'on' ] then Display --indent 4 --text "ftp_sanitycheck on" --result GOOD --color GREEN else Display --indent 4 --text "ftp_sanitycheck off" --result BAD --color RED --advice SQUID_FTP_SANITYCHECK fi FindValueOf "$SQUID_CONF" allow_underscore JUSTTEST if [ -z "$RESULTAT" ] then RESULTAT='on' fi if [ "$RESULTAT" = 'on' ] then Display --indent 4 --text "allow_underscore on" --result BAD --color RED --advice SQUID_ALLOW_UNDERSCORE else Display --indent 4 --text "allow_underscore off" --result GOOD --color GREEN fi FindValueOf "$SQUID_CONF" httpd_suppress_version_string JUSTTEST if [ -z "$RESULTAT" ] then RESULTAT='off' fi if [ "$RESULTAT" = 'on' ] then Display --indent 4 --text "httpd_suppress_version_string on" --result GOOD --color GREEN else Display --indent 4 --text "httpd_suppress_version_string off" --result BAD --color RED --advice SQUID_HIDE_VERSION fi #check for allowed ports grep -v '^#' "$SQUID_CONF" | grep '^http_access' | sed 's/^http_access[[:space:]]*//g' | sed 's/[[:space:]][[:space:]]*/ /g'| while read line do # echo "" # echo "$line" KEY="`echo $line | cut -d\ -f1`" # if [ "$KEY" = 'allow' -o "$KEY" = 'deny' ] # then ACLNAME="`echo $line | cut -d\ -f2`" NEGATION=0 if [ ! -z "`echo $ACLNAME |grep '^!'`" ] then ACLNAME="`echo $line | cut -d\! -f2`" NEGATION=1 fi if [ $NEGATION -eq 1 ] then NEGATION=0 if [ "$KEY" = 'allow' ] then KEY='deny' else KEY='allow' fi fi # echo "Check $KEY for acl=$ACLNAME" grep -i '^acl[[:space:]]' "$SQUID_CONF" | grep -i "${ACLNAME}" | sed 's/^acl[[:space:]]*//g' | sed 's/[[:space:]][[:space:]]*/ /g'| while read lineacl do # echo " FOUND acl=$lineacl" ACL_TYPE="`echo $lineacl | cut -d\ -f2`" # echo " TYPE=$ACL_TYPE" if [ "$ACL_TYPE" = "port" ] then PORT="`echo $lineacl | cut -d\ -f3`" # echo " $lineacl port=$PORT" #we dont want allow for port 280 if [ ! -z "`grep ^$PORT,$KEY ${PLUGINS_REP}/squid.ports`" ] then Display --indent 4 --text "Found allowed port $PORT in $ACLNAME" --result BAD --color RED else Display --indent 4 --text "Found allowed port $PORT in $ACLNAME" --result OK --color GREEN fi fi # if [ "$ACL_TYPE" = "dst" ] # then #we dont want that localhost is accessible # DEST="`echo $lineacl | cut -d\ -f3`" # echo " $lineacl dest=$DEST" # fi done # fi done Check_auto_start squid if [ "$RESULTAT" = 'NOTIMPLEMENTED' -o "$RESULTAT" = 'ERROR' ] then Display --indent 2 --text "squid is started at boot" --result UNKNOWN --color BLUE else if [ "$RESULTAT" = "yes" ] then Display --indent 2 --text "squid is started at boot" --result YES --color BLUE else Display --indent 2 --text "squid is started at boot" --result NO --color GREEN fi fi Is_installed_via_package_manager squid if [ "$RESULTAT" = 'NOTIMPLEMENTED' -o "$RESULTAT" = 'ERROR' ] then Display --indent 2 --text "squid installation" --result UNKNOWN --color BLUE else if [ "$RESULTAT" = "yes" ] then Display --indent 2 --text "squid is installed by package" --result GOOD --color GREEN else Display --indent 2 --text "squid is installed at hand" --result BAD --color ORANGE --advice GLOBAL_PACKAGE_INSTALLED_AT_HAND fi fi return 0; yasat/plugins/syslogng.test0000640000175000017500000000474311677022127016671 0ustar montjoiemontjoie#!/bin/sh ################################################################################ # # # Copyright (C) 2008-2012 LABBE Corentin # # YASAT is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # YASAT is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with YASAT. If not, see . # # ################################################################################ POSSIBLE_SYSLOGNG_CONF="/etc/syslog-ng/syslog-ng.conf /usr/local/etc/syslog-ng/syslog-ng.conf" SYSLOGNG_CONF="" for LOCATION in ${POSSIBLE_SYSLOGNG_CONF} do if [ -e "${LOCATION}" ] then SYSLOGNG_CONF="${LOCATION}" fi done Title "Check syslog-ng" if [ -z "$SYSLOGNG_CONF" ] then return 1; fi if [ ! -e "$SYSLOGNG_CONF" ] then return 1; fi Display --indent 2 --text "$SYSLOGNG_CONF" --result FOUND --color GREEN SYSLOGNGCONFRIGHT="`stat $STAT_RIGHT $SYSLOGNG_CONF`" if [ "$SYSLOGNGCONFRIGHT=" != '640' -a "$SYSLOGNGCONFRIGHT" != '600' ] then Display --indent 2 --text "Rights of $SYSLOGNG_CONF" --result WARNING --color RED --advice GLOBAL_FILE_CHMOD640 else Display --indent 2 --text "Rights of $SYSLOGNG_CONF" --result OK --color GREEN fi if [ "`stat $STAT_USER $SYSLOGNG_CONF`" != 'root' ] then Display --indent 2 --text "owner of $SYSLOGNG_CONF" --result WARNING --color RED --advice GLOBAL_FILE_MUST_BE_OWNED_BT_ROOT else Display --indent 2 --text "owner of $SYSLOGNG_CONF" --result OK --color GREEN fi if [ "`stat $STAT_GROUP $SYSLOGNG_CONF`" != "$ROOTGROUP" ] then Display --indent 2 --text "group of $SYSLOGNG_CONF" --result WARNING --color RED --advice GLOBAL_FILE_MUST_BE_GROUPED_BT_ROOT else Display --indent 2 --text "group of $SYSLOGNG_CONF" --result OK --color GREEN fi #TODO check use_dns #if [ `grep -v '^#*' $SYSLOGNG_CONF | grep 'use_dns'` ] #then # echo "toto" #fi #TODO for logging local1-6 #TODO loghost tcp or udp better ? return 0; yasat/plugins/dns.test0000750000175000017500000001363311751713257015614 0ustar montjoiemontjoie#!/bin/sh ################################################################################ # # # Copyright (C) 2008-2012 LABBE Corentin # # YASAT is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # YASAT is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with YASAT. If not, see . # # ################################################################################ POSSIBLE_BIND_CONF="/etc/bind/named.conf" BIND_CONF="/etc/bind/named.conf" BIND_CONF_REP="/etc/bind/" for LOCATION in ${POSSIBLE_BIND_CONF} do if [ -e "${LOCATION}" ] then BIND_CONF="${LOCATION}" fi done Title "Check dns and bind conf" if [ ! -e "$BIND_CONF" ] then return 1; fi prepare_bind_conf $BIND_CONF_REP BIND_CONF_LOCATION_TO_TEST="${TEMPYASATDIR}/named.conf" if [ ! -e "$BIND_CONF_LOCATION_TO_TEST" ] then echo "Error no $BIND_CONF_LOCATION_TO_TEST" return 1; fi #exemple is version none; FindValueOf $BIND_CONF_LOCATION_TO_TEST version JUSTTEST if [ -z "$RESULTAT" ] then Display --indent 2 --text "Hiding version" --result NOTFOUND --color RED --advice BIND_HIDE_VERSION else if [ "$RESULTAT" = "none" ] then Display --indent 2 --text "Hiding version" --result FOUND --color GREEN else Display --indent 2 --text "Hiding version" --result "$RESULTAT" --color ORANGE --advice BIND_HIDE_VERSION fi fi FindValueOf $BIND_CONF_LOCATION_TO_TEST hostname JUSTTEST if [ -z "$RESULTAT" ] then Display --indent 2 --text "Hiding hostname" --result NOTFOUND --color RED --advice BIND_HIDE_HOSTNAME else if [ "$RESULTAT" = "none" ] then Display --indent 2 --text "Hiding hostname" --result FOUND --color GREEN else Display --indent 2 --text "Hiding hostname" --result "$RESULTAT" --color ORANGE --advice BIND_HIDE_HOSTNAME fi fi #server-id is none by default according to docs FindValueOf $BIND_CONF_LOCATION_TO_TEST server-id JUSTTEST if [ -z "$RESULTAT" ] then Display --indent 2 --text "Hiding server-id" --result NOTFOUND --color GREEN else if [ "$RESULTAT" = "none" ] then Display --indent 2 --text "Hiding server-id" --result FOUND --color GREEN else Display --indent 2 --text "Hiding server-id" --result "$RESULTAT" --color ORANGE --advice BIND_HIDE_SERVERID fi fi #max-cache-size xxx; FindValueOf $BIND_CONF_LOCATION_TO_TEST max-cache-size JUSTTEST if [ -z "$RESULTAT" ] then Display --indent 2 --text "Set max-cache-size" --result NOTFOUND --color RED --advice BIND_MAX_CACHE_SIZE else Display --indent 2 --text "max-cache-size set at" --result "$RESULTAT" --color GREEN fi ALLOW_PUBLIC_RECURSION=1 FindValueOf $BIND_CONF_LOCATION_TO_TEST recursion JUSTTEST if [ "$RESULTAT" = "no" ] then Display --indent 2 --text "Restrict recursive query" --result FOUND --color GREEN ALLOW_PUBLIC_RECURSION=0 fi RECURSION=0 for i in `cat $BIND_CONF_LOCATION_TO_TEST` do if [ "$i" = "allow-recursion" ] then RECURSION=1 ALLOW_PUBLIC_RECURSION=0 Display --indent 2 --text "Restrict recursive query" --result FOUND --color GREEN fi if [ "$i" = "};" ] then RECURSION=0 fi # if [ $RECURSION -eq 1 ] # then # echo $i # fi done if [ $ALLOW_PUBLIC_RECURSION -eq 1 ] ; then Display --indent 2 --text "Restrict recursive query" --result ERROR --color RED --advice BIND_DISALLOW_RECURSIVE_QUERY fi #allow-query-cache {mynetworks;}; #http://www.bortzmeyer.org/fermer-les-recursifs-ouverts.html #additional-from-cache no. #TODO dnssec-enable yes; #TODO dnssec-validation yes; Is_installed_via_package_manager $BIND_PACKAGE_NAME if [ "$RESULTAT" = 'NOTIMPLEMENTED' -o "$RESULTAT" = 'ERROR' ] ; then Display --indent 2 --text "$BIND_PACKAGE_NAME installation" --result UNKNOWN --color BLUE else if [ "$RESULTAT" = "yes" ] then Display --indent 2 --text "$BIND_PACKAGE_NAME is installed by package" --result GOOD --color GREEN else Display --indent 2 --text "$BIND_PACKAGE_NAME is installed at hand" --result BAD --color ORANGE --advice GLOBAL_PACKAGE_INSTALLED_AT_HAND fi fi NAMED_USER='named' #default, under debian it is bind if [ -e /etc/default/bind9 ] ; then NAMED_USER=`grep 'OPTIONS=' /etc/default/bind9 | cut -d\" -f2 |sed 's,.*-u,,g' | cut -d\ -f2` fi if [ -z "$NAMED_USER" ] ; then NAMED_USER='named' fi #check -u named NAMED_PROCESS="`ps aux |grep /usr/sbin/named | grep -v grep`" if [ -z "$NAMED_PROCESS" ] ; then Display --indent 2 --text "No bind running, fallback to default named user" --result NOTFOUND --color BLUE else NAMED_USER="`echo $NAMED_PROCESS | sed 's/[[:space:]].*$//'`" Display --indent 2 --text "bind running as $NAMED_USER" --result FOUND --color BLUE #TODO test if named_user is root fi #TMP_RESULT="${TEMPYASATDIR}/bind_etc.out" #check_directory_owner /etc/bind/ $NAMED_USER $TMP_RESULT 2 #TODO check right of named.conf #TODO check right of rndc.key #bind.keys check_a_file "${BIND_CONF_REP}/named.conf" 2 root named 640 check_a_file "${BIND_CONF_REP}/rndc.key" 2 root named 640 check_a_file "${BIND_CONF_REP}/bind.keys" 2 root named 640 TMP_RESULT="${TEMPYASATDIR}/bind_var.out" #check right of /var/bind/ of /var/named #if [ -d /var/bind/ ] ; then # check_directory_owner /var/bind/ $NAMED_USER $TMP_RESULT 4 #fi return 0; yasat/plugins/logrotate.advice0000640000175000017500000000007111677022127017266 0ustar montjoiemontjoieEN,LOGROTATE_NOT_ROTATED=Define logrotation for this log yasat/plugins/tomcat.test0000750000175000017500000001245511677022127016314 0ustar montjoiemontjoie#!/bin/sh ################################################################################ # # # Copyright (C) 2008-2012 LABBE Corentin # # YASAT is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # YASAT is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with YASAT. If not, see . # # ################################################################################ POSSIBLE_TOMCAT_CONFIG_LOCATION="/etc/tomcat /etc/tomcat-5.5 /etc/tomcat-6" #find /etc/ -type d -iname 'tomcat*' #find / -type d -iname 'jakarta-tomcat-*' # tomcat*/conf/server.xml #/var/lib/tomcat on gentoo #apache-tomcat-5.5.28/ jakarta-tomcat-5.5.23 #grepping CATALINA_BASE= in etc can inform if a tomcat is present #In web.xml check for value of Xpoweredby (must be false) #TODO check the xxx must not be a simple password Title "Check Tomcat" if [ "$SCANTYPE" != "FULL" ] ;then Display --indent 2 --text "Check tomcat" --result SKIP --color BLUE --advice GLOBAL_SKIPPED_LONG_TESTS return 1; fi TMP_RESULT="${TEMPYASATDIR}/tomcat_locations" TMP_RESULT2="${TEMPYASATDIR}/tomcat_rights" echo " Searching for a tomcat installation, please wait..." #find /sources ! -fstype nfs -iregex '.*tomcat[0-9.-]*/conf' > $TMP_RESULT find / -fstype nfs -prune -o -fstype proc -prune -o -iregex '.*tomcat[0-9.-]*/conf' -print > $TMP_RESULT if [ "`cat $TMP_RESULT | wc -l`" -eq 0 ] ;then Display --indent 2 --text "No tomcat found" --result NOTFOUND --color GREEN return 1; fi cat $TMP_RESULT | while read line do REP_WEBAPPS="`echo $line | sed 's/conf.*/webapps/g'`" BASE_TOMCAT="`echo $line | sed 's/conf.*//g' | sed 's/\/$//g'`" SERVERXML="$line/server.xml" PASSFILE="$line/tomcat-users.xml" TOMCAT_VERSION="`echo $BASE_TOMCAT | sed 's/^.*tomcat-//g'`" TOMCAT_MAJOR_VERSION="`echo $TOMCAT_VERSION | sed 's/\.[0-9]*$//g' | grep '^[0-9][0-9.]*'`" TOMCAT_MINOR_VERSION="`echo $TOMCAT_VERSION | sed 's/^.*\.//g' | grep '^[0-9][0-9]*'`" if [ -z "`echo $TOMCAT_MAJOR_VERSION |grep '[0-9.]*'`" -o -z "`echo $TOMCAT_MINOR_VERSION |grep '[0-9.]*'`" ] then TOMCAT_MINOR_VERSION="0" TOMCAT_MAJOR_VERSION="0" fi echo "DEBUG MAJOR=$TOMCAT_MAJOR_VERSION MINOR=$TOMCAT_MINOR_VERSION" if [ -e "$REP_WEBAPPS" ] then Display --indent 2 --text "Webapps $REP_WEBAPPS" --result FOUND --color GREEN #check default webapps jsp-examples balancer servlets-examples tomcat-docs webdav manager ls $REP_WEBAPPS | while read webapp_line do if [ ! -z "`echo $webapp_line | grep -iE 'balancer|manager|webdav|jsp-examples|servlets-examples|tomcat-docs'`" ] then Display --indent 4 --text "Default webapp $webapp_line" --result FOUND --color ORANGE --advice TOMCAT_DEFAULT_WEBAPP fi done fi if [ -e "$SERVERXML" ] then Display --indent 2 --text "server.xml $SERVERXML" --result FOUND --color GREEN fi if [ -e "$PASSFILE" ] then Display --indent 2 --text "PASSFILE $PASSFILE" --result FOUND --color GREEN grep 'password=' "$PASSFILE" | while read passline do # echo " Check $passline" PASSNAME="`echo $passline | sed 's/^.*name="//g' | sed 's/\".*//g'`" PASSWORD="`echo $passline | sed 's/^.*password="//g' | sed 's/\".*//g'`" # echo " NAME=$PASSNAME $PASSWORD" #known password jonas tomcat admin if [ ! -z "`echo $PASSWORD | grep -iE 'tomcat|admin|jonas'`" ] then Display --indent 4 --text "Default password for $PASSNAME" --result "$PASSWORD" --color RED --advice TOMCAT_DEFAULT_PASSWORD fi done fi if [ -e "$BASE_TOMCAT" ] then Display --indent 2 --text "Tomcat $TOMCAT_VERSION found at $BASE_TOMCAT" --result FOUND --color GREEN check_directory_others $BASE_TOMCAT $TMP_RESULT2 4 fi if [ "$TOMCAT_MAJOR_VERSION" != "0" -a "$TOMCAT_MINOR_VERSION" != "0" ] ;then if [ "$TOMCAT_MAJOR_VERSION" = "5.5" -a "$TOMCAT_MINOR_VERSION" -le 34 ] ;then Display --indent 2 --text "Tomcat $TOMCAT_VERSION" --result OLD --color ORANGE else if [ "$TOMCAT_MAJOR_VERSION" = "5.0" ] ; then #obsolete version Display --indent 2 --text "Tomcat $TOMCAT_VERSION" --result OLD --color RED fi fi fi #TODO check for Connector TMP_RESULT="${TEMPYASATDIR}/tomcat_server.tmp" echo "" > $TMP_RESULT echo "" > ${TMP_RESULT}.final cat $SERVERXML | while read line do echo -n "$line" | sed 's,-->,\n-->\n,g' | sed 's,' ] ; then COMMENT=0 fi fi done < $TMP_RESULT rm $TMP_RESULT rm ${TMP_RESULT}.final done yasat/plugins/apache_conf.advice0000640000175000017500000001005111714714771017520 0ustar montjoiemontjoieEN,APACHE_CONF_TIMEOUT=configure timeout below 20s Your timeout is too high, for protection against DoS set it low. 20s is good enough.
Timeout 20
See http://httpd.apache.org/docs/2.2/mod/core.html#timeout ADVICEEND EN,APACHE_CONF_HOSTNAMELOOKUPS=Set HostNameLookup to off It's better for performance and network traffic.
HostNameLookup off
See http://httpd.apache.org/docs/2.2/mod/core.html#hostnamelookups ADVICEEND EN,APACHE_CONF_SERVERSIGNATURE=Hide apache version by setting serversignature off Hide your apache version
ServerSignature off
See http://httpd.apache.org/docs/2.2/mod/core.html#serversignature ADVICEEND EN,APACHE_CONF_SERVERTOKENS=Hide apache version by setting servertokens to prod Hide your apache version
servertokens prod
See http://httpd.apache.org/docs/2.2/mod/core.html#servertokens ADVICEEND EN,APACHE_CONF_SSL_SSLV2=SSLV2 is deprecated, disable it with -SSLv2 SSLv2 is known to be a weak protection, disable it. see http://httpd.apache.org/docs/2.2/mod/mod_ssl.html#sslprotocol ADVICEEND EN,APACHE_CONF_PROXYREQUESTS=You are acting as an open-proxy, check your configuration for be sure to enable only local users See http://httpd.apache.org/docs/2.2/mod/mod_proxy.html ADVICEEND EN,APACHE_CONF_TRACEENABLE=Disable the TRACE debugging function. See http://httpd.apache.org/docs/2.0/mod/core.html#traceenable http://www.ducea.com/2007/10/22/apache-tips-disable-the-http-trace-method/ ADVICEEND EN,APACHE_CONF_LIMITREQUESTBODY=Set the limitrequestbody directive See http://httpd.apache.org/docs/2.2/mod/core.html#limitrequestbody ADVICEEND EN,APACHE_CONF_LIMITREQUESTFIELDS=Set the LimitRequestFields directive See http://httpd.apache.org/docs/2.2/mod/core.html#LimitRequestFields ADVICEEND EN,APACHE_CONF_LIMITREQUESTFIELDSIZE=Set the LimitRequestFieldsize directive See http://httpd.apache.org/docs/2.2/mod/core.html#limitrequestfieldsize ADVICEEND EN,APACHE_CONF_LIMITREQUESTLINE=Set the limitrequestline directive See http://httpd.apache.org/docs/2.2/mod/core.html#limitrequestline ADVICEEND EN,APACHE_ERRORDOC_CUSTOM=Use a custom ErrorDocument If possible, make and use a custom ErrorDocument branded according to your website. See http://httpd.apache.org/docs/2.2/mod/core.html#errordocument ADVICEEND EN,APACHE_CONF_KEEPALIVES=Enable keepalive
KeepAlive on
See http://httpd.apache.org/docs/2.2/mod/core.html#keepalive ADVICEEND EN,APACHE_CONF_KEEPALIVE_TIMEOUT=Decrease the value of keepalivetimeout According toe the official documentation Setting KeepAliveTimeout to a high value may cause performance problems in heavily loaded servers. The higher the timeout, the more server processes will be kept occupied waiting on connections with idle clients.
KeepAliveTimeout 5
See http://httpd.apache.org/docs/2.2/mod/core.html#keepalivetimeout ADVICEEND yasat/plugins/postfix.test0000640000175000017500000000647511677022127016524 0ustar montjoiemontjoie#!/bin/sh ################################################################################ # # # Copyright (C) 2008-2012 LABBE Corentin # # YASAT is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # YASAT is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with YASAT. If not, see . # # ################################################################################ POSSIBLE_POSTFIX_CONF="/etc/postfix/main.cf /usr/local/etc/postfix/main.cf" POSTFIX_CONF="/etc/postfix/main.cf" for LOCATION in ${POSSIBLE_POSTFIX_CONF} do if [ -e "${LOCATION}" ] then POSTFIX_CONF="${LOCATION}" fi done Title "Check postfix" if [ ! -e "$POSTFIX_CONF" ] then return 1; fi FindValueOfEqual $POSTFIX_CONF smtp_tls_cert_file JUSTTEST if [ ! -z "$RESULTAT" ] then Display --indent 2 --text "TLS $RESULTAT" --result OK --color GREEN check_file $RESULTAT 4 CERT else Display --indent 2 --text "No TLS" --result CONSEIL --color ORANGE --advice POSTFIX_NO_TLS fi FindValueOfEqual $POSTFIX_CONF smtp_tls_key_file JUSTTEST if [ ! -z "$RESULTAT" ] then Display --indent 2 --text "TLS $RESULTAT" --result OK --color GREEN check_file $RESULTAT 4 PRIVKEY else Display --indent 2 --text "No TLS" --result CONSEIL --color ORANGE --advice POSTFIX_NO_TLS fi FindValueOfEqual $POSTFIX_CONF smtpd_tls_cert_file JUSTTEST if [ ! -z "$RESULTAT" ] then Display --indent 2 --text "TLS $RESULTAT" --result OK --color GREEN check_file $RESULTAT 4 CERT else Display --indent 2 --text "No TLS" --result CONSEIL --color ORANGE --advice POSTFIX_NO_TLS fi FindValueOfEqual $POSTFIX_CONF smtpd_tls_key_file JUSTTEST if [ ! -z "$RESULTAT" ] then Display --indent 2 --text "TLS $RESULTAT" --result OK --color GREEN check_file $RESULTAT 4 PRIVKEY else Display --indent 2 --text "No TLS" --result CONSEIL --color ORANGE --advice POSTFIX_NO_TLS fi FindValueOfEqual $POSTFIX_CONF smtpd_use_tls JUSTTEST if [ ! -z "$RESULTAT" ] then Display --indent 2 --text "smtpd_use_tls is obsolete, use smtpd_tls_security_level instead" --result OBSOLETE --color ORANGE --advice POSTFIX_OBSOLETE_TLS else Display --indent 2 --text "No smtpd_use_tls" --result NOTFOUND --color GREEN fi FindValueOfEqual $POSTFIX_CONF smtp_use_tls JUSTTEST if [ ! -z "$RESULTAT" ] then Display --indent 2 --text "smtp_use_tls is obsolete, use smtp_tls_security_level instead" --result OBSOLETE --color ORANGE --advice POSTFIX_OBSOLETE_TLS else Display --indent 2 --text "No smtp_use_tls" --result NOTFOUND --color GREEN fi # http://www.postfix.org/TLS_README.html #TODO relay domains #TODO obsolete smtpd_use_tls #TODO check rights of file (like virtual_uid_maps) #TODO check ending of smtpd_sender_restriction (must be reject_unauth_destination) return 0; yasat/plugins/apache_user.advice0000640000175000017500000000222311677022127017546 0ustar montjoiemontjoieEN,APACHE_USER_OWNER_CONF_REP=Apache configuration files must be owned by root Apache doesn't have to own its configuration files.
chown -R root apache_conf_root
ADVICEEND EN,APACHE_USER_GROUP_CONF_REP=Apache configuration files must be group owned by root Apache reads its config files when root (before setuid to apache/www-data user)
chgrp -R root apache_conf_root
ADVICEEND EN,APACHE_USER_OTHERS_CONF_REP=Apache configuration files must not have others access Others don't need to read apache configuration files
chmod -R o-rwx apache_conf_root
ADVICEEND EN,APACHE_USER_BAD_SHELL=apache must not have a shell Set a non-shell setting to apache user like /bin/false or /bin/nologin
usermod -s /bin/false www-data
ADVICEEND EN,APACHE_USER_PASSWD_IN_CONF_REP=It's preferred to put htpasswd files in a directory group owned by apache that is not a docroot Apache reads password files after "setuiding" to apache/www-data Example: Put your htpasswd files in /var/www/.htpasswd and docroot in /var/www/servername ADVICEEND yasat/plugins/packages.advice0000640000175000017500000000120311677022127017042 0ustar montjoiemontjoieEN,PACKAGES_USELESS=On a server, if this packages is not used, remove it On a server this packages may not be needed, double check that it is of use. Consider removing the package if it is not needed. ADVICEEND EN,PACKAGES_NO_PORTAUDIT=Install portaudit Install portaudit to check your installed ports for known security issues. ADVICEEND EN,PACKAGES_PORTAUDIT_TOOOLD=Refresh portaudit database Type "portaudit -F" to refresh portaudit database ADVICEEND EN,PACKAGE_REDHAT_RHNSD_DISABLED=Enable rhnsd Rhnsd is the RedHat network daemon. If you have a RedHat, you might also have an account on the RedHat Network, use it. ADVICEEND yasat/plugins/xinetd.test0000640000175000017500000001512111735012334016301 0ustar montjoiemontjoie#!/bin/sh ################################################################################ # # # Copyright (C) 2008-2012 LABBE Corentin # # YASAT is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # YASAT is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with YASAT. If not, see . # # ################################################################################ #TODO check user #TODO check group #TODO check disable #TODO check server (existence suid etc...) #TODO check for log type in activatd services #TODO check for umask #TODO per_source instances #TODO check cps max_load #TODO includedir POSSIBLE_XINETD_CONF="/etc/xinetd.conf /usr/local/etc/xinetd.conf" XINETD_CONF="/etc/xinetd.conf" POSSIBLE_XINETD_REP="/etc/xinetd.d /usr/local/etc/xinetd.d" XINETD_REP="/etc/xinetd.d" POSSIBLE_INETD_CONF="/etc/inetd.conf /usr/local/etc/inetd.conf" INETD_CONF="/etc/inetd.conf" for LOCATION in ${POSSIBLE_XINETD_CONF} do if [ -e "${LOCATION}/" ] then XINETD_CONF="${LOCATION}" fi done for LOCATION in ${POSSIBLE_INETD_CONF} do if [ -e "${LOCATION}/" ] then INETD_CONF="${LOCATION}" fi done for LOCATION in ${POSSIBLE_XINETD_REP} do if [ -e "${LOCATION}/" ] then XINETD_REP="${LOCATION}" fi done #does log_type is set by default on xinetd.conf ? XINETD_LOG_TYPE_DEFAULT=0 #TODO check if inetd and xinetd is launched by default Title "Check inetd" if [ -e "$INETD_CONF" ] then Display --indent 2 --text "$INETD_CONF" --result FOUND --color BLUE grep -v '^#' $INETD_CONF | sed 's/[[:space:]].*//g' | sed 's/^.*://g' | sort | uniq | while read INETD_SERVICE do RESULTAT=`grep "^${INETD_SERVICE}|" $PLUGINS_REP/xinetd.data` if [ -z "$RESULTAT" ] then Display --indent 4 --text "Service $INETD_SERVICE unknown" --result FOUND --color BLUE else INETD_OPT_SERVICES_TEST="`echo "$RESULTAT" | cut -f2 -d\|`" INETD_OPT_SERVICES_ADVICE="`echo "$RESULTAT" | cut -f3 -d\|`" case $INETD_OPT_SERVICES_TEST in O) Display --indent 4 --text "$INETD_SERVICE" --result FOUND --color ORANGE --advice $INETD_OPT_SERVICES_ADVICE ;; R) Display --indent 4 --text "$INETD_SERVICE" --result FOUND --color GREEN --advice $INETD_OPT_SERVICES_ADVICE #TODO check only_from etc... ;; *) Display --indent 4 --text "$INETD_SERVICE" --result FOUND --color RED --advice $INETD_OPT_SERVICES_ADVICE ;; esac fi done #else # Display --indent 2 --text "No $INETD_CONF" --result NOTFOUND --color BLUE fi Title "Check xinetd" if [ -e "$XINETD_CONF" ] then Display --indent 2 --text "$XINETD_CONF" --result FOUND --color BLUE FindValueOf $XINETD_CONF 'includedir' JUSTCHECK if [ -z "$RESULTAT" ] then Display --indent 4 --text "includedir" --result NOTFOUND --color ORANGE else Display --indent 4 --text "includedir" --result "$RESULTAT" --color GREEN fi FindValueOf $XINETD_CONF 'log_type' JUSTCHECK if [ -z "$RESULTAT" ] then Display --indent 4 --text "log_type" --result NOTFOUND --color ORANGE --advice XINETD_SERVICES_NO_LOG_TYPE else Display --indent 4 --text "log_type" --result "$RESULTAT" --color GREEN XINETD_LOG_TYPE_DEFAULT=1 fi fi if [ -d "$XINETD_REP" ] then Display --indent 2 --text "$XINETD_REP" --result FOUND --color GREEN ls $XINETD_REP | while read XINETD_SERVICE do RESULTAT=`grep "^${XINETD_SERVICE}|" $PLUGINS_REP/xinetd.data` if [ -z "$RESULTAT" ] then Display --indent 4 --text "Service $XINETD_SERVICE unknown" --result FOUND --color BLUE XINETD_LOG_ON_FAILURE=0 XINETD_ONLY_FROM=0 XINETD_LOG_TYPE=0 grep -v '^$' ${XINETD_REP}/${XINETD_SERVICE} | grep -v '^#' | sed 's/^[[:space:]]*//g' | while read XINETD_SERVICE_LINE do if [ ! -z "`echo $XINETD_SERVICE_LINE | grep -i '^[[:space:]]*service'`" ] then NAME_OF_SERVICE=`echo "$XINETD_SERVICE_LINE" | sed 's/^[[:space:]]*service[[:space:]]*//g'` Display --indent 6 --text "Service $NAME_OF_SERVICE" --result FOUND --color BLUE fi if [ ! -z "`echo "$XINETD_SERVICE_LINE" |grep 'log_on_failure'`" ] then Display --indent 6 --text "log_on_failure" --result FOUND --color GREEN XINETD_LOG_ON_FAILURE=1 fi if [ ! -z "`echo "$XINETD_SERVICE_LINE" |grep 'only_from'`" ] then Display --indent 6 --text "only_from" --result FOUND --color GREEN XINETD_ONLY_FROM=1 fi if [ ! -z "`echo "$XINETD_SERVICE_LINE" |grep 'log_type'`" ] then Display --indent 6 --text "log_type" --result FOUND --color GREEN XINETD_LOG_TYPE=1 fi if [ ! -z "`echo "$XINETD_SERVICE_LINE" |grep '}'`" ] then Display --indent 6 --text "End of service" --result FOUND --color BLUE if [ ${XINETD_LOG_ON_FAILURE} -eq 0 ] then Display --indent 8 --text "No log_on_failure for $NAME_OF_SERVICE" --result NOTFOUND --color ORANGE --advice XINETD_SERVICES_NO_LOG_FAILURE fi if [ ${XINETD_ONLY_FROM} -eq 0 ] then Display --indent 8 --text "No only_from for $NAME_OF_SERVICE" --result NOTFOUND --color ORANGE --advice XINETD_SERVICES_NO_ONLY_FROM fi if [ ${XINETD_LOG_TYPE} -eq 0 -a ${XINETD_LOG_TYPE_DEFAULT} -eq 0 ] then Display --indent 8 --text "No log_type for $NAME_OF_SERVICE" --result NOTFOUND --color ORANGE --advice XINETD_SERVICES_NO_LOG_TYPE fi XINETD_ONLY_FROM=0 XINETD_LOG_ON_FAILURE=0 XINETD_LOG_TYPE=0 fi done else XINETD_OPT_SERVICES_TEST="`echo "$RESULTAT" | cut -f2 -d\|`" XINETD_OPT_SERVICES_ADVICE="`echo "$RESULTAT" | cut -f3 -d\|`" case $XINETD_OPT_SERVICES_TEST in O) Display --indent 4 --text "$XINETD_SERVICE" --result FOUND --color ORANGE --advice $XINETD_OPT_SERVICES_ADVICE ;; R) Display --indent 4 --text "$XINETD_SERVICE" --result FOUND --color GREEN --advice $XINETD_OPT_SERVICES_ADVICE #TODO check only_from etc... ;; *) Display --indent 4 --text "$XINETD_SERVICE" --result FOUND --color RED --advice $XINETD_OPT_SERVICES_ADVICE ;; esac fi done else Display --indent 2 --text "$XINETD_REP" --result NOTFOUND --color BLUE fi return 0 yasat/plugins/packages.test0000640000175000017500000000753511677022127016604 0ustar montjoiemontjoie#!/bin/sh ################################################################################ # # # Copyright (C) 2008-2012 LABBE Corentin # # YASAT is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # YASAT is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with YASAT. If not, see . # # ################################################################################ Title "Packages" if [ "${LIST_PKG}x" = "x" ] then echo "Unknown packaging , i'll try autodetect" #for the moment no autodetect :) return 0; fi #debian apt-get if [ "$LIST_PKG" = "apt-get" ] then echo "Check packages with apt-get" #TODO check if we are stable/release specified in source.list #TODO check if we use official debian/ubuntu or other external mirror (usefull)??? (check gpg signature) NB_MAJ_SECU=`apt-get -s upgrade | grep '^Inst' |grep -i security | wc -l` if [ $NB_MAJ_SECU -ge 1 ] then Display --indent 2 --text "Some security upgrade ar not done" --result WARNING --color RED else Display --indent 2 --text "No security upgrade" --result OK --color GREEN fi #Check for useless packages if [ -e "${PLUGINS_REP}/packages.data" ] then echo "Check useless packages" LISTE_PKG_INSTALLED="`dpkg -l | grep '^ii' | sed 's/^ii[[:space:]]*//g' | cut -d\ -f1`" grep '^DEBIAN' $PLUGINS_REP/packages.data | while read line do if [ ! -z "`echo $LISTE_PKG_INSTALLED | grep ^${line}`" ] then Display --indent 2 --text "Possible useless packages ${line}" --result WARNING --color ORANGE --advice PACKAGES_USELESS fi done fi return 0; fi #BSD pkg_info + portaudit #only freebsd have portaudit if [ "$OS_TYPE" = 'BSD' ] then portaudit 2>> $ERROR_OUTPUT_FILE > /dev/null if [ $? -eq 127 ] then Display --indent 2 --text "portaudit not found" --result NOTFOUND --color RED --advice PACKAGES_NO_PORTAUDIT return 1 fi Display --indent 2 --text "Check PKG with portaudit" --result FOUND --color GREEN portaudit if [ $? -eq 2 ] then Display --indent 2 --text "Portaudit" --result TOOOLD --color ORANGE --advice PACKAGES_PORTAUDIT_TOOOLD fi fi if [ "$OS" = 'OpenBSD' ] then pkg_add -unx fi #Gentoo glsa-check + emerge if [ "$LIST_PKG" = "emerge" ] then echo "Check PKG with glsa" glsa-check -v -t all if [ $? -eq 0 ] then Display --indent 2 --text "No security upgrade" --result GOOD --color GREEN else Display --indent 2 --text "Some security upgrade are not done" --result WARNING --color RED fi return 0; fi #Red Hat if [ "$LINUX_VERSION" = 'Red Hat' ] then #check rhnsd chkconfig rhnsd if [ $? = 0 ] then Display --indent 2 --text "rhnsd" --result ENABLED --color GREEN else Display --indent 2 --text "rhnsd" --result DISABLED --color RED --advice PACKAGE_REDHAT_RHNSD_DISABLED fi #TODO check yum-updatesd.conf fi #RedHat rpm -qa if [ "$LIST_PKG" = "rpm" ] then echo "Check PKG with rpm" LISTE_PKG_INSTALLED="`rpm -qa`" #TODO check packages with rpm grep '^REDHAT' $PLUGINS_REP/packages.data | cut -d\, -f2 | while read line do if [ ! -z "`echo $LISTE_PKG_INSTALLED | grep -i [[:space:]]${line}`" ] then Display --indent 2 --text "Possible useless packages ${line}" --result WARNING --color ORANGE --advice PACKAGES_USELESS fi done return 0; fi #solaris pkgadm? return 0; yasat/plugins/apache_conf.data0000640000175000017500000000145511677022127017201 0ustar montjoiemontjoie# DIRECTIVE PARAMETER COMPARE OPTIONAL ADVICE ServerSignature|off|s||APACHE_CONF_SERVERSIGNATURE ServerTokens|Prod|S||APACHE_CONF_SERVERTOKENS Timeout|21|NM||APACHE_CONF_TIMEOUT HostnameLookups|Off|S||APACHE_CONF_HOSTNAMELOOKUPS KeepAlive|on|s||APACHE_CONF_KEEPALIVES KeepAliveTimeout|20|NM||APACHE_CONF_KEEPALIVE_TIMEOUT MaxKeepAliveRequests|101|NM TraceEnable|off|s||APACHE_CONF_TRACEENABLE User|root|snot Group|root|snot LimitRequestBody|102400|NM||APACHE_CONF_LIMITREQUESTBODY LimitRequestFields|101|NM||APACHE_CONF_LIMITREQUESTFIELDS LimitRequestFieldsize|8191|NM||APACHE_CONF_LIMITREQUESTFIELDSIZE LimitRequestLine|8191|NM||APACHE_CONF_LIMITREQUESTLINE LimitXMLRequestBody|1000000|NM|Y #TODO place it directly in the test FileETag|''|s|Y|APACHE_CONF_FILEETAG ProxyRequests|off|s|Y|APACHE_CONF_PROXYREQUESTS yasat/plugins/network.data0000640000175000017500000000157411677022127016446 0ustar montjoiemontjoienet.ipv4.icmp_echo_ignore_broadcasts|1|=|NETWORK_ICMP_ECHO_IGNORE_BROADCASTS net.ipv4.tcp_fin_timeout|60|<|NETWORK_FIN_TIMEOUT net.ipv4.icmp_ignore_bogus_error_responses|1|=|NETWORK_IGNORE_BOGUS_ERROR_RESPONSES net.ipv4.conf.all.accept_redirects|0|=|NETWORK_CONF_ALL_ACCEPT_REDIRECTS net.ipv4.conf.default.accept_redirects|0|=|NETWORK_CONF_DEFAULT_ACCEPT_REDIRECTS net.ipv4.tcp_syncookies|1|=|NETWORK_TCP_SYNCOOKIES net.ipv4.conf.all.accept_source_route|0|=|NETWORK_CONF_ALL_ACCEPT_SOURCE_ROUTE net.ipv4.conf.default.accept_source_route|0|=|NETWORK_CONF_DEFAULT_ACCEPT_SOURCE_ROUTE net.ipv4.conf.all.rp_filter|1|=|NETWORK_CONF_ENABLE_IP_SPOOFING_PROTECTION net.ipv4.conf.default.rp_filter|1|=|NETWORK_CONF_ENABLE_IP_SPOOFING_PROTECTION net.ipv4.conf.default.send_redirects|0|=|NETWORK_CONF_TODO net.ipv4.conf.all.send_redirects|0|=|NETWORK_CONF_TODO net.ipv4.ip_forward|0|=|NETWORK_CONF_TODO yasat/plugins/ssh.test0000640000175000017500000001426011722700623015607 0ustar montjoiemontjoie#!/bin/sh ################################################################################ # # # Copyright (C) 2008-2012 LABBE Corentin # # YASAT is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # YASAT is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with YASAT. If not, see . # # ################################################################################ SSH_CONF_REP="/etc/ssh/" Title "Check ssh and sshd configurations" if [ ! -e "$SSH_CONF_REP" ]; then echo "strange no ssh directory" return 1; fi #TODO not always /usr/sbin/sshd check_file /usr/sbin/sshd 2 BINARY #YASAT_TEST_SSH_1 PermitRootLogin must be set to no FindValueOf ${SSH_CONF_REP}/sshd_config PermitRootLogin JUSTTEST if [ ! -z "$RESULTAT" ] ; then if [ "$RESULTAT" = "yes" ] ;then Display --indent 2 --text "PermitRootLogin" --result "$RESULTAT" --color RED --advice SSH_ROOT_LOGIN else Display --indent 2 --text "PermitRootLogin" --result "$RESULTAT" --color GREEN fi else Display --indent 2 --text "PermitRootLogin" --result NOTFOUND --color RED --advice SSH_ROOT_LOGIN fi #YASAT_TEST_SSH_2 PermitEmptyPassword must be set to no FindValueOf ${SSH_CONF_REP}/sshd_config PermitEmptyPassword JUSTTEST if [ ! -z "$RESULTAT" ] ; then if [ "$RESULTAT" = "no" ] ;then Display --indent 2 --text "PermitEmptyPassword" --result "$RESULTAT" --color RED else Display --indent 2 --text "PermitEmptyPassword" --result "$RESULTAT" --color GREEN fi else Display --indent 2 --text "PermitEmptyPassword" --result NOTFOUND --color GREEN fi #YASAT_TEST_SSH_3 HostbasedAuthentication must be set to no FindValueOf ${SSH_CONF_REP}/sshd_config HostbasedAuthentication JUSTTEST if [ ! -z "$RESULTAT" ] ;then if [ "$RESULTAT" = "yes" ] ;then Display --indent 2 --text "HostbasedAuthentication" --result "$RESULTAT" --color RED else Display --indent 2 --text "HostbasedAuthentication" --result "$RESULTAT" --color GREEN fi else Display --indent 2 --text "HostbasedAuthentication" --result NOTFOUND --color GREEN fi #YASAT_TEST_SSH_4 RhostsAuthentication must be set to no FindValueOf ${SSH_CONF_REP}/sshd_config RhostsAuthentication JUSTTEST if [ ! -z "$RESULTAT" ] ;then if [ "$RESULTAT" = "yes" ] ;then Display --indent 2 --text "RhostsAuthentication" --result "$RESULTAT" --color RED else Display --indent 2 --text "RhostsAuthentication" --result "$RESULTAT" --color GREEN fi else Display --indent 2 --text "RhostsAuthentication" --result NOTFOUND --color GREEN fi #YASAT_TEST_SSH_5 Protocol must be set to 2 FindValueOf ${SSH_CONF_REP}/sshd_config Protocol JUSTTEST if [ ! -z "$RESULTAT" ] ;then if [ "$RESULTAT" = "2" ] ;then Display --indent 2 --text "Protocol" --result "$RESULTAT" --color GREEN else Display --indent 2 --text "Protocol" --result "$RESULTAT" --color RED fi else Display --indent 2 --text "Protocol" --result NOTFOUND --color GREEN fi #YASAT_TEST_SSH_6 StrictModes must be set to yes FindValueOf ${SSH_CONF_REP}/sshd_config StrictModes JUSTTEST if [ ! -z "$RESULTAT" ] ; then if [ "$RESULTAT" = "no" ] ; then Display --indent 2 --text "StrictModes" --result "$RESULTAT" --color RED else Display --indent 2 --text "StrictModes" --result "$RESULTAT" --color GREEN fi else Display --indent 2 --text "StrictModes" --result NOTFOUND --color GREEN fi #YASAT_TEST_SSH_7 UsePrivilegeSeparation must be set to yes FindValueOf ${SSH_CONF_REP}/sshd_config UsePrivilegeSeparation JUSTTEST if [ ! -z "$RESULTAT" ] ; then if [ "$RESULTAT" = "no" ] ; then Display --indent 2 --text "UsePrivilegeSeparation" --result "$RESULTAT" --color RED else Display --indent 2 --text "UsePrivilegeSeparation" --result "$RESULTAT" --color GREEN fi else Display --indent 2 --text "UsePrivilegeSeparation" --result NOTFOUND --color GREEN fi #YASAT_TEST_SSH_8 X11Forwarding must be set to no FindValueOf ${SSH_CONF_REP}/sshd_config X11Forwarding JUSTTEST check_value "$RESULTAT" 'no' 'false' 'X11Forwarding' 'ORANGE' 'SSH_X11FORWARDING' #YASAT_TEST_SSH_9 IgnoreRhosts must be set to yes FindValueOf ${SSH_CONF_REP}/sshd_config IgnoreRhosts JUSTTEST check_value "$RESULTAT" 'yes' 'false' 'IgnoreRhosts' 'RED' 'SSH_IGNORERHOSTS' #check HostKey #grep ^HostKey "${SSH_CONF_REP}/sshd_config" #YASAT_TEST_SSH_10 Check ssh_host_dsa_key permissions if [ -e "${SSH_CONF_REP}"/ssh_host_dsa_key ] ; then check_private_key "${SSH_CONF_REP}"/ssh_host_dsa_key 2 sshd fi #YASAT_TEST_SSH_11 Check ssh_host_dsa_key.pub permissions if [ -e "${SSH_CONF_REP}"/ssh_host_dsa_key ] ; then check_a_file "${SSH_CONF_REP}"/ssh_host_dsa_key.pub 2 root "$ROOTGROUP" 644 fi #YASAT_TEST_SSH_12 Check ssh_host_rsa_key permissions and keysize if [ -e "${SSH_CONF_REP}"/ssh_host_rsa_key ] ; then check_private_key "${SSH_CONF_REP}"/ssh_host_rsa_key 2 sshd fi #YASAT_TEST_SSH_13 Check ssh_host_rsa_key.pub permissions if [ -e "${SSH_CONF_REP}"/ssh_host_rsa_key ] ; then check_a_file "${SSH_CONF_REP}"/ssh_host_rsa_key 2 root "$ROOTGROUP" 644 fi #YASAT_TEST_SSH_14 Check ssh_host_key permissions if [ -e "${SSH_CONF_REP}"/ssh_host_key ] ; then check_a_file "${SSH_CONF_REP}"/ssh_host_key 2 root "$ROOTGROUP" 600 fi #YASAT_TEST_SSH_15 Check ssh_host_key.pub permissions if [ -e "${SSH_CONF_REP}"/ssh_host_key ] ; then check_a_file "${SSH_CONF_REP}"/ssh_host_key.pub 2 root "$ROOTGROUP" 644 fi #YASAT_TEST_SSH_16 Check sshd_config_key permissions if [ -e "${SSH_CONF_REP}"/sshd_config ] ; then check_a_file "${SSH_CONF_REP}"/sshd_config 2 root "$ROOTGROUP" 600 fi #YASAT_TEST_SSH_17 Check sshd_config_key permissions if [ -e "${SSH_CONF_REP}"/ssh_config ] ; then check_a_file "${SSH_CONF_REP}"/ssh_config 2 root "$ROOTGROUP" 644 fi return 0; yasat/plugins/kernel.advice0000640000175000017500000001147111750177445016562 0ustar montjoiemontjoieEN,KERNEL_CONFIG_COMPAT_BRK=TODO If possible disable it See http://cateee.net/lkddb/web-lkddb/COMPAT_BRK.html ADVICEEND #http://kerneltrap.org/mailarchive/linux-kernel/2008/2/6/744164 EN,KERNEL_CONFIG_COMPAT_VDSO=TODO If possible disable it See http://cateee.net/lkddb/web-lkddb/COMPAT_VDSO.html ADVICEEND EN,KERNEL_MMAP_MIN_ADDR=Set this to 4096 Many security flaw have been found in Linux kernel that can be exploited if this value is 0 See http://lwn.net/Articles/360371/ TODO had more links to explain ADVICEEND EN,KERNEL_CONFIG_MCE Enable it, it allows Linux to check/detect some hardware problem. See http://en.wikipedia.org/wiki/Machine_Check_Exception ADVICEEND EN,KERNEL_NO_NX_BIT=Check NX bit support for your processor NX bit is available on all x86 processors that have 64bit support, both AMD and Intel. If your processor is recent, check your BIOS for enable it. (sometime called noexec, memory protection etc...) See http://en.wikipedia.org/wiki/NX_bit for more informations on NX bit. ADVICEEND EN,KERNEL_NO_CONFIG=Can't find you kernel config Either you recompile your kernel with CONFIG_IKCONFIG_PROC or either you provide the .config to yasat with YASAT_PATH_TO_KERNEL_CONFIG <- TODO ADVICEEND EN,KERNEL_CONFIG_STRICT_DEVMEM=Disable access to /dev/mem http://bugs.archlinux.org/task/14317 If this option is disabled, you allow userspace (root) access to all of memory, including both kernel and userspace memory. Accidental access to this is obviously disastrous, but specific access can be used by people debugging the kernel. Note that with PAT support enabled, even in this case there are restrictions on /dev/mem use due to the cache aliasing requirements. If this option is switched on, the /dev/mem file only allows userspace access to PCI space and the BIOS code and data regions. This is sufficient for dosemu and X and all common users of /dev/mem. (Doc from kernel config) ADVICEEND EN,KERNEL_CONFIG_DEVKMEM=Disable the creation of /dev/kmem The /dev/kmem device is rarely used, but can be used for certain kind of kernel debugging operations. (Doc from kernel config) ADVICEEND EN,KERNEL_EXEC_SHIELD=Enable Exec-Shield Exec-Shield is kernel patches for using NX. It is included by default on Redhat Linux and clones. Activate it by "echo 1 > /proc/sys/kernel/exec-shield" Add "kernel.exec-shield = 1" in /etc/sysctl.conf to make the change persistent. See http://people.redhat.com/mingo/exec-shield/ See also http://lwn.net/Articles/144107/ ADVICEEND EN,OPENBSD_SECURE_LEVEL_BELOW_ZERO=Set secure level at level 0 or more See http://www.openbsd.org/cgi-bin/man.cgi?query=securelevel&sektion=7&arch=&apropos=0&manpath=OpenBSD+Current ADVICEEND EN,KERNEL_CONFIG_PAX=Use PAX to harden your kernel See http://grsecurity.net/ TODO do more explanation ADVICEEND EN,KERNEL_CONFIG_GRSEC=Use GRsec to harden your kernel See http://grsecurity.net/ TODO do more explanation ADVICEEND EN,KERNEL_CONFIG_SECURITY_SELINUX=Use SELinux to harden your kernel See http://fedoraproject.org/wiki/SELinux/ TODO do more explanation ADVICEEND EN,KERNEL_USB_MODULES=On a server, disable USB On a server disable all possible ways to connect removable devices. TODO Link to DMA attacks with USB/Firewire like http://www.breaknenter.org/projects/inception/ ADVICEEND EN,KERNEL_FIREWIRE_MODULES=On a server, disable FireWire On a server disable all possible ways to connect removable devices. TODO Link to DMA attacks with USB/Firewire like http://www.breaknenter.org/projects/inception/ ADVICEEND EN,KERNEL_RANDOM_VA_SPACE=Activate the randomize_va_space See /usr/src/linux/Documentation/sysctl/kernel.txt You can activate it with sysctl kernel.randomize_va_space=2. Add "kernel.randomize_va_space = 2" in /etc/sysctl.conf to make the change persistent. You can also access it with /proc/sys/kernel/randomize_va_space ADVICEEND EN,KERNEL_CONFIG_DEBUG_SET_MODULE_RONX=Set KERNEL_CONFIG_DEBUG_SET_MODULE_RONX See http://lwn.net/Articles/422487/ ADVICEEND EN,KERNEL_CONFIG_DEBUG_RODATA=Set KERNEL_CONFIG_DEBUG_RODATA TODO ADVICEEND EN,KERNEL_CONFIG_DEBUG_STRICT_USER_COPY_CHECKS=Set KERNEL_CONFIG_DEBUG_STRICT_USER_COPY_CHECKS TODO ADVICEEND yasat/plugins/mysql.advice0000640000175000017500000000246511677022127016444 0ustar montjoiemontjoieEN,MYSQL_CONF_BIND=If possible, mysql should listen only on localhost EN,MYSQL_CONF_NO_SLOWQUERY_LOG=Log slow query See http://dev.mysql.com/doc/refman/5.0/en/slow-query-log.html ADVICEEND EN,MYSQL_CONF_BINLOGS=Are the binlogs useful to you ? Binlogs are used for master/slave replication. They can also be used for backups. If you don't use binlogs, disable them. ADVICEEND EN,MYSQL_CONF_NO_EXPIRELOGSDAYS=Set an expire_logs_days Binlogs can fill your storages if they aren't cleaned. Use expire_logs_days to control how much binlogs you want. See http://dev.mysql.com/doc/refman/5.0/en/server-system-variables.html#sysvar_expire_logs_days ADVICEEND EN,MYSQL_RUN_AS_ROOT=mysqld must not be run as root Create a non-root unprivileged user for running mysqld. ADVICEEND EN,MYSQL_USER_HAVE_SHELL=Mysqld user must not have a shell Set a non-shell setting for mysql user, like /bin/false or /bin/nologin ADVICEEND EN,MYSQL_LOG=Disable request log Be aware that this log type is a performance killer. See http://dev.mysql.com/doc/refman/5.0/en/query-log.html ADVICEEND yasat/plugins/logwatch.test0000640000175000017500000002400411735016147016624 0ustar montjoiemontjoie#!/bin/sh ################################################################################ # # # Copyright (C) 2008-2012 LABBE Corentin # Copyright (C) 2010-2011 Mikal Sande # # YASAT is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # YASAT is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with YASAT. If not, see . # # ################################################################################ Title "Check logwatch" # Variables CONFIG_PATHS_ETC='/etc/logwatch/default.conf/logwatch.conf /etc/logwatch/conf/logwatch.conf /usr/share/logwatch/default.conf/logwatch.conf' CONFIG_PATH="/etc/logwatch/" CONFIG_FILE='' EXEC_NAMES='logwatch logwatch.pl' EXEC_FILE='' # Default settings used in Logwatch that are tested if the directive # isn't found in the configfile TMPDIR_DEFAULT='/var/cache/logwatch' # Find the executable for FILE in $EXEC_NAMES; do which $FILE > /dev/null 2>&1 if [ $? -eq 0 ]; then EXEC_FILE=`which $FILE` fi done # Find the config file. Look in /etc/logwatch first for FILE in $CONFIG_PATHS_ETC; do if [ -f "$FILE" ]; then CONFIG_FILE=$FILE fi done if [ -z "$CONFIG_FILE" -a ! -e $CONFIG_PATH ] ; then return 0; fi # Look in /etc/logwatch/ to see if there is a config file that is # not in the expected place if [ -z "$CONFIG_FILE" ]; then for FILE in `find $CONFIG_PATH | grep 'logwatch.conf$'`; do if [ -f "$FILE" ]; then CONFIG_FILE=$FILE fi done fi if [ ! -e $CONFIG_FILE ] ; then return 0; fi # all testing is based on the config file, therefore the test skips itself # if the config can't be found if [ -z "$CONFIG_FILE" ]; then Display --indent 2 --text "No logwatch config found" --result SKIPPING --color YELLOW return 1 else Display --indent 2 --text "Config file $CONFIG_FILE" --result FOUND --color BLUE if [ -z "$EXEC_FILE" ]; then Display --indent 2 --text "Couldn't find logwatch.pl $EXEC_FILE" --result NOTFOUND --color ORANGE else Display --indent 2 --text "Executable $EXEC_FILE" --result FOUND --color BLUE fi fi #### # test TmpDir directive #### FindValueOf $CONFIG_FILE tmpdir JUSTTEST INSENSITIVE RESULTAT=`echo $RESULTAT | tr -d " ="` # Check if there is a TmpDir directive in the config, # if not check the default setting if [ ! -z "$RESULTAT" ]; then TMP_DIR=$RESULTAT else # safe default Display --indent 2 --text "TmpDir not found, default setting used" --result INFO --color BLUE --advice LOGWATCH_TMPDIR_DEFAULT TMP_DIR=$TMPDIR_DEFAULT fi # Check the directory if [ -d $TMP_DIR ]; then OCTAL_RIGHTS=`stat -c %a $TMP_DIR` compare_right $OCTAL_RIGHTS 750 YES if [ $? -ne 0 ]; then Display --indent 2 --text "TmpDir = $TMP_DIR" --result WARNING --color RED --advice LOGWATCH_TMPDIR_OTHER_READABLE else Display --indent 2 --text "TmpDir = $TMP_DIR" --result OK --color GREEN fi else Display --indent 2 --text "TmpDir = $TMP_DIR" --result NOTFOUND --color RED --advice LOGWATCH_TMPDIR_NOT_FOUND fi ### # test Save directive ### FindValueOf $CONFIG_FILE save JUSTTEST INSENSITIVE RESULTAT=`echo $RESULTAT | tr -d " ="` if [ ! -z "$RESULTAT" ]; then RESULTAT=`dirname $RESULTAT` if [ -d "$RESULTAT" ]; then OCTAL_RIGHTS=`stat -c %a $RESULTAT` compare_right $OCTAL_RIGHTS 750 YES if [ $? -ne 0 ]; then Display --indent 2 --text "Save = $RESULTAT" --result WARNING --color RED --advice LOGWATCH_SAVE_OTHER_READABLE else Display --indent 2 --text "Save = $RESULTAT" --result OK --color GREEN fi else Display --indent 2 --text "$RESULTAT isn't a directory" --result NOTFOUND --color RED fi else # safe default Display --indent 2 --text "Logwatch reports are not saved" --result INFO --color BLUE --advice LOGWATCH_DEFAULT_SETTING fi ### # test Detail directive ### FindValueOf $CONFIG_FILE detail JUSTTEST INSENSITIVE RESULTAT=`echo $RESULTAT | tr -d " ="` if [ ! -z "$RESULTAT" ]; then RESULTAT=`echo $RESULTAT | tr '[:upper:]' '[:lower:]'` case $RESULTAT in 0|low) Display --indent 2 --text "Detail = $RESULTAT, this is the lowest setting!" --result WARNING --color RED --advice LOGWATCH_LOW_DETAIL_SETTING ;; 1|2|3|4) Display --indent 2 --text "Detail = $RESULTAT, are you sure this is enough?" --result WARNING --color ORANGE --advice LOGWATCH_LOW_DETAIL_SETTING ;; 5|6|7|8|9|10|med|high) Display --indent 2 --text "Detail = $RESULTAT" --result OK --color GREEN ;; *) Display --indent 2 --text "Detail = $RESULTAT, invalid setting" --result INVALID --color RED ;; esac else Display --indent 2 --text "Detail not found, default setting used" --result NOTFOUND --color RED --advice LOGWATCH_LOW_DETAIL_SETTING fi ### # test Range directive ### FindValueOf $CONFIG_FILE range JUSTTEST INSENSITIVE RESULTAT=`echo $RESULTAT | tr -d " ="` if [ ! -z "$RESULTAT" ]; then RESULTAT=`echo $RESULTAT | tr '[:upper:]' '[:lower:]'` case $RESULTAT in all) Display --indent 2 --text "Range = $RESULTAT, might be too much when run on a regual basis" --result WARNING --color RED --advice LOGWATCH_PROBLEMATIC_RANGE_ALL ;; today) Display --indent 2 --text "Range = $RESULTAT, can lead to loss of information" --result WARNING --color ORANGE --advice LOGWATCH_PROBLEMATIC_RANGE_TODAY ;; yesterday) Display --indent 2 --text "Range = $RESULTAT" --result OK --color GREEN ;; *) Display --indent 2 --text "Range = $RESULTAT, invalid/unknown setting" --result INVALID --color RED ;; esac else # safe default setting Display --indent 2 --text "Range not found, default setting used" --result INFO --color BLUE --advice LOGWATCH_DEFAULT_SETTING fi ### # test Service directive ### ALL_SERVICES_FLAG='' # used to test for service level in LogFile test NO_SERVICES_FLAG='' # used to check if any Service directives have been found DISABLED_SERVICES_COUNT='0' LINES=`grep -i '^service' $CONFIG_FILE | sed 's/#.*//'` SAVE_IFS=$IFS # save the default IFS IFS=$(echo -en "\n\b") # set a new IFS, instead of default which is whitespace for line in $LINES; do line=`echo "$line" | tr '[:upper:]' '[:lower:]' | sed 's/service//' | tr -d " =\""` if [ "$line" = "all" ]; then ALL_SERVICES_FLAG='1' # set it so that it can be checked for in the LogFile test else echo $line | grep '^-' > /dev/null if [ $? -eq 0 ]; then DISABLED_SERVICES_COUNT=$(( $DISABLED_SERVICES_COUNT + 1 )) else NO_SERVICES_FLAG='1' # set the flag because a Service directive has been found fi fi done IFS=$SAVE_IFS # restore IFS if [ ! -z "$ALL_SERVICES_FLAG" ]; then Display --indent 2 --text "Service = All" --result OK --color GREEN # Check if there are checks that are disabled if [ $DISABLED_SERVICES_COUNT -ne 0 ]; then Display --indent 2 --text "$DISABLED_SERVICES_COUNT service checks are disabled" --result INFO --color BLUE --advice LOGWATCH_DISABLED_SERVICE_CHECK else Display --indent 2 --text "No service checks are disabled" --result OK --color GREEN fi else if [ -z $NO_SERVICES_FLAG ]; then # TODO check what happens when logwatch is run with no Service directive Display --indent 2 --text "No Service directives found" --result WARNING --color RED --advice LOGWATCH_NO_SERVICES_FOUND fi fi ### # test LogDir directive ### LOGDIR='' # is also used in LogFile test FindValueOf $CONFIG_FILE logdir JUSTTEST INSENSITIVE if [ ! -z "$RESULTAT" ]; then LOGDIR=`echo $RESULTAT | tr -d " ="` if [ ! -d $LOGDIR ]; then Display --indent 2 --text "LogDir wasn't found" --result WARNING --color RED --advice LOGWATCH_NO_LOGDIR else Display --indent 2 --text "LogDir = $LOGDIR" --result OK --color GREEN OCTAL_RIGHTS=`stat -c %a $LOGDIR` compare_right $OCTAL_RIGHTS 755 YES if [ $? -ne 0 ]; then Display --indent 2 --text "LogDir permissions" --result WARNING --color RED --advice LOGWATCH_LOGDIR_OTHER_WRITABLE else Display --indent 2 --text "LogDir permissions" --result OK --color GREEN fi fi else Display --indent 2 --text "LogDir wasn't found" --result WARNING --color RED --advice LOGWATCH_NO_LOGDIR fi ### # test LogFile directive ### if [ -z "$ALL_SERVICES_FLAG" ]; then FindValueOf $CONFIG_FILE logfile JUSTTEST INSENSITIVE if [ ! -z "$RESULTAT" ]; then RESULTAT=`echo $RESULTAT | tr -d ' ='` LOGFILE=`echo ${LOGDIR}/${RESULTAT} | sed 's/\/\//\//'` Display --indent 2 --text "Only $LOGFILE is checked." --result WARNING --color ORANGE --advice LOGWATCH_ONLY_ONE_LOGFILE else Display --indent 2 --text "No logfiles are checked!" --result WARNING --color RED --advice LOGWATCH_NO_LOGS_CHECKED fi fi ### # test Archives directive ### FindValueOf $CONFIG_FILE archives JUSTTEST INSENSITIVE if [ ! -z "$RESULTAT" ]; then RESULTAT=`echo $RESULTAT | tr -d ' ='` case $RESULTAT in yes|true|on|1) Display --indent 2 --text "Archives = $RESULTAT" --result OK --color GREEN ;; no|false|off|0) Display --indent 2 --text "Archives = $RESULTAT" --result WARNING --color ORANGE --advice LOGWATCH_ARCHIVES_NOT_CHECKED ;; *) Display --indent 2 --text "Archives = $RESULTAT, invalid/unkown setting" --result WARNING --color RED ;; esac else # safe default Display --indent 2 --text "Archives not found, default setting used" --result INFO --color BLUE --advice LOGWATCH_DEFAULT_SETTING fi ### # test HostLimit directive ### FindValueOf $CONFIG_FILE hostlimit JUSTTEST INSENSITIVE if [ ! -z "$RESULTAT" ]; then RESULTAT=`echo $RESULTAT | tr -d ' ='` case $RESULTAT in yes|true|on|1) Display --indent 2 --text "HostLimit = $RESULTAT" --result INFO --color BLUE ;; no|false|off|0) Display --indent 2 --text "HostLimit = $RESULTAT" --result INFO --color BLUE --advice LOGWATCH_HOSTLIMIT_NO ;; esac fi yasat/plugins/xinetd.advice0000640000175000017500000000116511677022127016566 0ustar montjoiemontjoieEN,XINETD_SERVICES_USELESS=Remove unused services from xinetd (even if disabled) EN,XINETD_SERVICES_OPTIONAL=Are these services in use ?(remove it otherwise) EN,XINETD_SERVICES_NODISABLE=Disable this services if you don't use it EN,XINETD_SERVICES_NO_LOG_TYPE=Add a log_type entry Set where xinetd logs goes (SYSLOG or FILE). See man xinetd.conf (search for log_type) ADVICEEND EN,XINETD_SERVICES_NO_LOG_FAILURE=Add a log_on_failure entry ADVICEEND EN,XINETD_SERVICES_NO_ONLY_FROM=Add a only_from entry If this service is non-public, restrain with a only_from its access. Like only_from = 127.0.0.1 192.168.1.2 ADVICEEND yasat/plugins/php_conf.advice0000640000175000017500000000517011741046176017071 0ustar montjoiemontjoieEN,PHP_CONF_SAFEMODE=If possible use safe_mode See http://php.net/manual/en/features.safe-mode.php ADVICEEND EN,PHP_CONF_REGISTER_GLOBALS=Don't use register-globals!! See http://www.php.net/manual/en/ini.core.php#ini.register-globals ADVICEEND EN,PHP_CONF_ALLOW_URL_INCLUDE=Don't use allow_url_include See http://php.net/manual/en/filesystem.configuration.php See also http://blog.php-security.org/archives/45-PHP-5.2.0-and-allow_url_include.html ADVICEEND EN,PHP_CONF_SORT_OPEN_TAG=Don't use short_open_tag See http://php.net/manual/en/ini.core.php ADVICEEND EN,PHP_CONF_DISPLAY_ERRORS=Don't display php errors, log them On a production site, errors can give away information to malicious people. See http://www.php.net/manual/en/errorfunc.configuration.php#ini.display-errors ADVICEEND EN,PHP_CONF_ENABLE_DL=Set enable_dl to off See http://php.net/manual/en/function.dl.php ADVICEEND EN,PHP_CONF_EXPOSE_PHP=Set expose_php to off See http://phpsec.org/projects/phpsecinfo/tests/expose_php.html ADVICEEND EN,PHP_CONF_FILE_UPLOADS=Set file_uploads to off if possible If your site doesn't need to upload files, disable this functionality. See http://phpsec.org/projects/phpsecinfo/tests/file_uploads.html ADVICEEND EN,PHP_CONF_REGISTER_LONG_ARRAYS=Set it to off, it's deprecated This feature has been DEPRECATED as of PHP 5.3.0 and REMOVED as of PHP 6.0.0. Relying on this feature is highly discouraged. See http://www.php.net/manual/en/ini.core.php#ini.register-long-arrays ADVICEEND EN,PHP_CONF_REGISTER_ARGC_ARGV=Set it to off TODO, why must it be set to off ? See http://www.php.net/manual/en/ini.core.php#ini.register-argc-argv ADVICEEND EN,PHP_CONF_EXECCOMM=This function can launch dangerous commands EN,PHP_CONF_INFODISCLOSURE=This function can display confidential information EN,PHP_CONF_PHPSESSID=Change the default PHPSESSID name yasat/plugins/nfs.test0000640000175000017500000001003211677022127015576 0ustar montjoiemontjoie#!/bin/sh ################################################################################ # # # Copyright (C) 2008-2012 LABBE Corentin # # YASAT is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # YASAT is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with YASAT. If not, see . # # ################################################################################ POSSIBLE_NFS_CONFIG_LOCATION='/etc/exports' NFS_CONFIG='/etc/exports' NFS_TAB='/etc/fstab' for LOCATION in ${POSSIBLE_NFS_CONFIG_LOCATION} do if [ -d "${LOCATION}/" ] then NFS_CONFIG="${LOCATION}" fi done Title "Check NFS (exports)" if [ ! -e "${PLUGINS_REP}/nfs.data" ] ; then Display --indent 2 --text "nfs.data" --result NOTFOUND --color RED exit 1 fi if [ ! -e "$NFS_CONFIG" ] then Display --indent 2 --text "No $NFS_CONFIG" --result NOTFOUND --color BLUE return 1; fi Display --indent 2 --text "$NFS_CONFIG" --result FOUND --color BLUE grep -v ^# "$NFS_CONFIG" |grep -v '^[[:space:]]*$' | while read line do EXPORTED_DIR="`echo $line | cut -d\ -f1`" OPTIONS="`echo $line | cut -d\( -f2 | cut -d\) -f1 | sed 's/,/ /g'`" Display --indent 4 --text "$EXPORTED_DIR" --result FOUND --color BLUE for option in $OPTIONS do option_test="`grep ^${option} ${PLUGINS_REP}/nfs.data`" if [ -z "$option_test" ] ; then Display --indent 6 --text "$option" --result FOUND --color BLUE else advice="`echo $option_test | cut -d\, -f2`" if [ -z "$advice" ] ; then Display --indent 6 --text "$option" --result FOUND --color GREEN else Display --indent 6 --text "$option" --result FOUND --color ORANGE --advice "$advice" fi fi done done ##http://mirror.linux.org.au/pub/linux.conf.au/2008/slides/130-lca2008-nfs-tuning-secrets-d7.odp #http://www.troubleshooters.com/linux/nfs.htm #http://nfs.sourceforge.net/nfs-howto/ar01s05.html #TODO prefer async than sync #TODO hard not soft #TODO check /etc/conf.d/nfs or /etc/sysconfig/nfs for #static statd port (STATD_PORT=662 for redhat) #static lockd port LOCKD_TCPPORT=32803 LOCKD_UDPPORT=32769 #static mountd port MOUNTD_PORT=892 #TODO check if exported directory is a separate partition for more fun (noatime, nodiratime) #noatime or relatime #nosubtreecheck subtreecheck #rsize=8192,wsize=8192 ? #TODO nosuid noexec nodev on nfs mount #TODO /proc/net/rpc/nfsd in http://nfs.sourceforge.net/nfs-howto/ar01s05.html 5.6 Title "Check NFS (client side)" if [ -e "$NFS_TAB" ] ; then grep '[[:space:]]nfs[4]*[[:space:]]' "$NFS_TAB" | while read line do IMPORTED_DIR="`echo $line | cut -d\ -f1 | cut -d\: -f2`" OPTIONS="`echo $line | sed 's/[[:space:]][[:space:]]*/ /g' | cut -d\ -f4 | sed 's/,/ /g'`" FOUND_INTR='no' Display --indent 2 --text "NFS $IMPORTED_DIR" --result FOUND --color BLUE for option in $OPTIONS do option_test="`grep ^${option} ${PLUGINS_REP}/nfs.data`" if [ -z "$option_test" ] ; then Display --indent 4 --text "$option" --result FOUND --color BLUE else advice="`echo $option_test | cut -d\, -f2`" if [ -z "$advice" ] ; then Display --indent 4 --text "$option" --result FOUND --color GREEN else Display --indent 4 --text "$option" --result FOUND --color ORANGE --advice "$advice" fi fi if [ "$option" = "intr" ] ; then FOUND_INTR='yes' fi done if [ "$FOUND_INTR" = "no" ] ; then Display --indent 4 --text "intr option" --result NOTFOUND --color RED --advice NFS_EXPORT_NO_INTR fi done fi yasat/plugins/firewall.advice0000640000175000017500000000237111677022127017100 0ustar montjoiemontjoieEN,FIREWALL_POLICY_INPUT=Configure your firewall with a drop by default policy See http://www.netfilter.org/ for tutorials and howto ADVICEEND EN,FIREWALL_POLICY_OUTPUT=Configure your firewall with a drop by default policy See http://www.netfilter.org/ for tutorials and howto ADVICEEND EN,FIREWALL_POLICY_FORWARD=Unless this machine is a router, DROP forwarding See http://www.netfilter.org/ for tutorials and howto ADVICEEND EN,FIREWALL_TEST_ERROR=Arggg i can't test your firewall Perhaps it's a bug or perhaps you have some security that prevent me to check your firewall. ADVICEEND EN,FIREWALL_IPV6_NO_FW=Install ip6tables and configure a firewall IPv6 is enabled on this machine, and you don't have a firewall for it. ADVICEEND EN,FIREWALL_PF_NOT_ENABLED=Enable PF firewall Enable the firewall. See http://www.freebsd.org/doc/en/books/handbook/firewalls-pf.html ADVICEEND EN,FIREWALL_PF_NO_RULES=TODO See http://www.freebsd.org/doc/en/books/handbook/firewalls-pf.html ADVICEEND yasat/plugins/php_conf.data0000640000175000017500000000566511741046126016553 0ustar montjoiemontjoie#directive | value | comparaison operator | optional | ADVICE default_socket_timeout|20|NM safe_mode|on|s||PHP_CONF_SAFEMODE #safe_mode_exec_dir #safe_mode_include_dir etc... #include_path open_basedir ??? #max_execution_time memory_limit post_max_size allow_url_open register_globals|off|s||PHP_CONF_REGISTER_GLOBALS allow_url_fopen|off|s expose_php|off|s||PHP_CONF_EXPOSE_PHP enable_dl|off|s||PHP_CONF_ENABLE_DL short_open_tag|off|s||PHP_CONF_SORT_OPEN_TAG asp_tags|off|s display_errors|off|s||PHP_CONF_DISPLAY_ERRORS log_errors|on|s display_startup_errors|off|s file_uploads|off|s||PHP_CONF_FILE_UPLOADS allow_url_include|off|s||PHP_CONF_ALLOW_URL_INCLUDE max_execution_time|20|NM max_input_time|61|NM #open_basedir TODO report_memleaks|on|s register_long_arrays|off|s||PHP_CONF_REGISTER_LONG_ARRAYS register_argc_argv|off|s||PHP_CONF_REGISTER_ARGC_ARGV #save_path #user_id and group_id #http://wiki.claroline.net/index.php/Security #http://www.php.net/manual/fr/features.safe-mode.functions.php disable_functions|shell_exec|C|N|PHP_CONF_EXECCOMM disable_functions|phpinfo|C|N|PHP_CONF_INFODISCLOSURE disable_functions|popen|C|N|PHP_CONF_EXECCOMM disable_functions|diskfreespace|C|N|PHP_CONF_INFODISCLOSURE disable_functions|disk_free_space|C|N|PHP_CONF_INFODISCLOSURE disable_functions|proc_open|C|N|PHP_CONF_EXECCOMM disable_functions|leak|C disable_functions|tmpfile|C disable_functions|exec|C|N|PHP_CONF_EXECCOMM disable_functions|system|C|N|PHP_CONF_EXECCOMM disable_functions|passthru|C|N|PHP_CONF_EXECCOMM disable_functions|eval|C #disable_functions|parse_ini_file|C disable_functions|dl|C disable_functions|set_time_limit|C disable_functions|apache_child_terminate|C disable_functions|apache_get_modules|C|N|PHP_CONF_INFODISCLOSURE disable_functions|apache_get_version|C|N|PHP_CONF_INFODISCLOSURE disable_functions|apache_getenv|C disable_functions|apache_note|C disable_functions|apache_getenv|C|N|PHP_CONF_INFODISCLOSURE disable_functions|apache_setenv|C disable_functions|virtual|C disable_functions|fsockopen|C disable_functions|ini_alter|C disable_functions|ini_set|C disable_functions|show_source|C disable_functions|proc_close|C disable_functions|proc_terminate|C #disable_functions|pfsockopen|C #disable_functions|escapeshel|C disable_functions|highlight_file|C disable_functions|pcntl_exec|C disable_functions|curl_exec|C disable_functions|curl_multi_exec|C #disable_functions|set_time_limit|C #http://seclists.org/fulldisclosure/2003/Aug/0633.html disable_functions|dlopen|C #http://groups.google.com/group/make-the-web-faster/browse_thread/thread/ddfbe82dd80408cc #magic_quotes_gpc must be on ? #register_argc_argv #always_populate_raw_post_data #session.use_trans_sid #session.auto_start. #memory limit #max_input_time #upload_max_size #enable_dl #mysql #mysql default password # #upload_max_filesize #post_max_size max_file_uploads|20|NM #http://php.net/session.name #session.name|PHPSESSID|snot session.name|phpsessid|snot||PHP_CONF_PHPSESSID session.auto_start|0|s yasat/plugins/ldap.advice0000640000175000017500000000152111677022127016207 0ustar montjoiemontjoieEN,LDAP_NO_TLS=Enable TLS for slapd Its preferable to do LDAP request via a TLS secured connection. Obsolete http://www.openldap.org/pub/ksoper/OpenLDAP_TLS.html ADVICEEND EN,LDAP_PASSWD_CLEAR=Use a secure storage for passwd Don't store passwords in cleartext, use a hash algorithm instead ADVICEEND EN,LDAP_BINDV2=Disable bindv2 If possible disable the use of the LDAPv2 protocol. ADVICEEND EN,LDAP_BIND_ANON=Disable anonymous bind According to man slapd.conf, disable bind_anon disables acceptance of anonymous bind requests. Note that this setting does not prohibit anonymous directory access (See "require authc") ADVICEEND EN,LDAP_REQUIRE_AUTHC=Set require authc According to man slapd.conf, authc requires authentication prior to directory operations ADVICEEND yasat/plugins/packages.data0000640000175000017500000000157311677022127016532 0ustar montjoiemontjoie#installed by default on debian / ubuntu and not always necessary on server DEBIAN,cyrus-sasl2-doc DEBIAN,portmap DEBIAN,dbus DEBIAN,dbus-x11 DEBIAN,consolekit DEBIAN,dhcp3-client DEBIAN,dhcp3-common DEBIAN,ntfs-3g DEBIAN,dosfstools DEBIAN,laptop-detect DEBIAN,wireless-tools DEBIAN,wpasupplicant DEBIAN,ufw DEBIAN,libntfs-3g28 DEBIAN,libiw29 DEBIAN,landscape-common DEBIAN,pppoeconf #not on server libc6-dev gcc build-essential #Installed by default on red hat #amtu alchemist REDHAT,bluez-utils REDHAT,bluez-gnome REDHAT,bluez-libs REDHAT,alacarte REDHAT,dhcpv6-client #REDHAT,dhclient network manager need it REDHAT,emacspeak REDHAT,emacs REDHAT,emacs-common REDHAT,emacs-leim REDHAT,linuxwacom REDHAT,rsh REDHAT,samba-common REDHAT,php REDHAT,squid REDHAT,pcmciautils REDHAT,pcsc-lite REDHAT,pcsc-lite-libs REDHAT,vino REDHAT,wdaemon REDHAT,pirut REDHAT,orca REDHAT,evince REDHAT,eog yasat/plugins/apache_modules.test0000640000175000017500000001357711735052560020001 0ustar montjoiemontjoie#!/bin/sh ################################################################################ # # # Copyright (C) 2008-2012 LABBE Corentin # # YASAT is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # YASAT is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with YASAT. If not, see . # # ################################################################################ if [ -z "$POSSIBLE_APACHE_BIN" ] ; then POSSIBLE_APACHE_BIN="/usr/sbin/apache2 /usr/local/sbin/httpd /usr/local/sbin/apache2 /usr/sbin/httpd" fi APACHE_BIN="" for LOCATION in ${POSSIBLE_APACHE_BIN} do if [ -x "${LOCATION}" ] ;then APACHE_BIN="${LOCATION}" fi done #for LOCATION in ${POSSIBLE_APACHE_CONFIG_LOCATION} #do # if [ -d "${LOCATION}/" ] # then # APACHE_CONF_REP="${LOCATION}" # fi #done Find_apache_conf_location Title "Check apache modules" if [ -z "${APACHE_BIN}" ] ; then Display --indent 2 --text "No apache binary found" --result NOTFOUND --color BLUE return 1; fi if [ -x "$APACHE_BIN" ] ; then Display --indent 2 --text "$APACHE_BIN" --result FOUND --color GREEN else Display --indent 2 --text "$APACHE_BIN is not executable" --result ERROR --color RED return 1; fi #if [ -l $APACHE_BIN ] ; then # TMP="`readlink $APACHE_BIN`" # if [ -z "`echo $TMP | grep '\.\.'`" ] ; then # APACHE_BIN="$TMP" # else # APACHE_BIN="`basename ${APACHE_BIN}/$TMP`" # fi #fi check_file "$APACHE_BIN" 2 BINARY if [ "$LINUX_VERSION" = "Gentoo" ] ;then . /etc/conf.d/apache2 APACHE_BIN="$APACHE_BIN $APACHE2_OPTS" fi if [ "$LINUX_VERSION" = "Debian" ] ;then . /etc/apache2/envvars fi Check_auto_start $APACHE_PACKAGE_NAME if [ "$RESULTAT" = 'NOTIMPLEMENTED' -o "$RESULTAT" = 'ERROR' ] ;then Display --indent 2 --text "$APACHE_PACKAGE_NAME is started at boot" --result UNKNOWN --color BLUE else if [ "$RESULTAT" = "yes" ] then Display --indent 2 --text "$APACHE_PACKAGE_NAME is started at boot" --result YES --color BLUE else Display --indent 2 --text "$APACHE_PACKAGE_NAME is started at boot" --result NO --color GREEN fi fi Is_installed_via_package_manager $APACHE_PACKAGE_NAME if [ "$RESULTAT" = 'NOTIMPLEMENTED' -o "$RESULTAT" = 'ERROR' ] ;then Display --indent 2 --text "$APACHE_PACKAGE_NAME installation" --result UNKNOWN --color BLUE else if [ "$RESULTAT" = "yes" ] ;then Display --indent 2 --text "$APACHE_PACKAGE_NAME is installed by package" --result GOOD --color GREEN else Display --indent 2 --text "$APACHE_PACKAGE_NAME is installed at hand" --result BAD --color ORANGE --advice GLOBAL_PACKAGE_INSTALLED_AT_HAND fi fi if [ ! -d $APACHE_CONF_REP ] ;then Display --indent 2 --text "No apache found" --result NOTFOUND --color BLUE return 1; else Display --indent 2 --text "$APACHE_CONF_REP " --result FOUND --color GREEN fi prepare_apache_conf $APACHE_CONF_REP APACHE_CONF_LOCATION_TO_TEST="${TEMPYASATDIR}/apache.conf" if [ ! -e "$APACHE_CONF_LOCATION_TO_TEST" ] ;then echo "Error no $APACHE_CONF_LOCATION_TO_TEST" return 1; fi $APACHE_BIN -t 2>> $ERROR_OUTPUT_FILE if [ $? -eq 1 ] ;then Display --indent 2 --text "$APACHE_BIN return with ERROR CODE" --result WARNING --color RED --advice APACHE_MODULE_ERROR_CODE return 1; fi if [ -e "${PLUGINS_REP}/apache_modules.data" ] ; then for MODULE in `$APACHE_BIN -M 2>&1 |grep _module | cut -d\ -f2` do if [ ! -z "`grep -v '^#' ${PLUGINS_REP}/apache_modules.data | grep ^$MODULE`" ] ; then Display --indent 2 --text "Module $MODULE necessary ?" --result WARNING --color ORANGE --advice APACHE_MODULE_DISABLE_UNNECESSARY_MODULES fi done else Display --indent 2 --text "No ${PLUGINS_REP}/apache_modules.data" --result WARNING --color RED --advice GLOBAL_INTERNAL_ERROR fi #check default MPM #MaxClients|200|NM #StartServers|100|NM #MinSpareServers|50|NM #MaxSpareServers|250|NM APACHEMPM=`$APACHE_BIN -M 2>&1 |grep _module |grep mpm_ | cut -d\ -f2 | cut -d\_ -f2` Display --indent 2 --text "MPM " --result "${APACHEMPM}" --color BLUE #for basefile in `find $APACHE_CONF_REP ! -type d | grep .conf` #do MPMFOUND=0 egrep -v "^[[:space:]]*#" $APACHE_CONF_LOCATION_TO_TEST | while read line do if [ ! -z "`echo $line | grep -i "'`" ] ;then MPMFOUND=0 fi if [ $MPMFOUND -eq 1 ] ;then if [ ! -z "`echo $line | grep -i '^[[:space:]]*MaxClients'`" ] ;then VALUE=`echo $line | sed 's/^[[:space:]]*//g' | cut -d\ -f2` Display --indent 4 --text "MaxClients " --result "$VALUE" --color BLUE fi if [ ! -z "`echo $line | grep -i '^[[:space:]]*StartServers'`" ] ;then VALUE=`echo $line | sed 's/^[[:space:]]*//g' | cut -d\ -f2` Display --indent 4 --text "StartServers " --result "$VALUE" --color BLUE fi if [ ! -z "`echo $line | grep -i '^[[:space:]]*MinSpareServers'`" ] ;then VALUE=`echo $line | sed 's/^[[:space:]]*//g' | cut -d\ -f2` Display --indent 4 --text "MinSpareServers " --result "$VALUE" --color BLUE fi if [ ! -z "`echo $line | grep -i '^[[:space:]]*MaxSpareServers'`" ] ;then VALUE=`echo $line | sed 's/^[[:space:]]*//g' | cut -d\ -f2` Display --indent 4 --text "MaxSpareServers " --result "$VALUE" --color BLUE fi fi done #done return 0; yasat/plugins/partition.advice0000640000175000017500000000040611677022127017301 0ustar montjoiemontjoieEN,PARTITION_NODEV=Add a nodev options in /etc/fstab EN,PARTITION_NOEXEC=Add a noexec options in /etc/fstab EN,PARTITION_NOSUID=Add a nosuid options in /etc/fstab EN,PARTITION_SEPARATE_PART=With a separate partition, you can put options like nodev,noexec,nosuid yasat/plugins/proftpd.test0000640000175000017500000000273711677022127016503 0ustar montjoiemontjoie#!/bin/sh ################################################################################ # # # Copyright (C) 2008-2012 LABBE Corentin # # YASAT is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # YASAT is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with YASAT. If not, see . # # ################################################################################ Title "Check Proftpd configurations" #TODO RootLogin a off #TimeoutNoTransfer TimeoutStalled TimeoutIdle Umask SystemLog ExtendedLog TransferLog ServerLog #TODO check TLSPassPhraseProvider script POSSIBLE_PROFTPD_CONF="/etc/proftpd/proftpd.conf /usr/local/etc/proftpd.conf /etc/proftpd.conf" PROFTPD_CONF="/etc/proftpd/proftpd.conf" for LOCATION in ${POSSIBLE_PROFTPD_CONF} do if [ -e "${LOCATION}" ] ; then PROFTPD_CONF="${LOCATION}" fi done yasat/plugins/php_conf.test0000640000175000017500000001231211751705041016603 0ustar montjoiemontjoie#!/bin/sh ################################################################################ # # # Copyright (C) 2008-2012 LABBE Corentin # # YASAT is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # YASAT is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with YASAT. If not, see . # # ################################################################################ Title "Check PHP configuration" PHP_CONF_REP='' for LOCATION in ${POSSIBLE_PHP_CONF_REP} do if [ -e "${LOCATION}" ] ; then PHP_CONF_REP="`dirname ${LOCATION}`" fi done if [ ! -e "${PHP_CONF_REP}/php.ini" ] ; then Debug "No $PHP_CONF_REP/php.ini FOUND" return 1; fi if [ -e "${PLUGINS_REP}/php_conf.data" ] ; then for i in `grep -v '^\#' $PLUGINS_REP/php_conf.data` do ldirective=`echo $i | cut -f1 -d\|` lparam=`echo $i | cut -f2 -d\|` loption=`echo $i | cut -f3 -d\|` ltestoptional=`echo $i | cut -f4 -d\|` OPT_ADVICE='' OPT_ADVICE="`echo $i | cut -f5 -d\|`" if [ -z $OPT_ADVICE ] ; then OPT_ADVICE='NONE' fi Debug "check for $ldirective" FindValueOfEqual $PHP_CONF_REP/php.ini $ldirective JUSTTEST VAL="$RESULTAT" if [ -z "$RESULTAT" ] ; then loption='NODEF' fi case $loption in S)#string equal if [ "$VAL" != "$lparam" ] ;then #affiche_rouge "$ldirective pas a $lparam" Display --indent 2 --text "$ldirective ( want $lparam )" --result "$VAL" --color RED --advice $OPT_ADVICE else #affiche_vert "GOOD" Display --indent 2 --text "$ldirective " --result "$VAL" --color GREEN fi ;; s)#string equal casse insensitive VAL=`echo $RESULTAT | tr A-Z a-z` if [ "$VAL" != "$lparam" ] ;then Display --indent 2 --text "$ldirective ( want $lparam )" --result "$VAL" --color RED --advice $OPT_ADVICE else Display --indent 2 --text "$ldirective " --result "$VAL" --color GREEN fi ;; snot)#not string casse insensitive VAL=`echo $RESULTAT | tr A-Z a-z` if [ "$VAL" = "$lparam" ] ;then Display --indent 2 --text "$ldirective ( dont want $lparam )" --result "$VAL" --color RED --advice $OPT_ADVICE else Display --indent 2 --text "$ldirective " --result "$VAL" --color GREEN fi ;; NM)#Numeric max ## FindValueOf $PHP_CONF_REP/php.ini $ldirective if [ -z "$RESULTAT" ] ; then Display --indent 2 --text "Missing declaration of $ldirective " --result WARNING --color RED --advice $OPT_ADVICE else if [ "$RESULTAT" -ge $lparam ] ;then Display --indent 2 --text "$ldirective < $lparam" --result "$VAL" --color RED --advice $OPT_ADVICE else Display --indent 2 --text "$ldirective " --result "$VAL" --color GREEN fi fi ;; C)#contains if [ -z "$RESULTAT" ] ; then Display --indent 2 --text "Missing declaration of $ldirective " --result WARNING --color RED --advice $OPT_ADVICE else #this is ugly but it works RESULTAT="beginline, $RESULTAT, endline" if [ -z "`echo $RESULTAT |grep [,[:space:]]$lparam[,[:space:]]`" ] ;then Display --indent 2 --text "$ldirective without $lparam" --result NOTFOUND --color RED --advice $OPT_ADVICE else Display --indent 2 --text "$ldirective " --result "$lparam" --color GREEN fi fi ;; NODEF) Display --indent 2 --text "No declaration of $ldirective (want $lparam)" --result WARNING --color RED --advice $OPT_ADVICE ;; *) Display --indent 2 --text "Unknown option $loption" --result ERROR --color RED ;; esac done FindValueOfEqual $PHP_CONF_REP/php.ini 'error_log' JUSTTEST if [ -z "$RESULTAT" ] ; then Display --indent 2 --text "Missing declaration de error_log " --result WARNING --color RED else REPLOG="`dirname $RESULTAT`" Display --indent 2 --text "error_log $RESULTAT" --result DEFINED --color GREEN if [ -e "$REPLOG" ] ; then prepare_apache_conf $APACHE_CONF_REP APACHE_CONF_LOCATION_TO_TEST="${TEMPYASATDIR}/apache.conf" if [ ! -e "$APACHE_CONF_LOCATION_TO_TEST" ] ; then echo "Error no $APACHE_CONF_LOCATION_TO_TEST" return 1; fi FindValueOf "$APACHE_CONF_LOCATION_TO_TEST" "User" Display --indent 4 --text "$REPLOG " --result FOUND --color GREEN #check rights of apache on $REPLOG if [ `stat $STAT_GROUP $REPLOG` = $RESULTAT ] ; then Display --indent 6 --text "rights of $REPLOG " --result "$RESULTAT" --color GREEN else Display --indent 6 --text "rights of $REPLOG " --result WARNING --color RED fi else Display --indent 4 --text "$REPLOG " --result NOTFOUND --color RED fi fi #TODO error_reporting must be set to ?? else Display --indent 2 --text "ERROR No php_conf.data" --result ERROR --color RED --advice YASAT_BUG fi return 0; yasat/plugins/snmpd.advice0000640000175000017500000000031311677022127016406 0ustar montjoiemontjoieEN,SNMPD_SECMODEL_V1=If possible, use only SNMP v2 or v3 ADVICEEND EN,SNMPD_DEFAULT_COMMUNITY=Change the default community public or private is known default community, consider changing it. ADVICEEND yasat/plugins/apache_modules.advice0000640000175000017500000000032611677022127020242 0ustar montjoiemontjoieEN,APACHE_MODULE_ERROR_CODE=Check your apache configuration Try apache2 -t ADVICEEND EN,APACHE_MODULE_DISABLE_UNNECESSARY_MODULES=Disable unnecessary modules Check if you really needs theses modules. ADVICEEND yasat/plugins/sensors.advice0000640000175000017500000000167211677022127016772 0ustar montjoiemontjoieEN,TEMP_SENSORS=Install lm_sensors to monitor temperature. See www.lm-sensors.org ADVICEEND EN,IPMI_NO_BINARY=Install freeipmi/openipmi/ipmitool on a server If this machine is a server install freeipmi/openipmi/ipmitool for monitoring. See http://www.gnu.org/software/freeipmi/ See http://openipmi.sourceforge.net/ See http://ipmitool.sourceforge.net/ ADVICEEND EN,IPMI_BAD_SNMP_COMM=Change this community string Your community string is a default one, consider changing it. ADVICEEND EN,TEMP_SENSOR_PROGRAM_UNK=I don't know the temperature monitoring program for your OS I know only lm_sensors for Linux, on your OS i don't know any temperature monitoring program. If you know another, please tell me so I can add it to the tests. Thanks. ADVICEEND yasat/plugins/apache_mod_deflate.data0000640000175000017500000000014711677022127020514 0ustar montjoiemontjoietext/html text/plain text/xml text/css application/x-javascript application/javascript text/javascript yasat/plugins/system_user.firefox0000640000175000017500000000057711677022127020072 0ustar montjoiemontjoiesecurity.warn_viewing_mixed,SYSTEM_USER_FIREFOX_MIXED_HTTPS app.update.auto,SYSTEM_USER_FIREFOX_NO_AUTO_UPDATE security.warn_entering_weak,TODO xpinstall.whitelist.required,TODO browser.safebrowsing.malware.enabled,TODO browser.safebrowsing.enabled,TODO security.OCSP.enabled,TODO browser.cache.disk_cache_ssl,TODO network.http.sendSecureXSiteReferrer,TODO security.enable_ssl2,TODO yasat/plugins/dns.advice0000640000175000017500000000326111677022127016056 0ustar montjoiemontjoieEN,BIND_HIDE_VERSION=Hide bind's version Set version to none in the options section of your bind configuration
version none;
See http://www.bind9.net/manual/bind/9.3.2/Bv9ARM.ch06.html ADVICEEND EN,BIND_HIDE_HOSTNAME=Hide bind's hostname Set hostname to none in the options section of your bind configuration
hostname none;
See http://www.bind9.net/manual/bind/9.3.2/Bv9ARM.ch06.html ADVICEEND EN,BIND_HIDE_SERVERID=Hide bind's server-id Set server-id to none in the options section of your bind configuration
server-id none;
See http://www.bind9.net/manual/bind/9.3.2/Bv9ARM.ch06.html ADVICEEND EN,BIND_DISALLOW_RECURSIVE_QUERY=Disallow global access to recursive query Set an ACL to recursive query with a allow-recursion { 127.0.0.1; } for example You can also disable recursion altogether with the recursion no; directive
recursion no;
allow-recursion { 127.0.0.1; }
See http://www.bind9.net/manual/bind/9.3.2/Bv9ARM.ch06.html ADVICEEND EN,BIND_MAX_CACHE_SIZE=Limit the amount of cache used by bind By default bind can exhausts all memory with its cache. Limit it with max-cache-size.
max-cache-size 4000000;
See http://www.bind9.net/manual/bind/9.3.2/Bv9ARM.ch06.html ADVICEEND yasat/plugins/postfix.advice0000640000175000017500000000040511677022127016763 0ustar montjoiemontjoieEN,POSTFIX_OBSOLETE_TLS=see http://www.postfix.org/TLS_README.html ADVICEEND EN,POSTFIX_NO_TLS=Enable TLS for sending mail via a TLS secured connection See http://www.postfix.org/TLS_README.html ADVICEEND yasat/plugins/postgresql.test0000640000175000017500000000356211751733024017223 0ustar montjoiemontjoie#!/bin/sh ################################################################################ # # # Copyright (C) 2008-2012 LABBE Corentin # # YASAT is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # YASAT is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with YASAT. If not, see . # # ################################################################################ POSSIBLE_PG_CONF_REP="/etc/postgresql/8.3/main/postgresql.conf /etc/postgresql/8.2/main/postgresql.conf /etc/postgresql/postgresql.conf /var/lib/postgresql/9.1/data /etc/postgresql-9.1/postgresql.conf" PG_CONF="/etc/postgresql/postgresql.conf" for LOCATION in ${POSSIBLE_PG_CONF_REP} do if [ -e "${LOCATION}" ] ;then PG_CONF="${LOCATION}" fi done Title "Check postgresql $PG_CONF" if [ ! -e "$PG_CONF" ] ;then return 1 fi #listen_addresses FindValueOfEqual "$PG_CONF" listen_addresses if [ -z "$RESULTAT" ] then Display --indent 2 --text "no listen_addresses (default localhost)" --result OK --color GREEN else echo $RESULTAT | grep -qi "\'*\'" if [ $? -eq 1 ] then Display --indent 2 --text "Listen on " --result "$RESULTAT" --color ORANGE else Display --indent 2 --text "Listen on *" --result WARNING --color RED fi fi return 0; yasat/plugins/binaries.advice0000640000175000017500000000274011732310113017052 0ustar montjoiemontjoieEN,BINARIES_UNKNOWN=This binary is not in yasat's SetUID db It is probably a legitimate binary that i don't know of. Please send it's name to me. ADVICEEND EN,BINARIES_BAD_RIGHT=THIS CHECK IS IN DEVELOPMENT EN,BINARIES_NO_AIDE=Install AIDE integrity checker AIDE is a file integrity checker, it makes a database of checksums of your files for later comparison. See http://aide.sourceforge.net ADVICEEND EN,BINARIES_NO_TRIPWIRE=Install TRIPWIRE integrity checker ADVICEEND EN,BINARIES_NO_CHKROOTKIT=Install chkrootkit See http://www.chkrootkit.org/ ADVICEEND EN,BINARIES_REMOVE_SETUID=Limit the number of set-uid binary Some set-uid binaries might be unnecessary. If your system is used only by root for example, you can remove set-uid from ping, mount, and umount ADVICEEND EN,BINARIES_NO_POSIXCAPSTOOLS=I cannot test POSIX CAPS for your setuid binaries Install either libcap or libcap-ng for testing the usuability of POSIX CAPS for your setuid binaries ADVICEEND EN,BINARIES_CAN_HAVE_POSIX_CAPS=You can set POSIX CAPS You can set POSIX CAPS with setcap (or filecap) setcap cap_net_raw+ep /bin/ping See https://wiki.archlinux.org/index.php/Using_File_Capabilities_Instead_Of_Setuid See http://www.friedhoff.org/posixfilecaps.html ADVICEEND yasat/plugins/network.advice0000640000175000017500000000504011677022127016760 0ustar montjoiemontjoieEN,NETWORK_ICMP_ECHO_IGNORE_BROADCASTS=Set icmp_echo_ignore_broadcasts to 1 For a complete security guide see http://www.gentoo.org/doc/fr/security/security-handbook.xml?part=1&chap=9 ADVICEEND EN,NETWORK_FIN_TIMEOUT=Decrease tcp_fin_timeout value For a complete security guide see http://www.gentoo.org/doc/fr/security/security-handbook.xml?part=1&chap=9 ADVICEEND EN,NETWORK_IGNORE_BOGUS_ERROR_RESPONSES=Set icmp_ignore_bogus_error_responses to 1 For a complete security guide see http://www.gentoo.org/doc/fr/security/security-handbook.xml?part=1&chap=9 ADVICEEND EN,NETWORK_CONF_ALL_ACCEPT_REDIRECTS=TODO For a complete security guide see http://www.gentoo.org/doc/fr/security/security-handbook.xml?part=1&chap=9 ADVICEEND EN,NETWORK_CONF_DEFAULT_ACCEPT_REDIRECTS=TODO For a complete security guide see http://www.gentoo.org/doc/fr/security/security-handbook.xml?part=1&chap=9 ADVICEEND EN,NETWORK_TCP_SYNCOOKIES=Enable TCP_SYN_COOKIE See http://en.wikipedia.org/wiki/SYN_cookie For a complete security guide see http://www.gentoo.org/doc/fr/security/security-handbook.xml?part=1&chap=9 ADVICEEND EN,NETWORK_CONF_ALL_ACCEPT_SOURCE_ROUTE=TODO For a complete security guide see http://www.gentoo.org/doc/fr/security/security-handbook.xml?part=1&chap=9 ADVICEEND EN,NETWORK_CONF_DEFAULT_ACCEPT_SOURCE_ROUTE=TODO For a complete security guide see http://www.gentoo.org/doc/fr/security/security-handbook.xml?part=1&chap=9 ADVICEEND EN,NETWORK_CONF_ENABLE_IP_SPOOFING_PROTECTION=Enable IP spoofing protection For a complete security guide see http://www.gentoo.org/doc/fr/security/security-handbook.xml?part=1&chap=9 ADVICEEND EN,NETWORK_CONF_TODO=TODO #http://www.gentoo.org/doc/fr/security/security-handbook.xml?part=1&chap=9 yasat/plugins/process.data0000640000175000017500000001230111754421355016423 0ustar montjoiemontjoie#CANBEROOT /usr/sbin/cupsd=CANBEROOT cupsd=CANBEROOT /usr/sbin/ntpd=CANBEROOT ntpd=CANBEROOT /usr/bin/gdm=CANBEROOT /usr/sbin/ulogd=CANBEROOT ulogd=CANBEROOT /usr/sbin/munin-node=CANBEROOT /sbin/apcupsd=CANBEROOT /usr/sbin/snmpd=CANBEROOT /usr/sbin/openvpn=CANBEROOT /usr/lib/postfix/master=CANBEROOT /usr/libexec/postfix/master=CANBEROOT /usr/bin/rsync=CANBEROOT /usr/sbin/vsftpd=CANBEROOT #BSD CANBEROOT pflogd=CANBEROOT syslogd=CANBEROOT /usr/sbin/syslogd=CANBEROOT sendmail:=CANBEROOT gpm=CANBEROOT rpc.idmapd=CANBEROOT pcscd=CANBEROOT rpc.statd=CANBEROOT /usr/sbin/gdm-binary=CANBEROOT aisexec=CANBEROOT #under debian run as daemon /usr/sbin/atd=CANBEROOT #ONLYROOT /sbin/udevd=ONLYROOT udevd=ONLYROOT /lib/udev/udevd=ONLYROOT #/sbin/devd on freebsd /sbin/devd=ONLYROOT /usr/sbin/cron=ONLYROOT /usr/sbin/crond=ONLYROOT cron=ONLYROOT /usr/sbin/acpid=ONLYROOT acpid=ONLYROOT /sbin/auditd=ONLYROOT auditd=ONLYROOT /sbin/audispd=ONLYROOT audispd=ONLYROOT /usr/sbin/sshd=ONLYROOT /sbin/dhcpcd=ONLYROOT /usr/sbin/syslog-ng=ONLYROOT /sbin/syslog-ng=ONLYROOT syslog-ng=ONLYROOT /usr/sbin/xinetd=ONLYROOT /sbin/init=ONLYROOT init=ONLYROOT kthreadd=ONLYROOT ksoftirqd/0=ONLYROOT events/0=ONLYROOT khelper=ONLYROOT async/mgr=ONLYROOT khubd=ONLYROOT kpsmoused=ONLYROOT kblockd/0=ONLYROOT kacpid=ONLYROOT kacpi_notify=ONLYROOT ata/0=ONLYROOT ata_aux=ONLYROOT ksuspend_usbd=ONLYROOT cifsoplockd=ONLYROOT crypto/0=ONLYROOT usbhid_resumer=ONLYROOT kjournald=ONLYROOT kseriod=ONLYROOT kswapd0=ONLYROOT aio/0=ONLYROOT pdflush=ONLYROOT kondemand/0=ONLYROOT getty=ONLYROOT /sbin/getty=ONLYROOT sendmail=ONLYROOT /sbin/iscid=ONLYROOT /usr/libexec/getty=ONLYROOT adjkerntz=ONLYROOT crond=ONLYROOT irqbalance=ONLYROOT klogd=ONLYROOT xinetd=ONLYROOT automount=ONLYROOT libvirtd=ONLYROOT mcstransd=ONLYROOT /sbin/multipathd=ONLYROOT /usr/sbin/restorecond=ONLYROOT /usr/sbin/smartd=ONLYROOT rhnsd=ONLYROOT /sbin/dlm_controld=ONLYROOT /sbin/ccsd=ONLYROOT /sbin/fenced=ONLYROOT /sbin/gfs_controld=ONLYROOT /sbin/groupd=ONLYROOT /usr/bin/kvm=ONLYROOT brcm_iscsiuio=ONLYROOT /usr/sbin/rsyslogd=ONLYROOT mdadm=ONLYROOT #NOTBEROOT /usr/lib/mozilla-thunderbird/thunderbird-bin=NOTBEROOT /usr/bin/dbus-daemon=NOTBEROOT /usr/bin/metacity=NOTBEROOT nautilus=NOTBEROOT /usr/sbin/clamd=NOTBEROOT /usr/bin/freshclam=NOTBEROOT gnome-session=NOTBEROOT gnome-pty-helper=NOTBEROOT ssh-agent=NOTBEROOT pidgin=NOTBEROOT /usr/libexec/cpufreq-applet=NOTBEROOT cpufreq-applet=NOTBEROOT /usr/libexec/sensors-applet=NOTBEROOT /usr/libexec/multiload-applet-2=NOTBEROOT /usr/libexec/mixer_applet2=NOTBEROOT /usr/bin/dbus-launch=NOTBEROOT /usr/libexec/gconfd-2=NOTBEROOT /usr/libexec/gvfsd=NOTBEROOT gvfsd=NOTBEROOT /usr/libexec/gvfsd-metadata=NOTBEROOT /usr/libexec/gvfsd-computer=NOTBEROOT gvfsd-computer=NOTBEROOT /usr/libexec/gvfsd-trash=NOTBEROOT gvfsd-trash=NOTBEROOT /usr/libexec/gvfsd-http=NOTBEROOT gvfsd-http=NOTBEROOT xscreensaver=NOTBEROOT xchat=NOTBEROOT /usr/bin/gpg-agent=NOTBEROOT /usr/libexec/bonobo-activation-server=NOTBEROOT /usr/local/bin/clusterm=NOTBEROOT /usr/sbin/console-kit-daemon=NOTBEROOT /usr/bin/gnome-keyring-daemon=NOTBEROOT amarokapp=NOTBEROOT kdeinit=NOTBEROOT amule=NOTBEROOT dbus-daemon=NOTBEROOT /usr/bin/mysql=NOTBEROOT /usr/sbin/mysqld=NOTBEROOT /usr/bin/java=NOTBEROOT java=NOTBEROOT firefox=NOTBEROOT opera=NOTBEROOT /usr/lib/openldap/slapd=NOTBEROOT /usr/sbin/nagios=NOTBEROOT pickup=NOTBEROOT tlsmgr=NOTBEROOT qmgr=NOTBEROOT flush=NOTBEROOT amavisd=NOTBEROOT /usr/bin/nagircbot=NOTBEROOT /usr/bin/snmpget=NOTBEROOT /usr/sbin/saslauthd=NOTBEROOT /usr/lib/cyrus/master=NOTBEROOT /bin/ping=NOTBEROOT /usr/lib/nagios/plugins/check_ping=NOTBEROOT /sbin/portmap=NOTBEROOT portmap=NOTBEROOT /sbin/rpc.statd=NOTBEROOT postgres:=NOTBEROOT /usr/lib/postgresql/8.3/bin/postgres=NOTBEROOT /usr/sbin/exim4=NOTBEROOT /usr/bin/distccd=NOTBEROOT /usr/lib/java/bin/java=NOTBEROOT /usr/sbin/bopm=NOTBEROOT imapd=NOTBEROOT /usr/sbin/named=NOTBEROOT anvil=NOTBEROOT clusterm=NOTBEROOT eggdrop=NOTBEROOT aumix=NOTBEROOT bonobo-activati=NOTBEROOT hald=NOTBEROOT hald-addon-acpi:=NOTBEROOT hald-addon-keyboard:=NOTBEROOT avahi-daemon:=NOTBEROOT /bin/dbus-daemon=NOTBEROOT bt-applet=NOTBEROOT eggcups=NOTBEROOT ./escd=NOTBEROOT metacity=NOTBEROOT nm-applet=NOTBEROOT pam-panel-icon=NOTBEROOT /usr/bin/gnome-session=NOTBEROOT /usr/libexec/clock-applet=NOTBEROOT /usr/libexec/gam_server=NOTBEROOT /usr/libexec/gnome-settings-daemon=NOTBEROOT /usr/libexec/gnome-vfs-daemon=NOTBEROOT /usr/libexec/mapping-daemon=NOTBEROOT /usr/libexec/notification-area-applet=NOTBEROOT /usr/libexec/notification-daemon=NOTBEROOT /usr/libexec/trashapplet=NOTBEROOT /usr/libexec/wnck-applet=NOTBEROOT xfs=NOTBEROOT /usr/libexec/gdmgreeter=NOTBEROOT /usr/bin/postmaster=NOTBEROOT #to test, globally a process begining with dont have to be root but there are counter exemple (puppet) ruby=NOTBEROOT wish=NOTBEROOT /usr/bin/ruby18=NOTBEROOT /usr/bin/ruby1.8=NOTBEROOT /usr/bin/perl=NOTBEROOT /usr/bin/python=NOTBEROOT /usr/bin/ssh-agent=NOTBEROOT #NOTHINGTOSAY /bin/bash=NOTHINGTOSAY /usr/sbin/apache2=NOTHINGTOSAY apache2=NOTHINGTOSAY sshd:=NOTHINGTOSAY sshd=NOTHINGTOSAY bash=NOTHINGTOSAY ksh=NOTHINGTOSAY ps=NOTHINGTOSAY SCREEN=NOTHINGTOSAY #httd need to be root for forking non root httpd /usr/sbin/httpd=NOTHINGTOSAY #BADPROCESS TODO ssh-scan=BADPROCESS yasat/plugins/puppet.test0000640000175000017500000000404611705021533016325 0ustar montjoiemontjoie#!/bin/sh ################################################################################ # # # Copyright (C) 2008-2012 LABBE Corentin # # YASAT is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # YASAT is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with YASAT. If not, see . # # ################################################################################ POSSIBLE_PUPPET_CONF="/etc/puppet/puppet.conf /usr/local/etc/puppet/puppet.conf" PUPPET_CONF="/etc/puppet/puppet.conf" for LOCATION in ${POSSIBLE_PUPPET_CONF} do if [ -e "${LOCATION}" ] ;then PUPPET_CONF="${LOCATION}" fi done PUPPET_CONF="`dirname $PUPPET_CONF`/puppet.conf" Title "Check Puppet" if [ ! -e "$PUPPET_CONF" ] then return 1; fi #TODO puppet user Display --indent 2 --text "$PUPPET_CONF" --result FOUND --color GREEN get_simple_right "$PUPPET_CONF" if [ "$RESULTAT" = '640' ] then Display --indent 4 --text "Right of $PUPPET_CONF" --result OK --color GREEN else Display --indent 4 --text "Right of $PUPPET_CONF" --result "$RESULTAT" --color RED --advice GLOBAL_FILE_CHMOD640 fi FindValueOf "$PUPPET_CONF" request_header_max_size JUSTTEST if [ -z "$RESULTAT" ] then RESULTAT=20 fi if [ "$RESULTAT" -le 20 ] then Display --indent 4 --text "request_header_max_size <= 20kb" --result GOOD --color GREEN else Display --indent 4 --text "request_header_max_size > 20kb" --result BAD --color ORANGE fi return 0; yasat/plugins/vsftpd.test0000640000175000017500000001542111733051220016312 0ustar montjoiemontjoie#!/bin/sh ################################################################################ # # # Copyright (C) 2008-2012 LABBE Corentin # # YASAT is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # YASAT is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with YASAT. If not, see . # # ################################################################################ VSFTPD_CONF="/etc/vsftpd/vsftpd.conf" POSSIBLE_VSFTPD_CONF="/etc/vsftpd/vsftpd.conf /etc/vsftpd.conf /usr/local/etc/vsftpd/vsftpd.conf" for LOCATION in ${POSSIBLE_VSFTPD_CONF} do if [ -e "${LOCATION}/" ] then VSFTPD_CONF="${LOCATION}" fi done Title "Check vsftpd" if [ ! -e "$VSFTPD_CONF" ] then return 1; fi #YASAT_TEST_VSFTP1 Check if anonymous access is enabled FindValueOfEqual $VSFTPD_CONF anonymous_enable JUSTTEST if [ -z "$RESULTAT" ] ;then Display --indent 2 --text "anonymous access enabled by default" --result WARNING --color RED --advice VSFTPD_ANONYMOUS_LOGIN else echo $RESULTAT | grep -qi 'yes' if [ $? -eq 1 ] ;then Display --indent 2 --text "no anonymous access" --result OK --color GREEN else Display --indent 2 --text "Anonymous access" --result WARNING --color RED --advice VSFTPD_ANONYMOUS_LOGIN fi fi #YASAT_TEST_VSFTP2 Check if anonymous can upload FindValueOfEqual $VSFTPD_CONF anon_upload_enable JUSTTEST if [ -z "$RESULTAT" ] ;then Display --indent 2 --text "no anon_upload_enable" --result OK --color GREEN else echo $RESULTAT | grep -qi 'yes' if [ $? -eq 1 ] ;then Display --indent 2 --text "no anon_upload_enable" --result OK --color GREEN else Display --indent 2 --text "anon_upload_enable" --result WARNING --color RED --advice VSFTPD_ANONYMOUS_UPLOAD fi fi #YASAT_TEST_VSFTP3 Check if ascii_upload_enable is enabled FindValueOfEqual $VSFTPD_CONF ascii_upload_enable JUSTTEST if [ -z "$RESULTAT" ] ;then Display --indent 2 --text "no ascii_upload_enable" --result OK --color GREEN else echo $RESULTAT | grep -qi 'yes' if [ $? -eq 1 ] ;then Display --indent 2 --text "no ascii_upload_enable" --result OK --color GREEN else Display --indent 2 --text "ascii_upload_enable" --result WARNING --color RED --advice VSFTPD_ANONYMOUS_ASCII fi fi #YASAT_TEST_VSFTP4 Check if ascii_download_enable is enabled FindValueOfEqual $VSFTPD_CONF ascii_download_enable JUSTTEST if [ -z "$RESULTAT" ] ;then Display --indent 2 --text "no ascii_download_enable" --result OK --color GREEN else echo $RESULTAT | grep -qi 'yes' if [ $? -eq 1 ] ;then Display --indent 2 --text "no ascii_download_enable" --result OK --color GREEN else Display --indent 2 --text "ascii_download_enable" --result WARNING --color RED --advice VSFTPD_ANONYMOUS_ASCII fi fi LOGENABLED='NO' #YASAT_TEST_VSFTP5 Check if xferlog is enabled FindValueOfEqual $VSFTPD_CONF xferlog_enable JUSTTEST if [ -z "$RESULTAT" ] ;then Display --indent 2 --text "No xferlog_enable" --result WARNING --color RED --advice VSFTPD_ANONYMOUS_NO_XFERLOG else if [ "$RESULTAT" = "yes" -o "$RESULTAT" = "YES" ] ;then Display --indent 2 --text "xferlog_enable" --result OK --color GREEN LOGENABLED='YES' # else # Display --indent 2 --text "xferlog_enable not enabled" --result WARNING --color RED --advice VSFTPD_ANONYMOUS_NO_XFERLOG fi fi #YASAT_TEST_VSFTP6 Check if syslog_enable is enabled FindValueOfEqual $VSFTPD_CONF syslog_enable JUSTTEST if [ ! -z "$RESULTAT" ] ;then if [ "$RESULTAT" = "yes" -o "$RESULTAT" = "YES" ] ;then Display --indent 2 --text "syslog_enable" --result OK --color GREEN LOGENABLED='YES' fi fi #YASAT_TEST_VSFTP7 Check if any log system is enabled if [ $LOGENABLED = 'NO' ] ;then Display --indent 2 --text "No log system" --result WARNING --color RED --advice VSFTPD_ANONYMOUS_NO_XFERLOG fi #FindValueOfEqual $VSFTPD_CONF xferlog_file JUSTTEST #if [ -z "$RESULTAT" ] #then # Display --indent 2 --text "No xferlog_file" --result WARNING --color RED --advice VSFTPD_ANONYMOUS_NO_XFERLOG #else # Display --indent 2 --text "xferlog_file" --result "$RESULTAT" --color GREEN #fi #FindValueOfEqual $VSFTPD_CONF vsftpd_log_file JUSTTEST #if [ -z "$RESULTAT" ] #then # Display --indent 2 --text "No vsftpd_log_file" --result WARNING --color RED --advice VSFTPD_ANONYMOUS_NO_XFERLOG #else # Display --indent 2 --text "vsftpd_log_file" --result "$RESULTAT" --color GREEN #fi #YASAT_TEST_VSFTP8 Check if local user are chrooted FindValueOfEqual $VSFTPD_CONF chroot_local_user JUSTTEST if [ -z "$RESULTAT" ] ;then Display --indent 2 --text "no chroot_local_user" --result WARNING --color ORANGE --advice VSFTPD_ANONYMOUS_NOCHROOTLOCAL else if [ "$RESULTAT" = "yes" -o "$RESULTAT" = "YES" ] ;then Display --indent 2 --text "chroot_local_user" --result OK --color GREEN else Display --indent 2 --text "No chroot_local_user" --result WARNING --color RED --advice VSFTPD_ANONYMOUS_NOCHROOTLOCAL fi fi #YASAT_TEST_VSFTP9 Check if a banner_file is present FindValueOfEqual $VSFTPD_CONF banner_file JUSTTEST if [ ! -z "$RESULTAT" ] ;then Display --indent 2 --text "banner_file" --result FOUND --color GREEN check_file "$RESULTAT" 4 'NORMAL' fi #YASAT_TEST_VSFTP10 Check if a DSA certificate is used FindValueOfEqual $VSFTPD_CONF dsa_cert_file JUSTTEST if [ ! -z "$RESULTAT" ] ;then Display --indent 2 --text "SSL $RESULTAT" --result FOUND --color GREEN check_certificate $RESULTAT 4 fi #YASAT_TEST_VSFTP11 Check if a DSA private key is used FindValueOfEqual $VSFTPD_CONF dsa_private_key_file JUSTTEST if [ ! -z "$RESULTAT" ] ;then Display --indent 2 --text "SSL $RESULTAT" --result FOUND --color GREEN check_file $RESULTAT 4 PRIVKEY fi #YASAT_TEST_VSFTP12 Check if a RSA certificate is used FindValueOfEqual $VSFTPD_CONF rsa_cert_file JUSTTEST if [ ! -z "$RESULTAT" ] ;then Display --indent 2 --text "SSL $RESULTAT" --result FOUND --color GREEN check_certificate $RESULTAT 4 fi #YASAT_TEST_VSFTP13 Check if a RSA private key is used FindValueOfEqual $VSFTPD_CONF rsa_private_key_file JUSTTEST if [ ! -z "$RESULTAT" ] ;then Display --indent 2 --text "SSL $RESULTAT" --result FOUND --color GREEN check_file "$RESULTAT" 4 PRIVKEY fi #TODO check all files #TODO ssl_sslv2 must be no or non present #TODO enable_ssl #TODO force_local_logins_ssl #TODO force_local_data_ssl #TODO ssl_ciphers default is good return 0; yasat/plugins/binaries.caps0000640000175000017500000000135211677022127016560 0ustar montjoiemontjoie#all POSIX CAPS is at /usr/include/linux/capability.h # # list taken from http://coupleprogramming.eu/blog/?p=103 # https://wiki.archlinux.org/index.php/Using_File_Capabilities_Instead_Of_Setuid # # CAPS listed in upcase or not chage=CAP_DAC_READ_SEARCH chsh=CAP_CHOWN,CAP_DAC_READ_SEARCH,CAP_FSETID,CAP_SETUID chfn=CAP_CHOWN,CAP_DAC_READ_SEARCH,CAP_FSETID,CAP_SETUID dumpcap=net_admin,net_raw #gpasswd=cap_chown cap_dac_override cap_setuid mount=CAP_DAC_OVERRIDE,CAP_SYS_ADMIN #newgrp=cap_dac_override,cap_setgid passwd=CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER ping net_raw traceroute net_raw umount=CAP_DAC_OVERRIDE,CAP_SYS_ADMIN,CAP_CHOWN unix_chkpwd=CAP_DAC_OVERRIDE wireshark=net_raw Xorg=cap_chown,cap_dac_override,cap_sys_rawio,cap_sys_admin yasat/plugins/apache_vhosts.test0000640000175000017500000005076711735066322017662 0ustar montjoiemontjoie#!/bin/sh ################################################################################ # # # Copyright (C) 2008-2012 LABBE Corentin # # YASAT is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # YASAT is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with YASAT. If not, see . # # ################################################################################ Title "Check apache Vhosts" #TODO 404 personalized pages /usr/share/apache2/error/HTTP_NOT_FOUND.html.var #TODO check passwd files within vhosts docroot security notes at http://httpd.apache.org/docs/2.0/mod/mod_auth.html#authuserfile #TODO Dav on/svn #TODO SVNPath #TODO MOD JK jkmount #TODO checks docroot for Thumbs.db, 'copy of filename', etc... files that dont have to be present #.CVS #TODO replace/add *:80 by servername when printing infos #TODO mod_gzip mod_deflate http://httpd.apache.org/docs/2.0/mod/mod_deflate.html # SetOutputFilter DEFLATE or AddOutputFilterByType DEFLATE text/html text/plain text/xml SetInputFilter #TODO find for php.old #php_admin_value php_value php_admin_flag #open_basedir http://www.php.net/manual/en/ini.core.php#ini.open-basedir #TODO mod_expire #TODO check mod itk #TODO for known location phpmyadmin check config/install rights Find_apache_conf_location if [ ! -d $APACHE_CONF_REP ] ;then Display --indent 2 --text "No apache found" --result NOTFOUND --color BLUE return 1; fi prepare_apache_conf $APACHE_CONF_REP APACHE_CONF_LOCATION_TO_TEST="${TEMPYASATDIR}/apache.conf" if [ ! -e "$APACHE_CONF_LOCATION_TO_TEST" ] then echo "Error no $APACHE_CONF_LOCATION_TO_TEST" return 1; fi FindValueOf $APACHE_CONF_LOCATION_TO_TEST "User" Check_apache_user $APACHE_CONF_REP $RESULTAT APACHE_USER="$RESULTAT" FindValueOf $APACHE_CONF_LOCATION_TO_TEST "Group" Check_apache_group $APACHE_CONF_REP $RESULTAT APACHE_GROUP="$RESULTAT" #sanity check, if it is empty then it is www-data #it happen when check_apache_user found multiple declaration of user #TODO correct the found of multiple declaration if [ -z "$APACHE_USER" ] then Display --indent 2 --text "Strange i dont found apache user, fall back to www-data" --result INFO --color BLUE APACHE_USER='www-data' fi if [ -z "$APACHE_GROUP" ] then Display --indent 2 --text "Strange i dont found apache group, fall back to www-data" --result INFO --color BLUE APACHE_GROUP='www-data' fi OUTPUT_RESULT="${TEMPYASATDIR}/apache.result" TMP_RESULT="${TEMPYASATDIR}/apache.tmpresult" echo '' > $OUTPUT_RESULT DIRECTORY='' LOCATION='' CONF_PROXY='' VIRTUALHOST='' ACCESSLOG='' ERRORLOG='' ORDER=0 DENY_IN_FIRST=0 DENY_FROM_ALL=0 REQUIRE_VALID_USER=0 OPTION_INDEX=0 OPTION_CGI=0 LIST_ALIAS='' VHOST_SERVER_NAME='' JKMOUNT_SRC='' DOCROOT='' #cat $APACHE_CONF_LOCATION_TO_TEST | while read line do if [ ! -z "`echo $line | grep -i '^[[:space:]]*.*//g' | sed 's/^"//'| sed 's/"$//'` echo " Found Proxy $CONF_PROXY" fi if [ ! -z "`echo $line | grep -i '^[[:space:]]*.*//g' | sed 's/^"//'| sed 's/"$//'` echo " Found Directory $DIRECTORY" fi if [ ! -z "`echo $line | grep -i '^[[:space:]]*.*//g'` echo " Found Location $LOCATION" fi if [ ! -z "`echo $line | grep -i '^[[:space:]]*.*//g'` echo " Found VirtualHost $VIRTUALHOST" echo "VHOST=$VIRTUALHOST" >> $OUTPUT_RESULT fi ##### /Directory ======================= if [ ! -z "`echo $line | grep -i '^[[:space:]]*> $OUTPUT_RESULT if [ ! -z $AUTH_FILE ] ; then echo "AUTHFILE=$AUTH_FILE" >> $OUTPUT_RESULT fi identify_web_tech_in_dir "$DIRECTORY" recursive if [ "$WEBTECH" = 'PHP' ] ; then Display --indent 2 --text "PHP technology" --result FOUND --color BLUE fi DIRECTORY='' ORDER=0 DENY_IN_FIRST=0 DENY_FROM_ALL=0 REQUIRE_VALID_USER=0 AUTH_FILE='' OPTION_INDEX=0 OPTION_CGI=0 fi ##### /Location ======================= if [ ! -z "`echo $line | grep -i '^[[:space:]]*> $OUTPUT_RESULT if [ ! -z "$AUTH_FILE" ] ; then echo "AUTHFILE=$AUTH_FILE" >> $OUTPUT_RESULT fi if [ -z "$DOCROOT" ] ; then Display --indent 4 --text "Strange no docroot yet" --result NOTFOUND --color ORANGE identify_web_tech_in_dir "${DEFAULT_APACHE_DOCROOT}/${LOCATION}" else identify_web_tech_in_dir "${DOCROOT}/${LOCATION}" fi if [ "$WEBTECH" = 'PHP' ] ; then Display --indent 2 --text "PHP technology" --result FOUND --color BLUE fi LOCATION='' ORDER=0 DENY_IN_FIRST=0 DENY_FROM_ALL=0 REQUIRE_VALID_USER=0 AUTH_FILE='' OPTION_INDEX=0 OPTION_CGI=0 fi ##### /Virtualhost ======================= if [ ! -z "`echo $line | grep -i '^[[:space:]]*> $OUTPUT_RESULT fi if [ -z "$DOCROOT" ] ; then Display --indent 4 --text "No DocumentRoot in this vhost" --result NOTFOUND --color RED --advice APACHE_VHOSTS_NO_DOCROOT fi echo "ENDHOST=$VIRTUALHOST" >> $OUTPUT_RESULT VIRTUALHOST='' ACCESSLOG='' ERRORLOG='' LIST_ALIAS='' JKMOUNT_SRC='' DOCROOT='' fi ##### ServerName =========================================== if [ ! -z "`echo $line | grep -i '^[[:space:]]*ServerName'`" ] then VHOST_SERVER_NAME="`echo $line | sed 's/^[[:space:]]*[a-zA-Z0-9][a-zA-Z0-9]*[[:space:]]*//g' | cut -d\ -f1`" Display --indent 4 --text "$VIRTUALHOST has ServerName $VHOST_SERVER_NAME" --result FOUND --color GREEN echo "SERVERNAME=$VHOST_SERVER_NAME" >> $OUTPUT_RESULT fi ##### /Proxy ======================= if [ ! -z "`echo $line | grep -i '^[[:space:]]*> $OUTPUT_RESULT CONF_PROXY='' ORDER=0 DENY_IN_FIRST=0 DENY_FROM_ALL=0 REQUIRE_VALID_USER=0 AUTH_FILE='' fi ##### Logs ======================= if [ ! -z "`echo $line | grep -i '^[[:space:]]*configLog'`" ] then ACCESSLOG=`echo $line | sed 's/^[[:space:]]*[a-zA-Z][a-zA-Z]*[[:space:]]//g' | cut -d\ -f1` fi if [ ! -z "`echo $line | grep -i '^[[:space:]]*CustomLog'`" ] then ACCESSLOG=`echo $line | sed 's/^[[:space:]]*[a-zA-Z][a-zA-Z]*[[:space:]]*//g' | cut -d\ -f1` fi if [ ! -z "`echo $line | grep -i '^[[:space:]]*ErrorLog'`" ] then ERRORLOG=`echo $line | sed 's/^[[:space:]]*[a-zA-Z][a-zA-Z]*[[:space:]]*//g' | cut -d\ -f1` fi ##### /Order ====================================== # Allow,Deny = good:) # Deny,Allow = bad if [ ! -z "`echo $line | grep -i '^[[:space:]]*order'`" ] ;then ORDER=1 if [ ! -z "`echo $line | grep -i '^[[:space:]]*order deny,allow'`" ] then DENY_IN_FIRST=1 fi fi if [ ! -z "`echo $line | grep -i '^[[:space:]]*deny from all'`" ] then DENY_FROM_ALL=1 fi if [ ! -z "`echo $line | grep -i '^[[:space:]]*require valid-user'`" ] then # Display --indent 4 --text "DEBUGRequire valid user" --result FOUND --color GREEN REQUIRE_VALID_USER=1 fi if [ ! -z "`echo $line | grep -i '^[[:space:]]*require group'`" ] then # Display --indent 4 --text "DEBUGRequire valid user" --result FOUND --color GREEN REQUIRE_VALID_USER=1 fi if [ ! -z "`echo $line | grep -i '^[[:space:]]*require user'`" ] then # Display --indent 4 --text "DEBUGRequire user" --result FOUND --color GREEN REQUIRE_VALID_USER=1 fi #TODO Dav on ##### docroot =========================================== if [ ! -z "`echo $line | grep -i '^[[:space:]]*documentroot'`" ] ; then DOCROOT=`echo $line | sed 's/^[[:space:]]*[a-zA-Z][a-zA-Z]*[[:space:]]*//g' | sed 's/^\"//g' | sed 's/\"[[:space:]]*$//g'` Display --indent 4 --text "Docroot $DOCROOT" --result FOUND --color GREEN if [ $DOCROOT = '/var/www' -o $DOCROOT = '/var/www/' ] ; then Display --indent 4 --text "Docroot $DOCROOT" --result FOUND --color ORANGE --advice APACHE_VHOSTS_VAR_WWW fi check_directory_group $DOCROOT $APACHE_GROUP $TMP_RESULT 6 APACHE_VHOSTS_DOCROOT_BADGROUP check_directory_others $DOCROOT $TMP_RESULT 6 APACHE_VHOSTS_DOCROOT_OTHERRIGHTS check_directory_writable_by_group $DOCROOT $APACHE_GROUP $TMP_RESULT 6 APACHE_VHOSTS_DOCROOT_GROUPW if [ -e "${DOCROOT}/robots.txt" ] ; then Display --indent 6 --text "Found robots.txt" --result FOUND --color BLUE else Display --indent 6 --text "No robots.txt" --result NOTFOUND --color ORANGE --advice APACHE_VHOSTS_NO_ROBOTS_TXT fi #check for known location if [ -e "$PLUGINS_REP/apache_vhosts.data" ] ; then grep -v '^#' "$PLUGINS_REP/apache_vhosts.data" | while read LOC_LINE do # echo " $LOC_LINE" LOC_LOC=`echo $LOC_LINE | cut -f1 -d\|` LOC_ADVICE=`echo $LOC_LINE | cut -f3 -d\|` if [ -e "${DOCROOT}${LOC_LOC}" ] ; then Display --indent 2 --text "=> ${DOCROOT}${LOC_LOC}" --result FOUND --color RED --advice $LOC_ADVICE echo "HLOC=${LOC_LOC}" >> $OUTPUT_RESULT fi done else Display --indent 2 --text "No apache_vhosts.data" --result NOTFOUND --color RED fi identify_web_tech_in_dir "$DOCROOT" recursive if [ "$WEBTECH" = 'PHP' ] ; then Display --indent 2 --text "PHP technology" --result FOUND --color BLUE fi fi #TODO better alias printing in apache tree (list_alias) ##### alias =========================================== if [ ! -z "`echo $line | grep -i '^[[:space:]]*Alias[[:space:]]'`" ] then ALIAS="`echo $line | sed 's/^[[:space:]]*[a-zA-Z][a-zA-Z]*[[:space:]]*//g' | cut -d\ -f1`" DEST_ALIAS="`echo $line | sed 's/^[[:space:]]*[a-zA-Z][a-zA-Z]*[[:space:]]*//g' | cut -d\ -f2 | sed 's/^"//' | sed 's/"$//'`" Display --indent 4 --text "$ALIAS -> $DEST_ALIAS" --result FOUND --color BLUE if [ -z "$VIRTUALHOST" ] then echo "ALIAS=$ALIAS" >> $OUTPUT_RESULT else if [ -z "$LIST_ALIAS" ] then LIST_ALIAS="$ALIAS" else LIST_ALIAS="$LIST_ALIAS $ALIAS" fi fi fi ##### override =========================================== if [ ! -z "`echo $line | grep -i '^[[:space:]]*AllowOverride'`" ] ; then OVERRIDE=`echo $line | sed 's/^[[:space:]]*[a-zA-Z][a-zA-Z]*[[:space:]]*//g' | cut -d\ -f1` if [ "$OVERRIDE" != "None" ] then Display --indent 4 --text "$VIRTUALHOST has override $OVERRIDE" --result WARNING --color ORANGE fi fi ##### php_admin_value =========================================== if [ ! -z "`echo $line | grep -i '^[[:space:]]*php_admin_value'`" ] ; then PHP_ADMIN_VALUE=`echo $line | sed 's/^[[:space:]]*php_admin_value[[:space:]]*//g'` Display --indent 4 --text "$VIRTUALHOST has php_admin_value $PHP_ADMIN_VALUE" --result WARNING --color BLUE echo "PHP_ADMIN_VALUE=$PHP_ADMIN_VALUE" >> $OUTPUT_RESULT fi ##### php_admin_flag =========================================== if [ ! -z "`echo $line | grep -i '^[[:space:]]*php_admin_flag'`" ] ; then PHP_ADMIN_FLAG=`echo $line | sed 's/^[[:space:]]*php_admin_flag[[:space:]]*//g'` Display --indent 4 --text "$VIRTUALHOST has php_admin_flag $PHP_ADMIN_FLAG" --result WARNING --color BLUE #temp use same variable for flag and value echo "PHP_ADMIN_VALUE=$PHP_ADMIN_FLAG" >> $OUTPUT_RESULT fi ##### authfile =========================================== if [ ! -z "`echo $line | grep -i '^[[:space:]]*AuthUserFile'`" ] then AUTH_FILE="`echo $line | sed 's/^[[:space:]]*[a-zA-Z][a-zA-Z]*[[:space:]]*//g' | sed 's/^"//' | sed 's/"$//'`" if [ -e "$AUTH_FILE" ] then Display --indent 2 --text "Authfile $AUTH_FILE" --result FOUND --color GREEN if [ "`stat $STAT_GROUP $AUTH_FILE`" != $APACHE_GROUP ] then Display --indent 2 --text "debug Authfile $AUTH_FILE incorrect permission" --result "`stat $STAT_GROUP $AUTH_FILE`" --color RED fi if [ "`stat $STAT_USER $AUTH_FILE`" = $APACHE_USER ] then Display --indent 2 --text "debug Authfile $AUTH_FILE incorrect owner" --result "`stat $STAT_USER $AUTH_FILE`" --color RED fi else Display --indent 2 --text "Authfile $AUTH_FILE" --result NOTFOUND --color RED --advice APACHE_VHOSTS_AUTHFILE_NOTFOUND fi fi ##### options =========================================== if [ ! -z "`echo $line | grep -i '^[[:space:]]*options'`" ] then TOPRINT='' if [ ! -z "$VIRTUALHOST" ] then TOPRINT=$VIRTUALHOST fi if [ ! -z "$LOCATION" ] then TOPRINT=$LOCATION fi if [ ! -z "$DIRECTORY" ] then TOPRINT=$DIRECTORY fi #[[:space:]] is here for be sure that there not a - sign if [ ! -z "`echo $line | grep -i '[[:space:]]indexes'`" ] then Display --indent 4 --text "$TOPRINT has option indexes" --result FOUND --color ORANGE --advice APACHE_VHOSTS_OPTIONS_INDEXES OPTION_INDEX=1 fi if [ ! -z "`echo $line | grep -i '[[:space:]]ExecCGI'`" ] then Display --indent 4 --text "$TOPRINT has option ExecCGI" --result FOUND --color ORANGE --advice APACHE_VHOSTS_OPTIONS_EXECCGI OPTION_CGI=1 fi fi ##### jkmount =========================================== if [ ! -z "`echo $line | grep -i '^[[:space:]]*JKmount'`" ] ; then JKMOUNT_SRC="`echo \"$line\" | sed 's/^[[:space:]]*JKmount[[:space:]]*//gI' | cut -d\ -f1`" Display --indent 4 --text "$VIRTUALHOST has JKmount $JKMOUNT_SRC" --result FOUND --color BLUE echo "JKMOUNT=$JKMOUNT_SRC" >> $OUTPUT_RESULT fi ##### ProxyPASS =========================================== if [ ! -z "`echo $line | grep -i '^[[:space:]]*ProxyPASS'`" ] then # ProxyPASS_SRC="`echo \"$line\" | sed 's/^[[:space:]]*ProxyPASS[[:space:]]*//gI' | cut -d\ -f1`" get_value_in_string ProxyPASS "$line" ProxyPASS_SRC="$RESULTAT" Display --indent 4 --text "$VIRTUALHOST has ProxyPASS_SRC $ProxyPASS_SRC" --result FOUND --color BLUE fi ##### mod_deflate =========================================== #AddOutputFilterByType if [ ! -z "`echo $line | grep -i '^[[:space:]]*SetOutputFilter'`" ] then OUTPUT_FILTER_TYPE="`echo \"$line\" | sed 's/^[[:space:]]*SetOutputFilter[[:space:]]*//gI' | cut -d\ -f1`" Display --indent 4 --text "$VIRTUALHOST has SetOutputFilter" --result FOUND --color BLUE echo "DEFLATE=$OUTPUT_FILTER_TYPE" >> $OUTPUT_RESULT fi if [ ! -z "`echo $line | grep -i '^[[:space:]]*AddOutputFilterByType'`" ] then TMP_GZIP_RESULT="${TEMPYASATDIR}/apache_gzip.tmpresult" if [ -e "${TMP_GZIP_RESULT}" ] ; then rm "${TMP_GZIP_RESULT}" fi OUTPUT_FILTER_TYPE="`echo \"$line\" | sed 's/^[[:space:]]*AddOutputFilterByType[[:space:]]*//gI' | cut -d\ -f1`" OUTPUT_FILTER_AFFECTED="`echo \"$line\" | sed 's/^[[:space:]]*AddOutputFilterByType[[:space:]]*//gI' | cut -d\ -f2-`" Display --indent 4 --text "$VIRTUALHOST has AddOutputFilterByType $OUTPUT_FILTER_TYPE" --result FOUND --color BLUE for mimetype in $OUTPUT_FILTER_AFFECTED do echo $mimetype >> ${TMP_GZIP_RESULT} done grep -iv -f ${TMP_GZIP_RESULT} $PLUGINS_REP/apache_mod_deflate.data | while read missing do Display --indent 6 --text "You can add also $missing" --result NOTFOUND --color BLUE done echo "DEFLATE=$OUTPUT_FILTER_TYPE $OUTPUT_FILTER_AFFECTED" >> $OUTPUT_RESULT fi ##### SSL options =========================================== http://httpd.apache.org/docs/2.2/ssl/ssl_faq.html if [ ! -z "`echo $line | grep -i '^[[:space:]]*SSLCertificateKeyFile'`" ] ; then # SSLCertKeyFile="`echo \"$line\" | sed 's/^[[:space:]]*SSLCertificateKeyFile[[:space:]]*//gI' | cut -d\ -f1`" get_value_in_string SSLCertificateKeyFile "$line" SSLCertKeyFile="$RESULTAT" Display --indent 4 --text "$VIRTUALHOST has SSL Key $SSLCertKeyFile" --result FOUND --color BLUE check_file $SSLCertKeyFile 6 PRIVKEY fi if [ ! -z "`echo $line | grep -i '^[[:space:]]*SSLCertificateFile'`" ] ; then # SSLCertFile="`echo \"$line\" | sed 's/^[[:space:]]*SSLCertificateFile[[:space:]]*//gI' | cut -d\ -f1`" get_value_in_string SSLCertificateFile "$line" SSLCertFile="$RESULTAT" Display --indent 4 --text "$VIRTUALHOST has SSL Cert $SSLCertFile" --result FOUND --color BLUE check_file $SSLCertFile 6 CERT fi #TODO SSLInsecureRenegotiation http://httpd.apache.org/docs/2.0/mod/mod_ssl.html#sslinsecurerenegotiation done < $APACHE_CONF_LOCATION_TO_TEST draw_apache_tree $OUTPUT_RESULT return 1; yasat/plugins/apache_vhosts.advice0000640000175000017500000000553211677022127020124 0ustar montjoiemontjoieEN,APACHE_VHOSTS_OPTIONS_INDEXES=Disable the directory's content providing See http://httpd.apache.org/docs/2.0/mod/core.html#options ADVICEEND EN,APACHE_VHOSTS_OPTIONS_EXECCGI=Disable the possibility to use CGI scripts See http://httpd.apache.org/docs/2.0/mod/core.html#options And also http://httpd.apache.org/docs/2.2/misc/security_tips.html#cgi ADVICEEND EN,APACHE_VHOSTS_NO_ORDER_CLAUSE=Add an order allow,deny clause to your vhost ADVICEEND EN,APACHE_VHOSTS_DOCROOT_BADGROUP=The docroot's files must be group owned by apache It is preferable that apache doesn't own the files that it serves. ADVICEEND EN,APACHE_VHOSTS_DOCROOT_OTHERRIGHTS=The docroot's files must not be readable by others Only apache and root (or some webadmin user) have to read apache s files. ADVICEEND EN,APACHE_VHOSTS_DOCROOT_GROUPW=The docroot's files must not be writable by apache Generally, apache doesn't have to write to the files it serves. ADVICEEND EN,APACHE_VHOSTS_KNOWN_NAME=TODO is this location useful? ADVICEEND EN,APACHE_VHOSTS_NO_ROBOTS_TXT=You can put a robots.txt for controlling where the search engine goes For more informations, see http://www.robotstxt.org ADVICEEND EN,APACHE_VHOSTS_NO_ACCESSLOG=Define an accesslog Example:
CustomLog /var/log/apache2/access_log common
See http://httpd.apache.org/docs/2.2/logs.html#accesslog http://httpd.apache.org/docs/2.2/misc/security_tips.html#watchyourlogs ADVICEEND EN,APACHE_VHOSTS_NO_ERRORLOG=Define an errorlog See http://httpd.apache.org/docs/2.2/logs.html#errorlog http://httpd.apache.org/docs/2.2/misc/security_tips.html#watchyourlogs ADVICEEND EN,APACHE_VHOSTS_AUTHFILE_NOTFOUND=You have defined an authfile, but I can't find it Check your configuration http://httpd.apache.org/docs/2.0/mod/mod_auth.html#authuserfile ADVICEEND EN,APACHE_VHOSTS_VAR_WWW=It's preferable to use a docroot like /var/www/servername/ If you want to have many vhosts, it's preferable to arrange it like that. ADVICEEND EN,APACHE_VHOSTS_NO_DOCROOT=Define a documentroot See http://httpd.apache.org/docs/current/mod/core.html#documentroot ADVICEEND #http://httpd.apache.org/docs/2.2/misc/security_tips.html yasat/plugins/TODO0000640000175000017500000000143411716221221014573 0ustar montjoiemontjoie- nagios - change definition by declaration (Missing declaration of) - change != by (want value) - Correct my ugly english - Do an entry description on each plugin - Create an option for changing temporary yasat files location (not ~./yasat) (use also yasat_tmp) - Delete all temporary files after execution - Add a criticity parameter to display for future filter - Do a check_directory_owner like check_directory_group - bashims to correct (. instead of source, echo -e) - Variable for blacklist some plugins - Create a log of "bugs/errors" of yasat - check cron.deny at.deny and their .allow - check rpmold dpkg-old dpkg-newrpmnew etc... - Produce a list of commands to correct problems like chmod sed etc.. - All errors must be redirected to ERROR_OUTPUT_FILE (to be finished) yasat/plugins/system_user.test0000640000175000017500000002626011735055273017407 0ustar montjoiemontjoie#!/bin/sh ################################################################################ # # # Copyright (C) 2008-2012 LABBE Corentin # # YASAT is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # YASAT is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with YASAT. If not, see . # # ################################################################################ Title "Check system user" POSSIBLE_USELESS_USER='games uucp news toor proxy irc gnats gopher' BASEHOME="/home" PASSFILE="/etc/shadow" TMP_LEAK_PASSWORD_FILE="$TEMPYASATDIR/yasat.leak" if [ "${OS_TYPE}" = "BSD" ] then PASSFILE="/etc/master.passwd" fi #Check for readability of PASSFILE (Enforced SELinux deny it for example) cat $PASSFILE > /dev/null if [ $? -eq 1 ] ;then Display --indent 2 --text "$PASSFILE is unreadable (inexistant or access denied)" --result ERROR --color RED PASSFILE='non-readable' fi #ALLUSER=`grep -v '^#' /etc/passwd | cut -d\: -f1` ALLUSER=`getent passwd | cut -d\: -f1` for iuser in $ALLUSER do #HOMEUSER=`grep "^${iuser}:" /etc/passwd | cut -d\: -f6` HOMEUSER=`getent passwd ${iuser} | cut -d\: -f6` #USERSHELL=`grep "^${iuser}:" /etc/passwd | cut -d\: -f7` USERSHELL=`getent passwd ${iuser} | cut -d\: -f7` PRIMARYGROUP="`id -gn ${iuser}`" if [ ! -e "${HOMEUSER}" ] ;then Display --indent 2 --text "The home of $iuser, ${HOMEUSER} dont exist" --result NOTFOUND --color ORANGE --advice SYSTEM_USER_NO_HOMEDIR HOMEUSER="$BASEHOME/$iuser/" fi if [ -e "${HOMEUSER}" ] ;then Display --indent 2 --text "Check $iuser ${HOMEUSER} " --result FOUND --color GREEN if [ "${HOMEUSER}" = "/" ] ;then Display --indent 4 --text "homedir is /" --result WARNING --color RED --advice SYSTEM_USER_HOMEDIR_ROOT_SLASH fi if [ -e "${HOMEUSER}/.bashrc" ] ;then UMASK="`grep 'umask 027' ${HOMEUSER}/.bashrc`" if [ -z "$UMASK" ] ;then Display --indent 4 --text "bad umask in bashrc (not 027)" --result WARNING --color RED --advice SYSTEM_USER_UMASK fi fi #TODO check valid shells for warning about "no pass and shells" #TODO differenciate desactivated account than other if [ -e "$PASSFILE" ] ; then PASSWORD=`grep ^${iuser}\: $PASSFILE | cut -d\: -f2` if [ "$PASSWORD" = '*' ] ;then if [ ! -z "`echo $USERSHELL | grep -v 'nologin' |grep -v 'bin/false'`" ] then Display --indent 4 --text "No pass and shell, why?" --result WARNING --color ORANGE --advice SYSTEM_USER_NOPASS_AND_SHELL fi fi if [ "$PASSWORD" = '!' ] ;then if [ ! -z "`echo $USERSHELL | grep -v 'nologin' |grep -v 'bin/false'`" ] then Display --indent 4 --text "No pass and shell, why?" --result WARNING --color ORANGE --advice SYSTEM_USER_NOPASS_AND_SHELL fi fi #Password is empty, bad if [ "$PASSWORD" = '' ] ;then Display --indent 4 --text "Password is empty" --result ERROR --color RED fi fi #end of if PASSFILE if [ -e "${HOMEUSER}/.ssh/" ];then if [ `stat $STAT_RIGHT ${HOMEUSER}/.ssh/` != '700' ];then Display --indent 4 --text "${HOMEUSER}/.ssh is not 700" --result WARNING --color RED --advice SYSTEM_USER_DOTDIR else Display --indent 4 --text "${HOMEUSER}/.ssh" --result OK --color GREEN fi # find ${HOMEUSER}/.ssh/ ! -user $iuser -ls TMP_RESULT="${TEMPYASATDIR}/ssh_others" check_directory_owner "${HOMEUSER}/.ssh/" $iuser $TMP_RESULT 4 # find ${HOMEUSER}/.ssh/ -perm $ORWX -ls check_directory_others "${HOMEUSER}/.ssh/" $TMP_RESULT 4 GLOBAL_FILE_OTHER_READABLE if [ -e "${HOMEUSER}/.ssh/authorized_keys" -o -e "${HOMEUSER}/.ssh/authorized_keys2" ];then Display --indent 4 --text "authorized_keys" --result FOUND --color GREEN #TODO check this files (content) fi #TODO check keysize for < 2048bits (find a good link to explain why) if [ -e "${HOMEUSER}/.ssh/id_rsa" -o -e "${HOMEUSER}/.ssh/id_rsa.pub" ] ;then KEY_SIZE="`ssh-keygen -l -f ${HOMEUSER}/.ssh/id_rsa | cut -d\ -f1`" Display --indent 4 --text "RSA keys found ($KEY_SIZE bits)" --result OK --color GREEN check_private_key "${HOMEUSER}/.ssh/id_rsa" 4 'ssh' "${iuser}" "$PRIMARYGROUP" fi if [ -e "${HOMEUSER}/.ssh/id_dsa" -o -e "${HOMEUSER}/.ssh/id_dsa.pub" ] ;then #I have read somewhere that DSA is only 1024, so perhaps reading keysize is useless KEY_SIZE="`ssh-keygen -l -f ${HOMEUSER}/.ssh/id_dsa | cut -d\ -f1`" Display --indent 4 --text "DSA keys found ($KEY_SIZE bits)" --result OK --color GREEN check_private_key "${HOMEUSER}/.ssh/id_dsa" 4 'ssh' "${iuser}" "$PRIMARYGROUP" fi if [ `stat $STAT_USER ${HOMEUSER}/.ssh/` != $iuser ];then Display --indent 4 --text "Error ${HOMEUSER}/.ssh/ is not $iuser owned" --result ERROR --color RED fi fi #end if [ -e "${HOMEUSER}/.ssh/" ] if [ -e "${HOMEUSER}/.gnupg/" ];then if [ `stat $STAT_RIGHT ${HOMEUSER}/.gnupg/` != '700' ];then Display --indent 4 --text "$BASEHOME/$iuser/.gnupg is not 700" --result WARNING --color RED --advice SYSTEM_USER_DOTDIR else Display --indent 4 --text "$BASEHOME/$iuser/.gnupg" --result OK --color GREEN fi fi #TODO check recusivly the content of the directory #end of gnupg if [ -e "${HOMEUSER}/.my.cnf" ] then if [ `stat $STAT_RIGHT ${HOMEUSER}/.my.cnf` != '600' ] then Display --indent 4 --text "$BASEHOME/$iuser/.my.cnf is not 600" --result WARNING --color RED --advice SYSTEM_USER_DOTFILES else Display --indent 4 --text "$BASEHOME/$iuser/.my.cnf" --result OK --color GREEN fi fi #end of my.cnf #check rights of some files LIST_USER_FILE=".bashrc .cshrc .exrc .forward .kshrc .login .profile .xinitrc .nessusrc .muttrc .cvspass .rhosts .openvasrc .bash_history .history .k5login .mysql_history .pgpass" #TODO finish that for DOT_FILE in $LIST_USER_FILE do if [ -e "${HOMEUSER}/${DOT_FILE}" ] then DOTFILERIGHT="`stat $STAT_RIGHT ${HOMEUSER}/$DOT_FILE`" if [ "${DOTFILERIGHT}" != '600' -a "${DOTFILERIGHT}" != '400' ] then Display --indent 4 --text "${HOMEUSER}/$DOT_FILE is not 600" --result WARNING --color RED --advice SYSTEM_USER_DOTFILES else Display --indent 4 --text "${HOMEUSER}/$DOT_FILE" --result OK --color GREEN fi fi done #check only "normal" users for the moment if [ ! -z "`echo ${HOMEUSER} |grep $BASEHOME`" ] then TMP_RESULT="${TEMPYASATDIR}/${iuser}.homeresult" check_directory_others ${HOMEUSER} $TMP_RESULT 4 SYSTEM_USER_HOMEDIR_READABLE_BY_OTHERS fi #check for information leaking in .bash_history #TODO ipmitool -U root user set password 8 xxx ? and other command with clear text password #TODO list of bad command like ./r00t if [ -e "${HOMEUSER}/.bash_history" ] then cat "${HOMEUSER}/.bash_history" |grep mysql | grep -iE '\-p[^ ]' > "$TMP_LEAK_PASSWORD_FILE" cat "${HOMEUSER}/.bash_history" |grep ldap | grep -E '\-w|\-a|\-s' >> "$TMP_LEAK_PASSWORD_FILE" cat ${HOMEUSER}/.bash_history |grep wget | grep -i ':.*@' >> $TMP_LEAK_PASSWORD_FILE cat ${HOMEUSER}/.bash_history | grep -v '^cd ' |grep -v '^exit[[:space:]]*$' | grep -v '^source[[:space:]]' | grep -v '^export[[:space:]]'| while read line_of_command do COMMAND_TO_CHECK="`echo $line_of_command | sed 's/[[:space:]].*//g'`" which $COMMAND_TO_CHECK > /dev/null 2> /dev/null if [ $? -eq 1 ] then echo "$line_of_command" >> $TMP_LEAK_PASSWORD_FILE fi done # file with password to test for their right # cat $bash_h |grep ldap | grep -E '\-y|\-t|\-T' NBLINE="`cat $TMP_LEAK_PASSWORD_FILE | wc -l`" if [ $NBLINE -eq 0 ] then Display --indent 4 --text ".bash_history" --result GOOD --color GREEN else Display --indent 4 --text ".bash_history" --result BAD --color RED --advice SYSTEM_USER_PASSWORD_LEAKING cat $TMP_LEAK_PASSWORD_FILE | sort | uniq | while read line_of_command_with_pass do echo " $line_of_command_with_pass" done fi fi #end of bash_history #Check for PASSWORD() or other line with a password in mysql_history if [ -e "${HOMEUSER}/.mysql_history" ] ; then echo -n "" > $TMP_LEAK_PASSWORD_FILE cat "${HOMEUSER}/.mysql_history" |grep -iE 'identified|PASSWORD' | while read line_of_command do echo "$line_of_command" >> $TMP_LEAK_PASSWORD_FILE done NBLINE="`cat $TMP_LEAK_PASSWORD_FILE | wc -l`" if [ $NBLINE -eq 0 ] then Display --indent 4 --text ".mysql_history" --result GOOD --color GREEN else Display --indent 4 --text ".mysql_history" --result BAD --color RED --advice SYSTEM_USER_MYSQL_HISTORY_PASSWORD_LEAKING cat $TMP_LEAK_PASSWORD_FILE | sort | uniq | while read line_of_command_with_pass do echo " $line_of_command_with_pass" done fi fi if [ -e "${HOMEUSER}/.mozilla/firefox/profiles.ini" ] ; then if [ -e "${PLUGINS_REP}/system_user.firefox" ] ; then #get profiles for profile in `grep '^Path=' "${HOMEUSER}/.mozilla/firefox/profiles.ini" | sed 's/^Path=//'` do Display --indent 4 --text "Firefox profile $profile" --result FOUND --color BLUE PATH_TO_PREFJS="${HOMEUSER}/.mozilla/firefox/$profile/prefs.js" if [ -e $PATH_TO_PREFJS ] ; then grep -v ^# "${PLUGINS_REP}/system_user.firefox" | while read firefox_test do FIREFOX_STRING="`echo $firefox_test | cut -d, -f1`" FIREFOX_ADVICE="`echo $firefox_test | cut -d, -f2`" if [ ! -z "`grep $FIREFOX_STRING $PATH_TO_PREFJS`" ] ; then Display --indent 6 --text "$FIREFOX_STRING" --result FOUND --color BLUE --advice "$FIREFOX_ADVICE" else Display --indent 6 --text "$FIREFOX_STRING" --result NOTFOUND --color GREEN fi done fi done else Display --indent 4 --text "${PLUGINS_REP}/system_user.firefox" --result NOTFOUND --color REd fi fi #end of firefox fi #end of if homeuser for TMP_USELESS in $POSSIBLE_USELESS_USER do if [ "$TMP_USELESS" = "$iuser" ] then Display --indent 4 --text "is user $iuser useful?" --result WARNING --color ORANGE --advice SYSTEM_USER_USELESS fi done done #check UID 0 account #cat /etc/passwd | cut -d\: -f1,3 #getent is better than cat /etc/passwd USER_ONLY_ONE_UID0=0 getent passwd | cut -d\: -f1,3 | grep ':0$' | while read line do if [ "$line" != "root:0" ] then USER_ONLY_ONE_UID0=1 USER_UID0="`echo $line | cut -d\: -f1`" Display --indent 2 --text "Found user $USER_UID0 with UID=0" --result FOUND --color RED --advice SYSTEM_USER_USER_wITH_UID0 fi done if [ $USER_ONLY_ONE_UID0 -eq 0 ] then Display --indent 2 --text "Only root is UID=0" --result GOOD --color GREEN fi #check that shadow is used getent passwd | cut -d\: -f1,2 |grep ':$'| while read line do USER_STRANGE="`echo $line | cut -d\: -f1`" Display --indent 2 --text "Found anormal $USER_STRANGE" --result FOUND --color RED --advice TODO done return 0; #TODO check_user_cron #TODO check for a .macromedia and give advice of trash "flash cookies" yasat/plugins/binaries.test0000640000175000017500000001526311677022127016617 0ustar montjoiemontjoie#!/bin/sh ################################################################################ # # # Copyright (C) 2008-2012 LABBE Corentin # # YASAT is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # YASAT is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with YASAT. If not, see . # # ################################################################################ # * The setuid bit adds 4 to the total, # * The setgid bit adds 2 to the total # * The sticky bit adds 1 to the total. Title "Check system binaries and integrity tools" #TODO check for AIDE and tripwire they better do this job than me #TODO check for rkhunter which aide 2>> $ERROR_OUTPUT_FILE >/dev/null if [ $? -eq 1 ] then Display --indent 2 --text "AIDE file integrity tester" --result NOTFOUND --color ORANGE --advice BINARIES_NO_AIDE else Display --indent 2 --text "AIDE file integrity tester" --result FOUND --color GREEN #TODO check good usage of AIDE like if aideinit was used or not #AIDE installed is not sufficient fi which tripwire 2>> $ERROR_OUTPUT_FILE >/dev/null if [ $? -eq 1 ] ;then Display --indent 2 --text "TRIPWIRE file integrity tester" --result NOTFOUND --color ORANGE --advice BINARIES_NO_TRIPWIRE else Display --indent 2 --text "TRIPWIRE file integrity tester" --result FOUND --color GREEN #TODO check good usage of TRIPWIRE #TRIPWIRE installed is not sufficient fi which chkrootkit 2>> $ERROR_OUTPUT_FILE >/dev/null if [ $? -eq 1 ] then Display --indent 2 --text "chkrootkit" --result NOTFOUND --color ORANGE --advice BINARIES_NO_CHKROOTKIT else Display --indent 2 --text "chkrootkit" --result FOUND --color GREEN fi BINARY_POSSIBLE_PATH='/sbin /bin /usr/sbin /usr/bin /usr/local/bin /usr/local/sbin /usr/local/usr/bin /usr/local/usr/sbin /lib /usr/lib /usr/libexec /usr/local/lib /lib64 /lib32 /usr/lib64' echo "DEBUG This check is in development" if [ "$SCANTYPE" = "FULL" ] ; then Display --indent 2 --text "Full setuid-scan of filesystem" --result INFO --color BLUE BINARY_POSSIBLE_PATH='/' fi HAVE_POSIX_CAPS_TOOLS=0 #POSIX CAPS only exists under Linux if [ "$OS_TYPE" = 'Linux' ] ;then which getcap 2>> $ERROR_OUTPUT_FILE >/dev/null if [ $? -eq 0 ] ;then Display --indent 2 --text "POSIX CAPS tools" --result FOUND --color GREEN HAVE_POSIX_CAPS_TOOLS=1 fi if [ $HAVE_POSIX_CAPS_TOOLS -eq 0 ] ; then which filecap 2>> $ERROR_OUTPUT_FILE >/dev/null if [ $? -eq 0 ] ;then Display --indent 2 --text "libcap-ng tools" --result FOUND --color GREEN HAVE_POSIX_CAPS_TOOLS=2 fi fi if [ $HAVE_POSIX_CAPS_TOOLS -eq 0 ] ; then Display --indent 2 --text "POSIX CAPS tools" --result NOTFOUND --color ORANGE --advice BINARIES_NO_POSIXCAPSTOOLS fi fi #TODO check whole filesystem for setuid ? #TODO propose better rights for BIN_PATH in $BINARY_POSSIBLE_PATH do if [ -e "$BIN_PATH" ] ;then echo "Checking file with set UID in $BIN_PATH" find $BIN_PATH -perm $FIND_SETUID -type f | while read BIN_TO_TEST do RIGHT_ACTUAL="`stat $STAT_FULL_RIGHT $BIN_TO_TEST`" OSTOTEST="${OS}" if [ ! -z "$LINUX_VERSION" ] ;then OSTOTEST="$LINUX_VERSION" fi if [ "$LINUX_VERSION" = 'Debian' ] ;then OSTOTEST="$OS_NICKNAME" fi BIN_TO_TEST2="`echo $BIN_TO_TEST | sed 's/lib64\//lib\//'`" RESULTAT=`grep -v '^#' $PLUGINS_REP/binaries.data | grep "$OSTOTEST" | grep "${BIN_TO_TEST2}|"` if [ -z "$RESULTAT" ] ;then Display --indent 2 --text "$BIN_TO_TEST with $RIGHT_ACTUAL" --result UNKNOWN --color RED --advice BINARIES_UNKNOWN else GOOD_RIGHT=`echo $RESULTAT | cut -d\| -f2` if [ "$RIGHT_ACTUAL" = "$GOOD_RIGHT" ] ;then Display --indent 2 --text "$BIN_TO_TEST with right=$RIGHT_ACTUAL" --result FOUND --color GREEN else Display --indent 2 --text "$BIN_TO_TEST with bad rights $RIGHT_ACTUAL != $GOOD_RIGHT" --result FOUND --color RED --advice BINARIES_BAD_RIGHT fi #a Set-UID binary must be owned by root #TODO On Debian Lenny at is daemon:daemon BINARY_FS_OWNER="`stat $STAT_USER $BIN_TO_TEST`" if [ "$BINARY_FS_OWNER" != "root" ] ;then Display --indent 2 --text "$BIN_TO_TEST is not owned by root on the FS" --result WARNING --color RED fi #MD5 for common archs (obsolete, aide/tripwire do that better than me) # GOOD_MD5=`echo $RESULTAT | cut -d\| -f4` # if [ ! -z "$GOOD_MD5" ] # then # MD5_ACTUAL="`md5sum $BIN_TO_TEST | cut -d\ -f1`" # if [ "$MD5_ACTUAL" != "$GOOD_MD5" ] # then # echo $MD5_ACTUAL $GOOD_MD5 # Display --indent 2 --text "$BIN_TO_TEST has incorrect MD5" --result WARNING --color RED # fi # fi fi #TODO some set-uid are not necessary like mount, netstat, ifconfig, traceroute, route and ping (and equivalent for ipv6 ping6 etc..) if [ ! -z "`grep $BIN_TO_TEST ${PLUGINS_REP}/binaries.suid`" ] ; then Display --indent 4 --text "You can remove PERHAPS setuid from $BIN_TO_TEST" --result WARNING --color BLUE --advice BINARIES_REMOVE_SETUID fi #TODO POSIX CAPS (check for XATTR) #getcap /bin/ping6 #/bin/ping6 = cap_net_raw+ep #filecap /bin/ping6 #file capabilities #/bin/ping6 net_raw if [ $HAVE_POSIX_CAPS_TOOLS -ge 1 ] ;then BIN_TO_TEST_NAME="`basename $BIN_TO_TEST`" POSIX_CAPS="`grep ^${BIN_TO_TEST_NAME}= ${PLUGINS_REP}/binaries.caps`" if [ $HAVE_POSIX_CAPS_TOOLS -eq 1 ] ;then ACTUAL_CAPS="`getcap $BIN_TO_TEST | sed 's/.*= //'`" else ACTUAL_CAPS="`filecap $BIN_TO_TEST | grep ^$BIN_TO_TEST | sed 's/.*[[:space:]]//g'`" fi if [ ! -z "$POSIX_CAPS" ] ; then if [ -z "$ACTUAL_CAPS" ] ; then ACTUAL_CAPS="no POSIX CAPS" fi Display --indent 4 --text "${BIN_TO_TEST_NAME} can use POSIX CAPS" --result INFO --color BLUE --advice BINARIES_CAN_HAVE_POSIX_CAPS Display --indent 4 --text "${BIN_TO_TEST_NAME} actual POSIX CAPS" --result "$ACTUAL_CAPS" --color BLUE Display --indent 4 --text "${BIN_TO_TEST_NAME} need POSIX CAPS $POSIX_CAPS" --result INFO --color BLUE add_correction "#setcap $POSIX_CAPS+ep $BIN_TO_TEST" fi fi done # else # echo "DEBUG $BIN_PATH dont exists" fi done #TODO store scan result for comparing later results yasat/plugins/apache_user.test0000640000175000017500000000727611677022127017307 0ustar montjoiemontjoie#!/bin/sh ################################################################################ # # # Copyright (C) 2008-2012 LABBE Corentin # # YASAT is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # YASAT is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with YASAT. If not, see . # # ################################################################################ #for LOCATION in ${POSSIBLE_APACHE_CONFIG_LOCATION} #do # if [ -d "${LOCATION}/" ] # then # APACHE_CONF_REP="${LOCATION}" # fi #done Find_apache_conf_location if [ ! -d $APACHE_CONF_REP ] ;then Display --indent 2 --text "No apache found" --result NOTFOUND --color BLUE return 1; fi Title "Check apache user" #YASAT_TEST_APACHE_USER_1 test the presence of apache.conf prepare_apache_conf $APACHE_CONF_REP APACHE_CONF_LOCATION_TO_TEST="${TEMPYASATDIR}/apache.conf" if [ ! -e "$APACHE_CONF_LOCATION_TO_TEST" ] ;then echo "Error no $APACHE_CONF_LOCATION_TO_TEST" return 1; fi #YASAT_TEST_APACHE_USER_2 Check if the user parameter is set FindValueOf $APACHE_CONF_LOCATION_TO_TEST "User" Check_apache_user $APACHE_CONF_REP $RESULTAT TMP_RESULT="${TEMPYASATDIR}/apache.tmpresult" if [ -z "$RESULTAT" ] then Display --indent 2 --text "Missing declaration of User " --result WARNING --color RED else #YASAT_TEST_APACHE_USER_3 Check if apache user have a shell APACHESHELL="`getent passwd ${RESULTAT} | cut -d\: -f7`" if [ `echo $APACHESHELL |grep 'sh' ` ] then Display --indent 2 --text "apache's shell $APACHESHELL is incorrect " --result WARNING --color RED --advice APACHE_USER_BAD_SHELL else Display --indent 2 --text "apache's shell $APACHESHELL is correct " --result OK --color GREEN fi fi #YASAT_TEST_APACHE_USER_4 Check if the group parameter is set FindValueOf $APACHE_CONF_LOCATION_TO_TEST "Group" Check_apache_group $APACHE_CONF_REP $RESULTAT APACHE_GROUP="$RESULTAT" RESULTAT=`find $APACHE_CONF_REP ! -type l ! -user root -exec ls {} \;` if [ ! -z "$RESULTAT" ] then Display --indent 2 --text "owner of $APACHE_CONF_REP/* " --result WARNING --color RED --advice APACHE_USER_OWNER_CONF_REP echo " $RESULTAT" else Display --indent 2 --text "owner of $APACHE_CONF_REP/* " --result OK --color GREEN fi #YASAT_TEST_APACHE_USER_5 Check the owner/group of apache confdir check_directory_group $APACHE_CONF_REP $ROOTGROUP $TMP_RESULT 2 APACHE_USER_GROUP_CONF_REP #YASAT_TEST_APACHE_USER_6 Check the right of apache confdir check_directory_others $APACHE_CONF_REP $TMP_RESULT 2 APACHE_USER_OTHERS_CONF_REP #YASAT_TEST_APACHE_USER_7 Check presence of passwd file in confdir find $APACHE_CONF_REP -type f -iname '*pass*' -o -iname '*htaccess*' | while read line do Display --indent 2 --text "Found passwd $line " --result "FOUND" --color RED --advice APACHE_USER_PASSWD_IN_CONF_REP done return 0; RESULTAT=`find $APACHE_CONF_REP ! -type l ! -user root -exec ls {} \;` if [ ! -z "$RESULTAT" ] then Display --indent 2 --text "owner of $APACHE_CONF_REP " --result WARNING --color RED echo " $RESULTAT" else Display --indent 2 --text "owner of $APACHE_CONF_REP " --result OK --color GREEN fi yasat/plugins/openvpn.test0000640000175000017500000001036511745731373016514 0ustar montjoiemontjoie#!/bin/sh ################################################################################ # # # Copyright (C) 2008-2012 LABBE Corentin # # YASAT is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # YASAT is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with YASAT. If not, see . # # ################################################################################ POSSIBLE_OPENVPN_CONF="/etc/openvpn /usr/local/etc/openvpn" OPENVPN_CONF_REP="" for LOCATION in ${POSSIBLE_OPENVPN_CONF} do if [ -d "${LOCATION}/" ] then OPENVPN_CONF_REP="${LOCATION}" fi done Title "Check OpenVPN" if [ -z "$OPENVPN_CONF_REP" ] ;then return 1; fi if [ ! -e "$OPENVPN_CONF_REP" ] ;then return 1; fi Display --indent 2 --text "$OPENVPN_CONF_REP" --result FOUND --color GREEN #YASAT_TEST_OPENVPN1 Check that openvpn configuration file is owned by root RESULTAT=`find $OPENVPN_CONF_REP ! -type l ! -user root -exec ls {} \;` if [ ! -z "$RESULTAT" ] ;then Display --indent 2 --text "owner of $OPENVPN_CONF_REP " --result WARNING --color RED # echo " $RESULTAT" else Display --indent 2 --text "owner of $OPENVPN_CONF_REP " --result OK --color GREEN fi #RESULTAT=`find $OPENVPN_CONF_REP ! -type l ! -group $ROOTGROUP -exec ls {} \;` #if [ ! -z "$RESULTAT" ] #then # Display --indent 2 --text "group of $OPENVPN_CONF_REP " --result WARNING --color RED # echo " $RESULTAT" #else # Display --indent 2 --text "group of $OPENVPN_CONF_REP " --result OK --color GREEN #fi #RESULTAT=`find $OPENVPN_CONF_REP ! -type l -perm $ORWX -exec ls {} \;` #if [ ! -z "$RESULTAT" ] #then # Display --indent 2 --text "Rights of $OPENVPN_CONF_REP " --result WARNING --color RED # echo " $RESULTAT" #else # Display --indent 2 --text "Rights of $OPENVPN_CONF_REP " --result OK --color GREEN #fi TMP_RESULT="${TEMPYASATDIR}/openvpn.tmpresult" #YASAT_TEST_OPENVPN2 Check that openvpn configuration file is under the right group check_directory_group "$OPENVPN_CONF_REP" $ROOTGROUP "$TMP_RESULT" 2 #YASAT_TEST_OPENVPN3 Check that openvpn configuration file is not readable by others check_directory_others "$OPENVPN_CONF_REP" "$TMP_RESULT" 2 GLOBAL_FILE_OTHER_READABLE #TODO check that there some .conf file OPENVPN_CONF_LIST=`ls ${OPENVPN_CONF_REP}/*.conf` for i in $OPENVPN_CONF_LIST do Display --indent 2 --text "$i" --result FOUND --color GREEN #YASAT_TEST_OPENVPN4 Check if User is gived FindValueOf $i 'user' JUSTTEST if [ -z "$RESULTAT" ] ;then Display --indent 4 --text "User " --result NOTFOUND --color RED else Display --indent 4 --text "User " --result "$RESULTAT" --color GREEN fi #YASAT_TEST_OPENVPN4 Check if a certificate is used FindValueOf $i 'cert' JUSTTEST if [ -z "$RESULTAT" ] ;then Display --indent 4 --text "cert " --result NOTFOUND --color RED else Display --indent 4 --text "cert " --result "$RESULTAT" --color GREEN #YASAT_TEST_OPENVPN5 Check the certificate used by openvpn check_file $RESULTAT 6 CERT fi #YASAT_TEST_OPENVPN6 Check if a CA certificate is used FindValueOf $i 'ca' JUSTTEST if [ -z "$RESULTAT" ] ;then Display --indent 4 --text "ca " --result NOTFOUND --color RED else Display --indent 4 --text "ca " --result "$RESULTAT" --color GREEN #YASAT_TEST_OPENVPN7 Check the CA certificate used by openvpn check_file $RESULTAT 6 CERT fi #YASAT_TEST_OPENVPN8 Check if a private key is used FindValueOf $i 'key' JUSTTEST if [ -z "$RESULTAT" ] ;then Display --indent 4 --text "key " --result NOTFOUND --color RED else Display --indent 4 --text "key " --result "$RESULTAT" --color GREEN #YASAT_TEST_OPENVPN9 Check the private key used by openvpn check_file $RESULTAT 6 PRIVKEY fi done return 0; yasat/plugins/partition.test0000640000175000017500000001025311751715217017030 0ustar montjoiemontjoie#!/bin/sh ################################################################################ # # # Copyright (C) 2008-2012 LABBE Corentin # # YASAT is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # YASAT is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with YASAT. If not, see . # # ################################################################################ Title "Check partition configurations" if [ ! -e /etc/fstab ] then Display --indent 2 --text "Strange, no /etc/fstab" --result NOTFOUND --color ORANGE return 1; fi #TODO in /etc/fstab users is same as noexec, nosuid, nodev #TODO check swap for encryption if [ "${OS}" = 'OpenBSD' ] then SWAP_ENCRYPT="`$BSD_SYSCTL vm.swapencrypt.enable | cut -d\= -f2`" if [ $SWAP_ENCRYPT -eq 1 ] then Display --indent 2 --text "SWAP is encrypted" --result ENCRYPTED --color GREEN else Display --indent 2 --text "SWAP is not encrypted" --result CLEAR --color ORANGE fi fi #TODO under freebsd http://www.freebsd.org/doc/en/books/handbook/swap-encrypting.html #For detecting encrypted swap under linux, i see it in 2 steps #detect LV where swap is #check for /etc/crypttab #TODO nfs nfs4 smbs cifs and other network FS must have nodev noexex nosuid check_partition '/home' if [ ! -z $RESULTAT ] then #check for nodev (noexec) if [ -z "`echo $RESULTAT | grep -i nodev`" ] then Display --indent 4 --text "/home dont have nodev" --result NOTFOUND --color ORANGE --advice PARTITION_NODEV else Display --indent 4 --text "/home have nodev" --result FOUND --color GREEN fi #check for nosuid if [ -z "`echo $RESULTAT | grep -i nosuid`" ] then Display --indent 4 --text "/home dont have nosuid" --result NOTFOUND --color ORANGE --advice PARTITION_NOSUID else Display --indent 4 --text "/home have nosuid" --result FOUND --color GREEN fi fi # /var nodev noexec check_partition '/var' if [ -z "`echo $RESULTAT | grep -i nodev`" ] then Display --indent 4 --text "/var dont have nodev" --result NOTFOUND --color ORANGE --advice PARTITION_NODEV else Display --indent 4 --text "/var have nodev" --result FOUND --color GREEN fi # noexec on /var breaks debian # if [ -z "`echo $RESULTAT | grep -i noexec`" ] # then # Display --indent 4 --text "/var dont have noexec" --result NOTFOUND --color ORANGE --advice PARTITION_NOEXEC # else # Display --indent 4 --text "/var have noexec" --result FOUND --color GREEN # fi if [ -z "`echo $RESULTAT | grep -i nosuid`" ] then Display --indent 4 --text "/var dont have nosuid" --result NOTFOUND --color ORANGE --advice PARTITION_NOSUID else Display --indent 4 --text "/var have nosuid" --result FOUND --color GREEN fi # /usr nodev, I disabled this test because of http://freedesktop.org/wiki/Software/systemd/separate-usr-is-broken #check_partition '/usr' # if [ -z "`echo $RESULTAT | grep -i nodev`" ] # then # Display --indent 4 --text "/usr dont have nodev" --result NOTFOUND --color ORANGE --advice PARTITION_NODEV # else # Display --indent 4 --text "/usr have nodev" --result FOUND --color GREEN # fi # /tmp nodev noexec check_partition '/tmp' if [ -z "`echo $RESULTAT | grep -i nodev`" ] then Display --indent 4 --text "/tmp dont have nodev" --result NOTFOUND --color ORANGE --advice PARTITION_NODEV else Display --indent 4 --text "/tmp have nodev" --result FOUND --color GREEN fi if [ -z "`echo $RESULTAT | grep -i nosuid`" ] then Display --indent 4 --text "/tmp dont have nosuid" --result NOTFOUND --color ORANGE --advice PARTITION_NOSUID else Display --indent 4 --text "/tmp have nosuid" --result FOUND --color GREEN fi yasat/plugins/logrotate.test0000640000175000017500000000476711677022127017032 0ustar montjoiemontjoie#!/bin/sh ################################################################################ # # # Copyright (C) 2008-2012 LABBE Corentin # # YASAT is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # YASAT is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with YASAT. If not, see . # # ################################################################################ #TODO FreeBSD dont use logrotate Title "Check logrotate configurations" if [ ! -e /etc/logrotate.conf ] then Display --indent 2 --text "No logrotate" --result NOTFOUND --color RED return 1; fi #solaris have logs in others directory find /var/log/ -type f | grep 'log$' | grep -v Xorg. |grep -v 'faillog$'|grep -v 'lastlog$' | while read line do RESULT=`grep -ri $line /etc/logrotate.*` if [ -z "${RESULT}" ] then # echo "XXXX==========================================================" #Test wildcards DEFINED_IN_WILD=0 LOGROTATE_WILDS="`grep -ri '/var/log/' /etc/logrotate.* | grep '*' | sed 's/[[:space:]]{.*//g'`" for wilds in $LOGROTATE_WILDS do LOGROTATE_WILDS_DEFINE="`echo $wilds | cut -d\: -f1`" LOGROTATE_WILDS_LOGS=`echo $wilds | cut -d\: -f2` # echo "$LOGROTATE_WILDS_DEFINE $LOGROTATE_WILDS_LOGS" LOGROTATE_WILDS_ALLLOG=`echo $LOGROTATE_WILDS_LOGS` for wild in `echo $LOGROTATE_WILDS_ALLLOG` do if [ ! -z "`echo $line | grep $wild`" ] then Display --indent 2 --text "$line by `echo $LOGROTATE_WILDS_DEFINE | cut -d\: -f1`" --result FOUND --color GREEN DEFINED_IN_WILD=1 fi done done # echo "==========================================================" if [ $DEFINED_IN_WILD -eq 0 ] then Display --indent 2 --text "$line is not rotated" --result NOTFOUND --color RED --advice LOGROTATE_NOT_ROTATED fi else Display --indent 2 --text "$line by `echo $RESULT | cut -d\: -f1`" --result FOUND --color GREEN fi done yasat/plugins/squid.advice0000640000175000017500000000222611677022127016417 0ustar montjoiemontjoieEN,SQUID_USER_BAD_SHELL=squid must not have a shell Set a non-shell setting to squid user like /bin/false or /bin/nologin
usermod -s /bin/false squid
ADVICEEND EN,SQUID_HIDE_VERSION=Hide the squid version Enable httpd_suppress_version_string to hide squids version. Add to your squid.conf:
httpd_suppress_version_string on
ADVICEEND EN,SQUID_ALLOW_UNDERSCORE=Deactivate underscore hostname support It says in man squid, that underscore characters are not strictly allowed in Internet hostnames. So deactivate underscore in hostname support. Add to your squid.conf:
allow_underscore off
ADVICEEND EN,SQUID_FTP_SANITYCHECK=Enable FTP sanitycheck
ftp_sanitycheck on
ADVICEEND EN,SQUID_UNKNOWN_NAMESERVER=Enable ignore_unknown_nameservers Add to your squid.conf:
ignore_unknown_nameservers on
ADVICEEND EN,SQUID_CHECK_HOSTNAMES=Enable check_hostname For security and stability reasons squid can check hostnames for Internet standard RFC compliance. Add to your squid.conf:
check_hostname on
ADVICEEND yasat/plugins/squid.ports0000640000175000017500000000011511677022127016326 0ustar montjoiemontjoie#acl we dont want 70,allow 210,allow 280,allow 488,allow 591,allow 777,allow yasat/plugins/accounting.advice0000640000175000017500000000271011677022127017422 0ustar montjoiemontjoieEN,ACCOUNTING_NOT_ENABLED=Enable the accounting with accton See https://savannah.gnu.org/projects/acct/ ADVICEEND EN,ACCOUNTING_BSD_NOT_ENABLED=Enable the accounting in rc.conf with accounting_enable=YES See http://www.freebsd.org/doc/en/books/handbook/security-accounting.html ADVICEEND EN,ACCOUNTING_MISSING_FILE=This file is missing, touch it /var/log/wtmp, /var/log/btmp, /var/log/faillog, /var/log/lastlog are used for recording logins. It is not normal that it doesn't exists ADVICEEND EN,ACCOUNTING_BTMP=Create this file for the lastb command Lastb is the same as last command, except that by default it shows a log of the file /var/log/btmp, which contains all the bad login attempts. See man lastb for more informations.
touch /var/log/btmp && chmod 600 /var/log/btmp
The permissions can be different for some Operating systems (Debian Etch use 660). ADVICEEND EN,ACCOUNTING_FAILLOG=Create this file for the faillog command faillog displays the contents of the failure log database (/var/log/faillog). It can also set the failure counters and limits See man faillog for more informations
touch /var/log/faillog && chmod 600 /var/log/faillog
ADVICEEND EN,INSTALL_AUDITD=Install the auditd daemon auditd is a usefull daemon. TODO add more infos ADVICEEND yasat/plugins/tomcat.advice0000640000175000017500000000017011677022127016555 0ustar montjoiemontjoieEN,TOMCAT_DEFAULT_WEBAPP=If you don't use this default webapp, remove it EN,TOMCAT_DEFAULT_PASSWORD=Change the password yasat/plugins/yasat_global.advice0000640000175000017500000000427611722677521017747 0ustar montjoiemontjoieEN,GLOBAL_MULTIPLE_DECLARATIONS=Unable to discern which declaration is really used EN,GLOBAL_FILE_CHMOD640=This file must be chmoded 640 or 600
chmod 640 filename
ADVICEEND EN,GLOBAL_FILE_CHMOD600=This file must be chmoded 600
chmod 600 filename
ADVICEEND EN,GLOBAL_FILE_MUST_BE_OWNED_BY_ROOT=This file must be owned by the root user EN,GLOBAL_FILE_MUST_BE_GROUPED_BY_ROOT=This file must be group owned by the root user (root or wheel) EN,GLOBAL_FILE_OTHER_WRITABLE=Do a chmod o-w name_of_the_file EN,GLOBAL_FILE_OTHER_READABLE=Do a chmod o-rxw name_of_the_file EN,GLOBAL_INTERNAL_ERROR=Internal error, probably a bug EN,GLOBAL_SKIPPED_LONG_TESTS=Long tests skipped, use -f to include them EN,YASAT_BUG=Argg a bug, please report it. EN,YASAT_DENIED=You got a permission denied, are you root ? EN,CERTIFICATE_OUTDATED=This certificate will outdated soon. EN,GLOBAL_PACKAGE_INSTALLED_AT_HAND=Why have you installed this package manually ? Installing software from manually is not recommended, because you have to do all patch management your self. (no security patch tracking) ADVICEEND EN,GLOBAL_PRIVATE_KEY_NOT_PASSWORD_PROTECTED=Password protect you private key openssl rsa -in nopassword.key -des3 -out password.key You will be prompted for a passphrase. -des3 could be replaced by -aes128, -aes192, or -aes256 if you want a stronger cipher for encryption. ADVICEEND EN,GLOBAL_RSA_KEY_SIZE=RSA keys must be 2048bits at minimum see http://www.openssl.org/docs/HOWTO/keys.txt ADVICEEND EN,GLOBAL_BINARY_PIE=TODO See http://www.gentoo.org/proj/en/hardened/pie-ssp.xml http://www.gentoo.org/proj/en/hardened/hardened-toolchain.xml ADVICEEND EN,GLOBAL_BINARY_SSP=TODO See http://www.gentoo.org/proj/en/hardened/pie-ssp.xml http://www.gentoo.org/proj/en/hardened/hardened-toolchain.xml ADVICEEND yasat/plugins/ldap.test0000640000175000017500000001322411735055242015735 0ustar montjoiemontjoie#!/bin/sh ################################################################################ # # # Copyright (C) 2008-2012 LABBE Corentin # # YASAT is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # YASAT is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with YASAT. If not, see . # # ################################################################################ POSSIBLE_OPENLDAP_CONF="/etc/openldap/ldap.conf /usr/local/etc/openldap/ldap.conf" OPENLDAP_CONF="/etc/openldap/ldap.conf" for LOCATION in ${POSSIBLE_OPENLDAP_CONF} do if [ -e "${LOCATION}" ] ; then OPENLDAP_CONF="${LOCATION}" fi done OPENSLAPD_CONF="`dirname $OPENLDAP_CONF`/slapd.conf" Title "Check OPENLDAP" if [ ! -e "$OPENLDAP_CONF" ] ; then return 1; fi Display --indent 2 --text "$OPENLDAP_CONF" --result FOUND --color BLUE #get_simple_right $OPENLDAP_CONF #if [ "$RESULTAT" = '644' ] ; then # Display --indent 4 --text "Right of $OPENLDAP_CONF" --result OK --color GREEN #else # Display --indent 4 --text "Right of $OPENLDAP_CONF" --result "$RESULTAT" --color RED #fi check_a_file "$OPENLDAP_CONF" 2 root root 644 if [ ! -e "$OPENSLAPD_CONF" ] then return 1; fi Display --indent 2 --text "$OPENSLAPD_CONF" --result FOUND --color GREEN #get_simple_right $OPENSLAPD_CONF #if [ "$RESULTAT" = '640' ] ; then # Display --indent 4 --text "Right of $OPENSLAPD_CONF" --result OK --color GREEN #else # Display --indent 4 --text "Right of $OPENSLAPD_CONF" --result "$RESULTAT" --color RED #fi check_a_file "$OPENSLAPD_CONF" 2 root ldap 640 #TLSCertificateFile FindValueOfEqual $OPENSLAPD_CONF TLSCertificateFile JUSTTEST if [ ! -z "$RESULTAT" ] ; then Display --indent 2 --text "TLS cert $RESULTAT" --result OK --color GREEN check_file $RESULTAT 4 CERT else Display --indent 2 --text "No cert TLS" --result ADVICE --color ORANGE --advice LDAP_NO_TLS fi #TLSCACertificateFile FindValueOfEqual $OPENSLAPD_CONF TLSCACertificateFile JUSTTEST if [ ! -z "$RESULTAT" ] ; then Display --indent 2 --text "TLS ca $RESULTAT" --result OK --color GREEN check_file $RESULTAT 4 CERT else Display --indent 2 --text "No ca TLS" --result ADVICE --color ORANGE --advice LDAP_NO_TLS fi #TLSCertificateKeyFile FindValueOfEqual $OPENSLAPD_CONF TLSCertificateKeyFile JUSTTEST if [ ! -z "$RESULTAT" ] ; then Display --indent 2 --text "TLS key $RESULTAT" --result OK --color GREEN check_file $RESULTAT 4 PRIVKEY else Display --indent 2 --text "No TLS key" --result ADVICE --color ORANGE --advice LDAP_NO_TLS fi if [ ! -z "`grep '^[[:space:]]*allow[[:space:]]bind_v2' $OPENSLAPD_CONF`" ] ; then Display --indent 2 --text "allow bind_v2" --result FOUND --color ORANGE --advice LDAP_BINDV2 fi if [ -z "`grep '^[[:space:]]*disallow[[:space:]]bind_anon' $OPENSLAPD_CONF`" ] ; then Display --indent 2 --text "disallow bind_anon" --result NOTFOUND --color ORANGE --advice LDAP_BIND_ANON else Display --indent 2 --text "disallow bind_anon" --result FOUND --color GREEN fi if [ -z "`grep '^[[:space:]]*require[[:space:]]authc' $OPENSLAPD_CONF`" ] ; then Display --indent 2 --text "require authc" --result NOTFOUND --color ORANGE --advice LDAP_REQUIRE_AUTHC else Display --indent 2 --text "require authc" --result FOUND --color GREEN fi #TODO hint for replication #clear password grep rootpw $OPENSLAPD_CONF | while read line do FOUND=0 PASS=`echo $line | sed 's/^.*rootpw[[:space:]]*//g'` if [ `echo $PASS |grep '{SHA}'` ] ; then Display --indent 2 --text "rootpw $PASS" --result SHA --color GREEN FOUND=1 fi if [ `echo $PASS |grep '{SSHA}'` ] ; then Display --indent 2 --text "rootpw $PASS" --result SSHA --color GREEN FOUND=1 fi if [ `echo $PASS |grep '{MD5}'` ] ; then Display --indent 2 --text "rootpw $PASS" --result MD5 --color GREEN FOUND=1 fi if [ `echo $PASS |grep '{SMD5}'` ] ; then Display --indent 2 --text "rootpw $PASS" --result SMD5 --color GREEN FOUND=1 fi if [ `echo $PASS |grep '{CLEARTEXT}'` ] ; then Display --indent 2 --text "rootpw $PASS" --result CLEARTEXT --color RED --advice LDAP_PASSWD_CLEAR FOUND=1 fi if [ `echo $PASS |grep '{CRYPT}'` ] ; then Display --indent 2 --text "rootpw $PASS" --result CRYPT --color GREEN FOUND=1 fi if [ $FOUND -eq 0 ] ; then Display --indent 2 --text "rootpw " --result CLEARTEXT --color RED --advice LDAP_PASSWD_CLEAR fi done #try to find under which user openldap is running LDAPUSER='' LDAPUSER="`ps aux | grep slapd |grep -v grep | cut -d\ -f1`" if [ -z "$LDAPUSER" ] ; then LDAPUSER='ldap' fi #ubuntu use /var/lib/slapd/ #gentoo use /var/lib/openldap-data/ #redhat use /var/lib/ldap for ldapdata in /var/lib/slapd/ /var/lib/openldap-data/ do if [ -e "${ldapdata}" ] ; then Display --indent 2 --text "LDAP DATA $ldapdata" --result FOUND --color GREEN TMP_RESULT="${TEMPYASATDIR}/slapd.cdo" check_directory_owner $ldapdata "$LDAPUSER" $TMP_RESULT 4 TMP_RESULT="${TEMPYASATDIR}/slapd.cdg" check_directory_group $ldapdata "$LDAPUSER" $TMP_RESULT 4 TMP_RESULT="${TEMPYASATDIR}/slapd.cdother" #TODO better advice check_directory_others $ldapdata $TMP_RESULT 4 GLOBAL_FILE_OTHER_READABLE fi done return 0; yasat/plugins/ssl.test0000640000175000017500000000447511677022127015627 0ustar montjoiemontjoie#!/bin/sh ################################################################################ # # # Copyright (C) 2008-2012 LABBE Corentin # # YASAT is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # YASAT is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with YASAT. If not, see . # # ################################################################################ #Red Hat have PKI under /etc/pki SSL_REP="/etc/ssl" Title "Check SSL" if [ ! -e "$SSL_REP" ] ; then if [ -e '/etc/pki' ] ; then SSL_REP='/etc/pki' else return 1; fi fi Display --indent 2 --text "$SSL_REP" --result FOUND --color BLUE RESULTAT=`find $SSL_REP ! -user root -exec ls {} \;` if [ ! -z "$RESULTAT" ] ; then Display --indent 2 --text "owner of $SSL_REP " --result WARNING --color RED echo " $RESULTAT" else Display --indent 2 --text "owner of $SSL_REP " --result OK --color GREEN fi #RESULTAT=`find $SSL_REP ! -type l ! -group $ROOTGROUP -exec ls {} \;` #if [ ! -z "$RESULTAT" ] #then # Display --indent 2 --text "group of $SSL_REP " --result WARNING --color RED # echo " $RESULTAT" #else # Display --indent 2 --text "group of $SSL_REP " --result OK --color GREEN #fi if [ -d $SSL_REP/private ] ; then TMP_RESULT="${TEMPYASATDIR}/ssl_private.tmp" check_directory_others "$SSL_REP/private" "$TMP_RESULT" 2 SSL_BAD_PRIVATE_RIGHT # RESULTAT=`find $SSL_REP/private ! -type l -perm $ORWX -exec ls {} \;` #if [ ! -z "$RESULTAT" ] #then # Display --indent 2 --text "Rights of $SSL_REP/private " --result WARNING --color RED --advice SSL_BAD_PRIVATE_RIGHT # echo " $RESULTAT" #else # Display --indent 2 --text "Rights of $SSL_REP/private " --result OK --color GREEN #fi fi return 0; yasat/plugins/samba.test0000640000175000017500000000504311677022127016101 0ustar montjoiemontjoie#!/bin/sh ################################################################################ # # # Copyright (C) 2008-2012 LABBE Corentin # # YASAT is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # YASAT is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with YASAT. If not, see . # # ################################################################################ #TODO directory security mask create mask #TODO invalid users POSSIBLE_SAMBA_CONF="/etc/samba/smb.conf /usr/local/etc/samba/smb.conf" SAMBA_CONF="/etc/samba/smb.conf" for LOCATION in ${POSSIBLE_SAMBA_CONF} do if [ -e "${LOCATION}" ] then SAMBA_CONF="${LOCATION}" fi done SAMBA_CONF="`dirname $SAMBA_CONF`/smb.conf" Title "Check SAMBA" if [ ! -e "$SAMBA_CONF" ] then return 1; fi Display --indent 2 --text "$SAMBA_CONF" --result FOUND --color GREEN get_simple_right "$SAMBA_CONF" if [ "$RESULTAT" = '644' ] then Display --indent 4 --text "Right of $SAMBA_CONF" --result OK --color GREEN else Display --indent 4 --text "Right of $SAMBA_CONF" --result "$RESULTAT" --color RED fi Check_auto_start samba if [ "$RESULTAT" = 'NOTIMPLEMENTED' -o "$RESULTAT" = 'ERROR' ] then Display --indent 2 --text "samba is started at boot" --result UNKNOWN --color BLUE else if [ "$RESULTAT" = "yes" ] then Display --indent 2 --text "samba is started at boot" --result YES --color BLUE else Display --indent 2 --text "samba is started at boot" --result NO --color GREEN fi fi Is_installed_via_package_manager samba if [ "$RESULTAT" = 'NOTIMPLEMENTED' -o "$RESULTAT" = 'ERROR' ] then Display --indent 2 --text "samba installation" --result UNKNOWN --color BLUE else if [ "$RESULTAT" = "yes" ] then Display --indent 2 --text "samba is installed by package" --result GOOD --color GREEN else Display --indent 2 --text "samba is installed at hand" --result BAD --color ORANGE --advice GLOBAL_PACKAGE_INSTALLED_AT_HAND fi fi return 0; yasat/plugins/firewall.test0000640000175000017500000001503011677022127016620 0ustar montjoiemontjoie#!/bin/sh ################################################################################ # # # Copyright (C) 2008-2012 LABBE Corentin # # YASAT is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # YASAT is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with YASAT. If not, see . # # ################################################################################ Title "Check firewall configurations" #freebsd pf if [ "$OS_TYPE" = 'other' ] ;then echo "Not supported yet" return 1 fi if [ "$OS_TYPE" = 'BSD' ] ;then which pfctl 2>> $ERROR_OUTPUT_FILE > /dev/null if [ $? -ne 0 ] then Display --indent 2 --text "pfctl" --result NOTFOUND --color RED return 1 fi FindValueOfEqual /etc/rc.conf pf_enable JUSTTEST if [ -z "$RESULTAT" -o "$RESULTAT" = no -o "$RESULTAT" = NO ] then Display --indent 2 --text "PF is not enabled in /etc/rc.conf" --result NOTFOUND --color RED --advice FIREWALL_PF_NOT_ENABLED return 1 fi if [ "$RESULTAT" != '"yes"' -a "$RESULTAT" != '"YES"' ] then Display --indent 2 --text "PF is not enabled in /etc/rc.conf" --result DISABLED --color RED --advice FIREWALL_PF_NOT_ENABLED else Display --indent 2 --text "PF is enabled in /etc/rc.conf" --result ENABLED --color GREEN fi if [ ! -e /etc/pf.conf ] then Display --indent 2 --text "/etc/pf.conf" --result NOTFOUND --color RED --advice FIREWALL_PF_NOT_ENABLE else Display --indent 2 --text "/etc/pf.conf" --result FOUND --color GREEN fi YASAT_FW_TMP="${TEMPYASATDIR}/fw" pfctl -s rules > $YASAT_FW_TMP 2>> $ERROR_OUTPUT_FILE if [ -z "`cat $YASAT_FW_TMP`" ] then Display --indent 2 --text "filter rules" --result EMPTY --color RED --advice FIREWALL_PF_NO_RULES else Display --indent 2 --text "Check BSD packet filter" --result TODO --color BLUE fi return 1 fi #linux iptables #TODO we dont detect REJECT-at-end firewall iptables > /dev/null 2>> $ERROR_OUTPUT_FILE if [ $? -eq 127 ] then Display --indent 2 --text "No iptables binary" --result WARNING --color RED return 1; else Display --indent 2 --text "Binary iptables" --result FOUND --color GREEN fi YASAT_FW_TMP="${TEMPYASATDIR}/fw" iptables -L -v -n --line-numbers > $YASAT_FW_TMP if [ $? -ge 1 ] then Display --indent 2 --text "iptables error, stopping tests" --result WARNING --color RED --advice FIREWALL_TEST_ERROR return 1; fi if [ ! -e "$YASAT_FW_TMP" ] then Display --indent 2 --text "iptables error, stopping tests" --result WARNING --color RED --advice FIREWALL_TEST_ERROR return 1; fi #On my SELinux enabled machine, iptables can output nothing (permission denied) if [ "`cat $YASAT_FW_TMP | wc -l`" -eq 0 ] ; then Display --indent 2 --text "iptables error, stopping tests" --result WARNING --color RED --advice FIREWALL_TEST_ERROR return 1 fi POLICY_INPUT="`grep 'Chain INPUT' $YASAT_FW_TMP | cut -d\ -f4`" if [ "$POLICY_INPUT" = 'DROP' ] then Display --indent 2 --text "Input policy" --result DROP --color GREEN else Display --indent 2 --text "Input policy" --result "$POLICY_INPUT" --color RED --advice FIREWALL_POLICY_INPUT fi POLICY_FORWARD="`grep 'Chain INPUT' $YASAT_FW_TMP | cut -d\ -f4`" if [ "$POLICY_FORWARD" = 'DROP' ] then Display --indent 2 --text "Forward policy" --result DROP --color GREEN else Display --indent 2 --text "Forward policy" --result "$POLICY_FORWARD" --color RED --advice FIREWALL_POLICY_FORWARD fi POLICY_OUTPUT="`grep 'Chain INPUT' $YASAT_FW_TMP | cut -d\ -f4`" if [ "$POLICY_OUTPUT" = 'DROP' ] then Display --indent 2 --text "Output policy" --result DROP --color GREEN else Display --indent 2 --text "Output policy" --result "$POLICY_OUTPUT" --color RED --advice FIREWALL_POLICY_OUTPUT fi if [ -e "$YASAT_FW_TMP" ] then rm $YASAT_FW_TMP fi HOST_HAVE_IPV6=0 if [ -e /proc/sys/net/ipv6 ] then Display --indent 2 --text "IPv6" --result ENABLED --color BLUE HOST_HAVE_IPV6=1 else Display --indent 2 --text "IPv6" --result DISABLED --color BLUE fi #linux ip6tables for check IPv6 firewall ip6tables > /dev/null 2>> $ERROR_OUTPUT_FILE if [ $? -eq 127 ] then if [ $HOST_HAVE_IPV6 -eq 1 ] then Display --indent 2 --text "Host have IPv6 but no ip6tables" --result NOTFOUND --color RED --advice FIREWALL_IPV6_NO_FW return 1; else Display --indent 2 --text "No ip6tables binary" --result NOTFOUND --color BLUE fi return 1; else Display --indent 2 --text "Binary ip6tables" --result FOUND --color GREEN fi YASAT_FW_TMP="${TEMPYASATDIR}/fw" ip6tables -L -v -n --line-numbers > $YASAT_FW_TMP if [ $? -ge 1 ] then Display --indent 2 --text "ip6tables error, stopping tests" --result WARNING --color RED --advice FIREWALL_TEST_ERROR return 1; fi if [ ! -e "$YASAT_FW_TMP" ] then Display --indent 2 --text "ip6tables error, stopping tests" --result WARNING --color RED --advice FIREWALL_TEST_ERROR return 1; fi #On my SELinux enabled machine, iptables can output nothing (permission denied) if [ "`cat $YASAT_FW_TMP | wc -l`" -eq 0 ] ; then Display --indent 2 --text "ipt6ables error, stopping tests" --result WARNING --color RED --advice FIREWALL_TEST_ERROR return 1 fi POLICY_INPUT="`grep 'Chain INPUT' $YASAT_FW_TMP | cut -d\ -f4`" if [ "$POLICY_INPUT" = 'DROP' ] then Display --indent 2 --text "Input policy for IPv6" --result DROP --color GREEN else Display --indent 2 --text "Input policy for IPv6" --result "$POLICY_INPUT" --color RED --advice FIREWALL_POLICY_INPUT fi POLICY_FORWARD="`grep 'Chain INPUT' $YASAT_FW_TMP | cut -d\ -f4`" if [ "$POLICY_FORWARD" = 'DROP' ] then Display --indent 2 --text "Forward policy for IPv6" --result DROP --color GREEN else Display --indent 2 --text "Forward policy for IPv6" --result "$POLICY_FORWARD" --color RED --advice FIREWALL_POLICY_FORWARD fi POLICY_OUTPUT="`grep 'Chain INPUT' $YASAT_FW_TMP | cut -d\ -f4`" if [ "$POLICY_OUTPUT" = 'DROP' ] then Display --indent 2 --text "Output policy for IPv6" --result DROP --color GREEN else Display --indent 2 --text "Output policy for IPv6" --result "$POLICY_OUTPUT" --color RED --advice FIREWALL_POLICY_OUTPUT fi rm $YASAT_FW_TMP yasat/plugins/system_rights_bsd.data0000640000175000017500000000312511677022127020503 0ustar montjoiemontjoie# PATH DROITS USER GROUP OPTIONS( N R ) /boot|750|root|root|R /root|700|root|root|N /etc/xinetd.conf|640|root|root /etc/xinetd.d|750|root|root|R /etc/inetd.d|750|root|root|R /etc/syslog-ng|750|root|root /etc/syslog-ng/syslog-ng.conf|640|root|root /etc/sudoers|440|root|root /etc/passwd|644|root|root|N /etc/vsftpd.conf|640|root|root /var/log/wtmp|664|root|utmp|N #wtmp is 664 root whell under freebsd (TODO check under netbsd and openbsd) /var/log/btmp|600|root|utmp /var/log/lastlog|644|root|root|N|Gentoo /var/log/lastlog|644|root|utmp|N|Debian /var/log/faillog|600|root|root /etc/cron.d|750|root|root|R /var/log/openvpn|750|root|root /var/log/munin|750|munin|munin /var/log/mysql|750|mysql|mysql /var/log/ldap_old|750|root|root /var/log/ulogd|750|root|root /var/log/ulogd_arch|750|root|root /var/log/mail_old|750|root|root /var/log/amavis_old|750|root|root /etc/lilo.conf|600|root|root /etc/apache2|750|root|root|R /var/lib/mysql|750|mysql|mysql|R||gw /etc/vsftpd|750|root|root|R /etc/snmp|750|root|root|R /etc/mysql|750|root|root|R /etc/mysql/my.cnf|640|root|root /etc/mysql/debian.cnf|640|root|root /etc/postfix|750|root|root|R /etc/nagios|750|root|nagios /etc/nagios/nagios.cfg|640|root|nagios /etc/nagios/cgi.cfg|640|root|nagios /etc/nagios/ndo2db.cfg|640|root|nagios /etc/nagios/ndomod.cfg|640|root|nagios /etc/nagios/resource.cfg|640|root|nagios /etc/nagios/objects|750|root|nagios|R /etc/saslauthd.conf|640|root|saslauth /etc/ulogd.conf|640|root|root /etc/sysctl.conf|640|root|root /etc/rsyncd.conf|640|root|root /etc/logrotate.conf|640|root|root /etc/freshclam.conf|640|root|root /etc/clamd.conf|640|root|root yasat/plugins/binaries.suid0000640000175000017500000000005411677022127016574 0ustar montjoiemontjoie/bin/mount /bin/umount /bin/ping /bin/ping6 yasat/plugins/system_rights.data0000640000175000017500000000437611677022127017664 0ustar montjoiemontjoie# PATH DROITS USER GROUP OPTIONS( N R ) DISTRIB RecursiveOPTIONS # N is for not necessery # R is for recurssive /boot|750|root|root|R /root|700|root|root|N /etc/xinetd.conf|640|root|root| /etc/xinetd.d|750|root|root|R /etc/inetd.d|750|root|root|R /etc/syslog-ng|750|root|root| /etc/syslog-ng/syslog-ng.conf|640|root|root| /etc/sudoers|440|root|root| /etc/passwd|644|root|root|N /etc/group|644|root|root|N /var/backups/passwd.bak|600|root|root|N|Etch /var/backups/group.bak|600|root|root|N|Etch /etc/passwd-|600|root|root|N /etc/shadow|600|root|root|N|Gentoo /etc/shadow|640|root|shadow|N|Etch /var/backups/shadow.bak|600|root|shadow|N|Etch /var/backups/gshadow.bak|600|root|shadow|N|Etch /etc/shadow-|600|root|root|N /etc/gshadow|400|root|root|N #!Lenny!Etch /etc/gshadow|400|root|shadow|N|Etch /etc/gshadow|640|root|shadow|N|Lenny /etc/vsftpd.conf|640|root|root /etc/cron.d|750|root|root|R /etc/fstab|640|root|root| /etc/lilo.conf|600|root|root /etc/apache2|750|root|root|R /etc/vsftpd|750|root|root|R /etc/snmp|750|root|root|R /etc/exports|640|root|root /etc/mysql|750|root|root|R #/etc/mysql/my.cnf|640|root|root /etc/mysql/Etch.cnf|640|root|root /etc/postfix|750|root|root|R #/etc/nagios|750|nagios|apache /etc/nagios/nagios.cfg|640|root|nagios /etc/nagios/cgi.cfg|640|root|nagios /etc/nagios/ndo2db.cfg|640|root|nagios /etc/nagios/ndomod.cfg|640|root|nagios /etc/nagios/resource.cfg|640|root|nagios #/etc/nagios/objects|750|root|nagios|R /etc/saslauthd.conf|640|root|saslauth /etc/ulogd.conf|640|root|root /etc/sysctl.conf|640|root|root /etc/rsyncd.conf|640|root|root /etc/logrotate.conf|640|root|root /etc/freshclam.conf|640|root|root /etc/clamd.conf|640|root|root /etc/crontab|640|root|root /etc/cron.deny|640|root|root /etc/ldap/ldap.conf|644|root|root /var/log/wtmp|664|root|utmp|N /var/log/btmp|600|root|utmp|N|Gentoo /var/log/btmp|660|root|utmp|N|Etch /var/log/lastlog|644|root|root|N|Gentoo /var/log/lastlog|644|root|utmp|N|Etch /var/log/faillog|600|root|root|N /var/log/openvpn|750|root|root /var/log/munin|750|munin|munin /var/log/mysql|750|mysql|mysql /var/log/ldap_old|750|root|root /var/log/ulogd|750|root|root /var/log/ulogd_arch|750|root|root /var/log/mail_old|750|root|root /var/log/amavis_old|750|root|root /var/lib/mysql|750|mysql|mysql|R||gw #/usr/lib/nagios/|750|root|nagios|R yasat/plugins/network.test0000640000175000017500000000641411677022127016512 0ustar montjoiemontjoie#!/bin/sh ################################################################################ # # # Copyright (C) 2008-2012 LABBE Corentin # # YASAT is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # YASAT is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with YASAT. If not, see . # # ################################################################################ Title "Check network parameter" #TODO check if we have a public IP and check open ports if [ "$OS_TYPE" != "Linux" ] then Display --indent 2 --text "Not Linux" --result TODO --color BLUE return 1; fi if [ -e "${PLUGINS_REP}/network.data" ] then for i in `cat $PLUGINS_REP/network.data` do ldirective=`echo $i | cut -f1 -d\|` lparam=`echo $i | cut -f2 -d\|` loption=`echo $i | cut -f3 -d\|` ladvice=`echo $i | cut -f4 -d\|` EL_PATH=`echo "/proc/sys/$ldirective" | sed 's/\./\//g'` if [ -e "$EL_PATH" ] then VALUE="`cat $EL_PATH`" case $loption in '=')#equal if [ $VALUE -eq $lparam ] then Display --indent 2 --text "$EL_PATH" --result "$VALUE" --color GREEN else Display --indent 2 --text "$EL_PATH" --result "$VALUE" --color RED --advice $ladvice fi ;; '<') if [ $VALUE -lt $lparam ] then Display --indent 2 --text "$EL_PATH" --result "$VALUE" --color GREEN else Display --indent 2 --text "$EL_PATH" --result "$VALUE" --color RED --advice $ladvice fi ;; *) Display --indent 2 --text "Unknown $loption" --result WARNING --color RED --advice $ladvice esac else Display --indent 2 --text "$EL_PATH " --result NOTFOUND --color ORANGE --advice $ladvice fi if [ -e /etc/sysctl.conf ] then if [ -z "`grep "^[[:space:]]*$ldirective" /etc/sysctl.conf`" ] then Display --indent 4 --text "not in sysctl.conf" --result NOTFOUND --color ORANGE --advice $ladvice else VALUE=`grep "^[[:space:]]*$ldirective" /etc/sysctl.conf | sed 's/^.*=[[:space:]]*//g'` case $loption in '=')#equal if [ $VALUE -eq $lparam ] then Display --indent 4 --text "in sysctl.conf" --result "$VALUE" --color GREEN else Display --indent 4 --text "in sysctl.conf" --result "$VALUE" --color RED --advice $ladvice fi ;; '<') if [ $VALUE -lt $lparam ] then Display --indent 4 --text "in sysctl.conf" --result "$VALUE" --color GREEN else Display --indent 4 --text "in sysctl.conf" --result "$VALUE" --color RED --advice $ladvice fi ;; *) Display --indent 4 --text "Unknown $loption" --result WARNING --color RED --advice $ladvice esac fi fi done else Display --indent 2 --text "No $PLUGINS_REP/network.data" --result WARNING --color ORANGE fi return 0; yasat/plugins/kernel.test0000640000175000017500000002526211751716165016310 0ustar montjoiemontjoie#!/bin/sh ################################################################################ # # # Copyright (C) 2008-2012 LABBE Corentin # # YASAT is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # YASAT is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with YASAT. If not, see . # # ################################################################################ Title "Check Kernel version and configuration" #check securelevel #TODO check also value in /etc/rc.securelevel if [ "$OS_TYPE" = 'OpenBSD' ] then SECURELEVEL="`$BSD_SYSCTL kern.securelevel | cut -d\= -f2`" if [ $SECURELEVEL -ge 0 ] then Display --indent 2 --text "Secure level" --result "$SECURELEVEL" --color BLUE else Display --indent 2 --text "Secure level" --result "$SECURELEVEL" --color RED --advice OPENBSD_SECURE_LEVEL_BELOW_ZERO fi return 1; fi #TODO Made some checks Under BSD if [ "$OS_TYPE" != 'Linux' ] ;then Display --indent 2 --text "Other OS than linux" --result TODO --color BLUE return 1; fi #Generaly on a server usb modules should not be loaded by default #TODO check for monolithic addition of USB #if /proc/modules dont exists, lsmod fail if [ -e /proc/modules ] ; then USB_FOUND=0 FIRE_FOUND=0 USB_MODULES='uhci_hcd ohci_hcd ehci_hcd usb_storage usbnet' TMP_RESULT="${TEMPYASATDIR}/lsmod.out" lsmod > $TMP_RESULT 2> $ERROR_OUTPUT_FILE if [ $? -eq 0 ] ; then for usbmodule in $USB_MODULES do if [ ! -z "`grep ^$usbmodule[[:space:]] $TMP_RESULT`" ] ; then Display --indent 2 --text "USB module $usbmodule" --result FOUND --color ORANGE --advice KERNEL_USB_MODULES USB_FOUND=1 fi done if [ $USB_FOUND -eq 0 ] ; then Display --indent 2 --text "Checking for unnecessary modules.. USB" --result NOTFOUND --color GREEN fi else if [ -e $TMP_RESULT ] ; then rm $TMP_RESULT fi Display --indent 2 --text "Checking modules with lsmod" --result FAILED --color ORANGE fi FIREWIRE_MODULES='firewire-sbp2 firewire-ohci firewire-core' TMP_RESULT="${TEMPYASATDIR}/lsmod.out" lsmod > $TMP_RESULT 2> $ERROR_OUTPUT_FILE if [ $? -eq 0 ] ; then for firemodule in $FIREWIRE_MODULES do if [ ! -z "`grep ^$firemodule[[:space:]] $TMP_RESULT`" ] ; then Display --indent 2 --text "Firewire module $firemodule" --result FOUND --color ORANGE --advice KERNEL_FIREWIRE_MODULES fi done if [ $FIRE_FOUND -eq 0 ] ; then Display --indent 2 --text "Checking for unnecessary modules.. Firewire" --result NOTFOUND --color GREEN fi else if [ -e $TMP_RESULT ] ; then rm $TMP_RESULT fi Display --indent 2 --text "Checking modules with lsmod" --result FAILED --color ORANGE fi else Display --indent 2 --text "No /proc/modules, cannot check kernel modules" --result NOTFOUND --color BLUE fi #TODO FreeBSD security.bsd.see_other_uids #TODO FreeBSD net.inet.ip.random_id #kernel.panic = 60 #kernel to test 2.6.24 (vmsplice) # 2.6.30 and 2.6.30.1 ( tun vulnerability) #TODO check if we are under virtual machine #/proc/sys/kernel/randomize_va_space RANDOM_VA_SPACE="`sysctl kernel.randomize_va_space 2>> $ERROR_OUTPUT_FILE`" if [ $? -eq 0 ] ; then RANDOM_VA_SPACE="`sysctl kernel.randomize_va_space | sed 's/^.*=[[:space:]]*//'`" if [ "$RANDOM_VA_SPACE" -eq 2 ] ; then Display --indent 2 --text "Randomized va space" --result YES --color GREEN else if [ $RANDOM_VA_SPACE -eq 1 ] ; then Display --indent 2 --text "Randomized va space at level 1 (want level 2)" --result PARTIAL --color ORANGE --advice KERNEL_RANDOM_VA_SPACE else Display --indent 2 --text "Randomized va space" --result NO --color RED --advice KERNEL_RANDOM_VA_SPACE fi fi else Display --indent 2 --text "sysctl" --result FAILED --color ORANGE fi #TODO PAX PAGEEXEC SEGEXEC and check type of processor NXbit=0 if [ -e /proc/cpuinfo ] then if [ -z "`grep '^flags' /proc/cpuinfo | grep ' nx '`" ] then Display --indent 2 --text "No NX support" --result NOTFOUND --color ORANGE --advice KERNEL_NO_NX_BIT else Display --indent 2 --text "NX support" --result FOUND --color GREEN NXbit=1 fi else Display --indent 2 --text "No /proc/cpuinfo" --result NOTFOUND --color BLUE fi # http://www.redhat.com/docs/manuals/enterprise/RHEL-3-Manual/release-notes/as-x86/RELEASE-NOTES-U3-x86-en.html #Exists only under Redhat and clone if [ -e /proc/sys/kernel/exec-shield ] then Display --indent 2 --text "/proc/sys/kernel/exec-shield" --result FOUND --color GREEN EXECSHIELD="`cat /proc/sys/kernel/exec-shield`" if [ $EXECSHIELD -ge 1 ] then Display --indent 4 --text "exec-shield value $EXECSHIELD" --result GOOD --color GREEN else Display --indent 4 --text "exec-shield value $EXECSHIELD" --result DISABLED --color RED --advice KERNEL_EXEC_SHIELD fi else Display --indent 2 --text "/proc/sys/kernel/exec-shield" --result NOTFOUND --color BLUE fi #TODO /proc/sys/kernel/exec-shield-randomize #if [ -e "${TEMPYASATDIR}/kernel_config" ] ;then # rm "${TEMPYASATDIR}/kernel_config" #fi #config can be found at /boot/config-`uname -r` #if [ -e "/boot/config-`uname -r`" ] ;then # Display --indent 2 --text "/boot/config-`uname -r`" --result FOUND --color GREEN # cat "/boot/config-`uname -r`" > "${TEMPYASATDIR}/kernel_config" #fi # if user give me the path to a .config, i wont read /proc/config.gz #if [ -z $YASAT_PATH_TO_KERNEL_CONFIG ] ;then # YASAT_PATH_TO_KERNEL_CONFIG='/usr/src/linux/.config' # if [ -e /proc/config.gz ] ;then # Display --indent 2 --text "/proc/config.gz" --result FOUND --color GREEN # zcat /proc/config.gz > ${TEMPYASATDIR}/kernel_config # else # if [ -e "${TEMPYASATDIR}/kernel_config" ] ;then # #we have already found .config elsewhere # Display --indent 2 --text "/proc/config.gz" --result NOTFOUND --color BLUE # else # Display --indent 2 --text "/proc/config.gz" --result NOTFOUND --color ORANGE --advice KERNEL_NO_CONFIG # fi # fi #fi #if [ ! -e "${TEMPYASATDIR}/kernel_config" ] ;then # if [ -e "$YASAT_PATH_TO_KERNEL_CONFIG" ] ;then # Display --indent 2 --text "$YASAT_PATH_TO_KERNEL_CONFIG" --result FOUND --color GREEN # cat "$YASAT_PATH_TO_KERNEL_CONFIG" > ${TEMPYASATDIR}/kernel_config # else # Display --indent 2 --text "$YASAT_PATH_TO_KERNEL_CONFIG" --result NOTFOUND --color ORANGE --advice KERNEL_NO_CONFIG # fi #fi prepare_kernel_config #TODO CC_STACKPROTECTOR_ALL wait until it is "stable" #TODO if PAX or GRSEC is enabled, check their suboptions if [ -e "${TEMPYASATDIR}/kernel_config" ];then if [ ! -z "`grep 'CONFIG_COMPAT_BRK=y' ${TEMPYASATDIR}/kernel_config`" ];then Display --indent 2 --text "CONFIG_COMPAT_BRK" --result ENABLED --color ORANGE --advice KERNEL_CONFIG_COMPAT_BRK else Display --indent 2 --text "CONFIG_COMPAT_BRK" --result DISABLED --color GREEN fi if [ ! -z "`grep 'CONFIG_COMPAT_VDSO=y' ${TEMPYASATDIR}/kernel_config`" ];then Display --indent 2 --text "CONFIG_COMPAT_VDSO" --result ENABLED --color ORANGE --advice KERNEL_CONFIG_COMPAT_VDSO else Display --indent 2 --text "CONFIG_COMPAT_VDSO" --result DISABLED --color GREEN fi if [ ! -z "`grep 'CONFIG_DEVKMEM=y' ${TEMPYASATDIR}/kernel_config`" ];then Display --indent 2 --text "CONFIG_DEVKMEM" --result ENABLED --color ORANGE --advice KERNEL_CONFIG_DEVKMEM else Display --indent 2 --text "CONFIG_DEVKMEM" --result DISABLED --color GREEN fi if [ -z "`grep 'CONFIG_STRICT_DEVMEM=y' ${TEMPYASATDIR}/kernel_config`" ];then Display --indent 2 --text "CONFIG_STRICT_DEVMEM" --result DISABLED --color ORANGE --advice KERNEL_CONFIG_STRICT_DEVMEM else Display --indent 2 --text "CONFIG_STRICT_DEVMEM" --result ENABLED --color GREEN fi if [ -e /proc/sys/vm/mmap_min_addr ];then VALUE="`cat /proc/sys/vm/mmap_min_addr`" if [ $? -ne 0 ];then #under Redhat with a non root test this test is denied Display --indent 2 --text "/proc/sys/vm/mmap_min_addr" --result DENIED --color RED --advice YASAT_DENIED else if [ $VALUE -ge 1 ];then Display --indent 2 --text "/proc/sys/vm/mmap_min_addr" --result "$VALUE" --color GREEN else Display --indent 2 --text "/proc/sys/vm/mmap_min_addr" --result "$VALUE" --color RED --advice KERNEL_MMAP_MIN_ADDR fi fi fi if [ ! -z "`grep 'CONFIG_X86_MCE=y' ${TEMPYASATDIR}/kernel_config`" ];then Display --indent 2 --text "CONFIG_X86_MCE" --result ENABLED --color GREEN #TODO check the presence of mcelog else Display --indent 2 --text "CONFIG_X86_MCE" --result DISABLED --color ORANGE --advice KERNEL_CONFIG_MCE fi if [ ! -z "`grep 'CONFIG_PAX=y' ${TEMPYASATDIR}/kernel_config`" ];then Display --indent 2 --text "CONFIG_PAX" --result ENABLED --color GREEN else Display --indent 2 --text "CONFIG_PAX" --result DISABLED --color ORANGE --advice KERNEL_CONFIG_PAX fi if [ ! -z "`grep 'CONFIG_GRKERNSEC=y' ${TEMPYASATDIR}/kernel_config`" ];then Display --indent 2 --text "CONFIG_GRKERNSEC" --result ENABLED --color GREEN else Display --indent 2 --text "CONFIG_GRKERNSEC" --result DISABLED --color ORANGE --advice KERNEL_CONFIG_GRSEC fi if [ ! -z "`grep 'CONFIG_SECURITY_SELINUX=y' ${TEMPYASATDIR}/kernel_config`" ];then Display --indent 2 --text "CONFIG_SECURITY_SELINUX" --result ENABLED --color GREEN else Display --indent 2 --text "CONFIG_SECURITY_SELINUX" --result DISABLED --color ORANGE --advice KERNEL_CONFIG_SECURITY_SELINUX fi if [ ! -z "`grep 'CONFIG_DEBUG_SET_MODULE_RONX=y' ${TEMPYASATDIR}/kernel_config`" ] ;then Display --indent 2 --text "CONFIG_DEBUG_SET_MODULE_RONX" --result ENABLED --color GREEN else Display --indent 2 --text "CONFIG_DEBUG_SET_MODULE_RONX" --result DISABLED --color ORANGE --advice KERNEL_CONFIG_DEBUG_SET_MODULE_RONX fi if [ ! -z "`grep 'CONFIG_DEBUG_RODATA=y' ${TEMPYASATDIR}/kernel_config`" ] ;then Display --indent 2 --text "CONFIG_DEBUG_RODATA" --result ENABLED --color GREEN else Display --indent 2 --text "CONFIG_DEBUG_RODATA" --result DISABLED --color ORANGE --advice KERNEL_CONFIG_DEBUG_RODATA fi if [ ! -z "`grep 'CONFIG_DEBUG_STRICT_USER_COPY_CHECKS=y' ${TEMPYASATDIR}/kernel_config`" ] ;then Display --indent 2 --text "CONFIG_DEBUG_STRICT_USER_COPY_CHECKS" --result ENABLED --color GREEN else Display --indent 2 --text "CONFIG_DEBUG_STRICT_USER_COPY_CHECKS" --result DISABLED --color ORANGE --advice KERNEL_CONFIG_DEBUG_STRICT_USER_COPY_CHECKS fi fi #end of -e "${TEMPYASATDIR}/kernel_config yasat/plugins/ssh.advice0000640000175000017500000000204011722700462016055 0ustar montjoiemontjoieEN,SSH_ROOT_LOGIN=Disable direct root login
PermitRootLogin no
Tt's better for audit to see nominal login account before su to root or sudo ADVICEEND EN,SSH_X11FORWARDING=Disable X11Forwarding
X11Forwarding no
According to manpage, When X11 forwarding is enabled, there may be additional exposure to the server and to client displays if the sshd(8) proxy display is configured to listen on the wildcard address (see X11UseLocalhost below), though this is not the default. Additionally, the authentication spoofing and authentication data verification and substitution occur on the client side. The security risk of using X11 forwarding is that the client's X11 display server may be exposed to attack when the SSH client requests forwarding (see the warnings for ForwardX11 in ssh_config(5)). ADVICEEND EN,SSH_IGNORERHOSTS=Disable IgnoreRhosts
IgnoreRhosts yes
For security reasons it is recommended to no use rhosts or shosts files for authentication. ADVICEEND yasat/plugins/storage.advice0000640000175000017500000000055711677022127016743 0ustar montjoiemontjoieEN,TODO=Test in development This test is in development ADVICEEND EN,HDD_SMARTCTL=Monitor your hdd with S.M.A.R.T. Install smartmontools See http://smartmontools.sourceforge.net ADVICEEND EN,HDD_READ_AHEAD_HIGH=Check the value of read_ahead A too high value of read_ahead can decrease performance. ADVICEEND yasat/plugins/apache_vhosts.data0000640000175000017500000050462211677022127017606 0ustar montjoiemontjoie# name of location | nothing = warning , O = just advice , R = just report| ID of ADVICE /nagios|R|APACHE_VHOSTS_KNOWN_NAME /awstats|R|APACHE_VHOSTS_KNOWN_NAME /server-info|R|APACHE_VHOSTS_KNOWN_NAME /server-status|R|APACHE_VHOSTS_KNOWN_NAME /ldap-status|R|APACHE_VHOSTS_KNOWN_NAME /phpmyadmin|R|APACHE_VHOSTS_KNOWN_NAME /ldapmyadmin|R|APACHE_VHOSTS_KNOWN_NAME /%00|R|APACHE_VHOSTS_KNOWN_NAME /~1/|R|APACHE_VHOSTS_KNOWN_NAME /1/|R|APACHE_VHOSTS_KNOWN_NAME /10/|R|APACHE_VHOSTS_KNOWN_NAME /2/|R|APACHE_VHOSTS_KNOWN_NAME /2532Gigs/index.php|R|APACHE_VHOSTS_KNOWN_NAME /..%2f..%2f..%2f..%2fboot.ini|R|APACHE_VHOSTS_KNOWN_NAME /2phpmyadmin/|R|APACHE_VHOSTS_KNOWN_NAME /3/|R|APACHE_VHOSTS_KNOWN_NAME /%3f.jsp|R|APACHE_VHOSTS_KNOWN_NAME /4/|R|APACHE_VHOSTS_KNOWN_NAME /5/|R|APACHE_VHOSTS_KNOWN_NAME /6/|R|APACHE_VHOSTS_KNOWN_NAME /68k/themes/admin/default/modules/show.php|R|APACHE_VHOSTS_KNOWN_NAME /7/|R|APACHE_VHOSTS_KNOWN_NAME /8/|R|APACHE_VHOSTS_KNOWN_NAME /%80../%80../%80../%80../%80../%80../%80../%80../boot.ini|R|APACHE_VHOSTS_KNOWN_NAME /9/|R|APACHE_VHOSTS_KNOWN_NAME /a/|R|APACHE_VHOSTS_KNOWN_NAME /about/|R|APACHE_VHOSTS_KNOWN_NAME /about.html|R|APACHE_VHOSTS_KNOWN_NAME /about.php|R|APACHE_VHOSTS_KNOWN_NAME /about-show.do|R|APACHE_VHOSTS_KNOWN_NAME /abtpportal/includes/esqueletos/skel_null.php|R|APACHE_VHOSTS_KNOWN_NAME /acceso/|R|APACHE_VHOSTS_KNOWN_NAME /access/|R|APACHE_VHOSTS_KNOWN_NAME /accesswatch/|R|APACHE_VHOSTS_KNOWN_NAME /acciones/|R|APACHE_VHOSTS_KNOWN_NAME /account/|R|APACHE_VHOSTS_KNOWN_NAME /account/index.php|R|APACHE_VHOSTS_KNOWN_NAME /accounting/|R|APACHE_VHOSTS_KNOWN_NAME /acid/|R|APACHE_VHOSTS_KNOWN_NAME /acidcat/main_login.asp|R|APACHE_VHOSTS_KNOWN_NAME /Acidcat/main_login.asp|R|APACHE_VHOSTS_KNOWN_NAME /activex/|R|APACHE_VHOSTS_KNOWN_NAME /acute-cp/|R|APACHE_VHOSTS_KNOWN_NAME /adaptbb/index.php|R|APACHE_VHOSTS_KNOWN_NAME /adaptcms/inc/smarty/libs/init.php|R|APACHE_VHOSTS_KNOWN_NAME /adaptcms/sitemap.xml|R|APACHE_VHOSTS_KNOWN_NAME /addrbook/index.php|R|APACHE_VHOSTS_KNOWN_NAME /addressbook/index.php|R|APACHE_VHOSTS_KNOWN_NAME /address/index.php|R|APACHE_VHOSTS_KNOWN_NAME /add_url.htm|R|APACHE_VHOSTS_KNOWN_NAME /adframe.php|R|APACHE_VHOSTS_KNOWN_NAME /adm/|R|APACHE_VHOSTS_KNOWN_NAME /admcgi/|R|APACHE_VHOSTS_KNOWN_NAME /admentor/|R|APACHE_VHOSTS_KNOWN_NAME /admidio/adm_program/index.php|R|APACHE_VHOSTS_KNOWN_NAME /admin|R|APACHE_VHOSTS_KNOWN_NAME /~admin/|R|APACHE_VHOSTS_KNOWN_NAME /admin_/|R|APACHE_VHOSTS_KNOWN_NAME /admin/|R|APACHE_VHOSTS_KNOWN_NAME /admin/admin.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/aindex.htm|R|APACHE_VHOSTS_KNOWN_NAME /admin.back/|R|APACHE_VHOSTS_KNOWN_NAME /admin-bak/|R|APACHE_VHOSTS_KNOWN_NAME /admin/config.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/db/main.php|R|APACHE_VHOSTS_KNOWN_NAME /Admin_files/|R|APACHE_VHOSTS_KNOWN_NAME /adming/|R|APACHE_VHOSTS_KNOWN_NAME /admin/index.php|R|APACHE_VHOSTS_KNOWN_NAME /administration/|R|APACHE_VHOSTS_KNOWN_NAME /Administration/|R|APACHE_VHOSTS_KNOWN_NAME /administrator/|R|APACHE_VHOSTS_KNOWN_NAME /administrator/admin/|R|APACHE_VHOSTS_KNOWN_NAME /administrator/admin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/db/|R|APACHE_VHOSTS_KNOWN_NAME /administrator/dbadmin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/db/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/myadmin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/mysql-admin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/mysqladmin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/mysql/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/mysqlmanager/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpmanager/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpmyadmin/|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpMyAdmin/|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpMyAdmin-2.2.3/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpMyAdmin-2.2.6/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpMyAdmin-2.5.1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpMyAdmin-2.5.4/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpMyAdmin-2.5.5/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpMyAdmin-2.5.5-pl1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpMyAdmin-2.5.5-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpMyAdmin-2.5.5-rc2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpMyAdmin-2.5.6/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpMyAdmin-2.5.6-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpMyAdmin-2.5.6-rc2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpMyAdmin-2.5.7/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpMyAdmin-2.5.7-pl1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpMyAdmin-2.6.0-alpha2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpMyAdmin-2.6.0-alpha/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpMyAdmin-2.6.0-beta1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpMyAdmin-2.6.0-beta2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpMyAdmin-2.6.0/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpMyAdmin-2.6.0-pl1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpMyAdmin-2.6.0-pl2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpMyAdmin-2.6.0-pl3/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpMyAdmin-2.6.0-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpMyAdmin-2.6.0-rc2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpMyAdmin-2.6.0-rc3/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpMyAdmin-2.6.1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpMyAdmin-2.6.1-pl1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpMyAdmin-2.6.1-pl2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpMyAdmin-2.6.1-pl3/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpMyAdmin-2.6.1-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpMyAdmin-2.6.1-rc2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpMyAdmin-2.6.2-beta1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpMyAdmin-2.6.2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpMyAdmin-2.6.2-pl1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpMyAdmin-2.6.2-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpMyAdmin-2.6.3/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpMyAdmin-2.6.3-pl1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpMyAdmin-2.6.3-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpMyAdmin-2.6.4/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpMyAdmin-2.6.4-pl1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpMyAdmin-2.6.4-pl2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpMyAdmin-2.6.4-pl3/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpMyAdmin-2.6.4-pl4/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpMyAdmin-2.6.4-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpMyAdmin-2.7.0-beta1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpMyAdmin-2.7.0/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpMyAdmin-2.7.0-pl1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpMyAdmin-2.7.0-pl2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpMyAdmin-2.7.0-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpMyAdmin-2.8.0.1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpMyAdmin-2.8.0.2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpMyAdmin-2.8.0.3/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpMyAdmin-2.8.0.4/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpMyAdmin-2.8.0-beta1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpMyAdmin-2.8.0/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpMyAdmin-2.8.0-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpMyAdmin-2.8.0-rc2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpMyAdmin-2.8.1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpMyAdmin-2.8.1-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpMyAdmin-2.8.2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpmyadmin2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpMyAdmin-2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpMyAdmin2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/php-my-admin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/php-myadmin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpmy-admin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpmyadmin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/phpMyAdmin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/pma/|R|APACHE_VHOSTS_KNOWN_NAME /administrator/PMA/|R|APACHE_VHOSTS_KNOWN_NAME /administrator/pma2005/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/pMA2005/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/pma2006/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/pMA2006/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/p/m/a/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/pMA/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/sqlmanager/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/sqlweb/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/web/|R|APACHE_VHOSTS_KNOWN_NAME /administrator/webadmin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/webdb/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/web/main.php|R|APACHE_VHOSTS_KNOWN_NAME /administrator/websql/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/login.html|R|APACHE_VHOSTS_KNOWN_NAME /admin/login.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/lost-pass.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/myadmin/|R|APACHE_VHOSTS_KNOWN_NAME /admin/myadmin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/mysql-admin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/mysqladmin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/mysql/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/mysqlmanager/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin-old/|R|APACHE_VHOSTS_KNOWN_NAME /admin.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpmanager/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpmyadmin/|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpMyAdmin-2.2.3/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpMyAdmin-2.2.6/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpMyAdmin-2.5.1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpMyAdmin-2.5.4/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpMyAdmin-2.5.5/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpMyAdmin-2.5.5-pl1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpMyAdmin-2.5.5-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpMyAdmin-2.5.5-rc2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpMyAdmin-2.5.6/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpMyAdmin-2.5.6-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpMyAdmin-2.5.6-rc2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpMyAdmin-2.5.7/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpMyAdmin-2.5.7-pl1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpMyAdmin-2.6.0-alpha2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpMyAdmin-2.6.0-alpha/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpMyAdmin-2.6.0-beta1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpMyAdmin-2.6.0-beta2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpMyAdmin-2.6.0/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpMyAdmin-2.6.0-pl1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpMyAdmin-2.6.0-pl2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpMyAdmin-2.6.0-pl3/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpMyAdmin-2.6.0-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpMyAdmin-2.6.0-rc2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpMyAdmin-2.6.0-rc3/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpMyAdmin-2.6.1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpMyAdmin-2.6.1-pl1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpMyAdmin-2.6.1-pl2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpMyAdmin-2.6.1-pl3/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpMyAdmin-2.6.1-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpMyAdmin-2.6.1-rc2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpMyAdmin-2.6.2-beta1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpMyAdmin-2.6.2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpMyAdmin-2.6.2-pl1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpMyAdmin-2.6.2-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpMyAdmin-2.6.3/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpMyAdmin-2.6.3-pl1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpMyAdmin-2.6.3-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpMyAdmin-2.6.4/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpMyAdmin-2.6.4-pl1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpMyAdmin-2.6.4-pl2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpMyAdmin-2.6.4-pl3/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpMyAdmin-2.6.4-pl4/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpMyAdmin-2.6.4-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpMyAdmin-2.7.0-beta1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpMyAdmin-2.7.0/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpMyAdmin-2.7.0-pl1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpMyAdmin-2.7.0-pl2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpMyAdmin-2.7.0-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpMyAdmin-2.8.0.1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpMyAdmin-2.8.0.2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpMyAdmin-2.8.0.3/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpMyAdmin-2.8.0.4/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpMyAdmin-2.8.0-beta1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpMyAdmin-2.8.0/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpMyAdmin-2.8.0-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpMyAdmin-2.8.0-rc2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpMyAdmin-2.8.1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpMyAdmin-2.8.1-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpMyAdmin-2.8.2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpmyadmin2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpMyAdmin-2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpMyAdmin2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/php-my-admin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/php-myadmin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpmy-admin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpmyadmin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpMyAdmin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/phpmyadmin/read_dump.phpmain.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/pma2005/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/PMA2005/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/pma2006/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/PMA2006/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/p/m/a/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/pMA/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/pma/read_dump.phpmain.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/read_dump.phpmain.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/setup.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/sqladmin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/sqlmanager/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/sqlweb/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/sysadmin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/updatelist.php|R|APACHE_VHOSTS_KNOWN_NAME /adminuser/|R|APACHE_VHOSTS_KNOWN_NAME /adminweb/|R|APACHE_VHOSTS_KNOWN_NAME /AdminWeb/|R|APACHE_VHOSTS_KNOWN_NAME /admin/webadmin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/webdb/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/web/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admin/websql/main.php|R|APACHE_VHOSTS_KNOWN_NAME /admisapi/|R|APACHE_VHOSTS_KNOWN_NAME /adpeeps/index.php|R|APACHE_VHOSTS_KNOWN_NAME /AdvWebAdmin/|R|APACHE_VHOSTS_KNOWN_NAME /af.cgi|R|APACHE_VHOSTS_KNOWN_NAME /aflog/Readme.txt|R|APACHE_VHOSTS_KNOWN_NAME /ag/ang/index.php|R|APACHE_VHOSTS_KNOWN_NAME /agc/vicidial.php|R|APACHE_VHOSTS_KNOWN_NAME /agenda.php3|R|APACHE_VHOSTS_KNOWN_NAME /Agent/|R|APACHE_VHOSTS_KNOWN_NAME /agentes/|R|APACHE_VHOSTS_KNOWN_NAME /Agents/|R|APACHE_VHOSTS_KNOWN_NAME /ag/index.php|R|APACHE_VHOSTS_KNOWN_NAME /aihs/index.php|R|APACHE_VHOSTS_KNOWN_NAME /aiocp/public/code/cp_dpage.php|R|APACHE_VHOSTS_KNOWN_NAME /AIOCP/public/code/cp_dpage.php|R|APACHE_VHOSTS_KNOWN_NAME /ajaxp_backend.php|R|APACHE_VHOSTS_KNOWN_NAME /ajaxportal/index.php|R|APACHE_VHOSTS_KNOWN_NAME /ajaxportal/install/index.php|R|APACHE_VHOSTS_KNOWN_NAME /a.jsp/|R|APACHE_VHOSTS_KNOWN_NAME /Album/|R|APACHE_VHOSTS_KNOWN_NAME /AlbumArt_/|R|APACHE_VHOSTS_KNOWN_NAME /album/index.php|R|APACHE_VHOSTS_KNOWN_NAME /alerts.php|R|APACHE_VHOSTS_KNOWN_NAME /alienform.cgi|R|APACHE_VHOSTS_KNOWN_NAME /amazon/search.php|R|APACHE_VHOSTS_KNOWN_NAME /am/index.php|R|APACHE_VHOSTS_KNOWN_NAME /AM/index.php|R|APACHE_VHOSTS_KNOWN_NAME /analog/|R|APACHE_VHOSTS_KNOWN_NAME /ang/ang/index.php|R|APACHE_VHOSTS_KNOWN_NAME /ang/index.php|R|APACHE_VHOSTS_KNOWN_NAME /anguestbook/ang/index.php|R|APACHE_VHOSTS_KNOWN_NAME /anguestbook/index.php|R|APACHE_VHOSTS_KNOWN_NAME /~anna_foo_fighter|R|APACHE_VHOSTS_KNOWN_NAME /ans/ans.pl|R|APACHE_VHOSTS_KNOWN_NAME /ans.pl|R|APACHE_VHOSTS_KNOWN_NAME /anthill/|R|APACHE_VHOSTS_KNOWN_NAME /ant/Lisez%20moi.txt|R|APACHE_VHOSTS_KNOWN_NAME /Ant/Lisez%20moi.txt|R|APACHE_VHOSTS_KNOWN_NAME /ANT/Lisez%20moi.txt|R|APACHE_VHOSTS_KNOWN_NAME /ant/news/admin/index.php|R|APACHE_VHOSTS_KNOWN_NAME /Ant/news/admin/index.php|R|APACHE_VHOSTS_KNOWN_NAME /ANT/news/admin/index.php|R|APACHE_VHOSTS_KNOWN_NAME /ant/Readme.txt|R|APACHE_VHOSTS_KNOWN_NAME /Ant/Readme.txt|R|APACHE_VHOSTS_KNOWN_NAME /ANT/Readme.txt|R|APACHE_VHOSTS_KNOWN_NAME /apache/|R|APACHE_VHOSTS_KNOWN_NAME /apage/lcgi-bin|R|APACHE_VHOSTS_KNOWN_NAME /apexec.pl|R|APACHE_VHOSTS_KNOWN_NAME /apoll/admin/login.php|R|APACHE_VHOSTS_KNOWN_NAME /apoll/admin/lost-pass.php|R|APACHE_VHOSTS_KNOWN_NAME /app/|R|APACHE_VHOSTS_KNOWN_NAME /applets/|R|APACHE_VHOSTS_KNOWN_NAME /application/|R|APACHE_VHOSTS_KNOWN_NAME /applications/|R|APACHE_VHOSTS_KNOWN_NAME /apps/|R|APACHE_VHOSTS_KNOWN_NAME /app/webeditor/login.cgi|R|APACHE_VHOSTS_KNOWN_NAME /aproxengine/engine/inc/version.info|R|APACHE_VHOSTS_KNOWN_NAME /ar/|R|APACHE_VHOSTS_KNOWN_NAME /archive/|R|APACHE_VHOSTS_KNOWN_NAME /archives/|R|APACHE_VHOSTS_KNOWN_NAME /artmedic_links5/index.php|R|APACHE_VHOSTS_KNOWN_NAME /ascils/phpmyadmin/|R|APACHE_VHOSTS_KNOWN_NAME /ask/forum_answer.php|R|APACHE_VHOSTS_KNOWN_NAME /asp/|R|APACHE_VHOSTS_KNOWN_NAME /aspx/|R|APACHE_VHOSTS_KNOWN_NAME /assets/plugins/mp3_id/mp3_id.php|R|APACHE_VHOSTS_KNOWN_NAME /astrospaces/index.php|R|APACHE_VHOSTS_KNOWN_NAME /atc/|R|APACHE_VHOSTS_KNOWN_NAME /athenareg.php|R|APACHE_VHOSTS_KNOWN_NAME /atmail/index.php|R|APACHE_VHOSTS_KNOWN_NAME /audistat/index.php|R|APACHE_VHOSTS_KNOWN_NAME /auth/|R|APACHE_VHOSTS_KNOWN_NAME /authadmin/|R|APACHE_VHOSTS_KNOWN_NAME /authentication_index.php|R|APACHE_VHOSTS_KNOWN_NAME /avarcade/index.php|R|APACHE_VHOSTS_KNOWN_NAME /avarcade/upload/index.php|R|APACHE_VHOSTS_KNOWN_NAME /aw/|R|APACHE_VHOSTS_KNOWN_NAME /awcm/includes/window_top.php|R|APACHE_VHOSTS_KNOWN_NAME /awstats/awstats.pl|R|APACHE_VHOSTS_KNOWN_NAME /AWStats/awstats.pl|R|APACHE_VHOSTS_KNOWN_NAME /awstats-cgi/awstats.pl|R|APACHE_VHOSTS_KNOWN_NAME /awstats/cgi-bin/awstats.pl|R|APACHE_VHOSTS_KNOWN_NAME /awstats.pl|R|APACHE_VHOSTS_KNOWN_NAME /awstats/wwwroot/cgi-bin/awstats.pl|R|APACHE_VHOSTS_KNOWN_NAME /ayuda/|R|APACHE_VHOSTS_KNOWN_NAME /b/|R|APACHE_VHOSTS_KNOWN_NAME /b2evolution/blogs/htsrv/login.php|R|APACHE_VHOSTS_KNOWN_NAME /b2-include/|R|APACHE_VHOSTS_KNOWN_NAME /back/|R|APACHE_VHOSTS_KNOWN_NAME /backend/|R|APACHE_VHOSTS_KNOWN_NAME /backend/plugin/Registration/index.php|R|APACHE_VHOSTS_KNOWN_NAME /_backup/|R|APACHE_VHOSTS_KNOWN_NAME /backup/|R|APACHE_VHOSTS_KNOWN_NAME /backup/down.php|R|APACHE_VHOSTS_KNOWN_NAME /backups/|R|APACHE_VHOSTS_KNOWN_NAME /baconmap/admin/updatelist.php|R|APACHE_VHOSTS_KNOWN_NAME /bak/|R|APACHE_VHOSTS_KNOWN_NAME /banca/|R|APACHE_VHOSTS_KNOWN_NAME /banco/|R|APACHE_VHOSTS_KNOWN_NAME /bands/index.php|R|APACHE_VHOSTS_KNOWN_NAME /bank/|R|APACHE_VHOSTS_KNOWN_NAME /banner/|R|APACHE_VHOSTS_KNOWN_NAME /banner01/|R|APACHE_VHOSTS_KNOWN_NAME /banners/|R|APACHE_VHOSTS_KNOWN_NAME /base/base_main.php|R|APACHE_VHOSTS_KNOWN_NAME /base_main.php|R|APACHE_VHOSTS_KNOWN_NAME /basilix.php|R|APACHE_VHOSTS_KNOWN_NAME /batch/|R|APACHE_VHOSTS_KNOWN_NAME /bb-dnbd/|R|APACHE_VHOSTS_KNOWN_NAME /bbv/|R|APACHE_VHOSTS_KNOWN_NAME /bdata/|R|APACHE_VHOSTS_KNOWN_NAME /bdatos/|R|APACHE_VHOSTS_KNOWN_NAME /beta/|R|APACHE_VHOSTS_KNOWN_NAME /bf/index.php|R|APACHE_VHOSTS_KNOWN_NAME /bible.php|R|APACHE_VHOSTS_KNOWN_NAME /bid/index.php|R|APACHE_VHOSTS_KNOWN_NAME /bigforum/index.php|R|APACHE_VHOSTS_KNOWN_NAME /billpay/|R|APACHE_VHOSTS_KNOWN_NAME /bin/|R|APACHE_VHOSTS_KNOWN_NAME /bin/msgimport|R|APACHE_VHOSTS_KNOWN_NAME /bin/view/foswiki/WebHome|R|APACHE_VHOSTS_KNOWN_NAME /bin/view/TWiki/WebHome|R|APACHE_VHOSTS_KNOWN_NAME /bitweaver/users/login.php|R|APACHE_VHOSTS_KNOWN_NAME /bitweaver/wiki/index.php|R|APACHE_VHOSTS_KNOWN_NAME /BizTalkServerDocs/|R|APACHE_VHOSTS_KNOWN_NAME /BizTalkServerRepository/|R|APACHE_VHOSTS_KNOWN_NAME /BizTalkTracking/|R|APACHE_VHOSTS_KNOWN_NAME /blindblog/comment.php|R|APACHE_VHOSTS_KNOWN_NAME /blob/blob.php|R|APACHE_VHOSTS_KNOWN_NAME /blob.php|R|APACHE_VHOSTS_KNOWN_NAME /blog/|R|APACHE_VHOSTS_KNOWN_NAME /blogAdmin/jobs.php|R|APACHE_VHOSTS_KNOWN_NAME /blog/blob.php|R|APACHE_VHOSTS_KNOWN_NAME /blog/blogAdmin/jobs.php|R|APACHE_VHOSTS_KNOWN_NAME /blog/comment.php|R|APACHE_VHOSTS_KNOWN_NAME /blog/comments.php|R|APACHE_VHOSTS_KNOWN_NAME /blog/index.php|R|APACHE_VHOSTS_KNOWN_NAME /blog/index.php/Special/Main/Templates|R|APACHE_VHOSTS_KNOWN_NAME /blog/login.php|R|APACHE_VHOSTS_KNOWN_NAME /blog/public/view.php|R|APACHE_VHOSTS_KNOWN_NAME /blog/search.php|R|APACHE_VHOSTS_KNOWN_NAME /blogs/htsrv/login.php|R|APACHE_VHOSTS_KNOWN_NAME /blog/wp-content/plugins/phpmyadmin/|R|APACHE_VHOSTS_KNOWN_NAME /boadmin/|R|APACHE_VHOSTS_KNOWN_NAME /board/admin.php|R|APACHE_VHOSTS_KNOWN_NAME /board/db/users.dat|R|APACHE_VHOSTS_KNOWN_NAME /board/index.php|R|APACHE_VHOSTS_KNOWN_NAME /board/showtheme.php|R|APACHE_VHOSTS_KNOWN_NAME /board/upload/index.php|R|APACHE_VHOSTS_KNOWN_NAME /board/wcf/acp/dereferrer.php|R|APACHE_VHOSTS_KNOWN_NAME /boat-webdesign/detail.asp|R|APACHE_VHOSTS_KNOWN_NAME /boat-webdesignprintdetail.asp|R|APACHE_VHOSTS_KNOWN_NAME /book_panel/books.php|R|APACHE_VHOSTS_KNOWN_NAME /boot/|R|APACHE_VHOSTS_KNOWN_NAME /Boutiques/|R|APACHE_VHOSTS_KNOWN_NAME /breakcal/calendar.cgi|R|APACHE_VHOSTS_KNOWN_NAME /browse.php|R|APACHE_VHOSTS_KNOWN_NAME /btauxdir/|R|APACHE_VHOSTS_KNOWN_NAME /btnet/about.html|R|APACHE_VHOSTS_KNOWN_NAME /bug/|R|APACHE_VHOSTS_KNOWN_NAME /bugport/php/index.php|R|APACHE_VHOSTS_KNOWN_NAME /bugs/|R|APACHE_VHOSTS_KNOWN_NAME /bugs/bug.php|R|APACHE_VHOSTS_KNOWN_NAME /bugs/index.cgi|R|APACHE_VHOSTS_KNOWN_NAME /bugs/index.php|R|APACHE_VHOSTS_KNOWN_NAME /bugtracker/about.html|R|APACHE_VHOSTS_KNOWN_NAME /bugtracker/index.php|R|APACHE_VHOSTS_KNOWN_NAME /bugzilla/|R|APACHE_VHOSTS_KNOWN_NAME /bugzilla/index.cgi|R|APACHE_VHOSTS_KNOWN_NAME /business/|R|APACHE_VHOSTS_KNOWN_NAME /buy/|R|APACHE_VHOSTS_KNOWN_NAME /buynow/|R|APACHE_VHOSTS_KNOWN_NAME /bw/users/login.php|R|APACHE_VHOSTS_KNOWN_NAME /bw/wiki/index.php|R|APACHE_VHOSTS_KNOWN_NAME /c/|R|APACHE_VHOSTS_KNOWN_NAME /cache-stats/|R|APACHE_VHOSTS_KNOWN_NAME /cacti/|R|APACHE_VHOSTS_KNOWN_NAME /cacti/index.php|R|APACHE_VHOSTS_KNOWN_NAME /caja/|R|APACHE_VHOSTS_KNOWN_NAME /calendar/admin/index.php|R|APACHE_VHOSTS_KNOWN_NAME /calendar/details.asp|R|APACHE_VHOSTS_KNOWN_NAME /calendar/index.php|R|APACHE_VHOSTS_KNOWN_NAME /calendar/login.php|R|APACHE_VHOSTS_KNOWN_NAME /campsite/admin/login.php|R|APACHE_VHOSTS_KNOWN_NAME /campsite/index.php|R|APACHE_VHOSTS_KNOWN_NAME /card/|R|APACHE_VHOSTS_KNOWN_NAME /cards/|R|APACHE_VHOSTS_KNOWN_NAME /car_portal/index.php|R|APACHE_VHOSTS_KNOWN_NAME /cart/|R|APACHE_VHOSTS_KNOWN_NAME /cart/admin/login.php|R|APACHE_VHOSTS_KNOWN_NAME /cart/extras/curltest.php|R|APACHE_VHOSTS_KNOWN_NAME /cart/includes/initsystem.php|R|APACHE_VHOSTS_KNOWN_NAME /cart/index.php|R|APACHE_VHOSTS_KNOWN_NAME /cash/|R|APACHE_VHOSTS_KNOWN_NAME /caspsamp/|R|APACHE_VHOSTS_KNOWN_NAME /catalog/|R|APACHE_VHOSTS_KNOWN_NAME /catalog/index.php|R|APACHE_VHOSTS_KNOWN_NAME /catalog.php|R|APACHE_VHOSTS_KNOWN_NAME /caucho-status|R|APACHE_VHOSTS_KNOWN_NAME /cbblog/comment.php|R|APACHE_VHOSTS_KNOWN_NAME /cb/db/budget.sqlite|R|APACHE_VHOSTS_KNOWN_NAME /cbi-bin/|R|APACHE_VHOSTS_KNOWN_NAME /ccard/|R|APACHE_VHOSTS_KNOWN_NAME /ccards/|R|APACHE_VHOSTS_KNOWN_NAME /cctiddly/includes/include.php|R|APACHE_VHOSTS_KNOWN_NAME /cd/|R|APACHE_VHOSTS_KNOWN_NAME /cd-cgi/|R|APACHE_VHOSTS_KNOWN_NAME /cdrom/|R|APACHE_VHOSTS_KNOWN_NAME /ce_html/|R|APACHE_VHOSTS_KNOWN_NAME /celerbb/viewforum.php|R|APACHE_VHOSTS_KNOWN_NAME /celer/viewforum.php|R|APACHE_VHOSTS_KNOWN_NAME /centreon/index.php|R|APACHE_VHOSTS_KNOWN_NAME /cert/|R|APACHE_VHOSTS_KNOWN_NAME /certificado/|R|APACHE_VHOSTS_KNOWN_NAME /certificate/|R|APACHE_VHOSTS_KNOWN_NAME /cfanywhere/index.html|R|APACHE_VHOSTS_KNOWN_NAME /cfappman/|R|APACHE_VHOSTS_KNOWN_NAME /cfdocs/|R|APACHE_VHOSTS_KNOWN_NAME /cfide/|R|APACHE_VHOSTS_KNOWN_NAME /CFIDE/administrator/index.cfm|R|APACHE_VHOSTS_KNOWN_NAME /cg739|R|APACHE_VHOSTS_KNOWN_NAME /cgi/|R|APACHE_VHOSTS_KNOWN_NAME /cgi-auth/|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bim/|R|APACHE_VHOSTS_KNOWN_NAME /cgibin/|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin2/|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/%3f.jsp|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/about.html|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/about.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/about-show.do|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/acceptDecline.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/add_url.htm|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/adframe.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/admin/admin.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/admin/config.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/admin/index.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/admin/login.asp|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/admin/login.html|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/admin/login.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-binadmin/login.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/admin/lost-pass.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/admin.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/adminSection/main.asp|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/admin/setup.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/admin/updatelist.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/af.cgi|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/agenda.php3|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/ajaxp_backend.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/alerts.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/alienform.cgi|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/ang/index.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/ans/ans.pl|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/ans.pl|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/apexec.pl|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/artmedic_links5/index.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/assets/plugins/mp3_id/mp3_id.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/athenareg.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/authentication_index.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/awstats.pl|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/backend/plugin/Registration/index.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/base_main.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/basilix.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/bb_func_txt.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/bible.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/bin/view/foswiki/WebHome|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/bin/view/TWiki/WebHome|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/blob.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/blogAdmin/jobs.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/book_panel/books.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/breakcal/calendar.cgi|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/browse.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/calendar.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/calendar_scheduler.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/cal_week.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/cart32.exe/GetLatestBuilds|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/catalog.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/cgicso|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/cgi/tseekdir.cgi|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/changelog.txt|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/charts.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/chat/send.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/check_user_id.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/chgpwd.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/classifieds/Site_Admin/admin.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/cms/|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/cms/index.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/cms/website.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/comment.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/comments.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/common/listrec.pl|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/common/login.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/config.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/content/dynpage_load.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/content.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/core/editor.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/core/includes/gfw_smarty.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/Count.cgi|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/counter.exe|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/cvs.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/cvsweb.cgi/|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/cwmail.exe|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/data/adminusers.csv|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/data/nanoadmin.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/db/budget.sqlite|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/db/users.dat|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/dcshop.cgi|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/dcshop.pl|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/default.aspx|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/desktop.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/detail.asp|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/dig.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/directory.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/docbuilder/top.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/doc/catalogue.html|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/../Docs/ChangeLog.txt|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/Docs/ChangeLog.txt|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/docs/CHANGES|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/../Docs/ReadMe.txt|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/Docs/ReadMe.txt|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/download.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/down.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/e107_admin/admin.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/easymsgb.pl|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/easyshop.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/edit_image.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/editor/assetmanager/assetmanager.asp|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/edlink.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/engine/inc/version.info|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/error.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/eshop.pl/seite=;cat%20eshop.|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/evalsmsi.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/extras/curltest.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/faqmanager.cgi|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/filter.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/firstvisit.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/fom/fom.cgi|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/FormMail.cgi|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/formmail.pl|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/FormMail.pl|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/formmail.pl.cgi|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/forum_2.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/forum_answer.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/forum/Database/EZsiteForum.mdb|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/forum/email.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/forum.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/forum.php3|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/fr_left.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/gadgets/Blog/BlogModel.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/gallery.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/gen/obj/collectivite.class.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/gm.cgi|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/gnat/admin/index.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/guestbook.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/GW5/GWWEB.EXE|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/GWWEB.EXE|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/gzip_loader.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/handlers/getpage.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/_head.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/hints.pl|R|APACHE_VHOSTS_KNOWN_NAME /cgi-binhome|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/home|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/home.asp|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/horde/services/help/|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/htaccess.txt|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/htdocs/index.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/htdocs/login.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/html/affich.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/html/index.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/htsearch|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/htsearch.cgi|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/imageview.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/i-mall.cgi|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/includer.cgi|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/includes/esqueletos/skel_null.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/includes/include.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/includes/initsystem.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/includes/js/mambojavascript.js|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/includes/window_top.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/inc/smarty/libs/init.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/indeks.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/index|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/index2.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/Index2.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/index.asp|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/index.cgi|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/index.html|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/index.js%70|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/index.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-binindex.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/index.php3|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/index.php4|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/index.php/Special/Main/Templates|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/index.php/Special:Version|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/index.pl|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/index.pl/homels|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/index.rb|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/inserter.cgi|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/install/index.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/ion-p.exe|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/jgs_portal_statistik.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/journal.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/last10.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/left.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/library/lib.menu.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/lib/version.phps|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/license.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/LightNEasy.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/Lisez%20moi.txt|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/listinfo|R|APACHE_VHOSTS_KNOWN_NAME /cgi_bin/listrec.pl|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/listrec.pl|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/login/|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/login.cgi|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/login_page.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/login.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/Login.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/login.pl|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/mail.cgi|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/main_login.asp|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/manager/index.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/manpage/index.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/mapserv|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/mapserv.exe|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/metadot/index.pl|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/mlog.html|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/module/biz/index.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/module/forum/main.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/module.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/modules/module_db.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/modules/news/index.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/modules.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/modules/plain/adminpart/addplain.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/modules/Submit/index.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/mrtg.cgi|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/mt.cgi|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/mt/mt.cgi|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/myevent.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/mylog.html|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/napro4/index.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/nbmember.cgi|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/newcomment/|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/news/|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/news/admin/index.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/news.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/NonExistent.html|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/nph-mr.cgi|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/oldnews_reader.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/open.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/openwebmail/openwebmail.pl|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/openwebmail.pl|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/order.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/owls/glossaries/index.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/page.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/pages.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/passwiki.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/password_reminder.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/php/login.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/php/mytutos.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/php-ping.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/phpsysinfo/inc/hook_admin.inc.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/phpThumb.demo.demo.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/phptonuke.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/pivot/index.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/pki/pub/pki|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/pmwiki.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/pollit/Poll_It_SSI_v2.0.cgi|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/portfolio_genre.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi_bin/powerup/r.cgi|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/powerup/r.cgi|R|APACHE_VHOSTS_KNOWN_NAME /cgi-binprintdetail.asp|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/printfaq.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/print.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/product.comparision.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/productionnu2/fileuploader.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/productionnu2/report.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-binprofil.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/public/code/cp_dpage.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/public/code/index.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/public/view.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/pub/pki|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/quixplorer_2_3/index.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/r.cgi|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/read_body.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/README|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/README.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/readme.txt|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/Readme.txt|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/README.txt|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/register.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/results.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/revert.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/roschedule.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/rtm.log|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/ru/|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/run-cvstrac/index|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/script/cat_for_gen.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/scripts.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/scr/soustab.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/sdbsearch.cgi|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/search|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/search/|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/search=%3Cscript%3Ealert('XSS')%3C/script%3E|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/search.html|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/search.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/search.php3|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/search/results.stm|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/search/show.pl|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/sendcard.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/services/help/|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/servlet/one2planet.infolet.InfoServlet|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/session/login.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/settings.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/setup.php3|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/s_form.cgi|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/sgdynamo.exe|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/shopper.cgi|R|APACHE_VHOSTS_KNOWN_NAME /cgi_bin/shop.pl/page=;cat%20shop.|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/shop.pl/page=;cat%20shop.|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/shopplus.cgi|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/shouts.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/showcategory.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/showcat.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/showproduct.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/showtheme.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/signing_system-admin/index.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/site/login.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/sitemap.xml|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/site.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/skins/default.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/smarty.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/snpfiltered.pl|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/software-description.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/sources/functions.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/src/main.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/start.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/status.php3|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/story.pl|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/stuworkdisplay.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/styles.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-binsymphony/|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/SystemInfo|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/system/rss.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/team.rc5-72.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/Templates/default/index_logged.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/templates/system/css/editor.css|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/test-cgi.bat|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/test.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/themes/admin/default/modules/show.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/themes/program/themesettings.inc.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/thread.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/tiki-index.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/tiki-orphan_pages.php/>">|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/tiny_mce/plugins/ibrowser/ibrowser.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/titleBar.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/tmpl/news_main.htm|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/tombstone.cfm|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/tools.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/topic.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/update.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/upload/account-login.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/upload/index.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/upstnt.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/user.cgi|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/user.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/users/login.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/VERSION|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/viart_shop.xml|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/vicidial.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/viewcvs.cgi/|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/viewforum.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/view_item|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/view.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/viewpic.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/view_user.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/viewvc/|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/viewvc.cgi/|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/vu2qQDc3jsqe.cfm|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/vu2qQDc3jsqe.cgi|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/vu2qQDc3jsqe.html|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/vu2qQDc3jsqe.inc|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/vu2qQDc3jsqe.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/vu2qQDc3jsqe.php3|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/vu2qQDc3jsqe.pl|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/vu2qQDc3jsqe.sh|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/vu2qQDc3jsqe.shtml|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/WackoWiki|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/wcf/acp/dereferrer.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/webadmin.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-binwebcart.cgi|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/web/help.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/weblibs.pl|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/webplus|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/webplus.exe|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/webspirs.cgi|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/Web_Store/web_store.cgi|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/wiki/index.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/wiki.php/|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/www/admin/index.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/wwwboard.html|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/www/default.asp|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/www/index.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/x_news.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/YaBB.pl|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/zboard.php|R|APACHE_VHOSTS_KNOWN_NAME /cgi-bin/zml.cgi|R|APACHE_VHOSTS_KNOWN_NAME /cgi-csc/|R|APACHE_VHOSTS_KNOWN_NAME /cgi-isapi/|R|APACHE_VHOSTS_KNOWN_NAME /cgi-lib/|R|APACHE_VHOSTS_KNOWN_NAME /cgilib/|R|APACHE_VHOSTS_KNOWN_NAME /cgi-local/|R|APACHE_VHOSTS_KNOWN_NAME /cgi-local/apexec.pl|R|APACHE_VHOSTS_KNOWN_NAME /cgi-local/eshop.pl/seite=;cat%20eshop.|R|APACHE_VHOSTS_KNOWN_NAME /cgi-local/listrec.pl|R|APACHE_VHOSTS_KNOWN_NAME /cgi-local/shop.pl/page=;cat%20shop.|R|APACHE_VHOSTS_KNOWN_NAME /cgi_local/view_item|R|APACHE_VHOSTS_KNOWN_NAME /cgi-local/view_item|R|APACHE_VHOSTS_KNOWN_NAME /cgi-mod/index.cgi|R|APACHE_VHOSTS_KNOWN_NAME /cgis/|R|APACHE_VHOSTS_KNOWN_NAME /cgi-scripts/|R|APACHE_VHOSTS_KNOWN_NAME /cgiscripts/|R|APACHE_VHOSTS_KNOWN_NAME /cgi-shl/|R|APACHE_VHOSTS_KNOWN_NAME /cgi-shop/|R|APACHE_VHOSTS_KNOWN_NAME /cgi-shop/view_item|R|APACHE_VHOSTS_KNOWN_NAME /cgi-sys/|R|APACHE_VHOSTS_KNOWN_NAME /cgi/tseekdir.cgi|R|APACHE_VHOSTS_KNOWN_NAME /cgi-weddico/|R|APACHE_VHOSTS_KNOWN_NAME /cgi-win/|R|APACHE_VHOSTS_KNOWN_NAME /cgiwin/|R|APACHE_VHOSTS_KNOWN_NAME /changelog.txt|R|APACHE_VHOSTS_KNOWN_NAME /charts.php|R|APACHE_VHOSTS_KNOWN_NAME /chat/|R|APACHE_VHOSTS_KNOWN_NAME /chat/home.asp|R|APACHE_VHOSTS_KNOWN_NAME /chat/index.php|R|APACHE_VHOSTS_KNOWN_NAME /chat/send.php|R|APACHE_VHOSTS_KNOWN_NAME /chillyCMS/admin/media.site.php|R|APACHE_VHOSTS_KNOWN_NAME /chillyCMS/tmp/OpenVAS_TEST_DELETE_ME_1924632898.php|R|APACHE_VHOSTS_KNOWN_NAME /chipmunk/index.php|R|APACHE_VHOSTS_KNOWN_NAME /chora/cvs.php|R|APACHE_VHOSTS_KNOWN_NAME /chora/horde/services/help/|R|APACHE_VHOSTS_KNOWN_NAME /chora/README|R|APACHE_VHOSTS_KNOWN_NAME /cilemhaber/www/default.asp|R|APACHE_VHOSTS_KNOWN_NAME /citrix/MetaframeXP/default/login.asp|R|APACHE_VHOSTS_KNOWN_NAME /citrix/nfuse/default/login.asp|R|APACHE_VHOSTS_KNOWN_NAME /clanlite/service/index_pri.php|R|APACHE_VHOSTS_KNOWN_NAME /claroline/claroline/install/index.php|R|APACHE_VHOSTS_KNOWN_NAME /class/|R|APACHE_VHOSTS_KNOWN_NAME /classes/|R|APACHE_VHOSTS_KNOWN_NAME /classified/adverts.php|R|APACHE_VHOSTS_KNOWN_NAME /classifieds/Site_Admin/admin.php|R|APACHE_VHOSTS_KNOWN_NAME /ClearBudget/db/budget.sqlite|R|APACHE_VHOSTS_KNOWN_NAME /clearsite/about.php|R|APACHE_VHOSTS_KNOWN_NAME /clicknetcms/index.php|R|APACHE_VHOSTS_KNOWN_NAME /clicknet/index.php|R|APACHE_VHOSTS_KNOWN_NAME /client/|R|APACHE_VHOSTS_KNOWN_NAME /cliente/|R|APACHE_VHOSTS_KNOWN_NAME /clientes/|R|APACHE_VHOSTS_KNOWN_NAME /cm/|R|APACHE_VHOSTS_KNOWN_NAME /cmp/|R|APACHE_VHOSTS_KNOWN_NAME /cms/|R|APACHE_VHOSTS_KNOWN_NAME /cms/admin/index.php|R|APACHE_VHOSTS_KNOWN_NAME /cms/admin/login.php|R|APACHE_VHOSTS_KNOWN_NAME /cmsample/|R|APACHE_VHOSTS_KNOWN_NAME /cms/cms/|R|APACHE_VHOSTS_KNOWN_NAME /cms/cms/index.php|R|APACHE_VHOSTS_KNOWN_NAME /cms/cms/website.php|R|APACHE_VHOSTS_KNOWN_NAME /cms/content/dynpage_load.php|R|APACHE_VHOSTS_KNOWN_NAME /cmscout/index.php|R|APACHE_VHOSTS_KNOWN_NAME /cmscout/tiny_mce/plugins/ibrowser/ibrowser.php|R|APACHE_VHOSTS_KNOWN_NAME /cms/data/nanoadmin.php|R|APACHE_VHOSTS_KNOWN_NAME /cms/e107_admin/admin.php|R|APACHE_VHOSTS_KNOWN_NAME /cms/engine/inc/version.info|R|APACHE_VHOSTS_KNOWN_NAME /cms/.htaccess|R|APACHE_VHOSTS_KNOWN_NAME /cms/htaccess.txt|R|APACHE_VHOSTS_KNOWN_NAME /cms/includes/js/mambojavascript.js|R|APACHE_VHOSTS_KNOWN_NAME /cms/includes/window_top.php|R|APACHE_VHOSTS_KNOWN_NAME /cms/inc/smarty/libs/init.php|R|APACHE_VHOSTS_KNOWN_NAME /cms/indeks.php|R|APACHE_VHOSTS_KNOWN_NAME /cms/index.php|R|APACHE_VHOSTS_KNOWN_NAME /cms/login/|R|APACHE_VHOSTS_KNOWN_NAME /cms/login.php|R|APACHE_VHOSTS_KNOWN_NAME /cms/manager/index.php|R|APACHE_VHOSTS_KNOWN_NAME /cms/module/forum/main.php|R|APACHE_VHOSTS_KNOWN_NAME /cms/module.php|R|APACHE_VHOSTS_KNOWN_NAME /cms/modules.php|R|APACHE_VHOSTS_KNOWN_NAME /cms/modules/plain/adminpart/addplain.php|R|APACHE_VHOSTS_KNOWN_NAME /cms/oldnews_reader.php|R|APACHE_VHOSTS_KNOWN_NAME /cmsqlite10/index.php|R|APACHE_VHOSTS_KNOWN_NAME /cmsqlite/index.php|R|APACHE_VHOSTS_KNOWN_NAME /cms/README|R|APACHE_VHOSTS_KNOWN_NAME /cms/README.php|R|APACHE_VHOSTS_KNOWN_NAME /cms/ru/|R|APACHE_VHOSTS_KNOWN_NAME /cms/search.php|R|APACHE_VHOSTS_KNOWN_NAME /cms/search.php3|R|APACHE_VHOSTS_KNOWN_NAME /cms/sitemap.xml|R|APACHE_VHOSTS_KNOWN_NAME /cms/skins/default.php|R|APACHE_VHOSTS_KNOWN_NAME /cms/smarty.php|R|APACHE_VHOSTS_KNOWN_NAME /cms/system/rss.php|R|APACHE_VHOSTS_KNOWN_NAME /cms/Templates/default/index_logged.php|R|APACHE_VHOSTS_KNOWN_NAME /cms/templates/system/css/editor.css|R|APACHE_VHOSTS_KNOWN_NAME /cms/themes/admin/default/modules/show.php|R|APACHE_VHOSTS_KNOWN_NAME /cms/tiny_mce/plugins/ibrowser/ibrowser.php|R|APACHE_VHOSTS_KNOWN_NAME /cms/update.php|R|APACHE_VHOSTS_KNOWN_NAME /cms/view.php|R|APACHE_VHOSTS_KNOWN_NAME /cms/website.php|R|APACHE_VHOSTS_KNOWN_NAME /.cobalt/|R|APACHE_VHOSTS_KNOWN_NAME /cobalt-images/|R|APACHE_VHOSTS_KNOWN_NAME /code/|R|APACHE_VHOSTS_KNOWN_NAME /collabtive/index.php|R|APACHE_VHOSTS_KNOWN_NAME /comic/news.php|R|APACHE_VHOSTS_KNOWN_NAME /comment.php|R|APACHE_VHOSTS_KNOWN_NAME /comments/|R|APACHE_VHOSTS_KNOWN_NAME /comments.php|R|APACHE_VHOSTS_KNOWN_NAME /common/|R|APACHE_VHOSTS_KNOWN_NAME /commoncgi/servlet/CCGIServlet|R|APACHE_VHOSTS_KNOWN_NAME /common/login.php|R|APACHE_VHOSTS_KNOWN_NAME /communicator/|R|APACHE_VHOSTS_KNOWN_NAME /community/index.php|R|APACHE_VHOSTS_KNOWN_NAME /community/upload/index.php|R|APACHE_VHOSTS_KNOWN_NAME /company/|R|APACHE_VHOSTS_KNOWN_NAME /compare/product.comparision.php|R|APACHE_VHOSTS_KNOWN_NAME /comparisonengine/product.comparision.php|R|APACHE_VHOSTS_KNOWN_NAME /compra/|R|APACHE_VHOSTS_KNOWN_NAME /compras/|R|APACHE_VHOSTS_KNOWN_NAME /compressed/|R|APACHE_VHOSTS_KNOWN_NAME /conecta/|R|APACHE_VHOSTS_KNOWN_NAME /conf/|R|APACHE_VHOSTS_KNOWN_NAME /conference/roschedule.php|R|APACHE_VHOSTS_KNOWN_NAME /config/|R|APACHE_VHOSTS_KNOWN_NAME /connect/|R|APACHE_VHOSTS_KNOWN_NAME /console/|R|APACHE_VHOSTS_KNOWN_NAME /ConsoleHelp/default.jsp|R|APACHE_VHOSTS_KNOWN_NAME /content/|R|APACHE_VHOSTS_KNOWN_NAME /content/dynpage_load.php|R|APACHE_VHOSTS_KNOWN_NAME /content.php|R|APACHE_VHOSTS_KNOWN_NAME /ControlManager/default.htm|R|APACHE_VHOSTS_KNOWN_NAME /controlpanel/|R|APACHE_VHOSTS_KNOWN_NAME /coppermine/index.php|R|APACHE_VHOSTS_KNOWN_NAME /core/|R|APACHE_VHOSTS_KNOWN_NAME /core/includes/gfw_smarty.php|R|APACHE_VHOSTS_KNOWN_NAME /corp/|R|APACHE_VHOSTS_KNOWN_NAME /Corporate/|R|APACHE_VHOSTS_KNOWN_NAME /correo/|R|APACHE_VHOSTS_KNOWN_NAME /Count.cgi|R|APACHE_VHOSTS_KNOWN_NAME /counter/|R|APACHE_VHOSTS_KNOWN_NAME /counter.exe|R|APACHE_VHOSTS_KNOWN_NAME /counter/index.php|R|APACHE_VHOSTS_KNOWN_NAME /cPcreator/index.php|R|APACHE_VHOSTS_KNOWN_NAME /cp/index.php|R|APACHE_VHOSTS_KNOWN_NAME /creasito/index.php|R|APACHE_VHOSTS_KNOWN_NAME /Creasito/index.php|R|APACHE_VHOSTS_KNOWN_NAME /credit/|R|APACHE_VHOSTS_KNOWN_NAME /cron/|R|APACHE_VHOSTS_KNOWN_NAME /crons/|R|APACHE_VHOSTS_KNOWN_NAME /CruxCMS300/manager/login.php|R|APACHE_VHOSTS_KNOWN_NAME /CruxCMS/login.php|R|APACHE_VHOSTS_KNOWN_NAME /CruxPA200/../Docs/ChangeLog.txt|R|APACHE_VHOSTS_KNOWN_NAME /CruxPA200/Docs/ChangeLog.txt|R|APACHE_VHOSTS_KNOWN_NAME /CruxPA200/../Docs/ReadMe.txt|R|APACHE_VHOSTS_KNOWN_NAME /CruxPA200/Docs/ReadMe.txt|R|APACHE_VHOSTS_KNOWN_NAME /CruxPA200/login.php|R|APACHE_VHOSTS_KNOWN_NAME /CruxPA200/Manager/../Docs/ChangeLog.txt|R|APACHE_VHOSTS_KNOWN_NAME /CruxPA200/Manager/Docs/ChangeLog.txt|R|APACHE_VHOSTS_KNOWN_NAME /CruxPA200/Manager/../Docs/ReadMe.txt|R|APACHE_VHOSTS_KNOWN_NAME /CruxPA200/Manager/Docs/ReadMe.txt|R|APACHE_VHOSTS_KNOWN_NAME /CruxPA200/Manager/login.php|R|APACHE_VHOSTS_KNOWN_NAME /crypt/cryptographp.inc.php|R|APACHE_VHOSTS_KNOWN_NAME /crypto/|R|APACHE_VHOSTS_KNOWN_NAME /CS/|R|APACHE_VHOSTS_KNOWN_NAME /cscart/index.php|R|APACHE_VHOSTS_KNOWN_NAME /cs-dns/index.php|R|APACHE_VHOSTS_KNOWN_NAME /csr/|R|APACHE_VHOSTS_KNOWN_NAME /css/|R|APACHE_VHOSTS_KNOWN_NAME /cs-whois/index.php|R|APACHE_VHOSTS_KNOWN_NAME /cube/bin/msgimport|R|APACHE_VHOSTS_KNOWN_NAME /cubecart/upload/index.php|R|APACHE_VHOSTS_KNOWN_NAME /cuenta/|R|APACHE_VHOSTS_KNOWN_NAME /cuentas/|R|APACHE_VHOSTS_KNOWN_NAME /currency/|R|APACHE_VHOSTS_KNOWN_NAME /customers/|R|APACHE_VHOSTS_KNOWN_NAME /cutenews/index.php|R|APACHE_VHOSTS_KNOWN_NAME /CVS/|R|APACHE_VHOSTS_KNOWN_NAME /CVS/Entries|R|APACHE_VHOSTS_KNOWN_NAME /cvs.php|R|APACHE_VHOSTS_KNOWN_NAME /cvstrac/index|R|APACHE_VHOSTS_KNOWN_NAME /cvsweb/|R|APACHE_VHOSTS_KNOWN_NAME /cvsweb.cgi/|R|APACHE_VHOSTS_KNOWN_NAME /c/winnt/system32/cmd.exe|R|APACHE_VHOSTS_KNOWN_NAME /cwmail.exe|R|APACHE_VHOSTS_KNOWN_NAME /cybercash/|R|APACHE_VHOSTS_KNOWN_NAME /d/|R|APACHE_VHOSTS_KNOWN_NAME /dagger/skins/default.php|R|APACHE_VHOSTS_KNOWN_NAME /darkportal/|R|APACHE_VHOSTS_KNOWN_NAME /dat/|R|APACHE_VHOSTS_KNOWN_NAME /data/|R|APACHE_VHOSTS_KNOWN_NAME /data/adminusers.csv|R|APACHE_VHOSTS_KNOWN_NAME /database/|R|APACHE_VHOSTS_KNOWN_NAME /database/admin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/database-admin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/databaseadmin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/database/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/databasemanager/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/databaseweb/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/myadmin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpmanager/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpMyAdmin-2.2.3/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpMyAdmin-2.2.6/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpMyAdmin-2.5.1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpMyAdmin-2.5.4/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpMyAdmin-2.5.5/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpMyAdmin-2.5.5-pl1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpMyAdmin-2.5.5-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpMyAdmin-2.5.5-rc2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpMyAdmin-2.5.6/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpMyAdmin-2.5.6-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpMyAdmin-2.5.6-rc2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpMyAdmin-2.5.7/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpMyAdmin-2.5.7-pl1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpMyAdmin-2.6.0-alpha2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpMyAdmin-2.6.0-alpha/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpMyAdmin-2.6.0-beta1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpMyAdmin-2.6.0-beta2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpMyAdmin-2.6.0/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpMyAdmin-2.6.0-pl1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpMyAdmin-2.6.0-pl2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpMyAdmin-2.6.0-pl3/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpMyAdmin-2.6.0-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpMyAdmin-2.6.0-rc2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpMyAdmin-2.6.0-rc3/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpMyAdmin-2.6.1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpMyAdmin-2.6.1-pl1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpMyAdmin-2.6.1-pl2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpMyAdmin-2.6.1-pl3/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpMyAdmin-2.6.1-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpMyAdmin-2.6.1-rc2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpMyAdmin-2.6.2-beta1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpMyAdmin-2.6.2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpMyAdmin-2.6.2-pl1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpMyAdmin-2.6.2-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpMyAdmin-2.6.3/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpMyAdmin-2.6.3-pl1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpMyAdmin-2.6.3-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpMyAdmin-2.6.4/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpMyAdmin-2.6.4-pl1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpMyAdmin-2.6.4-pl2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpMyAdmin-2.6.4-pl3/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpMyAdmin-2.6.4-pl4/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpMyAdmin-2.6.4-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpMyAdmin-2.7.0-beta1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpMyAdmin-2.7.0/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpMyAdmin-2.7.0-pl1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpMyAdmin-2.7.0-pl2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpMyAdmin-2.7.0-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpMyAdmin-2.8.0.1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpMyAdmin-2.8.0.2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpMyAdmin-2.8.0.3/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpMyAdmin-2.8.0.4/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpMyAdmin-2.8.0-beta1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpMyAdmin-2.8.0/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpMyAdmin-2.8.0-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpMyAdmin-2.8.0-rc2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpMyAdmin-2.8.1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpMyAdmin-2.8.1-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpMyAdmin-2.8.2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpmyadmin2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpMyAdmin-2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpMyAdmin2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/php-my-admin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/php-myadmin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpmy-admin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpmyadmin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/phpMyAdmin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/pma2005/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/pMA2005/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/pma2006/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/pMA2006/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/p/m/a/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/pMA/main.php|R|APACHE_VHOSTS_KNOWN_NAME /databases/|R|APACHE_VHOSTS_KNOWN_NAME /database/_sessions/|R|APACHE_VHOSTS_KNOWN_NAME /database/webadmin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/webdb/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/web/main.php|R|APACHE_VHOSTS_KNOWN_NAME /database/websql/main.php|R|APACHE_VHOSTS_KNOWN_NAME /datafiles/|R|APACHE_VHOSTS_KNOWN_NAME /data/nanoadmin.php|R|APACHE_VHOSTS_KNOWN_NAME /dato/|R|APACHE_VHOSTS_KNOWN_NAME /datos/|R|APACHE_VHOSTS_KNOWN_NAME /db/|R|APACHE_VHOSTS_KNOWN_NAME /DB4Web/|R|APACHE_VHOSTS_KNOWN_NAME /DB4Web/Red:23/foo|R|APACHE_VHOSTS_KNOWN_NAME /dba/|R|APACHE_VHOSTS_KNOWN_NAME /dbadmin/|R|APACHE_VHOSTS_KNOWN_NAME /db/admin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /dbadmin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /dbadmin/read_dump.phpmain.php|R|APACHE_VHOSTS_KNOWN_NAME /dbase/|R|APACHE_VHOSTS_KNOWN_NAME /dbase/aeNovo1.mdb|R|APACHE_VHOSTS_KNOWN_NAME /db/budget.sqlite|R|APACHE_VHOSTS_KNOWN_NAME /db/db-admin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/dbadmin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/db/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/dbmanager/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/dbweb/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/myadmin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpmanager/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpmyadmin/|R|APACHE_VHOSTS_KNOWN_NAME /db/phpMyAdmin/|R|APACHE_VHOSTS_KNOWN_NAME /db/phpMyAdmin-2.2.3/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpMyAdmin-2.2.6/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpMyAdmin-2.5.1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpMyAdmin-2.5.4/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpMyAdmin-2.5.5/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpMyAdmin-2.5.5-pl1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpMyAdmin-2.5.5-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpMyAdmin-2.5.5-rc2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpMyAdmin-2.5.6/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpMyAdmin-2.5.6-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpMyAdmin-2.5.6-rc2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpMyAdmin-2.5.7/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpMyAdmin-2.5.7-pl1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpMyAdmin-2.6.0-alpha2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpMyAdmin-2.6.0-alpha/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpMyAdmin-2.6.0-beta1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpMyAdmin-2.6.0-beta2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpMyAdmin-2.6.0/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpMyAdmin-2.6.0-pl1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpMyAdmin-2.6.0-pl2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpMyAdmin-2.6.0-pl3/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpMyAdmin-2.6.0-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpMyAdmin-2.6.0-rc2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpMyAdmin-2.6.0-rc3/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpMyAdmin-2.6.1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpMyAdmin-2.6.1-pl1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpMyAdmin-2.6.1-pl2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpMyAdmin-2.6.1-pl3/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpMyAdmin-2.6.1-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpMyAdmin-2.6.1-rc2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpMyAdmin-2.6.2-beta1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpMyAdmin-2.6.2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpMyAdmin-2.6.2-pl1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpMyAdmin-2.6.2-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpMyAdmin-2.6.3/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpMyAdmin-2.6.3-pl1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpMyAdmin-2.6.3-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpMyAdmin-2.6.4/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpMyAdmin-2.6.4-pl1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpMyAdmin-2.6.4-pl2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpMyAdmin-2.6.4-pl3/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpMyAdmin-2.6.4-pl4/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpMyAdmin-2.6.4-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpMyAdmin-2.7.0-beta1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpMyAdmin-2.7.0/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpMyAdmin-2.7.0-pl1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpMyAdmin-2.7.0-pl2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpMyAdmin-2.7.0-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpMyAdmin-2.8.0.1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpMyAdmin-2.8.0.2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpMyAdmin-2.8.0.3/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpMyAdmin-2.8.0.4/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpMyAdmin-2.8.0-beta1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpMyAdmin-2.8.0/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpMyAdmin-2.8.0-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpMyAdmin-2.8.0-rc2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpMyAdmin-2.8.1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpMyAdmin-2.8.1-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpMyAdmin-2.8.2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpmyadmin2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpMyAdmin-2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpMyAdmin2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/php-my-admin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/php-myadmin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpmy-admin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpmyadmin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/phpMyAdmin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/pma2005/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/pMA2005/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/pma2006/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/pMA2006/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/p/m/a/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/pMA/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/read_dump.phpmain.php|R|APACHE_VHOSTS_KNOWN_NAME /db/users.dat|R|APACHE_VHOSTS_KNOWN_NAME /db/webadmin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/webdb/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/web/main.php|R|APACHE_VHOSTS_KNOWN_NAME /db/websql/main.php|R|APACHE_VHOSTS_KNOWN_NAME /dcforum/|R|APACHE_VHOSTS_KNOWN_NAME /dcshop.cgi|R|APACHE_VHOSTS_KNOWN_NAME /dcshop/dcshop.cgi|R|APACHE_VHOSTS_KNOWN_NAME /DCshop/dcshop.cgi|R|APACHE_VHOSTS_KNOWN_NAME /dcshop/dcshop.pl|R|APACHE_VHOSTS_KNOWN_NAME /DCshop/dcshop.pl|R|APACHE_VHOSTS_KNOWN_NAME /dcshop.pl|R|APACHE_VHOSTS_KNOWN_NAME /ddreport/|R|APACHE_VHOSTS_KNOWN_NAME /ddrint/|R|APACHE_VHOSTS_KNOWN_NAME /default.aspx|R|APACHE_VHOSTS_KNOWN_NAME /default.cfm|R|APACHE_VHOSTS_KNOWN_NAME /default.cfml|R|APACHE_VHOSTS_KNOWN_NAME /deluxebb/index.php|R|APACHE_VHOSTS_KNOWN_NAME /demium/urheber.php|R|APACHE_VHOSTS_KNOWN_NAME /demo/|R|APACHE_VHOSTS_KNOWN_NAME /demoauct/|R|APACHE_VHOSTS_KNOWN_NAME /demo/demo/phpThumb.demo.demo.php|R|APACHE_VHOSTS_KNOWN_NAME /demomall/|R|APACHE_VHOSTS_KNOWN_NAME /demos/|R|APACHE_VHOSTS_KNOWN_NAME /_derived/|R|APACHE_VHOSTS_KNOWN_NAME /design/|R|APACHE_VHOSTS_KNOWN_NAME /desktop.php|R|APACHE_VHOSTS_KNOWN_NAME /detail.asp|R|APACHE_VHOSTS_KNOWN_NAME /dev/|R|APACHE_VHOSTS_KNOWN_NAME /devana/index.php|R|APACHE_VHOSTS_KNOWN_NAME /devel/|R|APACHE_VHOSTS_KNOWN_NAME /development/|R|APACHE_VHOSTS_KNOWN_NAME /diary/default.asp|R|APACHE_VHOSTS_KNOWN_NAME /digitalscribe/stuworkdisplay.php|R|APACHE_VHOSTS_KNOWN_NAME /DigitalScribe/stuworkdisplay.php|R|APACHE_VHOSTS_KNOWN_NAME /dig.php|R|APACHE_VHOSTS_KNOWN_NAME /dir/|R|APACHE_VHOSTS_KNOWN_NAME /dir/admin/index.php|R|APACHE_VHOSTS_KNOWN_NAME /directory/|R|APACHE_VHOSTS_KNOWN_NAME /directorymanager/|R|APACHE_VHOSTS_KNOWN_NAME /directory.php|R|APACHE_VHOSTS_KNOWN_NAME /discloser/login.php|R|APACHE_VHOSTS_KNOWN_NAME /diycms/diy/index.php|R|APACHE_VHOSTS_KNOWN_NAME /dl/|R|APACHE_VHOSTS_KNOWN_NAME /dll/|R|APACHE_VHOSTS_KNOWN_NAME /dl_stats/download.php|R|APACHE_VHOSTS_KNOWN_NAME /dm/|R|APACHE_VHOSTS_KNOWN_NAME /dmanager/php/login.php|R|APACHE_VHOSTS_KNOWN_NAME /DMC/titleBar.php|R|APACHE_VHOSTS_KNOWN_NAME /dm-filemanager/login.php|R|APACHE_VHOSTS_KNOWN_NAME /dmf/login.php|R|APACHE_VHOSTS_KNOWN_NAME /DMR/|R|APACHE_VHOSTS_KNOWN_NAME /dms/|R|APACHE_VHOSTS_KNOWN_NAME /dms0/|R|APACHE_VHOSTS_KNOWN_NAME /dmsdump/|R|APACHE_VHOSTS_KNOWN_NAME /dms/login.php|R|APACHE_VHOSTS_KNOWN_NAME /dms/slideshow.kspx|R|APACHE_VHOSTS_KNOWN_NAME /dnet/team.rc5-72.php|R|APACHE_VHOSTS_KNOWN_NAME /dn/library/lib.menu.php|R|APACHE_VHOSTS_KNOWN_NAME /dns_tools/dig.php|R|APACHE_VHOSTS_KNOWN_NAME /doc/|R|APACHE_VHOSTS_KNOWN_NAME /doc1/|R|APACHE_VHOSTS_KNOWN_NAME /docbuilder/top.php|R|APACHE_VHOSTS_KNOWN_NAME /doc/catalogue.html|R|APACHE_VHOSTS_KNOWN_NAME /doc-html/|R|APACHE_VHOSTS_KNOWN_NAME /docman/index.php|R|APACHE_VHOSTS_KNOWN_NAME /docs/|R|APACHE_VHOSTS_KNOWN_NAME /docs1/|R|APACHE_VHOSTS_KNOWN_NAME /Docs/ChangeLog.txt|R|APACHE_VHOSTS_KNOWN_NAME /docs/CHANGES|R|APACHE_VHOSTS_KNOWN_NAME /docs/index.php|R|APACHE_VHOSTS_KNOWN_NAME /Docs/ReadMe.txt|R|APACHE_VHOSTS_KNOWN_NAME /docs/servlets/index.html|R|APACHE_VHOSTS_KNOWN_NAME /DocuColor/|R|APACHE_VHOSTS_KNOWN_NAME /document/|R|APACHE_VHOSTS_KNOWN_NAME /documents/|R|APACHE_VHOSTS_KNOWN_NAME /dokeos/index.php|R|APACHE_VHOSTS_KNOWN_NAME /dokuwiki/VERSION|R|APACHE_VHOSTS_KNOWN_NAME /dolphin/gzip_loader.php|R|APACHE_VHOSTS_KNOWN_NAME /domaine/port/utilisateur|R|APACHE_VHOSTS_KNOWN_NAME /DotNetNuke|R|APACHE_VHOSTS_KNOWN_NAME /DotNetNuke/default.aspx|R|APACHE_VHOSTS_KNOWN_NAME /dotproject/index.php|R|APACHE_VHOSTS_KNOWN_NAME /dotProject/index.php|R|APACHE_VHOSTS_KNOWN_NAME /down/|R|APACHE_VHOSTS_KNOWN_NAME /download/|R|APACHE_VHOSTS_KNOWN_NAME /download.php|R|APACHE_VHOSTS_KNOWN_NAME /downloads/|R|APACHE_VHOSTS_KNOWN_NAME /down.php|R|APACHE_VHOSTS_KNOWN_NAME /dpi11f/index.php|R|APACHE_VHOSTS_KNOWN_NAME /DPI11F/index.php|R|APACHE_VHOSTS_KNOWN_NAME /dpi/index.php|R|APACHE_VHOSTS_KNOWN_NAME /drupal/CHANGELOG.txt|R|APACHE_VHOSTS_KNOWN_NAME /drupal/update.php|R|APACHE_VHOSTS_KNOWN_NAME /dspam/|R|APACHE_VHOSTS_KNOWN_NAME /.DS_Store|R|APACHE_VHOSTS_KNOWN_NAME /dump/|R|APACHE_VHOSTS_KNOWN_NAME /durep/|R|APACHE_VHOSTS_KNOWN_NAME /dynpage/content/dynpage_load.php|R|APACHE_VHOSTS_KNOWN_NAME /e/|R|APACHE_VHOSTS_KNOWN_NAME /e107_admin/admin.php|R|APACHE_VHOSTS_KNOWN_NAME /e107/e107_admin/admin.php|R|APACHE_VHOSTS_KNOWN_NAME /e107/e107_plugins/easyshop/easyshop.php|R|APACHE_VHOSTS_KNOWN_NAME /e107/news.php|R|APACHE_VHOSTS_KNOWN_NAME /easylog/|R|APACHE_VHOSTS_KNOWN_NAME /easymsgb.pl|R|APACHE_VHOSTS_KNOWN_NAME /easyshop.php|R|APACHE_VHOSTS_KNOWN_NAME /ecms/|R|APACHE_VHOSTS_KNOWN_NAME /edit_image.php|R|APACHE_VHOSTS_KNOWN_NAME /editor/assetmanager/assetmanager.asp|R|APACHE_VHOSTS_KNOWN_NAME /edlink.php|R|APACHE_VHOSTS_KNOWN_NAME /eforum/|R|APACHE_VHOSTS_KNOWN_NAME /eFront/www/index.php|R|APACHE_VHOSTS_KNOWN_NAME /egroupware/login.php|R|APACHE_VHOSTS_KNOWN_NAME /eid-med|R|APACHE_VHOSTS_KNOWN_NAME /ejemplo/|R|APACHE_VHOSTS_KNOWN_NAME /ejemplos/|R|APACHE_VHOSTS_KNOWN_NAME /elite/admin/login.php|R|APACHE_VHOSTS_KNOWN_NAME /email/|R|APACHE_VHOSTS_KNOWN_NAME /emailclass/|R|APACHE_VHOSTS_KNOWN_NAME /email/default.aspx|R|APACHE_VHOSTS_KNOWN_NAME /email/index.php|R|APACHE_VHOSTS_KNOWN_NAME /eManager/|R|APACHE_VHOSTS_KNOWN_NAME /employees/|R|APACHE_VHOSTS_KNOWN_NAME /empoyees/|R|APACHE_VHOSTS_KNOWN_NAME /empris/|R|APACHE_VHOSTS_KNOWN_NAME /en/|R|APACHE_VHOSTS_KNOWN_NAME /energine/|R|APACHE_VHOSTS_KNOWN_NAME /energine/htdocs/|R|APACHE_VHOSTS_KNOWN_NAME /engine/inc/version.info|R|APACHE_VHOSTS_KNOWN_NAME /en-US/|R|APACHE_VHOSTS_KNOWN_NAME /envia/|R|APACHE_VHOSTS_KNOWN_NAME /enviamail/|R|APACHE_VHOSTS_KNOWN_NAME /eocms/index.php|R|APACHE_VHOSTS_KNOWN_NAME /error/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cautoexec.bat|R|APACHE_VHOSTS_KNOWN_NAME /error/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cautoexec.bat2113503350|R|APACHE_VHOSTS_KNOWN_NAME /error/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cboot.ini|R|APACHE_VHOSTS_KNOWN_NAME /error/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cboot.ini416555602|R|APACHE_VHOSTS_KNOWN_NAME /error/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwinnt%5cwin.ini|R|APACHE_VHOSTS_KNOWN_NAME /error/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwinnt%5cwin.ini2067079208|R|APACHE_VHOSTS_KNOWN_NAME /error/NonExistent.html|R|APACHE_VHOSTS_KNOWN_NAME /error.php|R|APACHE_VHOSTS_KNOWN_NAME /_errors/|R|APACHE_VHOSTS_KNOWN_NAME /errors/|R|APACHE_VHOSTS_KNOWN_NAME /es/|R|APACHE_VHOSTS_KNOWN_NAME /EsBaseAdmin/default/login.php|R|APACHE_VHOSTS_KNOWN_NAME /EsContacts/login.php|R|APACHE_VHOSTS_KNOWN_NAME /eshop/index.php|R|APACHE_VHOSTS_KNOWN_NAME /eshop.pl/seite=;cat%20eshop.|R|APACHE_VHOSTS_KNOWN_NAME /EsNews/admin/news/modifier.php|R|APACHE_VHOSTS_KNOWN_NAME /EsPartenaires/login.php|R|APACHE_VHOSTS_KNOWN_NAME /estmt/|R|APACHE_VHOSTS_KNOWN_NAME /etc/|R|APACHE_VHOSTS_KNOWN_NAME /eTicket/license.txt|R|APACHE_VHOSTS_KNOWN_NAME /evalsmsi/evalsmsi.php|R|APACHE_VHOSTS_KNOWN_NAME /evalsmsi.php|R|APACHE_VHOSTS_KNOWN_NAME /eventh/index.php|R|APACHE_VHOSTS_KNOWN_NAME /eventhorizon/index.php|R|APACHE_VHOSTS_KNOWN_NAME /evision/modules/plain/adminpart/addplain.php|R|APACHE_VHOSTS_KNOWN_NAME /example/|R|APACHE_VHOSTS_KNOWN_NAME /examples/|R|APACHE_VHOSTS_KNOWN_NAME /examples/jsp/source.jsp|R|APACHE_VHOSTS_KNOWN_NAME /examples/servlet/TroubleShooter|R|APACHE_VHOSTS_KNOWN_NAME /exc/|R|APACHE_VHOSTS_KNOWN_NAME /excel/|R|APACHE_VHOSTS_KNOWN_NAME /exchange/|R|APACHE_VHOSTS_KNOWN_NAME /exchweb/bin/auth/owalogon.asp|R|APACHE_VHOSTS_KNOWN_NAME /exe/|R|APACHE_VHOSTS_KNOWN_NAME /exec/|R|APACHE_VHOSTS_KNOWN_NAME /explorer/index.php|R|APACHE_VHOSTS_KNOWN_NAME /exponent/index.php|R|APACHE_VHOSTS_KNOWN_NAME /export/|R|APACHE_VHOSTS_KNOWN_NAME /external/|R|APACHE_VHOSTS_KNOWN_NAME /extras/curltest.php|R|APACHE_VHOSTS_KNOWN_NAME /ezblog/public/view.php|R|APACHE_VHOSTS_KNOWN_NAME /ez/showcategory.php|R|APACHE_VHOSTS_KNOWN_NAME /f/|R|APACHE_VHOSTS_KNOWN_NAME /F3Site/index.php|R|APACHE_VHOSTS_KNOWN_NAME /F3Site/SYSTEM/index.php|R|APACHE_VHOSTS_KNOWN_NAME /facil-cms/modules.php|R|APACHE_VHOSTS_KNOWN_NAME /faq/|R|APACHE_VHOSTS_KNOWN_NAME /faq/index.php|R|APACHE_VHOSTS_KNOWN_NAME /.FBCIndex|R|APACHE_VHOSTS_KNOWN_NAME /fbsd/|R|APACHE_VHOSTS_KNOWN_NAME /fcgi-bin/|R|APACHE_VHOSTS_KNOWN_NAME /fcgi-bin/echo|R|APACHE_VHOSTS_KNOWN_NAME /fcms/index.php|R|APACHE_VHOSTS_KNOWN_NAME /FCMS/index.php|R|APACHE_VHOSTS_KNOWN_NAME /file/|R|APACHE_VHOSTS_KNOWN_NAME /fileexplorer/index.php|R|APACHE_VHOSTS_KNOWN_NAME /filemanager/|R|APACHE_VHOSTS_KNOWN_NAME /filemanager/content.php|R|APACHE_VHOSTS_KNOWN_NAME /filemanager/index.php|R|APACHE_VHOSTS_KNOWN_NAME /files/|R|APACHE_VHOSTS_KNOWN_NAME /fileserver/index.php|R|APACHE_VHOSTS_KNOWN_NAME /filter.php|R|APACHE_VHOSTS_KNOWN_NAME /firestats/tools.php|R|APACHE_VHOSTS_KNOWN_NAME /firstvisit.php|R|APACHE_VHOSTS_KNOWN_NAME /flashcard/index.php|R|APACHE_VHOSTS_KNOWN_NAME /FlashCard/index.php|R|APACHE_VHOSTS_KNOWN_NAME /FlashChat/index.php|R|APACHE_VHOSTS_KNOWN_NAME /flashlight/README.txt|R|APACHE_VHOSTS_KNOWN_NAME /flash/README.txt|R|APACHE_VHOSTS_KNOWN_NAME /flatchat/index.php|R|APACHE_VHOSTS_KNOWN_NAME /flatpress/index.php|R|APACHE_VHOSTS_KNOWN_NAME /flexcube@/|R|APACHE_VHOSTS_KNOWN_NAME /flexcubeat/|R|APACHE_VHOSTS_KNOWN_NAME /foldergallery/index.php|R|APACHE_VHOSTS_KNOWN_NAME /foldoc/|R|APACHE_VHOSTS_KNOWN_NAME /foo.cfm|R|APACHE_VHOSTS_KNOWN_NAME /foo.jsp|R|APACHE_VHOSTS_KNOWN_NAME /foo.php|R|APACHE_VHOSTS_KNOWN_NAME /foo.shtml|R|APACHE_VHOSTS_KNOWN_NAME /foo.thtml|R|APACHE_VHOSTS_KNOWN_NAME /form/|R|APACHE_VHOSTS_KNOWN_NAME /formmail/formmail.pl|R|APACHE_VHOSTS_KNOWN_NAME /formmail/FormMail.pl|R|APACHE_VHOSTS_KNOWN_NAME /formmail.pl|R|APACHE_VHOSTS_KNOWN_NAME /FormMail.pl|R|APACHE_VHOSTS_KNOWN_NAME /forms/|R|APACHE_VHOSTS_KNOWN_NAME /formsmgr/|R|APACHE_VHOSTS_KNOWN_NAME /form-totaller/|R|APACHE_VHOSTS_KNOWN_NAME /forum/|R|APACHE_VHOSTS_KNOWN_NAME /forum/admin.php|R|APACHE_VHOSTS_KNOWN_NAME /forum_answer.php|R|APACHE_VHOSTS_KNOWN_NAME /forum/Database/EZsiteForum.mdb|R|APACHE_VHOSTS_KNOWN_NAME /forum/index.php|R|APACHE_VHOSTS_KNOWN_NAME /forum/login.php|R|APACHE_VHOSTS_KNOWN_NAME /forum.php|R|APACHE_VHOSTS_KNOWN_NAME /forums/|R|APACHE_VHOSTS_KNOWN_NAME /forum/showtheme.php|R|APACHE_VHOSTS_KNOWN_NAME /forums/index.php|R|APACHE_VHOSTS_KNOWN_NAME /forum/upload/index.php|R|APACHE_VHOSTS_KNOWN_NAME /forum/viewforum.php|R|APACHE_VHOSTS_KNOWN_NAME /forum/wcf/acp/dereferrer.php|R|APACHE_VHOSTS_KNOWN_NAME /foswiki/bin/view/foswiki/WebHome|R|APACHE_VHOSTS_KNOWN_NAME /foto/|R|APACHE_VHOSTS_KNOWN_NAME /fotos/|R|APACHE_VHOSTS_KNOWN_NAME /fpadmin/|R|APACHE_VHOSTS_KNOWN_NAME /_fpclass/|R|APACHE_VHOSTS_KNOWN_NAME /fpdb/|R|APACHE_VHOSTS_KNOWN_NAME /fpsample/|R|APACHE_VHOSTS_KNOWN_NAME /fpws/index.php|R|APACHE_VHOSTS_KNOWN_NAME /FPWS/index.php|R|APACHE_VHOSTS_KNOWN_NAME /fr/|R|APACHE_VHOSTS_KNOWN_NAME /frameset/|R|APACHE_VHOSTS_KNOWN_NAME /framesets/|R|APACHE_VHOSTS_KNOWN_NAME /FreeDirectory/index.php|R|APACHE_VHOSTS_KNOWN_NAME /fretsweb/charts.php|R|APACHE_VHOSTS_KNOWN_NAME /frontaccount/index.php|R|APACHE_VHOSTS_KNOWN_NAME /ftp/|R|APACHE_VHOSTS_KNOWN_NAME /ftp/index.php|R|APACHE_VHOSTS_KNOWN_NAME /ftproot/|R|APACHE_VHOSTS_KNOWN_NAME /fuzzylime/_cms303/docs/readme.txt|R|APACHE_VHOSTS_KNOWN_NAME /fuzzylime/index.php|R|APACHE_VHOSTS_KNOWN_NAME /g/|R|APACHE_VHOSTS_KNOWN_NAME /gallery/admin/index.php|R|APACHE_VHOSTS_KNOWN_NAME /gallery/gallery.php|R|APACHE_VHOSTS_KNOWN_NAME /gallery/index.php|R|APACHE_VHOSTS_KNOWN_NAME /Gallery/index.php|R|APACHE_VHOSTS_KNOWN_NAME /gallery.php|R|APACHE_VHOSTS_KNOWN_NAME /gallery/search.php|R|APACHE_VHOSTS_KNOWN_NAME /gallo/core/includes/gfw_smarty.php|R|APACHE_VHOSTS_KNOWN_NAME /ganglia/|R|APACHE_VHOSTS_KNOWN_NAME /gdl42/download.php|R|APACHE_VHOSTS_KNOWN_NAME /gdl/download.php|R|APACHE_VHOSTS_KNOWN_NAME /geccBB/index.php|R|APACHE_VHOSTS_KNOWN_NAME /geccBBlite/index.php|R|APACHE_VHOSTS_KNOWN_NAME /geneald/Index2.php|R|APACHE_VHOSTS_KNOWN_NAME /genealogie/Index2.php|R|APACHE_VHOSTS_KNOWN_NAME /genealogie_sql/Index2.php|R|APACHE_VHOSTS_KNOWN_NAME /genericshop/index.php|R|APACHE_VHOSTS_KNOWN_NAME /gen/obj/collectivite.class.php|R|APACHE_VHOSTS_KNOWN_NAME /GetSimple_2.01/index.php|R|APACHE_VHOSTS_KNOWN_NAME /getsimple/index.php|R|APACHE_VHOSTS_KNOWN_NAME /GetSimple/index.php|R|APACHE_VHOSTS_KNOWN_NAME /gfx/|R|APACHE_VHOSTS_KNOWN_NAME /Gigs/index.php|R|APACHE_VHOSTS_KNOWN_NAME /gimtel/html/affich.php|R|APACHE_VHOSTS_KNOWN_NAME /glFusion/index.php|R|APACHE_VHOSTS_KNOWN_NAME /glfusion/public_html/index.php|R|APACHE_VHOSTS_KNOWN_NAME /global/|R|APACHE_VHOSTS_KNOWN_NAME /global.asa|R|APACHE_VHOSTS_KNOWN_NAME /global.asa\|R|APACHE_VHOSTS_KNOWN_NAME /gnat/admin/index.php|R|APACHE_VHOSTS_KNOWN_NAME /gnat-tgp/gnat/admin/index.php|R|APACHE_VHOSTS_KNOWN_NAME /Gnat-TGP/gnat/admin/index.php|R|APACHE_VHOSTS_KNOWN_NAME /go/about.php|R|APACHE_VHOSTS_KNOWN_NAME /golabi/Templates/default/index_logged.php|R|APACHE_VHOSTS_KNOWN_NAME /grades/index.php|R|APACHE_VHOSTS_KNOWN_NAME /gravity/index.php|R|APACHE_VHOSTS_KNOWN_NAME /grocery/|R|APACHE_VHOSTS_KNOWN_NAME /group-office/about.php|R|APACHE_VHOSTS_KNOWN_NAME /groupware/about.php|R|APACHE_VHOSTS_KNOWN_NAME /groupware/login.php|R|APACHE_VHOSTS_KNOWN_NAME /guest/|R|APACHE_VHOSTS_KNOWN_NAME /guestbook/|R|APACHE_VHOSTS_KNOWN_NAME /guestbook/ang/index.php|R|APACHE_VHOSTS_KNOWN_NAME /guestbook/guestbook.php|R|APACHE_VHOSTS_KNOWN_NAME /guestbook/index.php|R|APACHE_VHOSTS_KNOWN_NAME /guestbook.php|R|APACHE_VHOSTS_KNOWN_NAME /guests/|R|APACHE_VHOSTS_KNOWN_NAME /GW5/GWWEB.EXE|R|APACHE_VHOSTS_KNOWN_NAME /GWWEB.EXE|R|APACHE_VHOSTS_KNOWN_NAME /GXApp/|R|APACHE_VHOSTS_KNOWN_NAME /gzip_loader.php|R|APACHE_VHOSTS_KNOWN_NAME /handlers/getpage.php|R|APACHE_VHOSTS_KNOWN_NAME /HB/|R|APACHE_VHOSTS_KNOWN_NAME /HBTemplates/|R|APACHE_VHOSTS_KNOWN_NAME /help/|R|APACHE_VHOSTS_KNOWN_NAME /help/contents.htm|R|APACHE_VHOSTS_KNOWN_NAME /helpdesk/|R|APACHE_VHOSTS_KNOWN_NAME /helpdesk/common/login.php|R|APACHE_VHOSTS_KNOWN_NAME /hidden/|R|APACHE_VHOSTS_KNOWN_NAME /hide/|R|APACHE_VHOSTS_KNOWN_NAME /hints.pl|R|APACHE_VHOSTS_KNOWN_NAME /hitmatic/|R|APACHE_VHOSTS_KNOWN_NAME /hit_tracker/|R|APACHE_VHOSTS_KNOWN_NAME /hlstats/|R|APACHE_VHOSTS_KNOWN_NAME /home|R|APACHE_VHOSTS_KNOWN_NAME /home/|R|APACHE_VHOSTS_KNOWN_NAME /home.asp|R|APACHE_VHOSTS_KNOWN_NAME /home.cfm|R|APACHE_VHOSTS_KNOWN_NAME /home.cfml|R|APACHE_VHOSTS_KNOWN_NAME /horde/chora/cvs.php|R|APACHE_VHOSTS_KNOWN_NAME /horde/chora/horde/services/help/|R|APACHE_VHOSTS_KNOWN_NAME /horde/chora/README|R|APACHE_VHOSTS_KNOWN_NAME /horde/docs/CHANGES|R|APACHE_VHOSTS_KNOWN_NAME /horde/imp/|R|APACHE_VHOSTS_KNOWN_NAME /horde/lib/version.phps|R|APACHE_VHOSTS_KNOWN_NAME /horde/README|R|APACHE_VHOSTS_KNOWN_NAME /horde/services/help/|R|APACHE_VHOSTS_KNOWN_NAME /horde/status.php3|R|APACHE_VHOSTS_KNOWN_NAME /horde/test.php|R|APACHE_VHOSTS_KNOWN_NAME /hostingcontroller/|R|APACHE_VHOSTS_KNOWN_NAME /howto/|R|APACHE_VHOSTS_KNOWN_NAME /ht/|R|APACHE_VHOSTS_KNOWN_NAME /htaccess.txt|R|APACHE_VHOSTS_KNOWN_NAME /htbin/|R|APACHE_VHOSTS_KNOWN_NAME /htdocs/|R|APACHE_VHOSTS_KNOWN_NAME /htdocs/index.php|R|APACHE_VHOSTS_KNOWN_NAME /htdocs/login.php|R|APACHE_VHOSTS_KNOWN_NAME /htdocs/user.php|R|APACHE_VHOSTS_KNOWN_NAME /html/|R|APACHE_VHOSTS_KNOWN_NAME /html/%3f.jsp|R|APACHE_VHOSTS_KNOWN_NAME /html/affich.php|R|APACHE_VHOSTS_KNOWN_NAME /html/index.php|R|APACHE_VHOSTS_KNOWN_NAME /html/phpmyadmin/|R|APACHE_VHOSTS_KNOWN_NAME /html/phpMyAdmin/|R|APACHE_VHOSTS_KNOWN_NAME /htsearch|R|APACHE_VHOSTS_KNOWN_NAME http:/login.yahoo.com/status|R|APACHE_VHOSTS_KNOWN_NAME /hyperstat/|R|APACHE_VHOSTS_KNOWN_NAME /ibank/|R|APACHE_VHOSTS_KNOWN_NAME /ibill/|R|APACHE_VHOSTS_KNOWN_NAME /IBMWebAS/|R|APACHE_VHOSTS_KNOWN_NAME /idb/index.php|R|APACHE_VHOSTS_KNOWN_NAME /idea/|R|APACHE_VHOSTS_KNOWN_NAME /ideas/|R|APACHE_VHOSTS_KNOWN_NAME /iisadmin/|R|APACHE_VHOSTS_KNOWN_NAME /iisprotect/|R|APACHE_VHOSTS_KNOWN_NAME /iissamples/|R|APACHE_VHOSTS_KNOWN_NAME /ilohamail/|R|APACHE_VHOSTS_KNOWN_NAME /IlohaMail/|R|APACHE_VHOSTS_KNOWN_NAME /image/|R|APACHE_VHOSTS_KNOWN_NAME /image/index.php|R|APACHE_VHOSTS_KNOWN_NAME /imagenes/|R|APACHE_VHOSTS_KNOWN_NAME /imagery/|R|APACHE_VHOSTS_KNOWN_NAME /images/|R|APACHE_VHOSTS_KNOWN_NAME /images/%3f.jsp|R|APACHE_VHOSTS_KNOWN_NAME /images/gallery.php|R|APACHE_VHOSTS_KNOWN_NAME /i-mall.cgi|R|APACHE_VHOSTS_KNOWN_NAME /img/|R|APACHE_VHOSTS_KNOWN_NAME /imp/|R|APACHE_VHOSTS_KNOWN_NAME /import/|R|APACHE_VHOSTS_KNOWN_NAME /impreso/|R|APACHE_VHOSTS_KNOWN_NAME /inc/|R|APACHE_VHOSTS_KNOWN_NAME /include/|R|APACHE_VHOSTS_KNOWN_NAME /includes/|R|APACHE_VHOSTS_KNOWN_NAME /includes/esqueletos/skel_null.php|R|APACHE_VHOSTS_KNOWN_NAME /includes/include.php|R|APACHE_VHOSTS_KNOWN_NAME /includes/initsystem.php|R|APACHE_VHOSTS_KNOWN_NAME /includes/js/mambojavascript.js|R|APACHE_VHOSTS_KNOWN_NAME /includes/window_top.php|R|APACHE_VHOSTS_KNOWN_NAME /incoming/|R|APACHE_VHOSTS_KNOWN_NAME /inc/smarty/libs/init.php|R|APACHE_VHOSTS_KNOWN_NAME /indeks.php|R|APACHE_VHOSTS_KNOWN_NAME /index|R|APACHE_VHOSTS_KNOWN_NAME /index2.php|R|APACHE_VHOSTS_KNOWN_NAME /Index2.php|R|APACHE_VHOSTS_KNOWN_NAME /index.asp|R|APACHE_VHOSTS_KNOWN_NAME /index.cfm|R|APACHE_VHOSTS_KNOWN_NAME /index.cfml|R|APACHE_VHOSTS_KNOWN_NAME /index.cgi|R|APACHE_VHOSTS_KNOWN_NAME /index.hsp|R|APACHE_VHOSTS_KNOWN_NAME /index.htm.|R|APACHE_VHOSTS_KNOWN_NAME /index.js%70|R|APACHE_VHOSTS_KNOWN_NAME /index.php3|R|APACHE_VHOSTS_KNOWN_NAME /index.php4|R|APACHE_VHOSTS_KNOWN_NAME /index.php/Special/Main/Templates|R|APACHE_VHOSTS_KNOWN_NAME /index.php/Special:Version|R|APACHE_VHOSTS_KNOWN_NAME /index.pl|R|APACHE_VHOSTS_KNOWN_NAME /index.pl/homels|R|APACHE_VHOSTS_KNOWN_NAME /index.rb|R|APACHE_VHOSTS_KNOWN_NAME /info/|R|APACHE_VHOSTS_KNOWN_NAME /info.php|R|APACHE_VHOSTS_KNOWN_NAME /information/|R|APACHE_VHOSTS_KNOWN_NAME /infusions/book_panel/books.php|R|APACHE_VHOSTS_KNOWN_NAME /ingresa/|R|APACHE_VHOSTS_KNOWN_NAME /ingreso/|R|APACHE_VHOSTS_KNOWN_NAME /inserter.cgi|R|APACHE_VHOSTS_KNOWN_NAME /install/|R|APACHE_VHOSTS_KNOWN_NAME /Install/|R|APACHE_VHOSTS_KNOWN_NAME /install/index.php|R|APACHE_VHOSTS_KNOWN_NAME /internal/|R|APACHE_VHOSTS_KNOWN_NAME /interscan/cgi-bin/FtpSave.dll|R|APACHE_VHOSTS_KNOWN_NAME /intl/|R|APACHE_VHOSTS_KNOWN_NAME /intranet/|R|APACHE_VHOSTS_KNOWN_NAME /intruvert/jsp/admin/Login.jsp|R|APACHE_VHOSTS_KNOWN_NAME /inventory/|R|APACHE_VHOSTS_KNOWN_NAME /invitado/|R|APACHE_VHOSTS_KNOWN_NAME /invohost/site.php|R|APACHE_VHOSTS_KNOWN_NAME /INVOHOST/site.php|R|APACHE_VHOSTS_KNOWN_NAME /io/newfile.txt|R|APACHE_VHOSTS_KNOWN_NAME /ion-p.exe|R|APACHE_VHOSTS_KNOWN_NAME /ipb/index.php|R|APACHE_VHOSTS_KNOWN_NAME /ipb/upload/index.php|R|APACHE_VHOSTS_KNOWN_NAME /irokez/ru/|R|APACHE_VHOSTS_KNOWN_NAME /isapi/|R|APACHE_VHOSTS_KNOWN_NAME /ispcp/index.php|R|APACHE_VHOSTS_KNOWN_NAME /ispworker/module/biz/index.php|R|APACHE_VHOSTS_KNOWN_NAME /jaf/module/forum/main.php|R|APACHE_VHOSTS_KNOWN_NAME /jag/guestbook.php|R|APACHE_VHOSTS_KNOWN_NAME /JAG/guestbook.php|R|APACHE_VHOSTS_KNOWN_NAME /japidoc/|R|APACHE_VHOSTS_KNOWN_NAME /java/|R|APACHE_VHOSTS_KNOWN_NAME /javascript/|R|APACHE_VHOSTS_KNOWN_NAME /javasdk/|R|APACHE_VHOSTS_KNOWN_NAME /javatest/|R|APACHE_VHOSTS_KNOWN_NAME /jave/|R|APACHE_VHOSTS_KNOWN_NAME /jaxcms/index.php|R|APACHE_VHOSTS_KNOWN_NAME /JaxCMS/index.php|R|APACHE_VHOSTS_KNOWN_NAME /JBookIt/|R|APACHE_VHOSTS_KNOWN_NAME /jdbc/|R|APACHE_VHOSTS_KNOWN_NAME /jgs_portal_statistik.php|R|APACHE_VHOSTS_KNOWN_NAME /job/|R|APACHE_VHOSTS_KNOWN_NAME /jobs/browse.php|R|APACHE_VHOSTS_KNOWN_NAME /Joomla150/index.php|R|APACHE_VHOSTS_KNOWN_NAME /joomla/.htaccess|R|APACHE_VHOSTS_KNOWN_NAME /joomla/includes/js/mambojavascript.js|R|APACHE_VHOSTS_KNOWN_NAME /joomla/index.php|R|APACHE_VHOSTS_KNOWN_NAME /joomla/templates/system/css/editor.css|R|APACHE_VHOSTS_KNOWN_NAME /jpgraph/docportal/index.html|R|APACHE_VHOSTS_KNOWN_NAME /jpgraph/index.html|R|APACHE_VHOSTS_KNOWN_NAME /jrun/|R|APACHE_VHOSTS_KNOWN_NAME /js/|R|APACHE_VHOSTS_KNOWN_NAME /jserv/|R|APACHE_VHOSTS_KNOWN_NAME /jslib/|R|APACHE_VHOSTS_KNOWN_NAME /jsp/|R|APACHE_VHOSTS_KNOWN_NAME /jsp/index.html|R|APACHE_VHOSTS_KNOWN_NAME /junk/|R|APACHE_VHOSTS_KNOWN_NAME /jv/www/index.php|R|APACHE_VHOSTS_KNOWN_NAME /kb/index.php|R|APACHE_VHOSTS_KNOWN_NAME /keyserver/|R|APACHE_VHOSTS_KNOWN_NAME /kiva/|R|APACHE_VHOSTS_KNOWN_NAME /kleinanzeigen/index.php3|R|APACHE_VHOSTS_KNOWN_NAME /kleinanzeigen/index.php4|R|APACHE_VHOSTS_KNOWN_NAME /kos2/changelog.txt|R|APACHE_VHOSTS_KNOWN_NAME /koschtit2/changelog.txt|R|APACHE_VHOSTS_KNOWN_NAME /koschtit/changelog.txt|R|APACHE_VHOSTS_KNOWN_NAME /labs/|R|APACHE_VHOSTS_KNOWN_NAME /lamp/phpmyadmin/|R|APACHE_VHOSTS_KNOWN_NAME /lcgi|R|APACHE_VHOSTS_KNOWN_NAME /lcgi/|R|APACHE_VHOSTS_KNOWN_NAME /LCGI|R|APACHE_VHOSTS_KNOWN_NAME /lcgi-bin|R|APACHE_VHOSTS_KNOWN_NAME /lcgi/sewse.nlm|R|APACHE_VHOSTS_KNOWN_NAME /ldapadmin/htdocs/index.php|R|APACHE_VHOSTS_KNOWN_NAME /ldap/htdocs/index.php|R|APACHE_VHOSTS_KNOWN_NAME /leap/|R|APACHE_VHOSTS_KNOWN_NAME /ledger/login.pl|R|APACHE_VHOSTS_KNOWN_NAME /left.php|R|APACHE_VHOSTS_KNOWN_NAME /legal/|R|APACHE_VHOSTS_KNOWN_NAME /lib/|R|APACHE_VHOSTS_KNOWN_NAME /libraries/|R|APACHE_VHOSTS_KNOWN_NAME /library/|R|APACHE_VHOSTS_KNOWN_NAME /library/lib.menu.php|R|APACHE_VHOSTS_KNOWN_NAME /libro/|R|APACHE_VHOSTS_KNOWN_NAME /lib/version.phps|R|APACHE_VHOSTS_KNOWN_NAME /license.php|R|APACHE_VHOSTS_KNOWN_NAME /lightneasy/LightNEasy.php|R|APACHE_VHOSTS_KNOWN_NAME /LightNEasy.php|R|APACHE_VHOSTS_KNOWN_NAME /limesurvey/admin/admin.php|R|APACHE_VHOSTS_KNOWN_NAME /limny/index.php|R|APACHE_VHOSTS_KNOWN_NAME /limny/upload/index.php|R|APACHE_VHOSTS_KNOWN_NAME /links/|R|APACHE_VHOSTS_KNOWN_NAME /linkSpheric/admin/index.php|R|APACHE_VHOSTS_KNOWN_NAME /linkSpheric/CHANGELOG|R|APACHE_VHOSTS_KNOWN_NAME /linpha/index.php|R|APACHE_VHOSTS_KNOWN_NAME /linux/|R|APACHE_VHOSTS_KNOWN_NAME /Lisez%20moi.txt|R|APACHE_VHOSTS_KNOWN_NAME /listinfo|R|APACHE_VHOSTS_KNOWN_NAME /listrec.pl|R|APACHE_VHOSTS_KNOWN_NAME /LiveZilla/index.php|R|APACHE_VHOSTS_KNOWN_NAME /lm_starmail_paidmail/index.php|R|APACHE_VHOSTS_KNOWN_NAME /loader/|R|APACHE_VHOSTS_KNOWN_NAME /localclassifieds/classifieds/Site_Admin/admin.php|R|APACHE_VHOSTS_KNOWN_NAME /~log/|R|APACHE_VHOSTS_KNOWN_NAME /log/|R|APACHE_VHOSTS_KNOWN_NAME /Log/|R|APACHE_VHOSTS_KNOWN_NAME /logfile/|R|APACHE_VHOSTS_KNOWN_NAME /logfiles/|R|APACHE_VHOSTS_KNOWN_NAME /logg/|R|APACHE_VHOSTS_KNOWN_NAME /logger/|R|APACHE_VHOSTS_KNOWN_NAME /logging/|R|APACHE_VHOSTS_KNOWN_NAME /login/|R|APACHE_VHOSTS_KNOWN_NAME /login.cgi|R|APACHE_VHOSTS_KNOWN_NAME /login.htm|R|APACHE_VHOSTS_KNOWN_NAME /login_page.php|R|APACHE_VHOSTS_KNOWN_NAME /login.php|R|APACHE_VHOSTS_KNOWN_NAME /Login.php|R|APACHE_VHOSTS_KNOWN_NAME /login.pl|R|APACHE_VHOSTS_KNOWN_NAME /logon/|R|APACHE_VHOSTS_KNOWN_NAME /logs/|R|APACHE_VHOSTS_KNOWN_NAME /logs/awstats.pl|R|APACHE_VHOSTS_KNOWN_NAME /lost+found/|R|APACHE_VHOSTS_KNOWN_NAME /mahara/htdocs/index.php|R|APACHE_VHOSTS_KNOWN_NAME /mail/|R|APACHE_VHOSTS_KNOWN_NAME /Mail/|R|APACHE_VHOSTS_KNOWN_NAME /mail2/bin/msgimport|R|APACHE_VHOSTS_KNOWN_NAME /mail/admin/index.php|R|APACHE_VHOSTS_KNOWN_NAME /mail/bin/msgimport|R|APACHE_VHOSTS_KNOWN_NAME /mail.cgi|R|APACHE_VHOSTS_KNOWN_NAME /mail/default.aspx|R|APACHE_VHOSTS_KNOWN_NAME /mail/index.php|R|APACHE_VHOSTS_KNOWN_NAME /mail_log_files/|R|APACHE_VHOSTS_KNOWN_NAME /mail/login.php|R|APACHE_VHOSTS_KNOWN_NAME /mailman/|R|APACHE_VHOSTS_KNOWN_NAME /mailman/listinfo|R|APACHE_VHOSTS_KNOWN_NAME /mailroot/|R|APACHE_VHOSTS_KNOWN_NAME /main.cgi|R|APACHE_VHOSTS_KNOWN_NAME /main_login.asp|R|APACHE_VHOSTS_KNOWN_NAME /main.php|R|APACHE_VHOSTS_KNOWN_NAME /makefile/|R|APACHE_VHOSTS_KNOWN_NAME /mall_log_files/|R|APACHE_VHOSTS_KNOWN_NAME /mambo/htaccess.txt|R|APACHE_VHOSTS_KNOWN_NAME /mambo/includes/js/mambojavascript.js|R|APACHE_VHOSTS_KNOWN_NAME /mambo/index.php|R|APACHE_VHOSTS_KNOWN_NAME /mambo/README.php|R|APACHE_VHOSTS_KNOWN_NAME /manage/|R|APACHE_VHOSTS_KNOWN_NAME /manager/index.php|R|APACHE_VHOSTS_KNOWN_NAME /manpage/index.php|R|APACHE_VHOSTS_KNOWN_NAME /mantisbt/login_page.php|R|APACHE_VHOSTS_KNOWN_NAME /mantis/login_page.php|R|APACHE_VHOSTS_KNOWN_NAME /manual/|R|APACHE_VHOSTS_KNOWN_NAME /manual/ag/contents.htm|R|APACHE_VHOSTS_KNOWN_NAME /map/admin/updatelist.php|R|APACHE_VHOSTS_KNOWN_NAME /marketing/|R|APACHE_VHOSTS_KNOWN_NAME /md/index.php|R|APACHE_VHOSTS_KNOWN_NAME /mdpro/index.php|R|APACHE_VHOSTS_KNOWN_NAME /mediawiki/index.php/Special:Version|R|APACHE_VHOSTS_KNOWN_NAME /member/|R|APACHE_VHOSTS_KNOWN_NAME /members/|R|APACHE_VHOSTS_KNOWN_NAME /_mem_bin/|R|APACHE_VHOSTS_KNOWN_NAME /mercuryboard/|R|APACHE_VHOSTS_KNOWN_NAME /mercuryboard/index.php|R|APACHE_VHOSTS_KNOWN_NAME /message/|R|APACHE_VHOSTS_KNOWN_NAME /messaging/|R|APACHE_VHOSTS_KNOWN_NAME /MessagingManager/|R|APACHE_VHOSTS_KNOWN_NAME /metacart/|R|APACHE_VHOSTS_KNOWN_NAME /metadot/index.pl|R|APACHE_VHOSTS_KNOWN_NAME /microcms/index.php|R|APACHE_VHOSTS_KNOWN_NAME /misc/|R|APACHE_VHOSTS_KNOWN_NAME /mkstats/|R|APACHE_VHOSTS_KNOWN_NAME /mlog.html|R|APACHE_VHOSTS_KNOWN_NAME /module/biz/index.php|R|APACHE_VHOSTS_KNOWN_NAME /module/forum/main.php|R|APACHE_VHOSTS_KNOWN_NAME /module.php|R|APACHE_VHOSTS_KNOWN_NAME /modules/module_db.php|R|APACHE_VHOSTS_KNOWN_NAME /modules/news/index.php|R|APACHE_VHOSTS_KNOWN_NAME /modules.php|R|APACHE_VHOSTS_KNOWN_NAME /modules/plain/adminpart/addplain.php|R|APACHE_VHOSTS_KNOWN_NAME /modx/manager/index.php|R|APACHE_VHOSTS_KNOWN_NAME /modx/manager/media/browser/mcpuk/connectors/php/Commands/Thumbnail.php|R|APACHE_VHOSTS_KNOWN_NAME /moin/SystemInfo|R|APACHE_VHOSTS_KNOWN_NAME /mollify/backend/plugin/Registration/index.php|R|APACHE_VHOSTS_KNOWN_NAME /monitoring/index.php|R|APACHE_VHOSTS_KNOWN_NAME /monitoring/main.php|R|APACHE_VHOSTS_KNOWN_NAME /moodle/index.php|R|APACHE_VHOSTS_KNOWN_NAME /movimientos/|R|APACHE_VHOSTS_KNOWN_NAME /moziloCMS/index.php|R|APACHE_VHOSTS_KNOWN_NAME /mp3/|R|APACHE_VHOSTS_KNOWN_NAME /mp3s/|R|APACHE_VHOSTS_KNOWN_NAME /mqseries/|R|APACHE_VHOSTS_KNOWN_NAME /mrbs1261/web/help.php|R|APACHE_VHOSTS_KNOWN_NAME /mrtg.cgi|R|APACHE_VHOSTS_KNOWN_NAME /msql/|R|APACHE_VHOSTS_KNOWN_NAME /mss2/bin/msgimport|R|APACHE_VHOSTS_KNOWN_NAME /Msword/|R|APACHE_VHOSTS_KNOWN_NAME /MSWSMTP/Common/Authentication/Logon.aspx|R|APACHE_VHOSTS_KNOWN_NAME /mt.cgi|R|APACHE_VHOSTS_KNOWN_NAME /mt/mt.cgi|R|APACHE_VHOSTS_KNOWN_NAME /mundimail/admin/index.php|R|APACHE_VHOSTS_KNOWN_NAME /myaccount/|R|APACHE_VHOSTS_KNOWN_NAME /myadmin/|R|APACHE_VHOSTS_KNOWN_NAME /MyAdmin/|R|APACHE_VHOSTS_KNOWN_NAME /myadmin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /myadmin/read_dump.phpmain.php|R|APACHE_VHOSTS_KNOWN_NAME /mybackup/down.php|R|APACHE_VHOSTS_KNOWN_NAME /mydatabase/|R|APACHE_VHOSTS_KNOWN_NAME /mydb/|R|APACHE_VHOSTS_KNOWN_NAME /mylog.html|R|APACHE_VHOSTS_KNOWN_NAME /mymsg/Login.php|R|APACHE_VHOSTS_KNOWN_NAME /myphp/|R|APACHE_VHOSTS_KNOWN_NAME /mysql/|R|APACHE_VHOSTS_KNOWN_NAME /mysql_admin/|R|APACHE_VHOSTS_KNOWN_NAME /mysql-admin/|R|APACHE_VHOSTS_KNOWN_NAME /mysql/admin/|R|APACHE_VHOSTS_KNOWN_NAME /mysqladmin/|R|APACHE_VHOSTS_KNOWN_NAME /mysql-admin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/admin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysqladmin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysqladmin/read_dump.phpmain.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/dbadmin/|R|APACHE_VHOSTS_KNOWN_NAME /mysql/dbadmin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/db/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysqlmanager/|R|APACHE_VHOSTS_KNOWN_NAME /mysqlmanager/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/myadmin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/mysql-admin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/mysqladmin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/mysql/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/mysqlmanager/|R|APACHE_VHOSTS_KNOWN_NAME /mysql/mysqlmanager/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpmanager/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpMyAdmin-2.2.3/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpMyAdmin-2.2.6/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpMyAdmin-2.5.1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpMyAdmin-2.5.4/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpMyAdmin-2.5.5/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpMyAdmin-2.5.5-pl1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpMyAdmin-2.5.5-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpMyAdmin-2.5.5-rc2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpMyAdmin-2.5.6/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpMyAdmin-2.5.6-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpMyAdmin-2.5.6-rc2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpMyAdmin-2.5.7/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpMyAdmin-2.5.7-pl1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpMyAdmin-2.6.0-alpha2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpMyAdmin-2.6.0-alpha/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpMyAdmin-2.6.0-beta1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpMyAdmin-2.6.0-beta2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpMyAdmin-2.6.0/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpMyAdmin-2.6.0-pl1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpMyAdmin-2.6.0-pl2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpMyAdmin-2.6.0-pl3/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpMyAdmin-2.6.0-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpMyAdmin-2.6.0-rc2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpMyAdmin-2.6.0-rc3/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpMyAdmin-2.6.1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpMyAdmin-2.6.1-pl1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpMyAdmin-2.6.1-pl2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpMyAdmin-2.6.1-pl3/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpMyAdmin-2.6.1-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpMyAdmin-2.6.1-rc2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpMyAdmin-2.6.2-beta1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpMyAdmin-2.6.2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpMyAdmin-2.6.2-pl1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpMyAdmin-2.6.2-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpMyAdmin-2.6.3/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpMyAdmin-2.6.3-pl1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpMyAdmin-2.6.3-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpMyAdmin-2.6.4/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpMyAdmin-2.6.4-pl1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpMyAdmin-2.6.4-pl2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpMyAdmin-2.6.4-pl3/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpMyAdmin-2.6.4-pl4/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpMyAdmin-2.6.4-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpMyAdmin-2.7.0-beta1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpMyAdmin-2.7.0/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpMyAdmin-2.7.0-pl1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpMyAdmin-2.7.0-pl2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpMyAdmin-2.7.0-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpMyAdmin-2.8.0.1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpMyAdmin-2.8.0.2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpMyAdmin-2.8.0.3/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpMyAdmin-2.8.0.4/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpMyAdmin-2.8.0-beta1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpMyAdmin-2.8.0/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpMyAdmin-2.8.0-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpMyAdmin-2.8.0-rc2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpMyAdmin-2.8.1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpMyAdmin-2.8.1-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpMyAdmin-2.8.2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpmyadmin2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpMyAdmin-2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpMyAdmin2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/php-my-admin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/php-myadmin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpmy-admin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpmyadmin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/phpMyAdmin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/pma2005/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/pMA2005/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/pma2006/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/pMA2006/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/p/m/a/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/pMA/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/read_dump.phpmain.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/scripts/setup.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/sqlmanager/|R|APACHE_VHOSTS_KNOWN_NAME /mysql/sqlmanager/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/sqlweb/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/webadmin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/webdb/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/web/main.php|R|APACHE_VHOSTS_KNOWN_NAME /mysql/websql/main.php|R|APACHE_VHOSTS_KNOWN_NAME /nagios/login.php|R|APACHE_VHOSTS_KNOWN_NAME /nagios/main.php|R|APACHE_VHOSTS_KNOWN_NAME /nagiosxi/login.php|R|APACHE_VHOSTS_KNOWN_NAME /nakid/index.php|R|APACHE_VHOSTS_KNOWN_NAME /Nakid/index.php|R|APACHE_VHOSTS_KNOWN_NAME /nanocms/data/nanoadmin.php|R|APACHE_VHOSTS_KNOWN_NAME /napro4/index.php|R|APACHE_VHOSTS_KNOWN_NAME /natterchat/home.asp|R|APACHE_VHOSTS_KNOWN_NAME /ncadmin/|R|APACHE_VHOSTS_KNOWN_NAME /nchelp/|R|APACHE_VHOSTS_KNOWN_NAME /ncsample/|R|APACHE_VHOSTS_KNOWN_NAME /net2ftp/index.php|R|APACHE_VHOSTS_KNOWN_NAME /netautor/napro4/index.php|R|APACHE_VHOSTS_KNOWN_NAME /netbasic/|R|APACHE_VHOSTS_KNOWN_NAME /netbasic/websinfo.bas|R|APACHE_VHOSTS_KNOWN_NAME /netcat/|R|APACHE_VHOSTS_KNOWN_NAME /NetDynamic/|R|APACHE_VHOSTS_KNOWN_NAME /NetDynamics/|R|APACHE_VHOSTS_KNOWN_NAME /netmagstats/|R|APACHE_VHOSTS_KNOWN_NAME /netpet/index.php|R|APACHE_VHOSTS_KNOWN_NAME /netpet/netpet/index.php|R|APACHE_VHOSTS_KNOWN_NAME /netrisk/index.php|R|APACHE_VHOSTS_KNOWN_NAME /netscape/|R|APACHE_VHOSTS_KNOWN_NAME /netshare/|R|APACHE_VHOSTS_KNOWN_NAME /nettracker/|R|APACHE_VHOSTS_KNOWN_NAME /new/|R|APACHE_VHOSTS_KNOWN_NAME /news/|R|APACHE_VHOSTS_KNOWN_NAME /News/|R|APACHE_VHOSTS_KNOWN_NAME /news/admin/index.php|R|APACHE_VHOSTS_KNOWN_NAME /news/index.php|R|APACHE_VHOSTS_KNOWN_NAME /news.php|R|APACHE_VHOSTS_KNOWN_NAME /newuser|R|APACHE_VHOSTS_KNOWN_NAME /nextgeneration/|R|APACHE_VHOSTS_KNOWN_NAME /nforum/showtheme.php|R|APACHE_VHOSTS_KNOWN_NAME /niet1096998378.cfm|R|APACHE_VHOSTS_KNOWN_NAME /niet136504155/|R|APACHE_VHOSTS_KNOWN_NAME /niet1594099998.php3|R|APACHE_VHOSTS_KNOWN_NAME /niet1761114381.jsp|R|APACHE_VHOSTS_KNOWN_NAME /niet1789598389.asp|R|APACHE_VHOSTS_KNOWN_NAME /niet1962778067.html|R|APACHE_VHOSTS_KNOWN_NAME /niet2043658978.|R|APACHE_VHOSTS_KNOWN_NAME /niet2049461050.shtm|R|APACHE_VHOSTS_KNOWN_NAME /niet205402687.php|R|APACHE_VHOSTS_KNOWN_NAME /niet361032821.shtml|R|APACHE_VHOSTS_KNOWN_NAME /niet536604911.htm|R|APACHE_VHOSTS_KNOWN_NAME /niet773357216.php4|R|APACHE_VHOSTS_KNOWN_NAME /nl/|R|APACHE_VHOSTS_KNOWN_NAME /nodatabase/LightNEasy.php|R|APACHE_VHOSTS_KNOWN_NAME /Nodesforum/erase_user_data.php|R|APACHE_VHOSTS_KNOWN_NAME /nodesforum/index.php|R|APACHE_VHOSTS_KNOWN_NAME /Nodesforum/index.php|R|APACHE_VHOSTS_KNOWN_NAME /NonExistant539180969/|R|APACHE_VHOSTS_KNOWN_NAME /nonexistent_please_dont_exist|R|APACHE_VHOSTS_KNOWN_NAME /nosuchfile-10303-10310.php3|R|APACHE_VHOSTS_KNOWN_NAME /_notes/|R|APACHE_VHOSTS_KNOWN_NAME /notftp/index.php|R|APACHE_VHOSTS_KNOWN_NAME /noticias/|R|APACHE_VHOSTS_KNOWN_NAME /novaboard/index.php|R|APACHE_VHOSTS_KNOWN_NAME /nph-mr.cgi|R|APACHE_VHOSTS_KNOWN_NAME /nqt/nqt.php|R|APACHE_VHOSTS_KNOWN_NAME /NSearch/|R|APACHE_VHOSTS_KNOWN_NAME /nsn/..%5Cutil/chkvol.bas|R|APACHE_VHOSTS_KNOWN_NAME /nsn/..%5Cutil/dir.bas|R|APACHE_VHOSTS_KNOWN_NAME /nsn/..%5Cutil/glist.bas|R|APACHE_VHOSTS_KNOWN_NAME /nsn/..%5Cutil/lancard.bas|R|APACHE_VHOSTS_KNOWN_NAME /nsn/..%5Cutil/set.bas|R|APACHE_VHOSTS_KNOWN_NAME /nsn/..%5Cutil/userlist.bas|R|APACHE_VHOSTS_KNOWN_NAME /nsn/..%5Cwebdemo/fdir.bas|R|APACHE_VHOSTS_KNOWN_NAME /nsn/..%5Cweb/env.bas|R|APACHE_VHOSTS_KNOWN_NAME /nsn/env.bas|R|APACHE_VHOSTS_KNOWN_NAME /nsn/fdir.bas|R|APACHE_VHOSTS_KNOWN_NAME /nubuilder/productionnu2/fileuploader.php|R|APACHE_VHOSTS_KNOWN_NAME /nubuilder/productionnu2/report.php|R|APACHE_VHOSTS_KNOWN_NAME /NULL.ida|R|APACHE_VHOSTS_KNOWN_NAME /NULL.printer|R|APACHE_VHOSTS_KNOWN_NAME /obj/|R|APACHE_VHOSTS_KNOWN_NAME /_objects/|R|APACHE_VHOSTS_KNOWN_NAME /objects/|R|APACHE_VHOSTS_KNOWN_NAME /ocsreports/index.php|R|APACHE_VHOSTS_KNOWN_NAME /odbc/|R|APACHE_VHOSTS_KNOWN_NAME /offers/|R|APACHE_VHOSTS_KNOWN_NAME /oi/index.php|R|APACHE_VHOSTS_KNOWN_NAME /_old/|R|APACHE_VHOSTS_KNOWN_NAME /old/|R|APACHE_VHOSTS_KNOWN_NAME /old_files/|R|APACHE_VHOSTS_KNOWN_NAME /oldfiles/|R|APACHE_VHOSTS_KNOWN_NAME /oldnews_reader.php|R|APACHE_VHOSTS_KNOWN_NAME /onlinegrades/index.php|R|APACHE_VHOSTS_KNOWN_NAME /oozv1657/common/login.php|R|APACHE_VHOSTS_KNOWN_NAME /open_audit/index.php|R|APACHE_VHOSTS_KNOWN_NAME /open-audit/index.php|R|APACHE_VHOSTS_KNOWN_NAME /openaudit/index.php|R|APACHE_VHOSTS_KNOWN_NAME /openbb/board.php|R|APACHE_VHOSTS_KNOWN_NAME /opencart/index.php|R|APACHE_VHOSTS_KNOWN_NAME /opendb/login.php|R|APACHE_VHOSTS_KNOWN_NAME /opendocman/index.php|R|APACHE_VHOSTS_KNOWN_NAME /openengine/cms/website.php|R|APACHE_VHOSTS_KNOWN_NAME /openforum/index.php|R|APACHE_VHOSTS_KNOWN_NAME /openmairie_annuaire/index.php|R|APACHE_VHOSTS_KNOWN_NAME /Openmairie_Annuaire/index.php|R|APACHE_VHOSTS_KNOWN_NAME /openmairie_catalogue/doc/catalogue.html|R|APACHE_VHOSTS_KNOWN_NAME /Openmairie_Catalogue/doc/catalogue.html|R|APACHE_VHOSTS_KNOWN_NAME /openmairie_cimetiere/index.php|R|APACHE_VHOSTS_KNOWN_NAME /Openmairie_Cimetiere/index.php|R|APACHE_VHOSTS_KNOWN_NAME /openmairie_cominterne/index.php|R|APACHE_VHOSTS_KNOWN_NAME /Openmairie_Cominterne/index.php|R|APACHE_VHOSTS_KNOWN_NAME /openmairie_courrier/index.php|R|APACHE_VHOSTS_KNOWN_NAME /Openmairie_Courrier/index.php|R|APACHE_VHOSTS_KNOWN_NAME /openmairie_foncier/index.php|R|APACHE_VHOSTS_KNOWN_NAME /Openmairie_Foncier/index.php|R|APACHE_VHOSTS_KNOWN_NAME /openmairie_planning/index.php|R|APACHE_VHOSTS_KNOWN_NAME /Openmairie_Planning/index.php|R|APACHE_VHOSTS_KNOWN_NAME /openmairie_presse/index.php|R|APACHE_VHOSTS_KNOWN_NAME /Openmairie_Presse/index.php|R|APACHE_VHOSTS_KNOWN_NAME /openmairie_registreCIL/index.php|R|APACHE_VHOSTS_KNOWN_NAME /Openmairie_RegistreCIL/index.php|R|APACHE_VHOSTS_KNOWN_NAME /openmairie_stock/scr/soustab.php|R|APACHE_VHOSTS_KNOWN_NAME /openmairie_Tel/scr/soustab.php|R|APACHE_VHOSTS_KNOWN_NAME /openpro/login.php|R|APACHE_VHOSTS_KNOWN_NAME /openstock/scr/soustab.php|R|APACHE_VHOSTS_KNOWN_NAME /opentel/scr/soustab.php|R|APACHE_VHOSTS_KNOWN_NAME /openurgence_vaccin/index.php|R|APACHE_VHOSTS_KNOWN_NAME /openurgencevaccin/index.php|R|APACHE_VHOSTS_KNOWN_NAME /openwebmail-cgi/openwebmail.pl|R|APACHE_VHOSTS_KNOWN_NAME /openwebmail.pl|R|APACHE_VHOSTS_KNOWN_NAME /openx/www/admin/index.php|R|APACHE_VHOSTS_KNOWN_NAME /opnfrm/index.php|R|APACHE_VHOSTS_KNOWN_NAME /oprocmgr-service/|R|APACHE_VHOSTS_KNOWN_NAME /oprocmgr-status/|R|APACHE_VHOSTS_KNOWN_NAME /OPT127MAX/opt/index.php|R|APACHE_VHOSTS_KNOWN_NAME /opt/index.php|R|APACHE_VHOSTS_KNOWN_NAME /oracle/|R|APACHE_VHOSTS_KNOWN_NAME /oradata/|R|APACHE_VHOSTS_KNOWN_NAME /orangehrm/login.php|R|APACHE_VHOSTS_KNOWN_NAME /orbis/admin/login.php|R|APACHE_VHOSTS_KNOWN_NAME /Orbis/admin/login.php|R|APACHE_VHOSTS_KNOWN_NAME /order/|R|APACHE_VHOSTS_KNOWN_NAME /order.php|R|APACHE_VHOSTS_KNOWN_NAME /orders/|R|APACHE_VHOSTS_KNOWN_NAME /organizer/view.php|R|APACHE_VHOSTS_KNOWN_NAME /ortro/index.php|R|APACHE_VHOSTS_KNOWN_NAME /ortro/www/index.php|R|APACHE_VHOSTS_KNOWN_NAME /osc/admin/includes/applications/services/pages/uninstall.php|R|APACHE_VHOSTS_KNOWN_NAME /osc/index.php|R|APACHE_VHOSTS_KNOWN_NAME /oscommerce/index.php|R|APACHE_VHOSTS_KNOWN_NAME /osCSS/index.php|R|APACHE_VHOSTS_KNOWN_NAME /ossim/session/login.php|R|APACHE_VHOSTS_KNOWN_NAME /otrs/index.pl|R|APACHE_VHOSTS_KNOWN_NAME /OTRS/index.pl|R|APACHE_VHOSTS_KNOWN_NAME /ou/gen/obj/collectivite.class.php|R|APACHE_VHOSTS_KNOWN_NAME /outgoing/|R|APACHE_VHOSTS_KNOWN_NAME /owls/glossaries/index.php|R|APACHE_VHOSTS_KNOWN_NAME /owners/|R|APACHE_VHOSTS_KNOWN_NAME /ows-bin/perlidlc.bat|R|APACHE_VHOSTS_KNOWN_NAME /oxid-eshop/index.php|R|APACHE_VHOSTS_KNOWN_NAME /oxid/index.php|R|APACHE_VHOSTS_KNOWN_NAME /_pages/|R|APACHE_VHOSTS_KNOWN_NAME /pages/|R|APACHE_VHOSTS_KNOWN_NAME /pages.php|R|APACHE_VHOSTS_KNOWN_NAME /pandora_console/index.php|R|APACHE_VHOSTS_KNOWN_NAME /parser/parser.php|R|APACHE_VHOSTS_KNOWN_NAME /passman/index.php|R|APACHE_VHOSTS_KNOWN_NAME /passport/|R|APACHE_VHOSTS_KNOWN_NAME /passwiki/index.php|R|APACHE_VHOSTS_KNOWN_NAME /passwiki/passwiki.php|R|APACHE_VHOSTS_KNOWN_NAME /passwiki.php|R|APACHE_VHOSTS_KNOWN_NAME /password/|R|APACHE_VHOSTS_KNOWN_NAME /_passwords/|R|APACHE_VHOSTS_KNOWN_NAME /passwords/|R|APACHE_VHOSTS_KNOWN_NAME /payment/|R|APACHE_VHOSTS_KNOWN_NAME /payments/|R|APACHE_VHOSTS_KNOWN_NAME /pb/index.php|R|APACHE_VHOSTS_KNOWN_NAME /pccsmysqladm/|R|APACHE_VHOSTS_KNOWN_NAME /PDG_Cart/|R|APACHE_VHOSTS_KNOWN_NAME /pds/index.php|R|APACHE_VHOSTS_KNOWN_NAME /pecio-2.0.5/index.php|R|APACHE_VHOSTS_KNOWN_NAME /pecio_cms/index.php|R|APACHE_VHOSTS_KNOWN_NAME /pecio-cms/index.php|R|APACHE_VHOSTS_KNOWN_NAME /pecio/index.php|R|APACHE_VHOSTS_KNOWN_NAME /perl/|R|APACHE_VHOSTS_KNOWN_NAME /perl5/|R|APACHE_VHOSTS_KNOWN_NAME /perl/samples/env.pl|R|APACHE_VHOSTS_KNOWN_NAME /perl/samples/lancgi.pl|R|APACHE_VHOSTS_KNOWN_NAME /perl/samples/ndslogin.pl|R|APACHE_VHOSTS_KNOWN_NAME /perl/samples/volscgi.pl|R|APACHE_VHOSTS_KNOWN_NAME /personal/|R|APACHE_VHOSTS_KNOWN_NAME /personal_pages/|R|APACHE_VHOSTS_KNOWN_NAME /petition/signing_system-admin/index.php|R|APACHE_VHOSTS_KNOWN_NAME /pforum/|R|APACHE_VHOSTS_KNOWN_NAME /phorum/|R|APACHE_VHOSTS_KNOWN_NAME /phorum/admin.php|R|APACHE_VHOSTS_KNOWN_NAME /photo/index.php|R|APACHE_VHOSTS_KNOWN_NAME /photopost/index.php|R|APACHE_VHOSTS_KNOWN_NAME /photos/index.php|R|APACHE_VHOSTS_KNOWN_NAME /photos/search.php|R|APACHE_VHOSTS_KNOWN_NAME /php/|R|APACHE_VHOSTS_KNOWN_NAME /phpaaCMS/index.php|R|APACHE_VHOSTS_KNOWN_NAME /phpadm/|R|APACHE_VHOSTS_KNOWN_NAME /phpadmin/read_dump.phpmain.php|R|APACHE_VHOSTS_KNOWN_NAME /phpalbum/index.php|R|APACHE_VHOSTS_KNOWN_NAME /phpBazar/index.php|R|APACHE_VHOSTS_KNOWN_NAME /PHPBazar/index.php|R|APACHE_VHOSTS_KNOWN_NAME /phpBB/|R|APACHE_VHOSTS_KNOWN_NAME /phpBB307-pl1/index.php|R|APACHE_VHOSTS_KNOWN_NAME /phpbb/index.php|R|APACHE_VHOSTS_KNOWN_NAME /phpBB/index.php|R|APACHE_VHOSTS_KNOWN_NAME /phpbiblesearch/bible.php|R|APACHE_VHOSTS_KNOWN_NAME /phpbt/index.php|R|APACHE_VHOSTS_KNOWN_NAME /php-calendar/index.php|R|APACHE_VHOSTS_KNOWN_NAME /phpcdb/firstvisit.php|R|APACHE_VHOSTS_KNOWN_NAME /php_classes/|R|APACHE_VHOSTS_KNOWN_NAME /phpclassifieds/|R|APACHE_VHOSTS_KNOWN_NAME /phpCoin165/license.php|R|APACHE_VHOSTS_KNOWN_NAME /phpcoin/license.php|R|APACHE_VHOSTS_KNOWN_NAME /phpcom/index.php|R|APACHE_VHOSTS_KNOWN_NAME /phpDatingClub/index.php|R|APACHE_VHOSTS_KNOWN_NAME /phpfinance/index.php|R|APACHE_VHOSTS_KNOWN_NAME /phpfootball/filter.php|R|APACHE_VHOSTS_KNOWN_NAME /phpforum/index.php|R|APACHE_VHOSTS_KNOWN_NAME /phpgroupware/login.php|R|APACHE_VHOSTS_KNOWN_NAME /phpgw/login.php|R|APACHE_VHOSTS_KNOWN_NAME /phpicalendar/print.php|R|APACHE_VHOSTS_KNOWN_NAME /phpimageview/|R|APACHE_VHOSTS_KNOWN_NAME /phpinfo.php|R|APACHE_VHOSTS_KNOWN_NAME /phpkick/index.php|R|APACHE_VHOSTS_KNOWN_NAME /PHPKick/index.php|R|APACHE_VHOSTS_KNOWN_NAME /php/kleinanzeigen/index.php3|R|APACHE_VHOSTS_KNOWN_NAME /php/kleinanzeigen/index.php4|R|APACHE_VHOSTS_KNOWN_NAME /phpldapadmin/htdocs/index.php|R|APACHE_VHOSTS_KNOWN_NAME /phplinkadmin/edlink.php|R|APACHE_VHOSTS_KNOWN_NAME /phplive/index.php|R|APACHE_VHOSTS_KNOWN_NAME /php/login/|R|APACHE_VHOSTS_KNOWN_NAME /php/login.php|R|APACHE_VHOSTS_KNOWN_NAME /phpma/|R|APACHE_VHOSTS_KNOWN_NAME /PHPMA/|R|APACHE_VHOSTS_KNOWN_NAME /phpmanager/|R|APACHE_VHOSTS_KNOWN_NAME /phpmanager/main.php|R|APACHE_VHOSTS_KNOWN_NAME /php/mlog.html|R|APACHE_VHOSTS_KNOWN_NAME /phpmv2/index.php|R|APACHE_VHOSTS_KNOWN_NAME /phpmy/|R|APACHE_VHOSTS_KNOWN_NAME /php-my-admin/|R|APACHE_VHOSTS_KNOWN_NAME /php-myadmin/|R|APACHE_VHOSTS_KNOWN_NAME /phpmy-admin/|R|APACHE_VHOSTS_KNOWN_NAME /phpmyadmin/|R|APACHE_VHOSTS_KNOWN_NAME /phpmyAdmin/|R|APACHE_VHOSTS_KNOWN_NAME /phpMyadmin/|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin/|R|APACHE_VHOSTS_KNOWN_NAME /phpmyadmin1/read_dump.phpmain.php|R|APACHE_VHOSTS_KNOWN_NAME /phpmyadmin2/|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2/|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin2/|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.11.5.1-all-languages/|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.11.6-all-languages/|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.11.7.1-all-languages/|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.11.7.1-all-languages-utf-8-only/|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.2.3/|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.2.3/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.2.3/read_dump.phpmain.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.2.6/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.2.7-pl1/read_dump.phpmain.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.5.1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.5.4/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.5.5/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.5.5-pl1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.5.5-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.5.5-rc2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.5.6/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.5.6-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.5.6-rc2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.5.6/read_dump.phpmain.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.5.7/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.5.7-pl1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.5.7-pl1/read_dump.phpmain.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.6.0-alpha2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.6.0-alpha/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.6.0-beta1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.6.0-beta2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.6.0/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.6.0-pl1/|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.6.0-pl1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.6.0-pl2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.6.0-pl3/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.6.0-pl3/read_dump.phpmain.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.6.0-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.6.0-rc2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.6.0-rc3/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.6.0/read_dump.phpmain.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.6.1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.6.1-pl1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.6.1-pl2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.6.1-pl3/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.6.1-pl3/read_dump.phpmain.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.6.1-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.6.1-rc2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.6.2-beta1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.6.2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.6.2-pl1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.6.2-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.6.3/|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.6.3/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.6.3-pl1/|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.6.3-pl1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.6.3-pl1/read_dump.phpmain.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.6.3-rc1/|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.6.3-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.6.4/|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.6.4/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.6.4-pl1/|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.6.4-pl1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.6.4-pl2/|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.6.4-pl2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.6.4-pl3/|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.6.4-pl3/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.6.4-pl4/|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.6.4-pl4/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.6.4-rc1/|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.6.4-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.6.4/read_dump.phpmain.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.7.0/|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.7.0-beta1/|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.7.0-beta1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.7.0/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.7.0-pl1/|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.7.0-pl1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.7.0-pl2/|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.7.0-pl2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.7.0-rc1/|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.7.0-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.8.0/|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.8.0.1/|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.8.0.1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.8.0.2/|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.8.0.2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.8.0.3/|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.8.0.3/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.8.0.4/|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.8.0.4/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.8.0-beta1/|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.8.0-beta1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.8.0/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.8.0-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.8.0-rc2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.8.1/|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.8.1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.8.1-rc1/|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.8.1-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.8.2/|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2.8.2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpmyadmin2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin-2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpmyadmin2/read_dump.phpmain.php|R|APACHE_VHOSTS_KNOWN_NAME /phpmyadmin/index.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin/index.php|R|APACHE_VHOSTS_KNOWN_NAME /php-my-admin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /php-myadmin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpmy-admin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpmyadmin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /phpmyadmin/read_dump.phpmain.php|R|APACHE_VHOSTS_KNOWN_NAME /phpmyadmin/scripts/setup.php|R|APACHE_VHOSTS_KNOWN_NAME /phpMyAdmin/scripts/setup.php|R|APACHE_VHOSTS_KNOWN_NAME /phpmyfaq/index.php|R|APACHE_VHOSTS_KNOWN_NAME /php/mylog.html|R|APACHE_VHOSTS_KNOWN_NAME /php/mytutos.php|R|APACHE_VHOSTS_KNOWN_NAME /phpmyvisites/index.php|R|APACHE_VHOSTS_KNOWN_NAME /phpnagios/index.php|R|APACHE_VHOSTS_KNOWN_NAME /phpNagios/index.php|R|APACHE_VHOSTS_KNOWN_NAME /phpnuke/|R|APACHE_VHOSTS_KNOWN_NAME /php-nuke/html/index.php|R|APACHE_VHOSTS_KNOWN_NAME /phpnuke/html/index.php|R|APACHE_VHOSTS_KNOWN_NAME /phpPhotoAlbum/|R|APACHE_VHOSTS_KNOWN_NAME /php/php.exe|R|APACHE_VHOSTS_KNOWN_NAME /php-ping.php|R|APACHE_VHOSTS_KNOWN_NAME /phppma/|R|APACHE_VHOSTS_KNOWN_NAME /phpprojekt/|R|APACHE_VHOSTS_KNOWN_NAME /phpqa/index.php|R|APACHE_VHOSTS_KNOWN_NAME /phpqa/phpqa/index.php|R|APACHE_VHOSTS_KNOWN_NAME /phprainchecks/settings.php|R|APACHE_VHOSTS_KNOWN_NAME /phprecipebook/index.php|R|APACHE_VHOSTS_KNOWN_NAME /phprocketaddin/|R|APACHE_VHOSTS_KNOWN_NAME /phpSecurePages/|R|APACHE_VHOSTS_KNOWN_NAME /phpshop/index.php|R|APACHE_VHOSTS_KNOWN_NAME /phpsurveyor/admin/admin.php|R|APACHE_VHOSTS_KNOWN_NAME /phpsysinfo/inc/hook_admin.inc.php|R|APACHE_VHOSTS_KNOWN_NAME /phpThumb.demo.demo.php|R|APACHE_VHOSTS_KNOWN_NAME /phpThumb/demo/phpThumb.demo.demo.php|R|APACHE_VHOSTS_KNOWN_NAME /phpticket/index.php|R|APACHE_VHOSTS_KNOWN_NAME /phptraverser/assets/plugins/mp3_id/mp3_id.php|R|APACHE_VHOSTS_KNOWN_NAME /phpttcket/index.php|R|APACHE_VHOSTS_KNOWN_NAME /phptt/index.php|R|APACHE_VHOSTS_KNOWN_NAME /phpunity.newsmanager/tmpl/news_main.htm|R|APACHE_VHOSTS_KNOWN_NAME /Phpunity_Newsmanager/tmpl/news_main.htm|R|APACHE_VHOSTS_KNOWN_NAME /phpvidz_0.9.5/index.php|R|APACHE_VHOSTS_KNOWN_NAME /phpvidz/index.php|R|APACHE_VHOSTS_KNOWN_NAME /phpwebgallery/category.php|R|APACHE_VHOSTS_KNOWN_NAME /phpwebthings/index.php|R|APACHE_VHOSTS_KNOWN_NAME /phpx/index.php|R|APACHE_VHOSTS_KNOWN_NAME /phreebooks/index.php|R|APACHE_VHOSTS_KNOWN_NAME /phreeBooks/index.php|R|APACHE_VHOSTS_KNOWN_NAME /piranha/|R|APACHE_VHOSTS_KNOWN_NAME /PithCMS/oldnews_reader.php|R|APACHE_VHOSTS_KNOWN_NAME /pivot/index.php|R|APACHE_VHOSTS_KNOWN_NAME /pivot/modules/module_db.php|R|APACHE_VHOSTS_KNOWN_NAME /pivot/pivot/index.php|R|APACHE_VHOSTS_KNOWN_NAME /pligg/index.php|R|APACHE_VHOSTS_KNOWN_NAME /pls/|R|APACHE_VHOSTS_KNOWN_NAME /plugins/editors/tinymce/jscripts/tiny_mce/plugins/tinybrowser/tinybrowser.php|R|APACHE_VHOSTS_KNOWN_NAME /p/m/a/|R|APACHE_VHOSTS_KNOWN_NAME /pma/|R|APACHE_VHOSTS_KNOWN_NAME /pma2005/|R|APACHE_VHOSTS_KNOWN_NAME /PMA2005/|R|APACHE_VHOSTS_KNOWN_NAME /pma2005/main.php|R|APACHE_VHOSTS_KNOWN_NAME /PMA2005/main.php|R|APACHE_VHOSTS_KNOWN_NAME /pma2006/main.php|R|APACHE_VHOSTS_KNOWN_NAME /PMA2006/main.php|R|APACHE_VHOSTS_KNOWN_NAME /pma2009/|R|APACHE_VHOSTS_KNOWN_NAME /PMA2009/|R|APACHE_VHOSTS_KNOWN_NAME /pmaadmin/|R|APACHE_VHOSTS_KNOWN_NAME /pmadmin/|R|APACHE_VHOSTS_KNOWN_NAME /pma/index.php|R|APACHE_VHOSTS_KNOWN_NAME /p/m/a/main.php|R|APACHE_VHOSTS_KNOWN_NAME /PMA/main.php|R|APACHE_VHOSTS_KNOWN_NAME /PMA/read_dump.phpmain.php|R|APACHE_VHOSTS_KNOWN_NAME /pma/scripts/setup.php|R|APACHE_VHOSTS_KNOWN_NAME /pmwiki.php|R|APACHE_VHOSTS_KNOWN_NAME /pmwiki/pmwiki.php|R|APACHE_VHOSTS_KNOWN_NAME /podcast/index.php|R|APACHE_VHOSTS_KNOWN_NAME /poll/|R|APACHE_VHOSTS_KNOWN_NAME /poll/admin/login.php|R|APACHE_VHOSTS_KNOWN_NAME /poll/admin/lost-pass.php|R|APACHE_VHOSTS_KNOWN_NAME /pollit/Poll_It_SSI_v2.0.cgi|R|APACHE_VHOSTS_KNOWN_NAME /polls/|R|APACHE_VHOSTS_KNOWN_NAME /portal/ajaxp_backend.php|R|APACHE_VHOSTS_KNOWN_NAME /portal/includes/esqueletos/skel_null.php|R|APACHE_VHOSTS_KNOWN_NAME /portal/index.php|R|APACHE_VHOSTS_KNOWN_NAME /portal/install/index.php|R|APACHE_VHOSTS_KNOWN_NAME /portfolio_genre.php|R|APACHE_VHOSTS_KNOWN_NAME /postgres/|R|APACHE_VHOSTS_KNOWN_NAME /postnuke/index.php|R|APACHE_VHOSTS_KNOWN_NAME /pphlogger/index.php|R|APACHE_VHOSTS_KNOWN_NAME /ppim/Readme.txt|R|APACHE_VHOSTS_KNOWN_NAME /ppwb/|R|APACHE_VHOSTS_KNOWN_NAME /printers/|R|APACHE_VHOSTS_KNOWN_NAME /print.php|R|APACHE_VHOSTS_KNOWN_NAME /priv/|R|APACHE_VHOSTS_KNOWN_NAME /privado/|R|APACHE_VHOSTS_KNOWN_NAME /_private/|R|APACHE_VHOSTS_KNOWN_NAME /private/|R|APACHE_VHOSTS_KNOWN_NAME /prod/|R|APACHE_VHOSTS_KNOWN_NAME /product.comparision.php|R|APACHE_VHOSTS_KNOWN_NAME /productionnu2/fileuploader.php|R|APACHE_VHOSTS_KNOWN_NAME /productionnu2/report.php|R|APACHE_VHOSTS_KNOWN_NAME /products/boat-webdesign/www/detail.asp|R|APACHE_VHOSTS_KNOWN_NAME /products/boat-webdesign/wwwprintdetail.asp|R|APACHE_VHOSTS_KNOWN_NAME /projects/TotalCalendar/index.php|R|APACHE_VHOSTS_KNOWN_NAME /proquiz/admin/index.php|R|APACHE_VHOSTS_KNOWN_NAME /protected/|R|APACHE_VHOSTS_KNOWN_NAME /prueba/|R|APACHE_VHOSTS_KNOWN_NAME /pruebas/|R|APACHE_VHOSTS_KNOWN_NAME /prv/|R|APACHE_VHOSTS_KNOWN_NAME /pub/|R|APACHE_VHOSTS_KNOWN_NAME /public/|R|APACHE_VHOSTS_KNOWN_NAME /publica/|R|APACHE_VHOSTS_KNOWN_NAME /publicar/|R|APACHE_VHOSTS_KNOWN_NAME /public/code/cp_dpage.php|R|APACHE_VHOSTS_KNOWN_NAME /public/code/index.php|R|APACHE_VHOSTS_KNOWN_NAME /publico/|R|APACHE_VHOSTS_KNOWN_NAME /public/view.php|R|APACHE_VHOSTS_KNOWN_NAME /publish/|R|APACHE_VHOSTS_KNOWN_NAME /publisher/|R|APACHE_VHOSTS_KNOWN_NAME /pulsecms/index.php|R|APACHE_VHOSTS_KNOWN_NAME /pulse/index.php|R|APACHE_VHOSTS_KNOWN_NAME /purchase/|R|APACHE_VHOSTS_KNOWN_NAME /purchases/|R|APACHE_VHOSTS_KNOWN_NAME /puttest1.html|R|APACHE_VHOSTS_KNOWN_NAME /pw/|R|APACHE_VHOSTS_KNOWN_NAME /qql/|R|APACHE_VHOSTS_KNOWN_NAME /quixplore/index.php|R|APACHE_VHOSTS_KNOWN_NAME /quixplorer_2_3/index.php|R|APACHE_VHOSTS_KNOWN_NAME /quixplorer/index.php|R|APACHE_VHOSTS_KNOWN_NAME /qwerty/index.php|R|APACHE_VHOSTS_KNOWN_NAME /rainchecks/settings.php|R|APACHE_VHOSTS_KNOWN_NAME /random_banner/|R|APACHE_VHOSTS_KNOWN_NAME /rc/bin/msgimport|R|APACHE_VHOSTS_KNOWN_NAME /r.cgi|R|APACHE_VHOSTS_KNOWN_NAME /rdp/|R|APACHE_VHOSTS_KNOWN_NAME /Readme/|R|APACHE_VHOSTS_KNOWN_NAME /README|R|APACHE_VHOSTS_KNOWN_NAME /README/|R|APACHE_VHOSTS_KNOWN_NAME /README.php|R|APACHE_VHOSTS_KNOWN_NAME /readme.txt|R|APACHE_VHOSTS_KNOWN_NAME /Readme.txt|R|APACHE_VHOSTS_KNOWN_NAME /README.txt|R|APACHE_VHOSTS_KNOWN_NAME /recipebook/index.php|R|APACHE_VHOSTS_KNOWN_NAME /ref/|R|APACHE_VHOSTS_KNOWN_NAME /register/|R|APACHE_VHOSTS_KNOWN_NAME /registered/|R|APACHE_VHOSTS_KNOWN_NAME /register.php|R|APACHE_VHOSTS_KNOWN_NAME /rem/|R|APACHE_VHOSTS_KNOWN_NAME /Remote/|R|APACHE_VHOSTS_KNOWN_NAME /report/|R|APACHE_VHOSTS_KNOWN_NAME /reports/|R|APACHE_VHOSTS_KNOWN_NAME /reseller/|R|APACHE_VHOSTS_KNOWN_NAME /restricted/|R|APACHE_VHOSTS_KNOWN_NAME /results.php|R|APACHE_VHOSTS_KNOWN_NAME /retail/|R|APACHE_VHOSTS_KNOWN_NAME /revert.php|R|APACHE_VHOSTS_KNOWN_NAME /reviews/|R|APACHE_VHOSTS_KNOWN_NAME /revsense/index.php|R|APACHE_VHOSTS_KNOWN_NAME /rezervi/left.php|R|APACHE_VHOSTS_KNOWN_NAME /ritsblog/blogAdmin/jobs.php|R|APACHE_VHOSTS_KNOWN_NAME /RitsBlog/blogAdmin/jobs.php|R|APACHE_VHOSTS_KNOWN_NAME /rms/bin/msgimport|R|APACHE_VHOSTS_KNOWN_NAME /ROADS/|R|APACHE_VHOSTS_KNOWN_NAME /robot.txt|R|APACHE_VHOSTS_KNOWN_NAME /~root|R|APACHE_VHOSTS_KNOWN_NAME /~root/|R|APACHE_VHOSTS_KNOWN_NAME /root/|R|APACHE_VHOSTS_KNOWN_NAME /roschedule.php|R|APACHE_VHOSTS_KNOWN_NAME /round/bin/msgimport|R|APACHE_VHOSTS_KNOWN_NAME /roundcube-0.1/bin/msgimport|R|APACHE_VHOSTS_KNOWN_NAME /roundcube-0.2/bin/msgimport|R|APACHE_VHOSTS_KNOWN_NAME /roundcube/bin/msgimport|R|APACHE_VHOSTS_KNOWN_NAME /roundcubemail-0.1/bin/msgimport|R|APACHE_VHOSTS_KNOWN_NAME /roundcubemail-0.2/bin/msgimport|R|APACHE_VHOSTS_KNOWN_NAME /roundcubemail/bin/msgimport|R|APACHE_VHOSTS_KNOWN_NAME /rsrc/|R|APACHE_VHOSTS_KNOWN_NAME /rt/index.html|R|APACHE_VHOSTS_KNOWN_NAME /rtm.log|R|APACHE_VHOSTS_KNOWN_NAME /rtwebalbum/admin.php|R|APACHE_VHOSTS_KNOWN_NAME /ru/|R|APACHE_VHOSTS_KNOWN_NAME /sahana/index.php|R|APACHE_VHOSTS_KNOWN_NAME /sales/|R|APACHE_VHOSTS_KNOWN_NAME /sample/|R|APACHE_VHOSTS_KNOWN_NAME /samples/|R|APACHE_VHOSTS_KNOWN_NAME /Samsara/modules/news/index.php|R|APACHE_VHOSTS_KNOWN_NAME /sandbox/index.php|R|APACHE_VHOSTS_KNOWN_NAME /save/|R|APACHE_VHOSTS_KNOWN_NAME /schedule/roschedule.php|R|APACHE_VHOSTS_KNOWN_NAME /scm/viewvc/|R|APACHE_VHOSTS_KNOWN_NAME /scm/viewvc.cgi/|R|APACHE_VHOSTS_KNOWN_NAME /script/|R|APACHE_VHOSTS_KNOWN_NAME /|R|APACHE_VHOSTS_KNOWN_NAME /|R|APACHE_VHOSTS_KNOWN_NAME /script/index.php|R|APACHE_VHOSTS_KNOWN_NAME /_ScriptLibrary/|R|APACHE_VHOSTS_KNOWN_NAME /_scripts/|R|APACHE_VHOSTS_KNOWN_NAME /scripts/|R|APACHE_VHOSTS_KNOWN_NAME /scripts/%3f.jsp|R|APACHE_VHOSTS_KNOWN_NAME /scripts/about.html|R|APACHE_VHOSTS_KNOWN_NAME /scripts/about.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/about-show.do|R|APACHE_VHOSTS_KNOWN_NAME /scripts/add_url.htm|R|APACHE_VHOSTS_KNOWN_NAME /scripts/adframe.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/admin/admin.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/admin/config.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/admin/index.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/admin/login.html|R|APACHE_VHOSTS_KNOWN_NAME /scripts/admin/login.php|R|APACHE_VHOSTS_KNOWN_NAME /scriptsadmin/login.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/admin/lost-pass.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/admin.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/admin/setup.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/admin/updatelist.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/af.cgi|R|APACHE_VHOSTS_KNOWN_NAME /scripts/agenda.php3|R|APACHE_VHOSTS_KNOWN_NAME /scripts/ajaxp_backend.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/alerts.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/alienform.cgi|R|APACHE_VHOSTS_KNOWN_NAME /scripts/ang/index.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/ans/ans.pl|R|APACHE_VHOSTS_KNOWN_NAME /scripts/ans.pl|R|APACHE_VHOSTS_KNOWN_NAME /scripts/apexec.pl|R|APACHE_VHOSTS_KNOWN_NAME /scripts/artmedic_links5/index.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/assets/plugins/mp3_id/mp3_id.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/athenareg.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/authentication_index.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/awstats.pl|R|APACHE_VHOSTS_KNOWN_NAME /scripts/backend/plugin/Registration/index.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/base_main.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/basilix.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/bible.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/bin/view/foswiki/WebHome|R|APACHE_VHOSTS_KNOWN_NAME /scripts/bin/view/TWiki/WebHome|R|APACHE_VHOSTS_KNOWN_NAME /scripts/blob.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/blogAdmin/jobs.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/book_panel/books.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/breakcal/calendar.cgi|R|APACHE_VHOSTS_KNOWN_NAME /scripts/browse.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/catalog.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/cgicso|R|APACHE_VHOSTS_KNOWN_NAME /scripts/cgi/tseekdir.cgi|R|APACHE_VHOSTS_KNOWN_NAME /scripts/changelog.txt|R|APACHE_VHOSTS_KNOWN_NAME /scripts/charts.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/chat/send.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/classifieds/Site_Admin/admin.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/cms/|R|APACHE_VHOSTS_KNOWN_NAME /scripts/cms/index.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/cms/website.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/comment.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/comments.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/common/login.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/content/dynpage_load.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/content.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/core/includes/gfw_smarty.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/Count.cgi|R|APACHE_VHOSTS_KNOWN_NAME /scripts/counter.exe|R|APACHE_VHOSTS_KNOWN_NAME /scripts/cvs.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/cvsweb.cgi/|R|APACHE_VHOSTS_KNOWN_NAME /scripts/cwmail.exe|R|APACHE_VHOSTS_KNOWN_NAME /scripts/data/adminusers.csv|R|APACHE_VHOSTS_KNOWN_NAME /scripts/data/nanoadmin.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/db/budget.sqlite|R|APACHE_VHOSTS_KNOWN_NAME /scripts/dbman/db.cgi|R|APACHE_VHOSTS_KNOWN_NAME /scripts/db/users.dat|R|APACHE_VHOSTS_KNOWN_NAME /scripts/dcshop.cgi|R|APACHE_VHOSTS_KNOWN_NAME /scripts/dcshop.pl|R|APACHE_VHOSTS_KNOWN_NAME /scripts/default.aspx|R|APACHE_VHOSTS_KNOWN_NAME /scripts/desktop.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/detail.asp|R|APACHE_VHOSTS_KNOWN_NAME /scripts/dig.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/directory.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/docbuilder/top.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/doc/catalogue.html|R|APACHE_VHOSTS_KNOWN_NAME /scripts/../Docs/ChangeLog.txt|R|APACHE_VHOSTS_KNOWN_NAME /scripts/Docs/ChangeLog.txt|R|APACHE_VHOSTS_KNOWN_NAME /scripts/docs/CHANGES|R|APACHE_VHOSTS_KNOWN_NAME /scripts/../Docs/ReadMe.txt|R|APACHE_VHOSTS_KNOWN_NAME /scripts/Docs/ReadMe.txt|R|APACHE_VHOSTS_KNOWN_NAME /scripts/download.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/down.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/e107_admin/admin.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/easymsgb.pl|R|APACHE_VHOSTS_KNOWN_NAME /scripts/easyshop.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/edit_image.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/editor/assetmanager/assetmanager.asp|R|APACHE_VHOSTS_KNOWN_NAME /scripts/edlink.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/engine/inc/version.info|R|APACHE_VHOSTS_KNOWN_NAME /scripts/error.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/eshop.pl/seite=;cat%20eshop.|R|APACHE_VHOSTS_KNOWN_NAME /scripts/evalsmsi.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/extras/curltest.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/filter.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/firstvisit.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/FormMail.cgi|R|APACHE_VHOSTS_KNOWN_NAME /scripts/formmail.pl|R|APACHE_VHOSTS_KNOWN_NAME /scripts/FormMail.pl|R|APACHE_VHOSTS_KNOWN_NAME /scripts/formmail.pl.cgi|R|APACHE_VHOSTS_KNOWN_NAME /scripts/forum_answer.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/forum/Database/EZsiteForum.mdb|R|APACHE_VHOSTS_KNOWN_NAME /scripts/gallery.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/gen/obj/collectivite.class.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/gnat/admin/index.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/guestbook.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/GW5/GWWEB.EXE|R|APACHE_VHOSTS_KNOWN_NAME /scripts/GWWEB.EXE|R|APACHE_VHOSTS_KNOWN_NAME /scripts/gzip_loader.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/handlers/getpage.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/hints.pl|R|APACHE_VHOSTS_KNOWN_NAME /scriptshome|R|APACHE_VHOSTS_KNOWN_NAME /scripts/home|R|APACHE_VHOSTS_KNOWN_NAME /scripts/home.asp|R|APACHE_VHOSTS_KNOWN_NAME /scripts/horde/services/help/|R|APACHE_VHOSTS_KNOWN_NAME /scripts/.htaccess|R|APACHE_VHOSTS_KNOWN_NAME /scripts/htaccess.txt|R|APACHE_VHOSTS_KNOWN_NAME /scripts/htdocs/index.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/htdocs/login.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/html/affich.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/html/index.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/htsearch|R|APACHE_VHOSTS_KNOWN_NAME /scripts/i-mall.cgi|R|APACHE_VHOSTS_KNOWN_NAME /scripts/includes/esqueletos/skel_null.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/includes/include.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/includes/initsystem.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/includes/js/mambojavascript.js|R|APACHE_VHOSTS_KNOWN_NAME /scripts/includes/window_top.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/inc/smarty/libs/init.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/indeks.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/index|R|APACHE_VHOSTS_KNOWN_NAME /scripts/index2.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/Index2.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/index.asp|R|APACHE_VHOSTS_KNOWN_NAME /scripts/index.cgi|R|APACHE_VHOSTS_KNOWN_NAME /scripts/index.html|R|APACHE_VHOSTS_KNOWN_NAME /scripts/index.js%70|R|APACHE_VHOSTS_KNOWN_NAME /scripts/index.php|R|APACHE_VHOSTS_KNOWN_NAME /scriptsindex.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/index.php3|R|APACHE_VHOSTS_KNOWN_NAME /scripts/index.php4|R|APACHE_VHOSTS_KNOWN_NAME /scripts/index.php/Special/Main/Templates|R|APACHE_VHOSTS_KNOWN_NAME /scripts/index.php/Special:Version|R|APACHE_VHOSTS_KNOWN_NAME /scripts/index.pl|R|APACHE_VHOSTS_KNOWN_NAME /scripts/index.pl/homels|R|APACHE_VHOSTS_KNOWN_NAME /scripts/index.rb|R|APACHE_VHOSTS_KNOWN_NAME /scripts/inserter.cgi|R|APACHE_VHOSTS_KNOWN_NAME /scripts/install/index.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/ion-p.exe|R|APACHE_VHOSTS_KNOWN_NAME /scripts/jgs_portal_statistik.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/left.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/library/lib.menu.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/lib/version.phps|R|APACHE_VHOSTS_KNOWN_NAME /scripts/license.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/LightNEasy.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/Lisez%20moi.txt|R|APACHE_VHOSTS_KNOWN_NAME /scripts/listinfo|R|APACHE_VHOSTS_KNOWN_NAME /scripts/listrec.pl|R|APACHE_VHOSTS_KNOWN_NAME /scripts/login/|R|APACHE_VHOSTS_KNOWN_NAME /scripts/login.cgi|R|APACHE_VHOSTS_KNOWN_NAME /scripts/login_page.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/login.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/Login.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/login.pl|R|APACHE_VHOSTS_KNOWN_NAME /scripts/mail.cgi|R|APACHE_VHOSTS_KNOWN_NAME /scripts/main_login.asp|R|APACHE_VHOSTS_KNOWN_NAME /scripts/main.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/manager/index.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/manpage/index.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/metadot/index.pl|R|APACHE_VHOSTS_KNOWN_NAME /scripts/mlog.html|R|APACHE_VHOSTS_KNOWN_NAME /scripts/module/biz/index.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/module/forum/main.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/module.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/modules/module_db.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/modules/news/index.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/modules.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/modules/plain/adminpart/addplain.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/mrtg.cgi|R|APACHE_VHOSTS_KNOWN_NAME /scripts/mt.cgi|R|APACHE_VHOSTS_KNOWN_NAME /scripts/mylog.html|R|APACHE_VHOSTS_KNOWN_NAME /scripts/napro4/index.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/news/|R|APACHE_VHOSTS_KNOWN_NAME /scripts/news/admin/index.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/news.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/nph-mr.cgi|R|APACHE_VHOSTS_KNOWN_NAME /scripts/oldnews_reader.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/openwebmail.pl|R|APACHE_VHOSTS_KNOWN_NAME /scripts/order.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/owls/glossaries/index.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/pages.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/passwiki.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/php/login.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/php/mytutos.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/php-ping.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/phpsysinfo/inc/hook_admin.inc.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/phpThumb.demo.demo.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/pivot/index.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/pmwiki.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/pollit/Poll_It_SSI_v2.0.cgi|R|APACHE_VHOSTS_KNOWN_NAME /scripts/portfolio_genre.php|R|APACHE_VHOSTS_KNOWN_NAME /scriptsprintdetail.asp|R|APACHE_VHOSTS_KNOWN_NAME /scripts/print.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/product.comparision.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/productionnu2/fileuploader.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/productionnu2/report.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/public/code/cp_dpage.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/public/code/index.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/public/view.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/quixplorer_2_3/index.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/r.cgi|R|APACHE_VHOSTS_KNOWN_NAME /scripts/README|R|APACHE_VHOSTS_KNOWN_NAME /scripts/README.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/readme.txt|R|APACHE_VHOSTS_KNOWN_NAME /scripts/Readme.txt|R|APACHE_VHOSTS_KNOWN_NAME /scripts/README.txt|R|APACHE_VHOSTS_KNOWN_NAME /scripts/register.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/results.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/revert.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/root.exe|R|APACHE_VHOSTS_KNOWN_NAME /scripts/roschedule.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/rtm.log|R|APACHE_VHOSTS_KNOWN_NAME /scripts/ru/|R|APACHE_VHOSTS_KNOWN_NAME /scripts/scripts.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/scr/soustab.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/sdbsearch.cgi|R|APACHE_VHOSTS_KNOWN_NAME /scripts/search|R|APACHE_VHOSTS_KNOWN_NAME /scripts/search.html|R|APACHE_VHOSTS_KNOWN_NAME /scripts/search.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/search.php3|R|APACHE_VHOSTS_KNOWN_NAME /scripts/search/show.pl|R|APACHE_VHOSTS_KNOWN_NAME /scripts/services/help/|R|APACHE_VHOSTS_KNOWN_NAME /scripts/session/login.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/settings.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/setup.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/s_form.cgi|R|APACHE_VHOSTS_KNOWN_NAME /scripts/sgdynamo.exe|R|APACHE_VHOSTS_KNOWN_NAME /scripts/shopper.cgi|R|APACHE_VHOSTS_KNOWN_NAME /scripts/shop.pl/page=;cat%20shop.|R|APACHE_VHOSTS_KNOWN_NAME /scripts/shopplus.cgi|R|APACHE_VHOSTS_KNOWN_NAME /scripts/shouts.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/showcategory.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/showcat.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/showproduct.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/showtheme.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/signing_system-admin/index.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/site/login.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/sitemap.xml|R|APACHE_VHOSTS_KNOWN_NAME /scripts/site.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/skins/default.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/smarty.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/software-description.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/src/main.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/start.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/status.php3|R|APACHE_VHOSTS_KNOWN_NAME /scripts/story.pl|R|APACHE_VHOSTS_KNOWN_NAME /scripts/stuworkdisplay.php|R|APACHE_VHOSTS_KNOWN_NAME /scriptssymphony/|R|APACHE_VHOSTS_KNOWN_NAME /scripts/SystemInfo|R|APACHE_VHOSTS_KNOWN_NAME /scripts/system/rss.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/team.rc5-72.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/Templates/default/index_logged.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/templates/system/css/editor.css|R|APACHE_VHOSTS_KNOWN_NAME /scripts/test.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/themes/admin/default/modules/show.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/thread.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/tiki-index.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/tiki-orphan_pages.php/>">|R|APACHE_VHOSTS_KNOWN_NAME /scripts/tiny_mce/plugins/ibrowser/ibrowser.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/titleBar.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/tmpl/news_main.htm|R|APACHE_VHOSTS_KNOWN_NAME /scripts/tools.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/topic.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/update.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/upload/account-login.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/upload/index.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/user.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/users/login.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/VERSION|R|APACHE_VHOSTS_KNOWN_NAME /scripts/viart_shop.xml|R|APACHE_VHOSTS_KNOWN_NAME /scripts/vicidial.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/viewforum.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/view_item|R|APACHE_VHOSTS_KNOWN_NAME /scripts/view.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/viewvc/|R|APACHE_VHOSTS_KNOWN_NAME /scripts/viewvc.cgi/|R|APACHE_VHOSTS_KNOWN_NAME /scripts/w3who.dll|R|APACHE_VHOSTS_KNOWN_NAME /scripts/WackoWiki|R|APACHE_VHOSTS_KNOWN_NAME /scripts/wcf/acp/dereferrer.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/webadmin.php|R|APACHE_VHOSTS_KNOWN_NAME /scriptswebcart.cgi|R|APACHE_VHOSTS_KNOWN_NAME /scripts/web/help.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/webplus|R|APACHE_VHOSTS_KNOWN_NAME /scripts/webplus.exe|R|APACHE_VHOSTS_KNOWN_NAME /scripts/Web_Store/web_store.cgi|R|APACHE_VHOSTS_KNOWN_NAME /scripts/wiki/index.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/www/admin/index.php|R|APACHE_VHOSTS_KNOWN_NAME /scripts/www/default.asp|R|APACHE_VHOSTS_KNOWN_NAME /scripts/www/index.php|R|APACHE_VHOSTS_KNOWN_NAME /scr/soustab.php|R|APACHE_VHOSTS_KNOWN_NAME /sdbsearch.cgi|R|APACHE_VHOSTS_KNOWN_NAME /Seagull/index.php|R|APACHE_VHOSTS_KNOWN_NAME /seagull/www/index.php|R|APACHE_VHOSTS_KNOWN_NAME /search|R|APACHE_VHOSTS_KNOWN_NAME /search/|R|APACHE_VHOSTS_KNOWN_NAME /search97/|R|APACHE_VHOSTS_KNOWN_NAME /search.html|R|APACHE_VHOSTS_KNOWN_NAME /search.php|R|APACHE_VHOSTS_KNOWN_NAME /search.php3|R|APACHE_VHOSTS_KNOWN_NAME /search/results.stm|R|APACHE_VHOSTS_KNOWN_NAME /search/search.html|R|APACHE_VHOSTS_KNOWN_NAME /search/show.pl|R|APACHE_VHOSTS_KNOWN_NAME /search-ui/|R|APACHE_VHOSTS_KNOWN_NAME /secret/|R|APACHE_VHOSTS_KNOWN_NAME /secure/|R|APACHE_VHOSTS_KNOWN_NAME /secured/|R|APACHE_VHOSTS_KNOWN_NAME /sell/|R|APACHE_VHOSTS_KNOWN_NAME /sendeditfile|R|APACHE_VHOSTS_KNOWN_NAME /seportal/index.php|R|APACHE_VHOSTS_KNOWN_NAME /serendipity/index.php|R|APACHE_VHOSTS_KNOWN_NAME /serve/|R|APACHE_VHOSTS_KNOWN_NAME /server-info|R|APACHE_VHOSTS_KNOWN_NAME /server-info/|R|APACHE_VHOSTS_KNOWN_NAME /server.ini|R|APACHE_VHOSTS_KNOWN_NAME /servers/|R|APACHE_VHOSTS_KNOWN_NAME /server_stats/|R|APACHE_VHOSTS_KNOWN_NAME /serverstats/|R|APACHE_VHOSTS_KNOWN_NAME /server-status|R|APACHE_VHOSTS_KNOWN_NAME /server-status/|R|APACHE_VHOSTS_KNOWN_NAME /service/|R|APACHE_VHOSTS_KNOWN_NAME /services/|R|APACHE_VHOSTS_KNOWN_NAME /services/help/|R|APACHE_VHOSTS_KNOWN_NAME /servicio/|R|APACHE_VHOSTS_KNOWN_NAME /servicios/|R|APACHE_VHOSTS_KNOWN_NAME /servlet/|R|APACHE_VHOSTS_KNOWN_NAME /servlet/com.newatlanta.servletexec.JSP10Servlet|R|APACHE_VHOSTS_KNOWN_NAME /servlet/com.newatlanta.servletexec.JSP10Servlet/..%5c..%5cglobal.asa|R|APACHE_VHOSTS_KNOWN_NAME /servlet/org.apache.catalina.servlets.DefaultServlet/index.jsp|R|APACHE_VHOSTS_KNOWN_NAME /servlets/|R|APACHE_VHOSTS_KNOWN_NAME /servlet/webacc|R|APACHE_VHOSTS_KNOWN_NAME /session/|R|APACHE_VHOSTS_KNOWN_NAME /session/login.php|R|APACHE_VHOSTS_KNOWN_NAME /settings.php|R|APACHE_VHOSTS_KNOWN_NAME /setup/|R|APACHE_VHOSTS_KNOWN_NAME /s_form.cgi|R|APACHE_VHOSTS_KNOWN_NAME /sgdynamo.exe|R|APACHE_VHOSTS_KNOWN_NAME /share/|R|APACHE_VHOSTS_KNOWN_NAME /shared/|R|APACHE_VHOSTS_KNOWN_NAME /_sharedtemplates/|R|APACHE_VHOSTS_KNOWN_NAME /shell-cgi/|R|APACHE_VHOSTS_KNOWN_NAME /shipping/|R|APACHE_VHOSTS_KNOWN_NAME /shop/|R|APACHE_VHOSTS_KNOWN_NAME /shop/admin/login.html|R|APACHE_VHOSTS_KNOWN_NAME /shop/includes/initsystem.php|R|APACHE_VHOSTS_KNOWN_NAME /shop/index.php|R|APACHE_VHOSTS_KNOWN_NAME /shopper/|R|APACHE_VHOSTS_KNOWN_NAME /shopper.cgi|R|APACHE_VHOSTS_KNOWN_NAME /shopping/|R|APACHE_VHOSTS_KNOWN_NAME /shop.pl/page=;cat%20shop.|R|APACHE_VHOSTS_KNOWN_NAME /shopplus.cgi|R|APACHE_VHOSTS_KNOWN_NAME /shouts.php|R|APACHE_VHOSTS_KNOWN_NAME /showcategory.php|R|APACHE_VHOSTS_KNOWN_NAME /showcat.php|R|APACHE_VHOSTS_KNOWN_NAME /showproduct.php|R|APACHE_VHOSTS_KNOWN_NAME /showtheme.php|R|APACHE_VHOSTS_KNOWN_NAME /siestta/|R|APACHE_VHOSTS_KNOWN_NAME /Siestta/|R|APACHE_VHOSTS_KNOWN_NAME /signing_system-admin/index.php|R|APACHE_VHOSTS_KNOWN_NAME /SilverStream|R|APACHE_VHOSTS_KNOWN_NAME /SilverStream/|R|APACHE_VHOSTS_KNOWN_NAME /SilverStream/Meta/Tables/|R|APACHE_VHOSTS_KNOWN_NAME /simpleid/www/index.php|R|APACHE_VHOSTS_KNOWN_NAME /SimpleID/www/index.php|R|APACHE_VHOSTS_KNOWN_NAME /simpnew248/news.php|R|APACHE_VHOSTS_KNOWN_NAME /SimpNews/news.php|R|APACHE_VHOSTS_KNOWN_NAME /sinecms/index.php|R|APACHE_VHOSTS_KNOWN_NAME /sine/index.php|R|APACHE_VHOSTS_KNOWN_NAME /site/|R|APACHE_VHOSTS_KNOWN_NAME /siteadmin/|R|APACHE_VHOSTS_KNOWN_NAME /sitebuildercontent/|R|APACHE_VHOSTS_KNOWN_NAME /sitebuilderfiles/|R|APACHE_VHOSTS_KNOWN_NAME /sitebuilderpictures/|R|APACHE_VHOSTS_KNOWN_NAME /site/login.php|R|APACHE_VHOSTS_KNOWN_NAME /sitemap.xml|R|APACHE_VHOSTS_KNOWN_NAME /sitemgr/|R|APACHE_VHOSTS_KNOWN_NAME /siteminder/|R|APACHE_VHOSTS_KNOWN_NAME /siteminderagent/|R|APACHE_VHOSTS_KNOWN_NAME /site.php|R|APACHE_VHOSTS_KNOWN_NAME /sites/|R|APACHE_VHOSTS_KNOWN_NAME /siteserver/|R|APACHE_VHOSTS_KNOWN_NAME /sitestats/|R|APACHE_VHOSTS_KNOWN_NAME /siteupdate/|R|APACHE_VHOSTS_KNOWN_NAME /sitex/login.php|R|APACHE_VHOSTS_KNOWN_NAME /skalinks/admin/index.php|R|APACHE_VHOSTS_KNOWN_NAME /skins/default.php|R|APACHE_VHOSTS_KNOWN_NAME /slide/|R|APACHE_VHOSTS_KNOWN_NAME /smadmr5.nsf|R|APACHE_VHOSTS_KNOWN_NAME /smarty.php|R|APACHE_VHOSTS_KNOWN_NAME /smbind/src/main.php|R|APACHE_VHOSTS_KNOWN_NAME /smconf.nsf|R|APACHE_VHOSTS_KNOWN_NAME /smency.nsf|R|APACHE_VHOSTS_KNOWN_NAME /smf/index.php|R|APACHE_VHOSTS_KNOWN_NAME /sm_forum/index.php|R|APACHE_VHOSTS_KNOWN_NAME /smftypes.nsf|R|APACHE_VHOSTS_KNOWN_NAME /smhelp.nsf|R|APACHE_VHOSTS_KNOWN_NAME /smmsg.nsf|R|APACHE_VHOSTS_KNOWN_NAME /smquar.nsf|R|APACHE_VHOSTS_KNOWN_NAME /smreports/|R|APACHE_VHOSTS_KNOWN_NAME /smreportsviewer/|R|APACHE_VHOSTS_KNOWN_NAME /sms/index.php|R|APACHE_VHOSTS_KNOWN_NAME /SMS/index.php|R|APACHE_VHOSTS_KNOWN_NAME /smsmvlog.nsf|R|APACHE_VHOSTS_KNOWN_NAME /smtime.nsf|R|APACHE_VHOSTS_KNOWN_NAME /snews/index.php|R|APACHE_VHOSTS_KNOWN_NAME /sNews/index.php|R|APACHE_VHOSTS_KNOWN_NAME /snews/readme.txt|R|APACHE_VHOSTS_KNOWN_NAME /sNews/readme.txt|R|APACHE_VHOSTS_KNOWN_NAME /snipegallery/index.php|R|APACHE_VHOSTS_KNOWN_NAME /snort/alerts.php|R|APACHE_VHOSTS_KNOWN_NAME /snort/base/base_main.php|R|APACHE_VHOSTS_KNOWN_NAME /snortreport-1.3.1/alerts.php|R|APACHE_VHOSTS_KNOWN_NAME /snortreport/alerts.php|R|APACHE_VHOSTS_KNOWN_NAME /soap/|R|APACHE_VHOSTS_KNOWN_NAME /soapdocs/|R|APACHE_VHOSTS_KNOWN_NAME /software/|R|APACHE_VHOSTS_KNOWN_NAME /software-description.php|R|APACHE_VHOSTS_KNOWN_NAME /software/software-description.php|R|APACHE_VHOSTS_KNOWN_NAME /solaris/|R|APACHE_VHOSTS_KNOWN_NAME /solutions/|R|APACHE_VHOSTS_KNOWN_NAME /source/|R|APACHE_VHOSTS_KNOWN_NAME /Spheric/admin/index.php|R|APACHE_VHOSTS_KNOWN_NAME /sphider/changelog|R|APACHE_VHOSTS_KNOWN_NAME /spipe/pkg|R|APACHE_VHOSTS_KNOWN_NAME /sql/|R|APACHE_VHOSTS_KNOWN_NAME /sqladmin/|R|APACHE_VHOSTS_KNOWN_NAME /sql/admin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sqldatabase/|R|APACHE_VHOSTS_KNOWN_NAME /sql/dbadmin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/db/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sqlite/LightNEasy.php|R|APACHE_VHOSTS_KNOWN_NAME /SQLiteManager/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql-ledger/login.pl|R|APACHE_VHOSTS_KNOWN_NAME /sql/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sqlmanager/|R|APACHE_VHOSTS_KNOWN_NAME /sqlmanager/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/myadmin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpmanager/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpMyAdmin-2.2.3/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpMyAdmin-2.2.6/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpMyAdmin-2.5.1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpMyAdmin-2.5.4/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpMyAdmin-2.5.5/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpMyAdmin-2.5.5-pl1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpMyAdmin-2.5.5-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpMyAdmin-2.5.5-rc2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpMyAdmin-2.5.6/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpMyAdmin-2.5.6-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpMyAdmin-2.5.6-rc2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpMyAdmin-2.5.7/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpMyAdmin-2.5.7-pl1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpMyAdmin-2.6.0-alpha2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpMyAdmin-2.6.0-alpha/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpMyAdmin-2.6.0-beta1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpMyAdmin-2.6.0-beta2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpMyAdmin-2.6.0/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpMyAdmin-2.6.0-pl1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpMyAdmin-2.6.0-pl2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpMyAdmin-2.6.0-pl3/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpMyAdmin-2.6.0-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpMyAdmin-2.6.0-rc2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpMyAdmin-2.6.0-rc3/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpMyAdmin-2.6.1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpMyAdmin-2.6.1-pl1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpMyAdmin-2.6.1-pl2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpMyAdmin-2.6.1-pl3/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpMyAdmin-2.6.1-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpMyAdmin-2.6.1-rc2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpMyAdmin-2.6.2-beta1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpMyAdmin-2.6.2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpMyAdmin-2.6.2-pl1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpMyAdmin-2.6.2-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpMyAdmin-2.6.3/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpMyAdmin-2.6.3-pl1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpMyAdmin-2.6.3-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpMyAdmin-2.6.4/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpMyAdmin-2.6.4-pl1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpMyAdmin-2.6.4-pl2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpMyAdmin-2.6.4-pl3/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpMyAdmin-2.6.4-pl4/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpMyAdmin-2.6.4-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpMyAdmin-2.7.0-beta1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpMyAdmin-2.7.0/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpMyAdmin-2.7.0-pl1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpMyAdmin-2.7.0-pl2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpMyAdmin-2.7.0-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpMyAdmin-2.8.0.1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpMyAdmin-2.8.0.2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpMyAdmin-2.8.0.3/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpMyAdmin-2.8.0.4/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpMyAdmin-2.8.0-beta1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpMyAdmin-2.8.0/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpMyAdmin-2.8.0-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpMyAdmin-2.8.0-rc2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpMyAdmin-2.8.1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpMyAdmin-2.8.1-rc1/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpMyAdmin-2.8.2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpmyadmin2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpMyAdmin-2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpMyAdmin2/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/php-my-admin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/php-myadmin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpmy-admin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpmyadmin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/phpMyAdmin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/pma2005/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/pMA2005/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/pma2006/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/pMA2006/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/p/m/a/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/pMA/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/sql-admin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/sqladmin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/sql/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/sqlmanager/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/sqlweb/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sqlweb/|R|APACHE_VHOSTS_KNOWN_NAME /sql/webadmin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/webdb/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/web/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sqlweb/main.php|R|APACHE_VHOSTS_KNOWN_NAME /sql/websql/main.php|R|APACHE_VHOSTS_KNOWN_NAME /squid/|R|APACHE_VHOSTS_KNOWN_NAME /squirrelmail/|R|APACHE_VHOSTS_KNOWN_NAME /squirrelmail/src/login.php|R|APACHE_VHOSTS_KNOWN_NAME /src/|R|APACHE_VHOSTS_KNOWN_NAME /srchadm/|R|APACHE_VHOSTS_KNOWN_NAME /src/main.php|R|APACHE_VHOSTS_KNOWN_NAME /ssi/|R|APACHE_VHOSTS_KNOWN_NAME /ssl/|R|APACHE_VHOSTS_KNOWN_NAME /sslkeys/|R|APACHE_VHOSTS_KNOWN_NAME /staff/|R|APACHE_VHOSTS_KNOWN_NAME /start.php|R|APACHE_VHOSTS_KNOWN_NAME /stat/|R|APACHE_VHOSTS_KNOWN_NAME /stat/awstats.pl|R|APACHE_VHOSTS_KNOWN_NAME /statistic/|R|APACHE_VHOSTS_KNOWN_NAME /statistics/|R|APACHE_VHOSTS_KNOWN_NAME /statistics/awstats.pl|R|APACHE_VHOSTS_KNOWN_NAME /statistik/cgi-bin/awstats.pl|R|APACHE_VHOSTS_KNOWN_NAME /~stats/|R|APACHE_VHOSTS_KNOWN_NAME /stats/|R|APACHE_VHOSTS_KNOWN_NAME /Stats/|R|APACHE_VHOSTS_KNOWN_NAME /stats/awstats.pl|R|APACHE_VHOSTS_KNOWN_NAME /stats-bin-p/|R|APACHE_VHOSTS_KNOWN_NAME /stats/index.php|R|APACHE_VHOSTS_KNOWN_NAME /stats_old/|R|APACHE_VHOSTS_KNOWN_NAME /stats/tools.php|R|APACHE_VHOSTS_KNOWN_NAME /status|R|APACHE_VHOSTS_KNOWN_NAME /status/|R|APACHE_VHOSTS_KNOWN_NAME /status.php3|R|APACHE_VHOSTS_KNOWN_NAME /storage/|R|APACHE_VHOSTS_KNOWN_NAME /store/|R|APACHE_VHOSTS_KNOWN_NAME /store/agora.cgi|R|APACHE_VHOSTS_KNOWN_NAME /StoreDB/|R|APACHE_VHOSTS_KNOWN_NAME /store/index.php|R|APACHE_VHOSTS_KNOWN_NAME /storemgr/|R|APACHE_VHOSTS_KNOWN_NAME /story.pl|R|APACHE_VHOSTS_KNOWN_NAME /stronghold-info|R|APACHE_VHOSTS_KNOWN_NAME /stronghold-info/|R|APACHE_VHOSTS_KNOWN_NAME /stronghold-status|R|APACHE_VHOSTS_KNOWN_NAME /stronghold-status/|R|APACHE_VHOSTS_KNOWN_NAME /stuff/|R|APACHE_VHOSTS_KNOWN_NAME /stuworkdisplay.php|R|APACHE_VHOSTS_KNOWN_NAME /style/|R|APACHE_VHOSTS_KNOWN_NAME /styles/|R|APACHE_VHOSTS_KNOWN_NAME /stylesheet/|R|APACHE_VHOSTS_KNOWN_NAME /stylesheets/|R|APACHE_VHOSTS_KNOWN_NAME /subir/|R|APACHE_VHOSTS_KNOWN_NAME /sun/|R|APACHE_VHOSTS_KNOWN_NAME /super_stats/|R|APACHE_VHOSTS_KNOWN_NAME /support/|R|APACHE_VHOSTS_KNOWN_NAME /supporter/|R|APACHE_VHOSTS_KNOWN_NAME /support/index.php|R|APACHE_VHOSTS_KNOWN_NAME /survey/admin/admin.php|R|APACHE_VHOSTS_KNOWN_NAME /svn/viewvc/|R|APACHE_VHOSTS_KNOWN_NAME /svn/viewvc.cgi/|R|APACHE_VHOSTS_KNOWN_NAME /sympa/|R|APACHE_VHOSTS_KNOWN_NAME /symphony/|R|APACHE_VHOSTS_KNOWN_NAME /symphony/symphony/|R|APACHE_VHOSTS_KNOWN_NAME /sys/|R|APACHE_VHOSTS_KNOWN_NAME /sysadmin/|R|APACHE_VHOSTS_KNOWN_NAME /sysbackup/|R|APACHE_VHOSTS_KNOWN_NAME /system/|R|APACHE_VHOSTS_KNOWN_NAME /SystemInfo|R|APACHE_VHOSTS_KNOWN_NAME /system/rss.php|R|APACHE_VHOSTS_KNOWN_NAME /tangocms/README|R|APACHE_VHOSTS_KNOWN_NAME /tar/|R|APACHE_VHOSTS_KNOWN_NAME /tarantella/|R|APACHE_VHOSTS_KNOWN_NAME /tarjetas/|R|APACHE_VHOSTS_KNOWN_NAME /taskfreak/login.php|R|APACHE_VHOSTS_KNOWN_NAME /Taskfreak/login.php|R|APACHE_VHOSTS_KNOWN_NAME /tcexam/public/code/index.php|R|APACHE_VHOSTS_KNOWN_NAME /TCExam/public/code/index.php|R|APACHE_VHOSTS_KNOWN_NAME /tcpdb/main.php|R|APACHE_VHOSTS_KNOWN_NAME /tcwphpalbum/index.php|R|APACHE_VHOSTS_KNOWN_NAME /tdbin/|R|APACHE_VHOSTS_KNOWN_NAME /tdiary/index.rb|R|APACHE_VHOSTS_KNOWN_NAME /team.rc5-72.php|R|APACHE_VHOSTS_KNOWN_NAME /tech/|R|APACHE_VHOSTS_KNOWN_NAME /technote/|R|APACHE_VHOSTS_KNOWN_NAME /te_html/|R|APACHE_VHOSTS_KNOWN_NAME /teleparkwiki/index.php|R|APACHE_VHOSTS_KNOWN_NAME /tematres/index.php|R|APACHE_VHOSTS_KNOWN_NAME /tembria/index.asp|R|APACHE_VHOSTS_KNOWN_NAME /temp/|R|APACHE_VHOSTS_KNOWN_NAME /template/|R|APACHE_VHOSTS_KNOWN_NAME /templates/|R|APACHE_VHOSTS_KNOWN_NAME /Templates/|R|APACHE_VHOSTS_KNOWN_NAME /Templates/default/index_logged.php|R|APACHE_VHOSTS_KNOWN_NAME /templates/system/css/editor.css|R|APACHE_VHOSTS_KNOWN_NAME /temporal/|R|APACHE_VHOSTS_KNOWN_NAME /test/|R|APACHE_VHOSTS_KNOWN_NAME /test-cgi/|R|APACHE_VHOSTS_KNOWN_NAME /testing/|R|APACHE_VHOSTS_KNOWN_NAME /testlink/login.php|R|APACHE_VHOSTS_KNOWN_NAME /test.php|R|APACHE_VHOSTS_KNOWN_NAME /_tests/|R|APACHE_VHOSTS_KNOWN_NAME /tests/|R|APACHE_VHOSTS_KNOWN_NAME /testweb/|R|APACHE_VHOSTS_KNOWN_NAME /textpattern/index.php|R|APACHE_VHOSTS_KNOWN_NAME /_themes/|R|APACHE_VHOSTS_KNOWN_NAME /themes/admin/default/modules/show.php|R|APACHE_VHOSTS_KNOWN_NAME /this_page_should_not_exist.htm|R|APACHE_VHOSTS_KNOWN_NAME /thread.php|R|APACHE_VHOSTS_KNOWN_NAME /ticket/|R|APACHE_VHOSTS_KNOWN_NAME /ticket/index.php|R|APACHE_VHOSTS_KNOWN_NAME /tickets/|R|APACHE_VHOSTS_KNOWN_NAME /tiki-index.php|R|APACHE_VHOSTS_KNOWN_NAME /tiki-orphan_pages.php/>">|R|APACHE_VHOSTS_KNOWN_NAME /tiki/tiki-index.php|R|APACHE_VHOSTS_KNOWN_NAME /tikiwiki/README|R|APACHE_VHOSTS_KNOWN_NAME /tikiwiki/tiki-index.php|R|APACHE_VHOSTS_KNOWN_NAME /tikiwiki/tiki-orphan_pages.php/>">|R|APACHE_VHOSTS_KNOWN_NAME /timesheet/about-show.do|R|APACHE_VHOSTS_KNOWN_NAME /tinxcms/system/rss.php|R|APACHE_VHOSTS_KNOWN_NAME /tiny_mce/plugins/ibrowser/ibrowser.php|R|APACHE_VHOSTS_KNOWN_NAME /tinywebgallery/admin/index.php|R|APACHE_VHOSTS_KNOWN_NAME /titleBar.php|R|APACHE_VHOSTS_KNOWN_NAME /tjobs/jobdetails.php|R|APACHE_VHOSTS_KNOWN_NAME /tmp/|R|APACHE_VHOSTS_KNOWN_NAME /tmpl/news_main.htm|R|APACHE_VHOSTS_KNOWN_NAME /ToDo/|R|APACHE_VHOSTS_KNOWN_NAME /tools/|R|APACHE_VHOSTS_KNOWN_NAME /tools.php|R|APACHE_VHOSTS_KNOWN_NAME /topic.php|R|APACHE_VHOSTS_KNOWN_NAME /torrent/index.php|R|APACHE_VHOSTS_KNOWN_NAME /torrent/site/login.php|R|APACHE_VHOSTS_KNOWN_NAME /torrenttrader/upload/account-login.php|R|APACHE_VHOSTS_KNOWN_NAME /torrent/upload/account-login.php|R|APACHE_VHOSTS_KNOWN_NAME /torrentvolve/site/login.php|R|APACHE_VHOSTS_KNOWN_NAME /TotalCalendar/index.php|R|APACHE_VHOSTS_KNOWN_NAME /tpv/|R|APACHE_VHOSTS_KNOWN_NAME /trabajo/|R|APACHE_VHOSTS_KNOWN_NAME /trace.axd|R|APACHE_VHOSTS_KNOWN_NAME /track/|R|APACHE_VHOSTS_KNOWN_NAME /tracker/index.html|R|APACHE_VHOSTS_KNOWN_NAME /tracker/index.php|R|APACHE_VHOSTS_KNOWN_NAME /tracking/|R|APACHE_VHOSTS_KNOWN_NAME /trade.php|R|APACHE_VHOSTS_KNOWN_NAME /transito/|R|APACHE_VHOSTS_KNOWN_NAME /transpolar/|R|APACHE_VHOSTS_KNOWN_NAME /tree/|R|APACHE_VHOSTS_KNOWN_NAME /trees/|R|APACHE_VHOSTS_KNOWN_NAME /tribisur/scripts.php|R|APACHE_VHOSTS_KNOWN_NAME /Tribisur/scripts.php|R|APACHE_VHOSTS_KNOWN_NAME /truc/login.php|R|APACHE_VHOSTS_KNOWN_NAME /Truc/login.php|R|APACHE_VHOSTS_KNOWN_NAME /ttc/upload/account-login.php|R|APACHE_VHOSTS_KNOWN_NAME /ttwm/tt/index.php|R|APACHE_VHOSTS_KNOWN_NAME /twg/admin/index.php|R|APACHE_VHOSTS_KNOWN_NAME /twiki/bin/view/TWiki/WebHome|R|APACHE_VHOSTS_KNOWN_NAME /twiki/index.php|R|APACHE_VHOSTS_KNOWN_NAME /typo3/phpmyadmin/|R|APACHE_VHOSTS_KNOWN_NAME /typo3/phpmyadmin/read_dump.phpmain.php|R|APACHE_VHOSTS_KNOWN_NAME /uebimiau/index.php|R|APACHE_VHOSTS_KNOWN_NAME /upb/db/users.dat|R|APACHE_VHOSTS_KNOWN_NAME /update.php|R|APACHE_VHOSTS_KNOWN_NAME /updates/|R|APACHE_VHOSTS_KNOWN_NAME /upload/|R|APACHE_VHOSTS_KNOWN_NAME /upload/account-login.php|R|APACHE_VHOSTS_KNOWN_NAME /upload/index.php|R|APACHE_VHOSTS_KNOWN_NAME /uploads/|R|APACHE_VHOSTS_KNOWN_NAME /urchin/|R|APACHE_VHOSTS_KNOWN_NAME /urchin3/|R|APACHE_VHOSTS_KNOWN_NAME /urchin5/|R|APACHE_VHOSTS_KNOWN_NAME /us/|R|APACHE_VHOSTS_KNOWN_NAME /usage/|R|APACHE_VHOSTS_KNOWN_NAME /UseBB/index.php|R|APACHE_VHOSTS_KNOWN_NAME /user/|R|APACHE_VHOSTS_KNOWN_NAME /userdb/|R|APACHE_VHOSTS_KNOWN_NAME /user.php|R|APACHE_VHOSTS_KNOWN_NAME /users/|R|APACHE_VHOSTS_KNOWN_NAME /users/login.php|R|APACHE_VHOSTS_KNOWN_NAME /usr/|R|APACHE_VHOSTS_KNOWN_NAME /ustats/|R|APACHE_VHOSTS_KNOWN_NAME /usuario/|R|APACHE_VHOSTS_KNOWN_NAME /usuarios/|R|APACHE_VHOSTS_KNOWN_NAME /utf-8/index.php|R|APACHE_VHOSTS_KNOWN_NAME /util/|R|APACHE_VHOSTS_KNOWN_NAME /utils/|R|APACHE_VHOSTS_KNOWN_NAME /v4/|R|APACHE_VHOSTS_KNOWN_NAME /Vanilla113rc1/index.php|R|APACHE_VHOSTS_KNOWN_NAME /Vanilla117/index.php|R|APACHE_VHOSTS_KNOWN_NAME /Vanilla118/index.php|R|APACHE_VHOSTS_KNOWN_NAME /VERSION|R|APACHE_VHOSTS_KNOWN_NAME /vfs/|R|APACHE_VHOSTS_KNOWN_NAME /viart_cms/viart_shop.xml|R|APACHE_VHOSTS_KNOWN_NAME /viart_shop/viart_shop.xml|R|APACHE_VHOSTS_KNOWN_NAME /viart_shop.xml|R|APACHE_VHOSTS_KNOWN_NAME /vicidial.php|R|APACHE_VHOSTS_KNOWN_NAME /vicidial/vicidial.php|R|APACHE_VHOSTS_KNOWN_NAME /viewforum.php|R|APACHE_VHOSTS_KNOWN_NAME /view_item|R|APACHE_VHOSTS_KNOWN_NAME /view.php|R|APACHE_VHOSTS_KNOWN_NAME /viewvc/|R|APACHE_VHOSTS_KNOWN_NAME /viewvc.cgi/|R|APACHE_VHOSTS_KNOWN_NAME /volve/site/login.php|R|APACHE_VHOSTS_KNOWN_NAME /_vti_bin/|R|APACHE_VHOSTS_KNOWN_NAME /_vti_bin/_vti_aut/fp30reg.dll|R|APACHE_VHOSTS_KNOWN_NAME /_vti_bot/|R|APACHE_VHOSTS_KNOWN_NAME /vtigercrm/index.php|R|APACHE_VHOSTS_KNOWN_NAME /_vti_log/|R|APACHE_VHOSTS_KNOWN_NAME /_vti_pvt/|R|APACHE_VHOSTS_KNOWN_NAME /_vti_shm/|R|APACHE_VHOSTS_KNOWN_NAME /_vti_txt/|R|APACHE_VHOSTS_KNOWN_NAME /vu2qQDc3jsqe.asp|R|APACHE_VHOSTS_KNOWN_NAME /vu2qQDc3jsqe.cfm|R|APACHE_VHOSTS_KNOWN_NAME /vu2qQDc3jsqe.cgi|R|APACHE_VHOSTS_KNOWN_NAME /vu2qQDc3jsqe.html|R|APACHE_VHOSTS_KNOWN_NAME /vu2qQDc3jsqe.inc|R|APACHE_VHOSTS_KNOWN_NAME /vu2qQDc3jsqe.php|R|APACHE_VHOSTS_KNOWN_NAME /vu2qQDc3jsqe.php3|R|APACHE_VHOSTS_KNOWN_NAME /vu2qQDc3jsqe.pl|R|APACHE_VHOSTS_KNOWN_NAME /vu2qQDc3jsqe.sh|R|APACHE_VHOSTS_KNOWN_NAME /vu2qQDc3jsqe.shtml|R|APACHE_VHOSTS_KNOWN_NAME /v-webmail/htdocs/login.php|R|APACHE_VHOSTS_KNOWN_NAME /w3perl/|R|APACHE_VHOSTS_KNOWN_NAME /WackoWiki|R|APACHE_VHOSTS_KNOWN_NAME /w-agora/|R|APACHE_VHOSTS_KNOWN_NAME /w-agora/search.php|R|APACHE_VHOSTS_KNOWN_NAME /w-agora/search.php3|R|APACHE_VHOSTS_KNOWN_NAME /wavemaster.internal/|R|APACHE_VHOSTS_KNOWN_NAME /way-board/|R|APACHE_VHOSTS_KNOWN_NAME /wbb/upload/index.php|R|APACHE_VHOSTS_KNOWN_NAME /wcf/acp/dereferrer.php|R|APACHE_VHOSTS_KNOWN_NAME /web/|R|APACHE_VHOSTS_KNOWN_NAME /web800fo/|R|APACHE_VHOSTS_KNOWN_NAME /webaccess/|R|APACHE_VHOSTS_KNOWN_NAME /webadmin/|R|APACHE_VHOSTS_KNOWN_NAME /webadmin/main.php|R|APACHE_VHOSTS_KNOWN_NAME /webadmin.php|R|APACHE_VHOSTS_KNOWN_NAME /webalizer/|R|APACHE_VHOSTS_KNOWN_NAME /webapps/|R|APACHE_VHOSTS_KNOWN_NAME /WebBank/|R|APACHE_VHOSTS_KNOWN_NAME /webboard/|R|APACHE_VHOSTS_KNOWN_NAME /WebCalendar/|R|APACHE_VHOSTS_KNOWN_NAME /webcalendar/login.php|R|APACHE_VHOSTS_KNOWN_NAME /webcart/|R|APACHE_VHOSTS_KNOWN_NAME /webcart-lite/|R|APACHE_VHOSTS_KNOWN_NAME /webdata/|R|APACHE_VHOSTS_KNOWN_NAME /webdav/|R|APACHE_VHOSTS_KNOWN_NAME /webdav/test|R|APACHE_VHOSTS_KNOWN_NAME /webdb/|R|APACHE_VHOSTS_KNOWN_NAME /WebDB/|R|APACHE_VHOSTS_KNOWN_NAME /webdb/main.php|R|APACHE_VHOSTS_KNOWN_NAME /webEdition/index.php|R|APACHE_VHOSTS_KNOWN_NAME /webftp/index.php|R|APACHE_VHOSTS_KNOWN_NAME /web/help.php|R|APACHE_VHOSTS_KNOWN_NAME /WebID/IISWebAgentIF.dll|R|APACHE_VHOSTS_KNOWN_NAME /webid/index.php|R|APACHE_VHOSTS_KNOWN_NAME /webimages/|R|APACHE_VHOSTS_KNOWN_NAME /webimages2/|R|APACHE_VHOSTS_KNOWN_NAME /web/index.php|R|APACHE_VHOSTS_KNOWN_NAME /WEB-INF./web.xml|R|APACHE_VHOSTS_KNOWN_NAME /webl/index.html|R|APACHE_VHOSTS_KNOWN_NAME /weblog/|R|APACHE_VHOSTS_KNOWN_NAME /weblogger/index.php|R|APACHE_VHOSTS_KNOWN_NAME /weblogs/|R|APACHE_VHOSTS_KNOWN_NAME /webmail/|R|APACHE_VHOSTS_KNOWN_NAME /webmail2/bin/msgimport|R|APACHE_VHOSTS_KNOWN_NAME /webmail/bin/msgimport|R|APACHE_VHOSTS_KNOWN_NAME /webmail/default.aspx|R|APACHE_VHOSTS_KNOWN_NAME /webmail/htdocs/login.php|R|APACHE_VHOSTS_KNOWN_NAME /webmail/index.php|R|APACHE_VHOSTS_KNOWN_NAME /webmail/login.php|R|APACHE_VHOSTS_KNOWN_NAME /web/main.php|R|APACHE_VHOSTS_KNOWN_NAME /webmaster/|R|APACHE_VHOSTS_KNOWN_NAME /webmaster_logs/|R|APACHE_VHOSTS_KNOWN_NAME /webMathematica/|R|APACHE_VHOSTS_KNOWN_NAME /webmatic/index.php|R|APACHE_VHOSTS_KNOWN_NAME /web/phpMyAdmin/read_dump.phpmain.php|R|APACHE_VHOSTS_KNOWN_NAME /webplus|R|APACHE_VHOSTS_KNOWN_NAME /webplus.exe|R|APACHE_VHOSTS_KNOWN_NAME /webpub/|R|APACHE_VHOSTS_KNOWN_NAME /webpub-ui/|R|APACHE_VHOSTS_KNOWN_NAME /webreports/|R|APACHE_VHOSTS_KNOWN_NAME /webreps/|R|APACHE_VHOSTS_KNOWN_NAME /webshare/|R|APACHE_VHOSTS_KNOWN_NAME /WebShop/|R|APACHE_VHOSTS_KNOWN_NAME /website/|R|APACHE_VHOSTS_KNOWN_NAME /websiteadmin/index.php|R|APACHE_VHOSTS_KNOWN_NAME /WebSiteAdmin/index.php|R|APACHE_VHOSTS_KNOWN_NAME /websql/|R|APACHE_VHOSTS_KNOWN_NAME /websql/main.php|R|APACHE_VHOSTS_KNOWN_NAME /webstat/|R|APACHE_VHOSTS_KNOWN_NAME /~webstats/|R|APACHE_VHOSTS_KNOWN_NAME /webstats/|R|APACHE_VHOSTS_KNOWN_NAME /Web_store/|R|APACHE_VHOSTS_KNOWN_NAME /Web_Store/web_store.cgi|R|APACHE_VHOSTS_KNOWN_NAME /webtrace/|R|APACHE_VHOSTS_KNOWN_NAME /WebTrend/|R|APACHE_VHOSTS_KNOWN_NAME /webtrends/|R|APACHE_VHOSTS_KNOWN_NAME /web_usage/|R|APACHE_VHOSTS_KNOWN_NAME /whizzy/index.php|R|APACHE_VHOSTS_KNOWN_NAME /whois/dig.php|R|APACHE_VHOSTS_KNOWN_NAME /whois/index.php|R|APACHE_VHOSTS_KNOWN_NAME /wikihelp/handlers/getpage.php|R|APACHE_VHOSTS_KNOWN_NAME /wikihelp/index.html|R|APACHE_VHOSTS_KNOWN_NAME /wikihelp/index.php|R|APACHE_VHOSTS_KNOWN_NAME /wikihelp/revert.php|R|APACHE_VHOSTS_KNOWN_NAME /wiki/index.php|R|APACHE_VHOSTS_KNOWN_NAME /wiki/index.php/Special:Version|R|APACHE_VHOSTS_KNOWN_NAME /wiki/pmwiki.php|R|APACHE_VHOSTS_KNOWN_NAME /wiki/SystemInfo|R|APACHE_VHOSTS_KNOWN_NAME /wiki/tiki-index.php|R|APACHE_VHOSTS_KNOWN_NAME /wiki/tiki-orphan_pages.php/>">|R|APACHE_VHOSTS_KNOWN_NAME /Wiky/index.php/Special/Main/Templates|R|APACHE_VHOSTS_KNOWN_NAME /windows/|R|APACHE_VHOSTS_KNOWN_NAME /wmail/login.php|R|APACHE_VHOSTS_KNOWN_NAME /wm/bin/msgimport|R|APACHE_VHOSTS_KNOWN_NAME /wme/index.php|R|APACHE_VHOSTS_KNOWN_NAME /wondercms/index.php|R|APACHE_VHOSTS_KNOWN_NAME /word/|R|APACHE_VHOSTS_KNOWN_NAME /wordpress/|R|APACHE_VHOSTS_KNOWN_NAME /wordpress/index.php|R|APACHE_VHOSTS_KNOWN_NAME /wordpress-mu/|R|APACHE_VHOSTS_KNOWN_NAME /wordpress-mu/index.php|R|APACHE_VHOSTS_KNOWN_NAME /work/|R|APACHE_VHOSTS_KNOWN_NAME /wp-content/plugins/phpMyAdmin/|R|APACHE_VHOSTS_KNOWN_NAME /wp-content/plugins/wp-phpmyadmin/|R|APACHE_VHOSTS_KNOWN_NAME /wp_quiz/upload/index.php|R|APACHE_VHOSTS_KNOWN_NAME /wpQuiz/upload/index.php|R|APACHE_VHOSTS_KNOWN_NAME /wrm/index.php|R|APACHE_VHOSTS_KNOWN_NAME /~wsdocs/|R|APACHE_VHOSTS_KNOWN_NAME /wsdocs/|R|APACHE_VHOSTS_KNOWN_NAME /WSsamples/|R|APACHE_VHOSTS_KNOWN_NAME /wstats/|R|APACHE_VHOSTS_KNOWN_NAME /wusage/|R|APACHE_VHOSTS_KNOWN_NAME /wwb/index.php|R|APACHE_VHOSTS_KNOWN_NAME /wwh/handlers/getpage.php|R|APACHE_VHOSTS_KNOWN_NAME /wwh/index.html|R|APACHE_VHOSTS_KNOWN_NAME /wwh/index.php|R|APACHE_VHOSTS_KNOWN_NAME /wwh/revert.php|R|APACHE_VHOSTS_KNOWN_NAME /wws/|R|APACHE_VHOSTS_KNOWN_NAME /wws/home|R|APACHE_VHOSTS_KNOWN_NAME /wwsympa/home|R|APACHE_VHOSTS_KNOWN_NAME /www/|R|APACHE_VHOSTS_KNOWN_NAME /www/admin/index.php|R|APACHE_VHOSTS_KNOWN_NAME /www/agc/vicidial.php|R|APACHE_VHOSTS_KNOWN_NAME /www/default.asp|R|APACHE_VHOSTS_KNOWN_NAME /www/index.php|R|APACHE_VHOSTS_KNOWN_NAME /wwwjoin/|R|APACHE_VHOSTS_KNOWN_NAME /wwwlog/|R|APACHE_VHOSTS_KNOWN_NAME /www-sql/|R|APACHE_VHOSTS_KNOWN_NAME /wwwstat/|R|APACHE_VHOSTS_KNOWN_NAME /wwwstats/|R|APACHE_VHOSTS_KNOWN_NAME /xampp/dotproject_2_1_2/dotproject/index.php|R|APACHE_VHOSTS_KNOWN_NAME /xampp/phpmyadmin/|R|APACHE_VHOSTS_KNOWN_NAME /xampp/phpmyadmin/read_dump.phpmain.php|R|APACHE_VHOSTS_KNOWN_NAME /xampp/start.php|R|APACHE_VHOSTS_KNOWN_NAME /xGB/|R|APACHE_VHOSTS_KNOWN_NAME /xml/|R|APACHE_VHOSTS_KNOWN_NAME /xoops-2014rc1/htdocs/index.php|R|APACHE_VHOSTS_KNOWN_NAME /xoops-2014rc1/htdocs/user.php|R|APACHE_VHOSTS_KNOWN_NAME /xoops-230/htdocs/index.php|R|APACHE_VHOSTS_KNOWN_NAME /xoops-230/htdocs/user.php|R|APACHE_VHOSTS_KNOWN_NAME /xoopscelepar/index.php|R|APACHE_VHOSTS_KNOWN_NAME /xoops/htdocs/index.php|R|APACHE_VHOSTS_KNOWN_NAME /xoops/htdocs/install/index.php|R|APACHE_VHOSTS_KNOWN_NAME /xoops/htdocs/user.php|R|APACHE_VHOSTS_KNOWN_NAME /XSL/|R|APACHE_VHOSTS_KNOWN_NAME /xsql/demo/adhocsql/query.xsql|R|APACHE_VHOSTS_KNOWN_NAME /xsql/demo/airport/airport.xsql|R|APACHE_VHOSTS_KNOWN_NAME /xtemp/|R|APACHE_VHOSTS_KNOWN_NAME /XTvWc7Rw.ini|R|APACHE_VHOSTS_KNOWN_NAME /yap/comments.php|R|APACHE_VHOSTS_KNOWN_NAME /yap/index.php|R|APACHE_VHOSTS_KNOWN_NAME /zabbix/index.php|R|APACHE_VHOSTS_KNOWN_NAME /zb41/|R|APACHE_VHOSTS_KNOWN_NAME /zencart/admin/login.php|R|APACHE_VHOSTS_KNOWN_NAME /zen-cart/extras/curltest.php|R|APACHE_VHOSTS_KNOWN_NAME /zencart/extras/curltest.php|R|APACHE_VHOSTS_KNOWN_NAME /zen-cart/includes/initsystem.php|R|APACHE_VHOSTS_KNOWN_NAME /zen-cart/index.php|R|APACHE_VHOSTS_KNOWN_NAME /zentimetracking/index.php|R|APACHE_VHOSTS_KNOWN_NAME /ZenTimeTracking/index.php|R|APACHE_VHOSTS_KNOWN_NAME /zeuscart/index.php|R|APACHE_VHOSTS_KNOWN_NAME /Zeuscart/index.php|R|APACHE_VHOSTS_KNOWN_NAME /zeuscms/index.php|R|APACHE_VHOSTS_KNOWN_NAME /ZeusCMS/index.php|R|APACHE_VHOSTS_KNOWN_NAME /zipfiles/|R|APACHE_VHOSTS_KNOWN_NAME yasat/plugins/cyrus.test0000640000175000017500000000715411677022127016170 0ustar montjoiemontjoie#!/bin/sh ################################################################################ # # # Copyright (C) 2008-2012 LABBE Corentin # # YASAT is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # YASAT is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with YASAT. If not, see . # # ################################################################################ POSSIBLE_IMAPD_CONF="/etc/imapd.conf /usr/local/etc/imapd.conf" IMAPD_CONF="" POSSIBLE_CYRUS_CONF="/etc/cyrus.conf /usr/local/etc/cyrus.conf" CYRUS_CONF="" POSSIBLE_SASLAUTHD_CONF="/etc/saslauthd.conf /usr/local/etc/saslauthd.conf" SASLAUTHD_CONF="" for LOCATION in ${POSSIBLE_CYRUS_CONF} do if [ -e "${LOCATION}" ] then CYRUS_CONF="${LOCATION}" fi done for LOCATION in ${POSSIBLE_IMAPD_CONF} do if [ -e "${LOCATION}" ] then IMAPD_CONF="${LOCATION}" fi done for LOCATION in ${POSSIBLE_SASLAUTHD_CONF} do if [ -e "${LOCATION}" ] then SASLAUTHD_CONF="${LOCATION}" fi done Title "Check cyrus imapd" if [ -z "${CYRUS_CONF}" ] then Display --indent 2 --text "cyrus imapd" --result NOTFOUND --color BLUE return 1; fi if [ ! -e "$CYRUS_CONF" ] then Display --indent 2 --text "No $CYRUS_CONF" --result NOTFOUND --color BLUE return 1; fi Display --indent 2 --text "$CYRUS_CONF" --result FOUND --color GREEN if [ ! -e "$IMAPD_CONF" ] then Display --indent 2 --text "No $IMAPD_CONF" --result NOTFOUND --color BLUE return 1; fi Display --indent 2 --text "$IMAPD_CONF" --result FOUND --color GREEN #check for TLS in cyrus.conf and certificate if [ -z "`grep '[[:space:]]*imaps' $CYRUS_CONF`" ] then Display --indent 2 --text "IMAPDS" --result DISABLED --color BLUE else Display --indent 2 --text "IMAPDS" --result ENABLED --color GREEN fi #check /etc/imapd.conf 640 root:mail #hint for replication # check sasl_mech_list: # if allowplaintext: check allowplainwithouttls: no # client_timeout: # serverinfo: ? #timeout: 30min by default #tls_cert_file: and other tls_ for finding certificat FindValueOfDDot $IMAPD_CONF tls_cert_file if [ ! -z "$RESULTAT" ] then Display --indent 2 --text "TLS $RESULTAT" --result OK --color GREEN check_file $RESULTAT 4 CERT else Display --indent 2 --text "No TLS cert" --result CONSEIL --color ORANGE fi FindValueOfDDot $IMAPD_CONF tls_key_file if [ ! -z "$RESULTAT" ] then Display --indent 2 --text "TLS $RESULTAT" --result OK --color GREEN check_file $RESULTAT 4 PRIVKEY else Display --indent 2 --text "No TLS key" --result CONSEIL --color ORANGE fi if [ -z "${SASLAUTHD_CONF}" ] then return 1; fi if [ ! -e "$SASLAUTHD_CONF" ] then return 1; fi Display --indent 2 --text "$SASLAUTHD_CONF" --result FOUND --color GREEN #check rights and saslauthd under non root account SASL_USER="`ps aux |grep saslauthd | grep -v grep | cut -d\ -f1 | head -n 1`" if [ "$SASL_USER" = 'root' ] then Display --indent 2 --text "saslauth run as $SASL_USER" --result BAD --color RED else Display --indent 2 --text "saslauth run as $SASL_USER" --result GOOD --color BLUE fi return 0; yasat/plugins/ssl.advice0000640000175000017500000000012611677022127016070 0ustar montjoiemontjoieEN,SSL_BAD_PRIVATE_RIGHT=This directory and its contents must not have others rights. yasat/plugins/classique.test0000640000175000017500000001760011754405533017013 0ustar montjoiemontjoie#!/bin/sh ################################################################################ # # # Copyright (C) 2008-2012 LABBE Corentin # # YASAT is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # YASAT is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with YASAT. If not, see . # # ################################################################################ Title "Check common problems" #TODO check TMOUT in /etc/profile and ~/.kde/share/config/kdesktoprc UMASK_POSSIBLE_LOCATION='/etc/profile /etc/bashrc /etc/login.defs' for TMP_FILE in $UMASK_POSSIBLE_LOCATION do if [ -e "$TMP_FILE" ] ;then FindValueOf $TMP_FILE umask JUSTTEST INSENSITIVE if [ ! -z "$RESULTAT" ] ;then if [ "$RESULTAT" = "027" ];then Display --indent 2 --text "umask in $TMP_FILE" --result GOOD --color GREEN else Display --indent 2 --text "bad umask ($RESULTAT) in $TMP_FILE (not 027)" --result WARNING --color RED --advice UMASK_NOT027 fi fi fi done if [ -e "/etc/security/limits.conf" -o -e "/etc/security/limits.d" ] then Display --indent 2 --text "/etc/security/limits.conf" --result FOUND --color GREEN #check for fork bomb prevention (hard nproc) #TODO for the moment just check if a rule is present (or not), need more analysis if [ -z "`grep -rivh '^[[:space:]]*#' /etc/security/limits.* | grep hard | grep nproc`" ] then Display --indent 4 --text "Limit for nproc" --result NOTFOUND --color ORANGE --advice NO_FORK_BOMB_PREVENTION else Display --indent 4 --text "Limit for nproc" --result FOUND --color GREEN fi TMP_RESULT="${TEMPYASATDIR}/limits.tmpresult" grep -rivh '^[[:space:]]*#' /etc/security/limits.* | grep hard | grep core | sed 's/[[:space:]][[:space:]]*/ /g'> ${TMP_RESULT} NBLINE="`cat ${TMP_RESULT} |wc -l`" if [ $NBLINE = '0' ] then Display --indent 4 --text "Limit for core" --result NOTFOUND --color ORANGE --advice LIMITS_NO_CORE_RESTRICTION else if [ $NBLINE -ge 2 ] then Display --indent 4 --text "Limit for core" --result MULTIPLE --color RED --advice GLOBAL_MULTIPLE_DECLARATIONS else COREVALUE="`cat ${TMP_RESULT} | cut -d\ -f4`" if [ $COREVALUE = '0' ] then Display --indent 4 --text "Limit for core = $COREVALUE" --result FOUND --color GREEN else Display --indent 4 --text "Limit for core = $COREVALUE" --result NOTFOUND --color ORANGE --advice LIMITS_NO_CORE_RESTRICTION fi fi fi else Display --indent 2 --text "/etc/security/limits.conf" --result NOTFOUND --color BLUE fi #if [ -e /etc/hosts.equiv ] #then # Display --indent 2 --text "/etc/hosts.equiv" --result WARNING --color RED --advice TODO #fi if [ "$OS_TYPE" = 'Linux' ] ;then #Check coredump for suid SUID_DUMP="`sysctl fs.suid_dumpable 2>> $ERROR_OUTPUT_FILE | sed 's/^.*=[[:space:]]*//'`" if [ -z "$SUID_DUMP" ] ; then Display --indent 2 --text "SUID Coredumpable" --result UNKNOW --color BLUE else if [ $SUID_DUMP -eq 0 ] ; then Display --indent 2 --text "SUID Coredumpable" --result NO --color GREEN else Display --indent 2 --text "SUID Coredumpable" --result YES --color ORANGE --advice SUID_COREDUMPABLE fi fi fi #check minimal password lenght if [ -e /etc/login.defs ] ;then FindValueOf /etc/login.defs PASS_MIN_LEN JUSTTEST if [ -z "$RESULTAT" ] then Display --indent 2 --text "Minimum password lenght" --result NOTSET --color RED --advice PASSWORD_MIN_LENGHT else if [ $RESULTAT -le 7 ] then Display --indent 2 --text "Minimum password lenght" --result "$RESULTAT" --color RED --advice PASSWORD_MIN_LENGHT else Display --indent 2 --text "Minimum password lenght" --result "$RESULTAT" --color GREEN fi fi fi #Check PATH PATHVALUE="`export |grep [[:space:]]PATH= | sed 's/^.*PATH=//g' | sed 's/\"//g' | sed "s/\'//g" | sed 's/:/ /g'`" for directory in $PATHVALUE do if [ ! -z "`echo $directory | grep -viE '^/usr/local/sbin$|^/usr/local/bin$|^/bin$|^/sbin/*$|^/usr/bin/*$|^/usr/sbin/*|/usr/x86_64-pc-linux-gnu/gcc-bin/.*'`" ] then Display --indent 2 --text "PATH $directory" --result UNKNOWN --color ORANGE --advice PATH_UNKNOWN fi done #TODO LD_PRELOAD and other library stuffs if [ -e /etc/ld.so.conf ] then Display --indent 2 --text "/etc/ld.so.conf" --result FOUND --color GREEN TMP_RESULT="${TEMPYASATDIR}/ldsoconf" prepare_generic_conf /etc/ld.so.conf $TMP_RESULT 2> /dev/null cat "$TMP_RESULT" | grep -v '^include' | while read line do # TODO must use more better regex if [ ! -z "`echo $line | grep -v '^/lib$' |grep -v '^/usr/lib$' |grep -v '^/usr/local/lib$' \ | grep -v '^/usr/kde/3.5/lib' | grep -v '^/usr/qt/[0-9]/lib' | grep -v '^/usr/[a-zA-Z0-9_]*-pc-linux-gnu/lib' \ | grep -v '^/usr/lib[64]*/[a-zA-Z0-9]*/*$' |grep -v '^/usr/lib64/openais$' \ | grep -v '^/*/usr/lib/opengl/xorg-x11/lib' | grep -v '^/lib/[a-zA-Z0-9_]-linux-gnu' \ | grep -v '^/*/lib/x86_64-linux-gnu' | grep -v '^/lib/[a-zA-Z0-9_]-linux-gnu' \ | grep -v '^/usr/lib/[a-zA-Z0-9_]*-linux-gnu' `" ] then Display --indent 4 --text "Unknown lib location $line" --result FOUND --color ORANGE --advice LD_SO_CONF_UNK_LIB fi done fi if [ "$SCANTYPE" != "FULL" ] then Display --indent 2 --text "Sanity files checks" --result SKIP --color BLUE --advice GLOBAL_SKIPPED_LONG_TESTS return 1; fi TMP_RESULT="${TEMPYASATDIR}/files_without_owner" echo ' Checking file without owner (long test)' find / -nouser 2> /dev/null > $TMP_RESULT RESULTAT=`cat $TMP_RESULT | wc -l` if [ $RESULTAT -eq 0 ] then Display --indent 4 --text "No file without owner" --result OK --color GREEN else if [ $RESULTAT -le 10 ] then Display --indent 4 --text "$RESULTAT files have no owner" --result WARNING --color RED --advice FILES_WITHOUT_OWNER cat $TMP_RESULT | while read line do Display --indent 4 --text "$line" --result "`stat $STAT_USER $line`" --color RED done else Display --indent 4 --text "$RESULTAT files have no owner" --result WARNING --color RED --advice FILES_WITHOUT_OWNER fi fi TMP_RESULT="${TEMPYASATDIR}/files_without_group" echo ' Checking file without group (long test)' find / -nogroup 2> /dev/null > $TMP_RESULT RESULTAT=`cat $TMP_RESULT | wc -l` if [ $RESULTAT -eq 0 ] then Display --indent 4 --text "No file without group" --result OK --color GREEN else if [ $RESULTAT -le 10 ] then Display --indent 4 --text "$RESULTAT files have no group" --result WARNING --color RED --advice FILES_WITHOUT_GROUP cat $TMP_RESULT | while read line do Display --indent 4 --text "$line" --result "`stat $STAT_GROUP $line`" --color RED done else Display --indent 4 --text "$RESULTAT files have no group" --result WARNING --color RED --advice FILES_WITHOUT_GROUP fi fi TMP_RESULT="${TEMPYASATDIR}/world.others" echo ' Checking file with write to others (long test)' find / -perm $PERM_OW ! -type l 2> /dev/null |grep -v '^/proc' | grep -v '^/selinux' |grep -v '^/dev' > $TMP_RESULT RESULTAT=`cat $TMP_RESULT | wc -l` if [ $RESULTAT -eq 0 ] then Display --indent 4 --text "No file with others write access" --result OK --color GREEN else if [ $RESULTAT -le 20 ] then Display --indent 4 --text "$RESULTAT files have others write access" --result WARNING --color RED cat $TMP_RESULT | while read line do Display --indent 4 --text "$line" --result "`stat $STAT_RIGHT $line`" --color RED done else Display --indent 4 --text "$RESULTAT files have others write access" --result WARNING --color RED fi fi yasat/plugins/snmpd.test0000640000175000017500000001016511677022127016140 0ustar montjoiemontjoie#!/bin/sh ################################################################################ # # # Copyright (C) 2008-2012 LABBE Corentin # # YASAT is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # YASAT is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with YASAT. If not, see . # # ################################################################################ Title "Check snmpd configuration" for LOCATION in ${POSSIBLE_SNMP_DAEMON_CONFIG_LOCATION} do if [ -e "${LOCATION}/snmpd.conf" ] ; then SNMPD_CONF_REP="${LOCATION}" fi done if [ ! -d $SNMPD_CONF_REP ] ; then Display --indent 2 --text "$SNMPD_CONF_REP" --result NOTFOUND --color BLUE return 1; fi Display --indent 2 --text "find $SNMPD_CONF_REP/snmpd.conf" --result FOUND --color GREEN #find com2sec for finding password le 3eme champ doit etre != default grep -v '^#' "${SNMPD_CONF_REP}/snmpd.conf" | grep 'com2sec' | while read line do # echo " $line" | sed 's/[[:space:]]/\ /g' SECNAME=`echo $line | cut -d\ -f2` SOURCE=`echo $line | cut -d\ -f3` COMMUNITY="`echo $line | cut -d\ -f4`" if [ -z "`echo $COMMUNITY | grep -iE 'public|private|snmp'`" ] ; then Display --indent 4 --text "COMMUNITY" --result "$COMMUNITY" --color GREEN else Display --indent 4 --text "COMMUNITY" --result "$COMMUNITY" --color RED --advice SNMPD_DEFAULT_COMMUNITY fi if [ "$SOURCE" != "default" ] ; then Display --indent 4 --text "SOURCE" --result "$SOURCE" --color GREEN else Display --indent 4 --text "SOURCE" --result "$SOURCE" --color RED fi done grep -v '^#' "${SNMPD_CONF_REP}/snmpd.conf" | grep '^[[:space:]]*group' | while read line do echo " $line" | sed 's/[[:space:]]/\ /g' SECMODEL=`echo $line | cut -d\ -f3` if [ "$SECMODEL" != "v1" ] then Display --indent 4 --text "SECMODEL" --result "$SECMODEL" --color GREEN else Display --indent 4 --text "SECMODEL" --result "$SECMODEL" --color RED --advice SNMPD_SECMODEL_V1 fi done grep -v '^#' "${SNMPD_CONF_REP}/snmpd.conf" | grep 'access' | while read line do echo " $line" | sed 's/[[:space:]]/\ /g' LEVEL=`echo $line | cut -d\ -f4` WRITE=`echo $line | cut -d\ -f8` if [ "$LEVEL" != "any" -a $LEVEL != "v1" ] then Display --indent 4 --text "LEVEL" --result "$LEVEL" --color GREEN else Display --indent 4 --text "LEVEL" --result "$LEVEL" --color RED fi if [ "$WRITE" != "all" ] then Display --indent 4 --text "WRITE" --result "$WRITE" --color GREEN else Display --indent 4 --text "WRITE" --result "$WRITE" --color RED fi done #TODO check binding of snmpd #TODO Check include of others files Check_auto_start $SNMPD_PACKAGE_NAME if [ "$RESULTAT" = 'NOTIMPLEMENTED' -o "$RESULTAT" = 'ERROR' ] then Display --indent 2 --text "$SNMPD_PACKAGE_NAME is started at boot" --result UNKNOWN --color BLUE else if [ "$RESULTAT" = "yes" ] then Display --indent 2 --text "$SNMPD_PACKAGE_NAME is started at boot" --result YES --color BLUE else Display --indent 2 --text "$SNMPD_PACKAGE_NAME is started at boot" --result NO --color GREEN fi fi Is_installed_via_package_manager $SNMPD_PACKAGE_NAME if [ "$RESULTAT" = 'NOTIMPLEMENTED' -o "$RESULTAT" = 'ERROR' ] then Display --indent 2 --text "$SNMPD_PACKAGE_NAME installation" --result UNKNOWN --color BLUE else if [ "$RESULTAT" = "yes" ] then Display --indent 2 --text "$SNMPD_PACKAGE_NAME is installed by package" --result GOOD --color GREEN else Display --indent 2 --text "$SNMPD_PACKAGE_NAME is installed at hand" --result BAD --color ORANGE --advice GLOBAL_PACKAGE_INSTALLED_AT_HAND fi fi return 0; yasat/plugins/cups.test0000640000175000017500000000760311677022127015774 0ustar montjoiemontjoie#!/bin/sh ################################################################################ # # # Copyright (C) 2008-2012 LABBE Corentin # # YASAT is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # YASAT is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with YASAT. If not, see . # # ################################################################################ POSSIBLE_CUPS_CONF="/etc/cups/cupsd.conf /usr/local/etc/cups/cupsd.conf" CUPS_CONF="/etc/cups/cupsd.conf" for LOCATION in ${POSSIBLE_CUPS_CONF} do if [ -e "${LOCATION}" ] then CUPS_CONF="${LOCATION}" fi done CUPS_CONF="`dirname $CUPS_CONF`/cupsd.conf" Title "Check CUPS" if [ ! -e "$CUPS_CONF" ] ;then return 1; fi Display --indent 2 --text "$CUPS_CONF" --result FOUND --color GREEN get_simple_right "$CUPS_CONF" if [ "$RESULTAT" = '640' ] ;then Display --indent 4 --text "Right of $CUPS_CONF" --result OK --color GREEN else Display --indent 4 --text "Right of $CUPS_CONF" --result "$RESULTAT" --color RED --advice GLOBAL_FILE_CHMOD640 fi #Listen grep -i ^Listen "${CUPS_CONF}" | grep -v 'cups.sock' | sed 's/^Listen[[:space:]]*//g' | while read listen do LISTENHOST="`echo $listen | cut -d\: -f1`" if [ "${LISTENHOST}" = '127.0.0.1' -o "${LISTENHOST}" = 'localhost' -o "${LISTENHOST}" = '::1' ] ;then Display --indent 4 --text "Listen on $listen" --result OK --color GREEN else Display --indent 4 --text "Listen on $listen" --result BAD --color RED --advice CUPS_LISTEN fi done #Browsing On FindValueOf $CUPS_CONF Browsing JUSTTEST if [ ! -z "$RESULTAT" ] then if [ "$RESULTAT" = "On" -o "$RESULTAT" = "on" ] then Display --indent 4 --text "Browsing" --result on --color ORANGE else Display --indent 4 --text "Browsing" --result off --color GREEN fi else Display --indent 4 --text "Browsing" --result NOTFOUND --color BLUE fi #BrowseOrder allow,deny #BrowseAllow all #AuthType #try to find under which user cups is running #CUPSUSER='' #CUPSUSER="`ps aux | grep cupsd |grep -v grep | cut -d\ -f1`" #if [ -z "$CUPSUSER" ] #then # CUPSUSER='root' #fi #for cupsdata in /usr/libexec/cups/ /usr/lib/cups/ #do # if [ -e "${cupsdata}" ] # then # Display --indent 2 --text "Cups DATA $cupsdata" --result FOUND --color GREEN # TMP_RESULT="${TEMPYASATDIR}/cups.cdo" # check_directory_owner "$cupsdata" "$CUPSUSER" $TMP_RESULT 4 # TMP_RESULT="${TEMPYASATDIR}/cups.cdg" # check_directory_group "$cupsdata" "$CUPSUSER" $TMP_RESULT 4 # fi #done Check_auto_start cups if [ "$RESULTAT" = 'NOTIMPLEMENTED' -o "$RESULTAT" = 'ERROR' ] then Display --indent 2 --text "Cups is started at boot" --result UNKNOWN --color BLUE else if [ "$RESULTAT" = "yes" ] then Display --indent 2 --text "Cups is started at boot" --result YES --color BLUE else Display --indent 2 --text "Cups is started at boot" --result NO --color GREEN fi fi Is_installed_via_package_manager cups if [ "$RESULTAT" = 'NOTIMPLEMENTED' -o "$RESULTAT" = 'ERROR' ] then Display --indent 2 --text "Cups installation" --result UNKNOWN --color BLUE else if [ "$RESULTAT" = "yes" ] then Display --indent 2 --text "Cups is installed by package" --result GOOD --color GREEN else Display --indent 2 --text "Cups is installed at hand" --result BAD --color ORANGE --advice GLOBAL_PACKAGE_INSTALLED_AT_HAND fi fi return 0; yasat/plugins/system_user.advice0000640000175000017500000000503211677022127017652 0ustar montjoiemontjoieEN,SYSTEM_USER_UMASK=umask must be 027, 022 by default is not strict enough. EN,SYSTEM_USER_DOTFILES=This file must be chmod 600 EN,SYSTEM_USER_DOTDIR=This directory must be chmod 700 EN,SYSTEM_USER_HOMEDIR_ROOT_SLASH=Why is the homedir / ? EN,SYSTEM_USER_HOMEDIR_READABLE_BY_OTHERS=The homedir is readable by others EN,SYSTEM_USER_USELESS=Does this user used by your system ? EN,SYSTEM_USER_RSA_VS_DSA=RSA keys are preferred. See http://leaf.dragonflybsd.org/mailarchive/users/2005-01/msg00140.html See http://lists.gnupg.org/pipermail/gnupg-users/2000-May/005657.html See http://kerneltrap.org/mailarchive/dragonflybsd-user/2005/1/11/135791 ADVICEEND EN,--SYSTEM_USER_PASSWORD_LEAKING=Caution, some password might be visible Cleartext password can be found in your .bash_history I have checked mysql, wget and other commands to find passwords typed in the shell I will also check commands not in path ADVICEEND EN,SYSTEM_USER_MYSQL_HISTORY_PASSWORD_LEAKING=Caution, some password might be visible Check the rights of .mysql_history You can also disable mysql_history:
export MYSQL_HISTFILE=/dev/null
See MYSQL_HISTFILE in http://dev.mysql.com/doc/refman/5.1/en/environment-variables.html See http://bugs.mysql.com/bug.php?id=16803 ADVICEEND EN,SYSTEM_USER_USER_wITH_UID0=Check if this account is necessary Logically, there must be only one account with UID=0. FreeBSD comes with a toor account that can be disabled. See also http://www.freebsd.org/doc/en/books/faq/security.html#TOOR-ACCOUNT ADVICEEND EN,SYSTEM_USER_NO_HOMEDIR=This user has no homedir, why? Perhaps this user is not needed. ADVICEEND EN,SYSTEM_USER_NOPASS_AND_SHELL=This account probably doesn't need a shell If this user is not an interactive user, suppress the user's shell.
usermod -s /bin/false account_name
ADVICEEND EN,SYSTEM_USER_FIREFOX_MIXED_HTTPS=Enable warning of loading mixed HTTP/HTTPS content You can find it at Tools/Options/Security/Settings ADVICEEND EN,SYSTEM_USER_FIREFOX_NO_AUTO_UPDATE=Enable automatic check of firefox updates ADVICEEND yasat/plugins/accounting.test0000640000175000017500000001436511677022127017157 0ustar montjoiemontjoie#!/bin/sh ################################################################################ # # # Copyright (C) 2008-2012 LABBE Corentin # # YASAT is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # YASAT is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with YASAT. If not, see . # # ################################################################################ Title "Check accounting and audit configuration" #http://www.freebsd.org/doc/en/books/handbook/security-accounting.html if [ "$OS_TYPE" = "BSD" ] then if [ -e "/var/account/acct" ] then Display --indent 2 --text "/var/account/acct" --result FOUND --color GREEN else Display --indent 2 --text "/var/account/acct" --result NOTFOUND --color ORANGE fi FindValueOfEqual '/etc/rc.conf' 'accounting_enable' JUSTTEST if [ -z "$RESULTAT" ] then Display --indent 2 --text "accounting_enable" --result NOTFOUND --color ORANGE else if [ "$RESULTAT" = "YES" ] then Display --indent 2 --text "accounting_enable" --result FOUND --color GREEN else Display --indent 2 --text "accounting_enable" --result NOTFOUND --color ORANGE --advice ACCOUNTING_BSD_NOT_ENABLED fi fi fi if [ -e /var/log/wtmp ] then Display --indent 2 --text "/var/log/wtmp" --result FOUND --color GREEN else Display --indent 2 --text "/var/log/wtmp" --result NOTFOUND --color RED --advice ACCOUNTING_MISSING_FILE fi if [ ! "$OS" = "FreeBSD" ] then if [ -e /var/log/btmp ] then Display --indent 2 --text "/var/log/btmp" --result FOUND --color GREEN else Display --indent 2 --text "/var/log/btmp" --result NOTFOUND --color RED --advice ACCOUNTING_BTMP fi if [ -e /var/log/faillog ] then Display --indent 2 --text "/var/log/faillog" --result FOUND --color GREEN else Display --indent 2 --text "/var/log/faillog" --result NOTFOUND --color RED --advice ACCOUNTING_FAILLOG fi fi if [ -e /var/log/lastlog ] then Display --indent 2 --text "/var/log/lastlog" --result FOUND --color GREEN else Display --indent 2 --text "/var/log/lastlog" --result NOTFOUND --color RED fi #TODO /var/run/utmp #http://www.gnu.org/software/acct/manual/html_mono/accounting.html if [ -e /var/account/pacct ] then Display --indent 2 --text "accounting is enabled" --result OK --color GREEN else Display --indent 2 --text "accounting is not enabled" --result WARNING --color ORANGE --advice ACCOUNTING_NOT_ENABLED fi #TODO check SULOG_FILE in /etc/login.defs (linux only) # SYSLOG_SG_ENAB #TODO FIND A BETTER PLACE FOR THIS TEST #TODO must check for MD5_CRYPT_ENAB in /etc/login.defs #TODO check also salt type in shadow http://en.wikipedia.org/wiki/Shadow_password (on my system 2 different salt coexists $1 and $6 DEFAULT_CRYPT_METHOD='DES' if [ -e /etc/pam.d ] ; then if [ ! -z "`grep -r ^password.*sha512 /etc/pam.d`" ] ; then DEFAULT_CRYPT_METHOD='sha512' Display --indent 2 --text "Found sha512 in pam.d" --result OK --color BLUE fi if [ ! -z "`grep -r ^password.*md5 /etc/pam.d`" ] ; then DEFAULT_CRYPT_METHOD='MD5' Display --indent 2 --text "Found MD5 in pam.d" --result OK --color BLUE fi fi if [ -e /etc/login.defs ] ; then FindValueOf /etc/login.defs ENCRYPT_METHOD JUSTTEST if [ ! -z "$RESULTAT" ] ; then Display --indent 2 --text "password encryption" --result $RESULTAT --color BLUE #TODO warn if DEFAULT_CRYPT_METHOD is also modify in pam for a different value else if [ $DEFAULT_CRYPT_METHOD = 'DES' ] ; then Display --indent 2 --text "password encryption" --result $DEFAULT_CRYPT_METHOD --color RED --advice TODO else Display --indent 2 --text "password encryption" --result $DEFAULT_CRYPT_METHOD --color GREEN fi fi fi if [ "$OS_TYPE" != 'Linux' ] ; then return ; fi #TODO freebsd also have some audit http://www.freebsd.org/doc/fr/books/handbook/audit-config.html #check for auditd daemon, /sbin/auditd for gentoo and auditd for redhat/centos AUDITD_PRESENT=0 PACKAGE_NAME="audit" SERVICE_NAME="audit" PROCESS_NAME="auditd" if [ "$LIST_PKG" = "emerge" ] ; then PACKAGE_NAME="sys-process/audit" SERVICE_NAME="auditd" PROCESS_NAME="/sbin/auditd" fi #TODO do a find_runing_process function #YASAT_TEST_AUDITD_1 test for a running auditd daemon if [ "`ps aux |grep [[:space:]]$PROCESS_NAME[[:space:]]*$`" ] ; then AUDITD_PRESENT=1 Display --indent 2 --text "$PROCESS_NAME" --result RUNNING --color BLUE fi #YASAT_TEST_AUDITD_2 test for a auditd package Is_installed_via_package_manager $PACKAGE_NAME if [ "$RESULTAT" = 'NOTIMPLEMENTED' -o "$RESULTAT" = 'ERROR' ] ;then Display --indent 2 --text "$PACKAGE_NAME installation" --result UNKNOWN --color BLUE else if [ "$RESULTAT" = "yes" ] ;then Display --indent 2 --text "$PACKAGE_NAME is installed by package" --result GOOD --color GREEN AUDITD_PRESENT=1 else if [ $AUDITD_PRESENT -eq 1 ] ; then Display --indent 2 --text "$PACKAGE_NAME is manually installed" --result BAD --color ORANGE --advice GLOBAL_PACKAGE_INSTALLED_AT_HAND else Display --indent 2 --text "$PACKAGE_NAME is not installed" --result BAD --color RED fi fi fi if [ $AUDITD_PRESENT -eq 1 ] ; then #YASAT_TEST_AUDITD_3 CCEID=CCE-4292-9 test for a enabled auditd service Check_auto_start $SERVICE_NAME if [ "$RESULTAT" = 'NOTIMPLEMENTED' -o "$RESULTAT" = 'ERROR' ] ;then Display --indent 2 --text "$SERVICE_NAME is started at boot" --result UNKNOWN --color BLUE else if [ "$RESULTAT" = "yes" ] ;then Display --indent 2 --text "$SERVICE_NAME is started at boot" --result YES --color GREEN else Display --indent 2 --text "$SERVICE_NAME is started at boot" --result NO --color RED fi fi else Display --indent 2 --text "auditd presence" --result NO --color RED --advice INSTALL_AUDITD fi yasat/plugins/classique.advice0000640000175000017500000000230311677022127017257 0ustar montjoiemontjoieEN,UMASK_NOT027=Set umask to 027 With a 027 umask, new files/directory would not be viewable by other people. ADVICEEND EN,NO_FORK_BOMB_PREVENTION=Set a hard ulimit See man limits.conf for setting a hard nproc limit This is important in shared environment (Universities, shared hosting, etc.) ADVICEEND EN,FILES_WITHOUT_OWNER=Correct the permissions for these files The list of these files can be found in files_without_owner in the YASAT temp directory. ADVICEEND EN,FILES_WITHOUT_GROUP=Correct the group permissions for these files EN,LIMITS_NO_CORE_RESTRICTION=Prevent the creation of core files If you don't want to debug a process crash, disable core files. See http://en.wikipedia.org/wiki/Core_dump for definition of a corefile. ADVICEEND EN,LD_SO_CONF_UNK_LIB=Check if this libray location is normal EN,SUID_COREDUMPABLE=Disable coredump for suid binaries You can disable coredump for suid binaries with sysctl fs.suid_dumpable=0 ADVICEEND EN,PASSWORD_MIN_LENGHT=Set minimal password length to at least 8 or more This can be configured in /etc/login.defs ADVICEEND EN,PATH_UNKNOWN=Check if this value is supposed to be in your PATH ADVICEEND yasat/plugins/ntp.advice0000640000175000017500000000044411677022127016073 0ustar montjoiemontjoieEN,NTPD_NO_NTPD=Install an NTP daemon You have two choices NTP http://www.ntp.org/ OpenNTPD http://www.openntpd.org/ If you have an NTP daemon installed but yasat doesn't find it, please let me know. ADVICEEND yasat/plugins/apache_modules.data0000640000175000017500000000040511677022127017716 0ustar montjoiemontjoiecgi_module ext_filter_module user_dir_module #dir_module ident_module autoindex_module actions_module proxy_connect_module proxy_http_module proxy_ftp_module proxy_ajp_module proxy_balancer_module proxy_module status_module info_module dav_module dav_fs_module yasat/plugins/process.advice0000640000175000017500000000044211677022127016746 0ustar montjoiemontjoieEN,PROCESS_NOT_BE_ROOT=This process must not be run as root EN,PROCESS_ONLY_ROOT=Logically, this process must be run as root (send a bug ?) EN,PROCESS_MAY_NOT_BE_ROOT=Does this process need to be run as root ? EN,PROCESS_CAN_BE_ROOT=This process may be run as a non-root user in some cases yasat/plugins/ntp.test0000750000175000017500000000440011677022127015615 0ustar montjoiemontjoie#!/bin/sh ################################################################################ # # # Copyright (C) 2008-2012 LABBE Corentin # # YASAT is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # YASAT is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with YASAT. If not, see . # # ################################################################################ Title "Check ntp and ntpd" #i known only ntpd and openntpd FOUND_NTPD=0 ACTUAL_NTPD='' #/usr/sbin/ntpd can be ntpd or openntpd #On openBSD openntpd is ntpd: POSSIBLE_NTPD_BINARIES="/usr/sbin/ntpd openntpd ntpd: ntpd chronyd /usr/sbin/chronyd" for NTPD_TO_TEST in $POSSIBLE_NTPD_BINARIES do RESULTAT="`ps aux |grep -i $NTPD_TO_TEST |grep -v grep`" if [ ! -z "$RESULTAT" ] then Display --indent 2 --text "$NTPD_TO_TEST" --result FOUND --color GREEN FOUND_NTPD=1 ACTUAL_NTPD="$NTPD_TO_TEST" fi done if [ $FOUND_NTPD -eq 0 ] then Display --indent 2 --text "NTP daemon" --result NOTFOUND --color RED --advice NTPD_NO_NTPD else Display --indent 2 --text "NTP daemon $ACTUAL_NTPD" --result FOUND --color GREEN fi POSSIBLE_NTPD_CONF="/etc/openntpd/ntpd.conf /etc/ntpd.conf /etc/ntp.conf" NTPD_CONF='/etc/ntpd.conf' for LOCATION in ${POSSIBLE_NTPD_CONF} do if [ -e "${LOCATION}" ] then NTPD_CONF="${LOCATION}" fi done if [ -e "$NTPD_CONF" ] then Display --indent 2 --text "$NTPD_CONF" --result FOUND --color BLUE else Display --indent 2 --text "NTPD configuraton file" --result NOTFOUND --color BLUE fi #if [ "$OS_TYPE" = 'BSD' ] #then #TODO ntpdate_enable="YES" #TODO ntpd_enable="YES" #fi #TODO restrict default ignore return 0; yasat/plugins/xinetd.data0000640000175000017500000000305411677022127016243 0ustar montjoiemontjoie# name of service | nothing = warning , O = just advice , R = just report| ID of ADVICE chargen-stream||XINETD_SERVICES_USELESS chargen-dgram||XINETD_SERVICES_USELESS chargen||XINETD_SERVICES_USELESS daytime-stream||XINETD_SERVICES_USELESS daytime-dgram||XINETD_SERVICES_USELESS daytime||XINETD_SERVICES_USELESS discard-stream||XINETD_SERVICES_USELESS discard-dgram||XINETD_SERVICES_USELESS discard||XINETD_SERVICES_USELESS echo-stream||XINETD_SERVICES_USELESS echo-dgram||XINETD_SERVICES_USELESS echo||XINETD_SERVICES_USELESS tcpmux-server||XINETD_SERVICES_USELESS time-stream||XINETD_SERVICES_USELESS time-dgram||XINETD_SERVICES_USELESS time||XINETD_SERVICES_USELESS telnetd||XINETD_SERVICES_USELESS finger||XINETD_SERVICES_USELESS fingerd||XINETD_SERVICES_USELESS systat||XINETD_SERVICES_USELESS sysstat||XINETD_SERVICES_USELESS netstat||XINETD_SERVICES_USELESS rusers||XINETD_SERVICES_USELESS gssftp||XINETD_SERVICES_USELESS klogin||XINETD_SERVICES_USELESS ekrb5-telnet||XINETD_SERVICES_USELESS eklogin||XINETD_SERVICES_USELESS krb5-telnet||XINETD_SERVICES_USELESS kshell||XINETD_SERVICES_USELESS rsync|O|XINETD_SERVICES_OPTIONAL cvspserver|O|XINETD_SERVICES_OPTIONAL rexec||XINETD_SERVICES_USELESS rexecd||XINETD_SERVICES_USELESS rlogin||XINETD_SERVICES_USELESS rsh||XINETD_SERVICES_USELESS svnserve|O|XINETD_SERVICES_OPTIONAL ftp-sensor|O|XINETD_SERVICES_OPTIONAL ident|O|XINETD_SERVICES_OPTIONAL comsat|O|XINETD_SERVICES_OPTIONAL bootp||XINETD_SERVICES_USELESS ftpd||XINETD_SERVICES_USELESS tftpd||XINETD_SERVICES_USELESS talk||XINETD_SERVICES_USELESS amanda|R| yasat/plugins/storage.test0000750000175000017500000000620711677022127016467 0ustar montjoiemontjoie#!/bin/sh ################################################################################ # # # Copyright (C) 2008-2012 LABBE Corentin # # YASAT is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # YASAT is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with YASAT. If not, see . # # ################################################################################ Title "Check HDD monitoring" for hdd_base in hd sd do for i in a b c d e f do if [ -e /sys/block/${hdd_base}${i} ] then Display --indent 2 --text "Device /dev/${hdd_base}${i}" --result FOUND --color BLUE READ_AHEAD="`cat /sys/block/${hdd_base}${i}/queue/read_ahead_kb`" #on some server i saw a read_ahead of 4096 that is too high if [ $READ_AHEAD -ge 1025 ] then Display --indent 4 --text "Read_ahead of /dev/${hdd_base}${i}" --result "$READ_AHEAD" --color ORANGE --advice HDD_READ_AHEAD_HIGH else Display --indent 4 --text "Read_ahead of /dev/${hdd_base}${i}" --result "$READ_AHEAD" --color GREEN fi #http://mirror.linux.org.au/pub/linux.conf.au/2008/slides/130-lca2008-nfs-tuning-secrets-d7.odp #1 is bad if [ -e /sys/block/${hdd_base}${i}/device/queue_depth ] then QUEUE_DEPTH="`cat /sys/block/${hdd_base}${i}/device/queue_depth`" Display --indent 4 --text "queue_depth of /dev/${hdd_base}${i}" --result "$QUEUE_DEPTH" --color BLUE fi MAX_SECTOR="`cat /sys/block/${hdd_base}${i}/queue/max_sectors_kb`" Display --indent 4 --text "max_sector_kb of /dev/${hdd_base}${i}" --result "$MAX_SECTOR" --color BLUE #TODO scheduler #TODO https://ata.wiki.kernel.org/index.php/ATA_4_KiB_sector_issues #check physical_block_size and logical_block_size fi done done smartctl --version > /dev/null 2>> ${ERROR_OUTPUT_FILE} if [ $? -eq 127 ] then Display --indent 2 --text "No smartctl binary" --result WARNING --color RED --advice HDD_SMARTCTL return 1; fi Display --indent 2 --text "smartctl binary" --result FOUND --color GREEN #TODO check smartd and raid utils?? #RAID hw can be found with a lspci |grep RAID bus controller #lspci is a prerequis lspci > /dev/null 2>> $ERROR_OUTPUT_FILE if [ $? -eq 127 ] ;then Display --indent 2 --text "lspci" --result NOTFOUND --color BLUE --advice TODO else RAIDHW="`lspci | grep 'RAID bus controller'`" if [ -z "$RAIDHW" ] then Display --indent 2 --text "RAID bus controller" --result NOTFOUND --color BLUE --advice TODO else Display --indent 2 --text "RAID bus controller" --result FOUND --color BLUE --advice TODO fi fi return 0; yasat/plugins/process.test0000750000175000017500000000763111754406133016502 0ustar montjoiemontjoie#!/bin/sh ################################################################################ # # # Copyright (C) 2008-2012 LABBE Corentin # # YASAT is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # YASAT is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with YASAT. If not, see . # # ################################################################################ #TODO add list of possible user like snmpd run under root or snmp Title "Check running process" if [ ! -e "${PLUGINS_REP}/process.data" ] then Display --indent 2 --text "process.data" --result NOTFOUND --color RED return -1; fi #TODO FreeBSD said ps: Process environment requires procfs(5) #all gnome-* must not be root ps -eo user,tty,args | grep " gnome-" | grep -v 'grep' | while read lineuser do PROCESS="`echo $lineuser | cut -d\ -f3`" USERPROCESS="`echo $lineuser | cut -d\ -f1`" if [ $USERPROCESS = "root" ] then Display --indent 4 --text "$PROCESS Run as $USERPROCESS" --result BAD --color RED --advice PROCESS_NOT_BE_ROOT else Display --indent 4 --text "$PROCESS Run as $USERPROCESS" --result GOOD --color GREEN fi done PS_ARGS='axeo user,tty,args' if [ "$OS" = 'OpenBSD' ] then PS_ARGS='-axeo user,tty,comm' fi #under wheezy I have MAIL=xxxxx just after process name, clean it (TODO find why) ps $PS_ARGS | grep -v ^USER | grep -v \ tty/ | grep -v \ pts/ |grep -v \ tty[0-9] | grep -v " \[" | grep -v " gnome-" | sed 's,MAIL=/var/mail/root.*,,' |grep -v 'grep' | sort | uniq | while read line do PROCESS="`echo $line | cut -d\ -f3`" USERPROCESS="`echo $line | cut -d\ -f1`" PROCESSTYPE="`grep -v '^#' $PLUGINS_REP/process.data |grep -v '^$' |grep ^${PROCESS}= | cut -d\= -f2`" if [ -z "$PROCESSTYPE" ] then Display --indent 2 --text "$PROCESS" --result UNKNOWN --color ORANGE if [ $USERPROCESS = "root" ] then Display --indent 4 --text "Run as $USERPROCESS" --result UNKNOWN --color ORANGE --advice PROCESS_MAY_NOT_BE_ROOT fi else Display --indent 2 --text "$PROCESS" --result KNOWN --color GREEN case $PROCESSTYPE in CANBEROOT) if [ $USERPROCESS = "root" ] then Display --indent 4 --text "Run as $USERPROCESS" --result GOOD --color ORANGE --advice PROCESS_CAN_BE_ROOT else Display --indent 4 --text "Run as $USERPROCESS" --result GOOD --color GREEN fi ;; ONLYROOT) if [ $USERPROCESS = "root" ] then Display --indent 4 --text "Run as $USERPROCESS" --result GOOD --color GREEN else Display --indent 4 --text "Run as $USERPROCESS" --result BAD --color RED --advice PROCESS_ONLY_ROOT fi ;; NOTHINGTOSAY) Display --indent 4 --text "Run as $USERPROCESS" --result GOOD --color GREEN ;; NOTBEROOT) if [ $USERPROCESS = "root" ] then Display --indent 4 --text "Run as $USERPROCESS" --result BAD --color RED --advice PROCESS_NOT_BE_ROOT else Display --indent 4 --text "Run as $USERPROCESS" --result GOOD --color GREEN fi ;; *) Display --indent 4 --text "PROCESSTYPE $PROCESSTYPE" --result UNKNOWN --color RED ;; esac fi if [ -e "$PROCESS" ] then PROCESS_FS_OWNER="`stat $STAT_USER $PROCESS`" # echo "debug $PROCESS $PROCESS_FS_OWNER" if [ "$PROCESS_FS_OWNER" != "root" ] then Display --indent 4 --text "$PROCESS is not owned by root on the FS" --result WARNING --color RED fi fi done return 0; yasat/plugins/binaries.data0000640000175000017500000002613011754415426016550 0ustar montjoiemontjoie#binary | rights | OS | MD5SUM ? /sbin/unix_chkpwd|4711|Gentoo /sbin/mount.nfs|4511|Gentoo /bin/umount|4711|Gentoo /bin/su|4711|Gentoo /bin/ping|4711|Gentoo /bin/mount|4711|Gentoo /bin/passwd|4711|Gentoo /usr/sbin/ssmtp|2711|Gentoo /usr/sbin/amcheck|4750|Gentoo /usr/sbin/postdrop|2755|Gentoo /usr/sbin/postqueue|2755|Gentoo /usr/sbin/fping6|4511|Gentoo /usr/sbin/fping|4511|Gentoo /usr/sbin/rscsi|4711|Gentoo /usr/bin/lppasswd|4711|Gentoo /usr/bin/rcp|4711|Gentoo /usr/bin/chsh|4711|Gentoo /usr/bin/chfn|4711|Gentoo /usr/bin/crontab|2751|Gentoo /usr/bin/sudoedit|4111|Gentoo /usr/bin/cpufreq-selector|4711|Gentoo /usr/bin/expiry|4711|Gentoo /usr/bin/smbumount|4711|Gentoo /usr/bin/man|2551|Gentoo /usr/bin/newrole|4511|Gentoo /usr/bin/gpasswd|4711|Gentoo /usr/bin/Xorg|4711|Gentoo /usr/bin/dotlockfile|2751|Gentoo /usr/bin/slocate|2711|Gentoo /usr/bin/write|2751|Gentoo /usr/bin/rlogin|4711|Gentoo /usr/bin/newgrp|4711|Gentoo /usr/bin/sudo|4111|Gentoo /usr/bin/dumpcap|6550|Gentoo /usr/bin/rsh|4711|Gentoo /usr/bin/chage|4711|Gentoo /usr/bin/smbmnt|4711|Gentoo /usr/bin/mutt_dotlock|2751|Gentoo /bin/ping6|4711|Gentoo /usr/sbin/traceroute6|4711|Gentoo /usr/bin/dspam|2511|Gentoo /usr/bin/dspamc|2511|Gentoo /usr/bin/screen|2751|Gentoo /usr/sbin/mtr|4710|Gentoo /usr/bin/cdda2wav|4711|Gentoo /usr/bin/v4l-conf|4711|Gentoo /usr/bin/cdrecord|4711|Gentoo /usr/bin/readcd|4711|Gentoo /usr/bin/locate|2711|Gentoo /usr/bin/pkexec|4711|Gentoo /usr/bin/cgexec|4711|Gentoo /usr/libexec/lockspool|4511|Gentoo /usr/libexec/polkit-agent-helper-1|4711|Gentoo /usr/libexec/dbus-daemon-launch-helper|4710|Gentoo /usr/libexec/gnome-pty-helper|2751|Gentoo /usr/lib/misc/utempter/utempter|2751|Gentoo /usr/lib/misc/glibc/pt_chown|4711|Gentoo /usr/lib/misc/ssh-keysign|4711|Gentoo /usr/lib/kde4/libexec/fileshareset|4711|Gentoo /usr/sbin/amservice|4710|Gentoo /usr/libexec/amanda/killpgrp|4750|Gentoo /usr/libexec/amanda/application/amgtar|4710|Gentoo /usr/libexec/amanda/application/amstar|4710|Gentoo /usr/libexec/amanda/calcsize|4750|Gentoo /usr/libexec/amanda/dumper|4750|Gentoo /usr/libexec/amanda/planner|4750|Gentoo /usr/libexec/amanda/runtar|4750|Gentoo /usr/libexec/amanda/rundump|4750|Gentoo /usr/lib/nagios/plugins/check_dhcp|4710|Gentoo /usr/lib/nagios/plugins/check_ide_smart|4710|Gentoo /usr/lib/nagios/plugins/check_icmp|4710|Gentoo /usr/lib/mailman/mail/mailman|2751|Gentoo /usr/lib/mailman/cgi-bin/admin|2751|Gentoo /usr/lib/mailman/cgi-bin/rmlist|2751|Gentoo /usr/lib/mailman/cgi-bin/create|2751|Gentoo /usr/lib/mailman/cgi-bin/subscribe|2751|Gentoo /usr/lib/mailman/cgi-bin/roster|2751|Gentoo /usr/lib/mailman/cgi-bin/edithtml|2751|Gentoo /usr/lib/mailman/cgi-bin/private|2751|Gentoo /usr/lib/mailman/cgi-bin/listinfo|2751|Gentoo /usr/lib/mailman/cgi-bin/options|2751|Gentoo /usr/lib/mailman/cgi-bin/confirm|2751|Gentoo /usr/lib/mailman/cgi-bin/admindb|2751|Gentoo /usr/libexec/squid/ncsa_auth|4710|Gentoo /usr/libexec/mc/cons.saver|2751|Gentoo /usr/lib/virtualbox/VirtualBox|4710|Gentoo /usr/lib/virtualbox/VBoxHeadless|4710|Gentoo /usr/lib/virtualbox/VBoxSDL|4710|Gentoo /usr/lib/virtualbox/VBoxNetDHCP|4710|Gentoo /usr/lib/virtualbox/VBoxNetAdpCtl|4710|Gentoo #Debian /sbin/unix_chkpwd|4555|Etch|9336d6b0c76b81647b8b5c35d682d17f /bin/ping|4755|Etch|0e47061bc452dc5bebe7504fc5fe92a4 /bin/umount|4755|Etch|9dace486ae20426b6c839e0c12164e91 /bin/mount|4755|Etch /bin/ping6|4755|Etch|de5b536e6d382b242c530aa1fc5acccc /bin/su|4755|Etch /usr/sbin/postqueue|2555|Etch /usr/sbin/postdrop|2555|Etch /usr/bin/gpasswd|4755|Etch /usr/bin/traceroute.lbl|4755|Etch /usr/bin/passwd|4755|Etch|c8ac6697d277834b595999c7e07accfa /usr/bin/bsd-write|2755|Etch /usr/bin/gpg|4755|Etch /usr/bin/screen|2755|Etch /usr/bin/expiry|2755|Etch /usr/bin/wall|2755|Etch /usr/bin/chage|2755|Etch /usr/bin/chfn|4755|Etch /usr/bin/sudo|4755|Etch /usr/bin/newgrp|4755|Etch /usr/bin/crontab|2755|Etch /usr/bin/chsh|4755|Etch /usr/bin/sudoedit|4755|Etch /usr/bin/ssh-agent|2755|Etch /usr/bin/X|6755|Etch /sbin/unix_chkpwd|2755|Lenny /sbin/mount.nfs|4755|Lenny /bin/ping|4755|Lenny /bin/umount|4755|Lenny /bin/mount|4755|Lenny /bin/ping6|4755|Lenny /bin/su|4755|Lenny /usr/sbin/postqueue|2555|Lenny /usr/sbin/postdrop|2555|Lenny /usr/sbin/exim4|4755|Lenny /usr/bin/gpasswd|4755|Lenny /usr/bin/procmail|6755|Lenny /usr/bin/traceroute.lbl|4755|Lenny /usr/bin/passwd|4755|Lenny /usr/bin/bsd-write|2755|Lenny /usr/bin/mutt_dotlock|2755|Lenny /usr/bin/dotlockfile|2755|Lenny /usr/bin/lockfile|2755|Lenny /usr/bin/mlocate|2755|Lenny /usr/bin/gpg|4755|Lenny /usr/bin/screen|2755|Lenny /usr/bin/expiry|2755|Lenny /usr/bin/wall|2755|Lenny /usr/bin/chage|2755|Lenny /usr/bin/chfn|4755|Lenny /usr/bin/sudo|4755|Lenny /usr/bin/newgrp|4755|Lenny /usr/bin/crontab|2755|Lenny /usr/bin/chsh|4755|Lenny /usr/bin/sudoedit|4755|Lenny /usr/bin/ssh-agent|2755|Lenny /usr/bin/at|6755|Lenny /usr/bin/pkexec|4711|Lenny #squeeze /sbin/unix_chkpwd|2755|Squeeze /sbin/mount.nfs|4755|Squeeze /sbin/mount.cifs|4755|Squeeze /bin/ping|4755|Squeeze /bin/umount|4755|Squeeze /bin/mount|4755|Squeeze /bin/ping6|4755|Squeeze /bin/su|4755|Squeeze /usr/sbin/postqueue|2555|Squeeze /usr/sbin/postdrop|2555|Squeeze /usr/sbin/exim4|4755|Squeeze /usr/bin/gpasswd|4755|Squeeze /usr/bin/procmail|6755|Squeeze /usr/bin/traceroute.lbl|4755|Squeeze /usr/bin/passwd|4755|Squeeze /usr/bin/bsd-write|2755|Squeeze /usr/bin/mutt_dotlock|2755|Squeeze /usr/bin/dotlockfile|2755|Squeeze /usr/bin/lockfile|2755|Squeeze /usr/bin/mlocate|2755|Squeeze /usr/bin/gpg|4755|Squeeze /usr/bin/screen|2755|Squeeze /usr/bin/expiry|2755|Squeeze /usr/bin/wall|2755|Squeeze /usr/bin/chage|2755|Squeeze /usr/bin/chfn|4755|Squeeze /usr/bin/sudo|4755|Squeeze /usr/bin/newgrp|4755|Squeeze /usr/bin/crontab|2755|Squeeze /usr/bin/chsh|4755|Squeeze /usr/bin/sudoedit|4755|Squeeze /usr/bin/ssh-agent|2755|Squeeze /usr/bin/at|6755|Squeeze /usr/bin/pkexec|4711|Squeeze /usr/lib/openssh/ssh-keysign|4755|Squeeze /usr/lib/mc/cons.saver|2755|Squeeze /usr/lib/pt_chown|4755|Squeeze #Wheezy /sbin/unix_chkpwd|2755|Wheezy /sbin/mount.nfs|4755|Wheezy /sbin/mount.cifs|4755|Wheezy /bin/ping|4755|Wheezy /bin/umount|4755|Wheezy /bin/mount|4755|Wheezy /bin/ping6|4755|Wheezy /bin/su|4755|Wheezy /usr/sbin/postqueue|2555|Wheezy /usr/sbin/postdrop|2555|Wheezy /usr/sbin/exim4|4755|Wheezy /usr/bin/gpasswd|4755|Wheezy /usr/bin/procmail|6755|Wheezy /usr/bin/traceroute.lbl|4755|Wheezy /usr/bin/passwd|4755|Wheezy /usr/bin/bsd-write|2755|Wheezy /usr/bin/mutt_dotlock|2755|Wheezy /usr/bin/dotlockfile|2755|Wheezy /usr/bin/lockfile|2755|Wheezy /usr/bin/mlocate|2755|Wheezy /usr/bin/gpg|4755|Wheezy /usr/bin/screen|2755|Wheezy /usr/bin/expiry|2755|Wheezy /usr/bin/wall|2755|Wheezy /usr/bin/chage|2755|Wheezy /usr/bin/chfn|4755|Wheezy /usr/bin/sudo|4755|Wheezy /usr/bin/newgrp|4755|Wheezy /usr/bin/crontab|2755|Wheezy /usr/bin/chsh|4755|Wheezy /usr/bin/sudoedit|4755|Wheezy /usr/bin/ssh-agent|2755|Wheezy /usr/bin/at|6755|Wheezy /usr/bin/pkexec|4711|Wheezy /usr/lib/openssh/ssh-keysign|4755|Wheezy /usr/lib/mc/cons.saver|2755|Wheezy /usr/lib/pt_chown|4755|Wheezy #Freebsd /sbin/mksnap_ffs|4550|FreeBSD /sbin/ping|4555|FreeBSD /sbin/ping6|4555|FreeBSD /sbin/shutdown|4550|FreeBSD /bin/rcp|4555|FreeBSD /usr/sbin/authpf|6555|FreeBSD /usr/sbin/lpc|2555|FreeBSD /usr/sbin/ppp|4550|FreeBSD /usr/sbin/pppd|4550|FreeBSD /usr/sbin/sliplogin|4550|FreeBSD /usr/sbin/timedc|4555|FreeBSD /usr/sbin/traceroute|4555|FreeBSD /usr/sbin/traceroute6|4555|FreeBSD /usr/sbin/trpt|2555|FreeBSD /usr/bin/at|4555|FreeBSD /usr/bin/atq|4555|FreeBSD /usr/bin/atrm|4555|FreeBSD /usr/bin/batch|4555|FreeBSD /usr/bin/btsockstat|2555|FreeBSD /usr/bin/chpass|4555|FreeBSD /usr/bin/chfn|4555|FreeBSD /usr/bin/chsh|4555|FreeBSD /usr/bin/ypchpass|4555|FreeBSD /usr/bin/ypchfn|4555|FreeBSD /usr/bin/ypchsh|4555|FreeBSD /usr/bin/fstat|2555|FreeBSD /usr/bin/lock|4555|FreeBSD /usr/bin/login|4555|FreeBSD /usr/bin/netstat|2555|FreeBSD /usr/bin/opieinfo|4555|FreeBSD /usr/bin/opiepasswd|4555|FreeBSD /usr/bin/passwd|4555|FreeBSD /usr/bin/yppasswd|4555|FreeBSD /usr/bin/rlogin|4555|FreeBSD /usr/bin/rsh|4555|FreeBSD /usr/bin/su|4555|FreeBSD /usr/bin/wall|2555|FreeBSD /usr/bin/write|2555|FreeBSD /usr/bin/crontab|4555|FreeBSD /usr/bin/lpq|6555|FreeBSD /usr/bin/lpr|6555|FreeBSD /usr/bin/lprm|6555|FreeBSD /usr/libexec/sendmail/sendmail|2555|FreeBSD #Red Hat /bin/ping|4755|Red Hat /bin/ping6|4755|Red Hat /bin/umount|4755|Red Hat /bin/mount|4755|Red Hat /bin/su|4755|Red Hat /sbin/umount.nfs|4755|Red Hat /sbin/mount.nfs|4755|Red Hat /sbin/mount.nfs4|4755|Red Hat /sbin/umount.nfs4|4755|Red Hat /sbin/unix_chkpwd|4755|Red Hat /sbin/shutdown|4754|Red Hat /sbin/pam_timestamp_check|4755|Red Hat /sbin/netreport|2755|Red Hat /usr/bin/write|2755|Red Hat /usr/bin/passwd|4755|Red Hat /usr/bin/chfn|4711|Red Hat /usr/bin/wall|2555|Red Hat /usr/bin/rcp|4755|Red Hat /usr/bin/rlogin|4755|Red Hat /usr/bin/chsh|4711|Red Hat /usr/bin/sudo|4111|Red Hat /usr/bin/locate|2711|Red Hat /usr/bin/gpasswd|4755|Red Hat /usr/bin/crontab|6755|Red Hat /usr/bin/newgrp|4755|Red Hat /usr/bin/sudoedit|4111|Red Hat /usr/bin/chage|4755|Red Hat /usr/bin/rsh|4755|Red Hat /usr/bin/screen|2755|Red Hat /usr/bin/at|4755|Red Hat /usr/bin/ssh-agent|2755|Red Hat /usr/bin/lockfile|2755|Red Hat /usr/bin/Xorg|4711|Red Hat /usr/sbin/userisdnctl|4755|Red Hat /usr/sbin/suexec|4510|Red Hat /usr/sbin/lockdev|2755|Red Hat /usr/sbin/sendmail.sendmail|2755|Red Hat /usr/sbin/mtr|4755|Red Hat /usr/sbin/userhelper|4711|Red Hat /usr/sbin/fping6|4755|Red Hat /usr/sbin/fping|4755|Red Hat /usr/sbin/usernetctl|4755|Red Hat /usr/sbin/postqueue|2755|Red Hat /usr/sbin/postdrop|2755|Red Hat /usr/sbin/ccreds_validate|4755|Red Hat /sbin/mount.nfs|4755|Ubuntu /sbin/unix_chkpwd|2755|Ubuntu /bin/ping|4755|Ubuntu /bin/umount|4755|Ubuntu /bin/mount|4755|Ubuntu /bin/ping6|4755|Ubuntu /bin/su|4755|Ubuntu /usr/bin/wall|2755|Ubuntu /usr/bin/mail-touchlock|2755|Ubuntu /usr/bin/X|6755|Ubuntu /usr/bin/crontab|2755|Ubuntu /usr/bin/newgrp|4755|Ubuntu /usr/bin/mail-lock|2755|Ubuntu /usr/bin/xterm with|2755|Ubuntu /usr/bin/bsd-write|2755|Ubuntu /usr/bin/dotlockfile|2755|Ubuntu /usr/bin/gpasswd|4755|Ubuntu /usr/bin/ssh-agent|2755|Ubuntu /usr/bin/mail-unlock|2755|Ubuntu /usr/bin/chfn|4755|Ubuntu /usr/bin/chage|2755|Ubuntu /usr/bin/chsh|4755|Ubuntu /usr/bin/expiry|2755|Ubuntu /usr/bin/screen|2755|Ubuntu /usr/bin/sudoedit|4755|Ubuntu /usr/bin/passwd|4755|Ubuntu /usr/bin/sudo|4755|Ubuntu /usr/lib/amanda/calcsize|4754|Ubuntu /usr/lib/amanda/rundump|4754|Ubuntu /usr/lib/amanda/runtar|4754|Ubuntu /usr/lib/amanda/killpgrp|4754|Ubuntu /usr/lib/openssh/ssh-keysign|4755|Ubuntu /usr/lib/pt_chown|4755|Ubuntu /usr/lib/eject/dmcrypt-get-device|4755|Ubuntu /usr/sbin/authpf|6555|OpenBSD /usr/sbin/authpf-noip|6555|OpenBSD /usr/bin/lpr|6555|OpenBSD /usr/bin/lprm|6555|OpenBSD #ArchLinux /sbin/unix_chkpwd|6755|arch /bin/su|4555|arch /bin/mount|4755|arch /bin/umount|4755|arch /bin/ping|4755|arch /bin/ping6|4755|arch /bin/traceroute|4555|arch /bin/traceroute6|4755|arch /usr/bin/chfn|4755|arch /usr/bin/write|2755|arch /usr/bin/newgrp|4755|arch /usr/bin/expiry|4755|arch /usr/bin/gpasswd|4755|arch /usr/bin/passwd|4755|arch /usr/bin/rsh|4775|arch /usr/bin/crontab|4755|arch /usr/bin/chage|4755|arch /usr/bin/ksu|4755|arch /usr/bin/rlogin|4775|arch /usr/bin/chsh|4755|arch /usr/bin/rcp|4775|arch /usr/lib/pt_chown|4755|arch /usr/lib/dbus-1.0/dbus-daemon-launch-helper|4750|arch yasat/plugins/vsftpd.advice0000640000175000017500000000044511677022127016601 0ustar montjoiemontjoieEN,VSFTPD_ANONYMOUS_LOGIN=Disable anonymous connection if possible EN,VSFTPD_ANONYMOUS_UPLOAD=Disable anonymous upload if possible EN,VSFTPD_ANONYMOUS_ASCII=Disable ASCII mode EN,VSFTPD_ANONYMOUS_NO_XFERLOG=Add an xferlog entry EN,VSFTPD_ANONYMOUS_NOCHROOTLOCAL=Chroot local users if possible yasat/plugins/nfs.advice0000640000175000017500000000147111677022127016061 0ustar montjoiemontjoieEN,NFS_EXPORT_SUBTREE_CHECK=TODO See http://nfs.sourceforge.net/ Section C7 ADVICEEND EN,NFS_EXPORT_NO_ROOT_SQUASH=If you can, unset no_root_squash Map requests from uid/gid 0 to the anonymous uid/gid. This is the default. See http://nfs.sourceforge.net/ Section C7 ADVICEEND EN,NFS_EXPORT_NO_INTR=Set intr option See http://nfs.sourceforge.net/ Section D12 ADVICEEND EN,NFS_EXPORT_UDP=Prefer TCP over UDP See http://nfs.sourceforge.net/nfs-howto/ar01s05.html Section 5.4 ADVICEEND EN,NFS_CLIENT_NOAC=For performance, unset noac See http://nfs.sourceforge.net/ Section B9 ADVICEND yasat/plugins/logging.advice0000640000175000017500000000125011677022127016714 0ustar montjoiemontjoieEN,SYSTEM_LOG_TWO_LOGGERS=Strange, you have two system loggers Certainly a yasat bug... ADVICEEND EN,SYSTEM_LOG_NO_LOGGERS=Configure and run a system logger Install a system logger like syslog-ng, or any other you might prefer. If you have already a system logger runnning and yasat doesn't report it, please let me know. ADVICEEND EN,SYSLOGNG_NOLOGHOST=Set up a remote logging server Centralize your logs in a dedicated server TODO ADVICEEND EN,SYSLOG_NOLOGHOST=Set up a remote logging server Centralize your logs in a dedicated server TODO ADVICEEND EN,RSYSLOG_NOLOGHOST=Set up a remote logging server Centralize your logs in a dedicated server TODO ADVICEEND yasat/plugins/apache_conf.test0000640000175000017500000001557411735012277017256 0ustar montjoiemontjoie#!/bin/sh ################################################################################ # # # Copyright (C) 2008-2012 LABBE Corentin # # YASAT is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # YASAT is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with YASAT. If not, see . # # ################################################################################ #for LOCATION in ${POSSIBLE_APACHE_CONFIG_LOCATION} #do # if [ -d "${LOCATION}/" ] # then # APACHE_CONF_REP="${LOCATION}" # fi #done Find_apache_conf_location Title "Check Apache configuration" #YASAT_TEST_APACHE_CONF_1 test the presence of apache.conf if [ ! -d "$APACHE_CONF_REP" ] ;then Display --indent 2 --text "No apache found" --result NOTFOUND --color BLUE return 1; else Display --indent 2 --text "$APACHE_CONF_REP " --result FOUND --color GREEN fi prepare_apache_conf $APACHE_CONF_REP APACHE_CONF_LOCATION_TO_TEST="${TEMPYASATDIR}/apache.conf" if [ ! -e "$APACHE_CONF_LOCATION_TO_TEST" ] ;then echo "Error no $APACHE_CONF_LOCATION_TO_TEST" return 1; fi if [ -e "${PLUGINS_REP}/apache_conf.data" ] ;then for i in `grep -v '^\#' $PLUGINS_REP/apache_conf.data` do ldirective=`echo $i | cut -f1 -d\|` lparam=`echo $i | cut -f2 -d\|` loption=`echo $i | cut -f3 -d\|` ltestoptional=`echo $i | cut -f4 -d\|` OPT_ADVICE='' OPT_ADVICE="`echo $i | cut -f5 -d\|`" # FindValueOf $APACHE_CONF_REP $ldirective JUSTTEST FindValueOf $APACHE_CONF_LOCATION_TO_TEST $ldirective JUSTTEST if [ -z "$RESULTAT" ] ; then if [ -z "$FINDERROR" ] ; then if [ "$ltestoptional" = "Y" ] ; then Display --indent 2 --text "Missing declaration of $ldirective " --result OPTIONAL --color BLUE else Display --indent 2 --text "Missing declaration of $ldirective " --result WARNING --color RED --advice $OPT_ADVICE fi else if [ "$FINDERROR" = 'MULTIPLE' ] ; then Display --indent 2 --text "Multiple declaration of $ldirective " --result WARNING --color RED --advice $OPT_ADVICE else echo "Arg a bug, unknown FINDERROR"; fi fi else VAL="$RESULTAT" case $loption in S)#string equal if [ "$VAL" != "$lparam" ] ;then Display --indent 2 --text "$ldirective != $lparam" --result "$VAL" --color RED --advice "$OPT_ADVICE" else Display --indent 2 --text "$ldirective " --result "$VAL" --color GREEN fi ;; s) #string equal case insensitive VAL=`echo $RESULTAT | tr A-Z a-z` if [ "$VAL" != "$lparam" ] ; then Display --indent 2 --text "$ldirective != $lparam" --result "$VAL" --color RED --advice "$OPT_ADVICE" find_file_with_directive "$APACHE_CONF_REP" "^[[:space:]]*$ldirective" add_correction "sed -i 's/^[[:space:]]*$ldirective.*/$ldirective $lparam/' $RES_FILE_WITH_DIRECTIVE" else Display --indent 2 --text "$ldirective " --result "$VAL" --color GREEN fi ;; snot)#not string case insensitive VAL=`echo $RESULTAT | tr A-Z a-z` if [ "$VAL" = "$lparam" ] then Display --indent 2 --text "$ldirective != $lparam" --result "$VAL" --color RED --advice "$OPT_ADVICE" else Display --indent 2 --text "$ldirective " --result "$VAL" --color GREEN fi ;; NM)#Numeric max ### FindValueOf $APACHE_CONF_REP $ldirective if [ -z "$RESULTAT" ] ;then Display --indent 2 --text "Missing declaration of $ldirective " --result WARNING --color RED --advice $OPT_ADVICE else if [ $RESULTAT -ge $lparam ] ;then Display --indent 2 --text "$ldirective <= $lparam" --result "$VAL" --color RED --advice $OPT_ADVICE find_file_with_directive "$APACHE_CONF_REP" "^[[:space:]]*$ldirective" add_correction "sed -i 's/^[[:space:]]*$ldirective.*/$ldirective $lparam/' $RES_FILE_WITH_DIRECTIVE" else Display --indent 2 --text "$ldirective " --result "$VAL" --color GREEN fi fi ;; *) echo "Unknown option $loption" ;; esac fi done else echo "No apache_conf.data" fi #ErrorDocument\ 404|/error/http_not_found.html.var|snot|W FindValueOf $APACHE_CONF_LOCATION_TO_TEST 'ErrorDocument\ 404' JUSTTEST if [ ! -z "$RESULTAT" ] then if [ "$RESULTAT" = '/error/HTTP_NOT_FOUND.html.var' ] then Display --indent 2 --text "ErrorDocument 404" --result FOUND --color ORANGE --advice APACHE_ERRORDOC_CUSTOM fi else Display --indent 2 --text "ErrorDocument 404" --result NOTFOUND --color ORANGE --advice APACHE_ERRORDOC_CUSTOM fi FindValueOf $APACHE_CONF_LOCATION_TO_TEST SSLEngine JUSTTEST if [ -z "$RESULTAT" ] ; then Display --indent 2 --text "SSLEngine not enabled " --result NOTFOUND --color BLUE else if [ "$RESULTAT" = "on" ] ; then Display --indent 2 --text "SSLEngine enabled " --result FOUND --color GREEN FindValueOf $APACHE_CONF_LOCATION_TO_TEST SSLProtocol JUSTTEST if [ -z "$RESULTAT" ] ; then Display --indent 2 --text "SSLProtocol " --result NOTFOUND --color RED --advice APACHE_CONF_SSL_SSLV2 else if [ ! -z "`echo $RESULTAT | grep -i '\-SSLv2'`" ] ; then Display --indent 2 --text "SSLProtocol disable SSLv2" --result "$RESULTAT" --color GREEN else Display --indent 2 --text "SSLProtocol dont disable SSLv2" --result "$RESULTAT" --color RED --advice APACHE_CONF_SSL_SSLV2 fi fi #http://httpd.apache.org/docs/2.2/mod/mod_ssl.html#sslsessioncache #TODO SSLSessionCache if is dbm, check right and owning #TODO SSLCipherSuite check for !LOW !NULL !SSLv2 !EXP http://httpd.apache.org/docs/2.0/mod/mod_ssl.html#sslciphersuite #http://httpd.apache.org/docs/2.3/en/ssl/ssl_howto.html #http://lwn.net/Articles/441551/ FindValueOf $APACHE_CONF_LOCATION_TO_TEST SSLCipherSuite MULTIPLE if [ ! -z "$RESULTAT" ] ; then for ciphers in $RESULTAT do Display --indent 2 --text "SSLCipherSuite $ciphers" --result FOUND --color BLUE for ciph in LOW NULL SSLv2 EXP aNULL do if [ -z "`echo $ciphers | grep -Ei \"!${ciph}(:|$)\"`" ] ; then Display --indent 4 --text "Cipher $ciph" --result ACTIVE --color ORANGE else Display --indent 4 --text "Cipher $ciph" --result DISACTIVE --color GREEN fi done done fi FindValueOf $APACHE_CONF_LOCATION_TO_TEST SSLCertificateKeyFile MULTIPLE if [ ! -z "$RESULTAT" ] ; then for key in $RESULTAT do #echo "Check $key" check_private_key $key 2 'apache' done fi else Display --indent 2 --text "SSLEngine not enabled " --result OK --color GREEN fi fi yasat/plugins/logwatch.advice0000640000175000017500000000606111677022127017103 0ustar montjoiemontjoieEN,LOGWATCH_TMPDIR_OTHER_READABLE=The TmpDir used by logwatch should not be readble by others. Letting others read the temporary directory logwatch uses leads to unnecessary information leakage. If /tmp is used, consider moving the TmpDir to another folder with no others permission. ADVICEEND EN,LOGWATCH_SAVE_OTHER_READABLE=The Save directory used by logwatch should no be readable by others. Letting others read the logwatch reports leads to unnecessary information leakage. ADVICEEND EN,LOGWATCH_LOW_DETAIL_SETTING=Low detail setting can lead to loss of important information. EN,LOGWATCH_PROBLEMATIC_RANGE_TODAY=Using the log from today can lead to loss of infornation. Because the day is not over when logwatch is executed there is no way to ensure that all of todays logs are parsed. ADVICEEND EN,LOGWATCH_PROBLEMATIC_RANGE_ALL=Using all logs can be too much. Parsing all logs can yeild too much information, make the logwatch report less useful because the timeline is too long and it can take a very long time depending on how often the logs are rotated. ADVICEEND EN,LOGWATCH_CHECK_ALL_SERVICES=You could be missing important information Because all services are not checked, messages from some services doesn't get included in the logwatch report. ADVICEEND EN,LOGWATCH_DISABLED_SERVICE_CHECK=You should check whether the disabled checks are needed. EN,LOGWATCH_TMPDIR_DEFAULT=The default setting is /var/cache/logwatch. EN,LOGWATCH_NO_SERVICES_FOUND=No Services are checked! There is little use for logwatch if no services are checked. Make sure that at least the most important services are checked. ADVICEEND EN,LOGWATCH_NO_LOGDIR=The LogDir is either a file or doesn't exist. The LogDir directive should point to where your system logs are. There is little use for logwatch if it doesn't parse your logs. ADVICEEND EN,LOGWATCH_LOGDIR_OTHER_WRITABLE=LogDir should not be writable by anyone other than the owner. EN,LOGWATCH_ONLY_ONE_LOGFILE=Checking only one logfile can lead to loss of information. Because not all services log to the system logger and there might be some filters on the file that is checked. At least make sure that all logmessages from the system logger are logged to the checked logfile. ADVICEEND EN,LOGWATCH_NO_LOGS_CHECKED=Could not find any logfiles that are to be checked. There is little use for logwatch if no logs are parsed. ADVICEEND EN,LOGWATCH_DEFAULT_SETTING=Consider setting this directive in the config. EN,LOGWATCH_NO_LOGS_CHECKED=Could not find any logfiles that are to be checked. There is little use for logwatch if no logs are parsed. ADVICEEND EN,LOGWATCH_TMPDIR_NOT_FOUND=Isn't a directory. If you want to save logreports you should either edit the TmpDir directive or make the directory the directive is set to use. ADVICEEND EN,LOGWATCH_ARCHIVES_NOT_CHECKED=Log archives are not parsed. This should be enabled. There is no guarantee that all the logs from a given day are parsed by logwatch, because of logrotation. ADVICEEND EN,LOGWATCH_HOSTLIMIT_NO=Unless this is logserver, HostLimit should be enabled. yasat/plugins/cups.advice0000640000175000017500000000025011677022127016237 0ustar montjoiemontjoieEN,CUPS_LISTEN=If possible, restrict CUPS to listen only on localhost If you don't share printers, restrict the possibility to other users to access cupsd. ADVICEEND yasat/plugins/sensors.test0000750000175000017500000000516011677022127016514 0ustar montjoiemontjoie#!/bin/sh ################################################################################ # # # Copyright (C) 2008-2012 LABBE Corentin # # YASAT is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # YASAT is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with YASAT. If not, see . # # ################################################################################ Title "Check temperature monitoring" #TODO on many servers there are no sensors and the use of IPMI is necessary if [ "$OS_TYPE" = 'Linux' ] ; then sensors --version > /dev/null 2>> $ERROR_OUTPUT_FILE if [ $? -eq 127 ] then Display --indent 2 --text "No sensors binary" --result WARNING --color RED --advice TEMP_SENSORS else Display --indent 2 --text "sensors binary" --result FOUND --color GREEN fi else Display --indent 2 --text "HW temperature monitoring" --result NOTFOUND --color BLUE --advice TEMP_SENSOR_PROGRAM_UNK fi #check /dev/ipmi0 if [ -e /dev/ipmi0 ] ;then Display --indent 2 --text "IPMI BMC" --result FOUND --color GREEN fi ipmitool > /dev/null 2>> $ERROR_OUTPUT_FILE if [ $? -eq 127 ] then Display --indent 2 --text "No ipmitool binary" --result WARNING --color RED --advice IPMI_NO_BINARY else IPMI_TMP="${TEMPYASATDIR}/ipmi.out" #when doing ipmitool lan print seek for snmp community string ipmitool lan print > $IPMI_TMP IPMI_SNMP_COMM="`grep -i snmp $IPMI_TMP | cut -d\: -f2- | sed 's/[[:space:]]*//g'`" if [ -z "$IPMI_SNMP_COMM" ] then Display --indent 2 --text "IPMI SNMP Comunity" --result NOTFOUND --color BLUE else if [ "$IPMI_SNMP_COMM" = "public" ] then Display --indent 2 --text "IPMI SNMP Community" --result WARNING --color RED --advice IPMI_BAD_SNMP_COMM else Display --indent 2 --text "IPMI SNMP Community" --result GOOD --color GREEN fi fi fi #Usefull http://wiki.nagios-fr.org/supervision/ipmi #MCELOG TODO if [ -e /dev/mcelog ] then Display --indent 2 --text "/dev/mcelog" --result FOUND --color BLUE fi return 0; yasat/Makefile0000640000175000017500000000341611751712024014071 0ustar montjoiemontjoieDESTDIR= PREFIX=/usr/local/ SYSCONFDIR=${PREFIX}/etc DATADIR=${PREFIX}/share MANDIR=${PREFIX}/share/man/man8/ #http://www.freebsd.org/doc/en/books/porters-handbook/porting-prefix.html nothing: @exit test: test_todo test_display_without_advice real_test exit test_todo: @echo "Number of TODO `grep -ri TODO * | grep -v '.svn' | wc -l`" test_display_without_advice: @echo "Number of error display without advice `grep -r Display * | grep RED |grep -v advice |grep -v .svn | wc -l`" @echo "Number of warning display without advice `grep -r Display * | grep ORANGE |grep -v advice | grep -v .svn |wc -l`" #dont work :'( #test_space_end: # @echo "`grep -nri \"[[:space:]][[:space:]]*$\" .`" real_test: chmod +x ./tests/test.test ./tests/test.test #test will check # # display without advice # check functions # plugins without advice files # check lines more 80(120) characters # numbers of todo # that PLUGINS_REP must be within {} # -e -d etc have "" after install: chmod +x ./tests/*.test chmod +x ./plugins/*.test chmod +x ./yasat mkdir -p ${DESTDIR}/${PREFIX}/bin cp yasat ${DESTDIR}/${PREFIX}/bin/yasat mkdir -p ${DESTDIR}/${DATADIR}/yasat/ cp -R plugins ${DESTDIR}/${DATADIR}/yasat/ cp yasat.css ${DESTDIR}/${DATADIR}/yasat/ cp common ${DESTDIR}/${DATADIR}/yasat/ cp osdetection ${DESTDIR}/${DATADIR}/yasat/ mkdir -p ${DESTDIR}/${SYSCONFDIR}/yasat/ echo "YASAT_ROOT=/${DATADIR}/yasat/" > ${DESTDIR}/${SYSCONFDIR}/yasat/yasat.conf echo "PLUGINS_REP=/${DATADIR}/yasat/plugins/" >> ${DESTDIR}/${SYSCONFDIR}/yasat/yasat.conf installman: mkdir -p ${DESTDIR}/${MANDIR}/ cp man/yasat.8 ${DESTDIR}/${MANDIR}/ bzip2 -f -9 ${DESTDIR}/${MANDIR}/yasat.8 deinstall: rm ${DESTDIR}/${PREFIX}/bin/yasat rm -rf ${DESTDIR}/${DATADIR}/yasat rm -rf ${DESTDIR}/${SYSCONFDIR}/etc/yasat yasat/common0000640000175000017500000017042411754410750013654 0ustar montjoiemontjoie################################################################################ # # # Copyright (C) 2008-2012 LABBE Corentin # # YASAT is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # YASAT is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with YASAT. If not, see . # # ################################################################################ # # The display function is originated from lynis Copyright 2007-2009, Michael Boelen (michael@rootkit.nl), The Netherlands # Web site: http://www.rootkit.nl # ################################################################################# # # Common functions for YASAT # ################################################################################# # NORMAL="" WARNING="" YELLOW="" BLUE="" WHITE="" GREEN="" RED="" ORANGE="" NOIRGRAS="" #All results in orange/yellow is a optionnal warning #All results in red must be corrected ################################################################################ ################################################################################ print_color_chart() { echo "Color chart" echo "$GREEN GREEN $NORMAL is for good configuration or information" echo "$RED RED $NORMAL is for configuration that must be corrected" echo "$ORANGE ORANGE $NORMAL is for optional configuration that can be done" #ugly color, do not use:) # echo "$YELLOW YELLOW $NORMAL is for optional configuration that can be done" echo "$BLUE BLUE $NORMAL is for information" } ################################################################################ ################################################################################ Display() { INDENT=0; TEXT=''; RESULT=''; COLOR=''; ADVICE='' ECHOCMD="echo -e" if [ "`echo -e plop`" = '-e plop' ] ;then #with /bin/sh or zsh no -e ECHOCMD='echo' fi while [ $# -ge 1 ]; do case $1 in --color) shift case $1 in GREEN) COLOR=$GREEN;HTMLCOLOR='GREEN' if [ $PRINT_LEVEL -ge 2 ] then return 1; fi ;; RED) COLOR=$RED;HTMLCOLOR='RED' ;; WHITE) COLOR=$WHITE ;; YELLOW) COLOR=$YELLOW;HTMLCOLOR='YELLOW' if [ $PRINT_LEVEL -ge 3 ] then return 1; fi ;; ORANGE) COLOR=$ORANGE;HTMLCOLOR='ORANGE' if [ $PRINT_LEVEL -ge 3 ] then return 1; fi ;; BLUE) COLOR=$BLUE;HTMLCOLOR='BLUE' if [ $PRINT_LEVEL -ge 1 ] then return 1; fi ;; esac ;; --indent) shift INDENT=$1 ;; --no-break | --nobreak | -nb) ECHOCMD="echo -en" ;; --result) shift RESULT=$1 ;; --advice) shift ADVICE=$1 ;; --text) shift TEXT=$1 ;; *) echo "INVALID OPTION (Display): $1, it is usually a bug of yasat (shame on me)" exit 1 ;; esac # Go to next parameter shift done if [ -z "${ADVICE}" -o "${ADVICE}" = 'NONE' ] ;then ADVICEVALUE='' else ADVICEVALUE="`grep ${ADVICE}= ${YASAT_ROOT}/yasat.advices | cut -d\= -f2-`" if [ -z "$ADVICEVALUE" ] ;then Display --indent 2 --text "BUG ADVICEVALUE is empty for ${ADVICE}" --result WARNING --color RED --advice YASAT_BUG fi if [ -z "`echo ${RESULT} | grep -vEi 'warning$|found$'`" ] ;then echo "= ${TEXT}" >> $REPORT_OUTPUT else echo "= ${TEXT} Result=${RESULT}" >> $REPORT_OUTPUT fi echo " $ADVICEVALUE" >> $REPORT_OUTPUT report_add "${ADVICE}" TEXT $REPORT_OUTPUT fi if [ ! -z "$HTML_OUTPUT" ] ;then echo "${TEXT} ${RESULT}$ADVICEVALUE" >> "$HTML_OUTPUT" if [ ! -z "$ADVICE" ] ;then report_add "${ADVICE}" HTML "$HTML_OUTPUT" fi fi if [ -z "${RESULT}" ] then echo 'ERROR No --result' return 1; fi RESULTPART=" [ ${COLOR}${RESULT}${NORMAL} ]" #size of result is 5 ( [ ]) + 8 (NOTFOUND/WARNING is the greatest result) MAXLINESIZE=67 if [ ! "${TEXT}" = "" ] then # Display LINESIZE=`echo "${TEXT}" | wc -c | tr -d ' '` SPACES=`expr ${MAXLINESIZE} - ${INDENT} - ${LINESIZE}` if [ "$SPACES" -le 0 ] ;then TEXT1=`echo ${TEXT} | cut -b -50` LINESIZE=`echo "${TEXT1}" | wc -c | tr -d ' '` SPACES=`expr ${MAXLINESIZE} - ${INDENT} - ${LINESIZE}` ${ECHOCMD} "\033[${INDENT}C${TEXT1}\033[${SPACES}C${RESULTPART}\t${ADVICEVALUE}" TEXT2=`echo ${TEXT} | cut -b 51-` ${ECHOCMD} "!!\033[${INDENT}C${TEXT2}" else SPACES=`expr ${MAXLINESIZE} - ${INDENT} - ${LINESIZE}` ADVICE_LINE_SIZE=0 if [ -z "${ADVICEVALUE}" ] ;then FULLLINESIZE=$LINESIZE else ADVICE_LINE_SIZE=`echo "${ADVICEVALUE}" | wc -c | tr -d ' '` FULLLINESIZE=`expr ${ADVICE_LINE_SIZE} + 80` fi Debug "FULL $FULLLINESIZE $LINESIZE $SPACES adv=$ADVICE_LINE_SIZE" if [ $FULLLINESIZE -gt $COL_WIDTH ] then ${ECHOCMD} "\033[${INDENT}C${TEXT}\033[${SPACES}C${RESULTPART}" ${ECHOCMD} "\033[${INDENT}C\t-> ${ADVICEVALUE}" else ${ECHOCMD} "\033[${INDENT}C${TEXT}\033[${SPACES}C${RESULTPART}\t${ADVICEVALUE}" fi fi else echo "Missing parameter ${TEXT}" fi } ################################################################################ ################################################################################ report_add() { if [ -z "$1" ] then Display --indent 2 --text "Missing argument #1 for report_add" --result WARNING --color RED --advice YASAT_BUG return -1; fi if [ -z "$2" ] then Display --indent 2 --text "Missing argument #2 (type of output) for report_add" --result WARNING --color RED --advice YASAT_BUG return -1; fi if [ -z "$3" ] then Display --indent 2 --text "Missing argument #3 (name of the output file) for report_add" --result WARNING --color RED --advice YASAT_BUG return -1; fi Debug "report_add() called with $1 $2 $3" # if [ $2 = "TEXT" ] # then # echo "" >> $3 # echo "== `cat yasat.advices |grep $ADVICE | cut -d\= -f2-` ==" >> $3 # echo "" >> $3 # fi if [ $2 = "HTML" ] then echo "" >> "$3" fi ADVICEFOUND=0 LISTE_ADVICE="`ls ${PLUGINS_REP}/*.advice`" cat $LISTE_ADVICE | while read line do if [ "$line" = "ADVICEEND" ] then ADVICEFOUND=0 fi #temporary if [ ! -z "`echo $line |grep ^${ADVICELANG},`" ] then ADVICEFOUND=0 fi if [ $ADVICEFOUND -eq 1 ] then if [ $2 = "TEXT" ] then echo " $line" | sed 's/<[^>]*>//g'>> "$3" fi if [ $2 = "HTML" ] then echo " $line" >> "$3" echo "
" >> "$3" fi fi if [ ! -z "`echo $line |grep ${ADVICELANG},$1`" ] then ADVICEFOUND=1 fi done if [ $2 = "HTML" ] then echo "
" >> "$3" fi } ################################################################################ ################################################################################ Debug() { if [ $DEBUG -eq 1 ] ; then ECHOCMD="echo -e" if [ "`echo -e plop`" = '-e plop' ] ;then #with /bin/sh or zsh no -e ECHOCMD='echo' fi $ECHOCMD "$1" fi } ################################################################################ ################################################################################ # Find where the apache config is # No argument Find_apache_conf_location() { for LOCATION in ${POSSIBLE_APACHE_CONFIG_LOCATION} do if [ -e "${LOCATION}/apache.conf" -o -e "${LOCATION}/httpd.conf" ] then export APACHE_CONF_REP="${LOCATION}" return 0; fi done export APACHE_CONF_REP='NOTFOUND' return 1; } ################################################################################ ################################################################################ #arg 1 is the path to file createe by prepare_apache_conf() #arg2 is the value found by FindValueOf Check_apache_user() { export RESULTAT='' export FINDERROR='' if [ -z "$1" ] ; then Display --indent 2 --text "Missing argument #1 for Check_apache_user" --result WARNING --color RED --advice YASAT_BUG return 2; fi if [ -z "$2" ] ; then Display --indent 2 --text "Missing argument #2 for Check_apache_user" --result WARNING --color RED --advice YASAT_BUG return 2; fi if [ "`echo $2 | cut -b1`" = '$' ] ;then Display --indent 2 --text "Apache user is a variable" --result INFO --color BLUE #we ll find the value of this variable (only debian do that, and values can be found in /etc/apache2/envvars) if [ -e /etc/apache2/envvars ] ; then export RESULTAT="`grep APACHE_RUN_USER /etc/apache2/envvars | cut -d\= -f2`" if [ -z "$RESULTAT" ] ; then Display --indent 4 --text "Fallback to www-data" --result INFO --color BLUE export RESULTAT='www-data' fi else #TODO fallback to a common value Display --indent 4 --text "Fallback to www-data" --result INFO --color BLUE export RESULTAT='www-data' fi return 0; Display --indent 2 --text "Apache user is " --result "$RESULTAT" --color BLUE fi export RESULTAT="$2" } ################################################################################ ################################################################################ #arg 1 is the path to file createe by prepare_apache_conf() #arg2 is the value found by FindValueOf Check_apache_group() { export RESULTAT='' export FINDERROR='' if [ -z "$1" ] ; then Display --indent 2 --text "Missing argument #1 for Check_apache_group" --result WARNING --color RED --advice YASAT_BUG return 2; fi if [ -z "$2" ] ; then Display --indent 2 --text "Missing argument #2 for Check_apache_group" --result WARNING --color RED --advice YASAT_BUG return 2; fi if [ "`echo $2 | cut -b1`" = '$' ] ; then Display --indent 2 --text "Apache group is a variable" --result INFO --color BLUE #we ll find the value of this variable (only debian do that, and values can be found in /etc/apache2/envvars) if [ -e /etc/apache2/envvars ] ; then export RESULTAT="`grep APACHE_RUN_GROUP /etc/apache2/envvars | cut -d\= -f2`" if [ -z "$RESULTAT" ] ; then Display --indent 4 --text "Fallback to www-data" --result INFO --color BLUE export RESULTAT='www-data' fi else #TODO fallback to a common value Display --indent 4 --text "Fallback to www-data" --result INFO --color BLUE export RESULTAT='www-data' fi return 0; Display --indent 2 --text "Apache group is " --result "$RESULTAT" --color BLUE fi export RESULTAT="$2" } ################################################################################ ################################################################################ #Find value of a directive separated by space "$2 value" # #1 is the file to scan # #2 is the directive to seek # #3 is a sort of error reporting, possible values JUSTTEST(what a bad name choice) and MULTIPLE(allow multiple value) # #4 is case sensitivity flag (nothing = sensitive, INSENSITIVE otherwise) FindValueOf() { export RESULTAT='' export FINDERROR='' if [ -z "$1" ] ; then Display --indent 2 --text "Missing argument FindValueOf() #1 (conf file to scan)" --result WARNING --color RED --advice YASAT_BUG return 2; fi if [ -z "$2" ] ; then Display --indent 2 --text "Missing argument FindValueOf #2 (directive to seek)" --result WARNING --color RED --advice YASAT_BUG return 2; fi TEMP="" Debug "Seek value of $2 in $1" if [ ! -e "$1" ] ;then echo "Error $1 do not exist" return 1; fi #End of checks of parameters DO_INSENSITIVE=0 if [ $# -ge 4 ] ; then if [ "$4" = 'INSENSITIVE' ] ; then DO_INSENSITIVE=1 fi fi if [ $DO_INSENSITIVE -ge 1 ] ; then TEMP=`grep -rih "^[[:space:]]*$2[[:space:]]" $1 |grep -v '^[[:space:]]*#' |tr '[:upper:]' '[:lower:]' |sed "s/^[[:space:]]*$2[[:space:]]*//g" |sed 's/#.*//g'` else TEMP=`grep -rih "^[[:space:]]*$2[[:space:]]" $1 |grep -v '^[[:space:]]*#' |sed "s/^[[:space:]]*$2[[:space:]]*//g" |sed 's/#.*//g'` fi if [ -z "$TEMP" ] ;then if [ $# -le 2 ] ; then Display --indent 2 --text "No declaration of $2" --result WARNING --color RED else if [ -z "$3" ] ;then Display --indent 2 --text "No declaration of $2" --result WARNING --color RED return 1; fi fi fi if [ `echo "$TEMP" | wc -l` -ge 2 ];then if [ "$3" = 'MULTIPLE' ] ; then # export RESULTAT="`echo $TEMP | sed "s/[[:space:]]*$2[[:space:]]*//g"`" export RESULTAT="$TEMP" return 0; fi Display --indent 2 --text "Error multiple declarations of $2" --result WARNING --color RED --advice GLOBAL_MULTIPLE_DECLARATIONS grep -ri "^[[:space:]]*$2[[:space:]]" $1 |grep -v '^[[:space:]]*#' | while read line do echo " ==> $line" done export FINDERROR='MULTIPLE' export RESULTAT=`echo "$TEMP" | sort | uniq | head -n 1 |sed "s/^[[:space:]]*$2[[:space:]]*//g" | sed 's/#.*//g'` return 3; fi if [ `echo "$TEMP" | wc -l` -eq 0 ] ; then if [ -z "$3" ] ;then Display --indent 2 --text "No declaration of $2" --result WARNING --color RED return 1; fi fi if [ `echo "$TEMP" | wc -l` -eq 1 ] ;then # export RESULTAT=`echo "${TEMP}" | sed "s/^[[:space:]]*[a-zA-Z0-9][a-zA-Z0-9]*[[:space:]]*//g" | sed 's/#.*//g'` # export RESULTAT=`echo "${TEMP}" | sed "s/^[[:space:]]*$2[[:space:]]*//g" | sed 's/#.*//g'` export RESULTAT="${TEMP}" fi return 0; } #======================================================================================== #======================================================================================== #Find value type "$2 = value" FindValueOfEqual() { RESULTAT='' if [ "$1x" = "x" ] then Display --indent 2 --text "Missing argument #1 (conf file to scan) of FindValueOfEqual" --result WARNING --color RED --advice YASAT_BUG return 2; fi if [ "$2x" = "x" ] then Display --indent 2 --text "Missing argument #2 (directive to scan) of FindValueOfEqual" --result WARNING --color RED --advice YASAT_BUG return 2; fi TEMP="" Debug "cherche la valeur de $2 dans $1" TEMP=`grep -rih "^[[:space:]]*$2[[:space:]]*=" $1` if [ -z "$TEMP" ] then if [ "$3x" = "x" ] then Display --indent 2 --text "No declarations of $2 " --result WARNING --color RED return 1; fi fi if [ `echo "$TEMP" | wc -l` -ge 2 ] then Display --indent 2 --text "Error multiple declarations of $2 " --result WARNING --color RED --advice GLOBAL_MULTIPLE_DECLARATIONS return 3; fi if [ `echo "$TEMP" | wc -l` -eq 0 ] then if [ "$3x" = "x" ] then Display --indent 2 --text "No declarations of $2 " --result WARNING --color RED return 1; fi fi if [ `echo "$TEMP" | wc -l` -eq 1 ] then export RESULTAT=`echo $TEMP | sed "s/^[[:space:]]*$2[[:space:]]*=[[:space:]]*//g" | sed 's/[#;].*//g'` fi return 0; } #======================================================================================== #======================================================================================== #Find value type "$2 : value" FindValueOfDDot() { RESULTAT='' if [ "$1x" = "x" ] then Display --indent 2 --text "Missing argument #1" --result WARNING --color RED --advice YASAT_BUG return 2; fi if [ "$2x" = "x" ] then Display --indent 2 --text "Missing argument #2" --result WARNING --color RED --advice YASAT_BUG return 2; fi TEMP="" Debug "cherche la valeur de $2 dans $1" TEMP=`grep -rih "^[[:space:]]*$2[[:space:]]*:" $1` if [ -z "$TEMP" ] then if [ "$3x" = "x" ] then Display --indent 2 --text "No declarations of $2 " --result WARNING --color RED return 1; fi fi if [ `echo "$TEMP" | wc -l` -ge 2 ] then Display --indent 2 --text "Error multiple declarations of $2 " --result WARNING --color RED --advice GLOBAL_MULTIPLE_DECLARATIONS return 3; fi if [ `echo "$TEMP" | wc -l` -eq 0 ] then if [ "$3x" = "x" ] then Display --indent 2 --text "No declarations of $2 " --result WARNING --color RED return 1; fi fi if [ `echo "$TEMP" | wc -l` -eq 1 ] then export RESULTAT=`echo $TEMP | sed "s/^[[:space:]]*$2[[:space:]]*:[[:space:]]*//g" | sed 's/#.*//g'` fi return 0; } ################################################################################ ################################################################################ CheckPresenceOf() { if [ "$1x" = "x" ] then Display --indent 2 --text "Missing argument #1" --result WARNING --color RED --advice YASAT_BUG fi if [ "$2x" = "x" ] then Display --indent 2 --text "Missing argument #1" --result WARNING --color RED --advice YASAT_BUG fi TEMP="" Debug "cherche si $2 est dans $1" TEMP=`grep -rih "^ *$2" $1` if [ -z "$TEMP" ] then if [ "$3x" = "x" ] then Display --indent 2 --text "No declarations of $2 " --result WARNING --color RED fi fi if [ `echo "$TEMP" | wc -l` -ge 2 ] then Display --indent 2 --text "Error multiple declarations of $2 " --result WARNING --color RED --advice GLOBAL_MULTIPLE_DECLARATIONS fi if [ `echo "$TEMP" | wc -l` -eq 0 ] then if [ "$3x" = "x" ] then Display --indent 2 --text "No declarations of $2 " --result WARNING --color RED fi fi if [ `echo "$TEMP" | wc -l` -eq 1 ] then export RESULTAT=`echo $TEMP | sed "s/^.*$2\ //g" | cut -d\ -f1` ## echo "=>$RESULTAT<=" fi } ################################################################################ ################################################################################ Title() { if [ -z "$1" ] then echo "Error missing parameter for Title()" return 1; fi echo "=== $1 ===" if [ ! -z "$HTML_OUTPUT" ] then echo "

$1


" >> "$HTML_OUTPUT" fi if [ ! -z "$REPORT_OUTPUT" ] then echo '' >> $REPORT_OUTPUT echo "=== $1 ===" >> $REPORT_OUTPUT fi } ################################################################################ ################################################################################ #affiche_rouge() #{ # echo -e "\033[31m $1 \033[0m " #} ################################################################################ ################################################################################ #affiche_vert() #{ # echo -e "\033[0;32m $1 \033[0m " #} ################################################################################ ################################################################################ #affiche_orange() #{ # echo -e "\033[0;33m $1 \033[0m " #} ################################################################################ ################################################################################ print_help() { echo "=====================================" echo "== YASAT ==" echo "== Yet Another Stupid Audit Tool ==" echo "== ==" echo "== Copyright (C) 2008-2012 ==" echo "== LABBE Corentin ==" echo "============================================================" echo "|Available options |" echo "| |" echo "| --standard (-s) Do standard test =====" echo "| --list (-l) List plugins available |" echo "| --debug (-d) print debug informations |" echo "| --help (-h) show this help =====" echo "| --html (-H) export YASAT 's results in html |" echo "| default to ~/yasat/yasat.html |" echo "| --html-output PATH PATH is the name of html file to write |" echo "| --advice-lang LANG LANG is the 2letter digit of the lang |" echo "| (default is EN ) |" echo "| --full-scan (-f) Do extra (long) tests (lots of find) |" echo "| --plugins-dir PATH (-P) Set the path to the plugins to use |" echo "| (default is ./plugins ) |" echo "| --nopause (-a) Do not make a pause after plugin's end |" echo "| --plugin PATH (-1) Just use the plugin pointed by PATH |" echo "| --Plugin NAME (-p) Just use the plugin named NAME (TODO) |" echo "| --print-level X Just print infos equal or above the |" echo "| level X (All = 0 (default), infos = 1 |" echo "| warnings(orange) = 2, errors(red) = 3 |" echo "| --skip Test(s) to skip, without the .test |" echo "| (ex: --skip nfs,ntp) comma separated |" echo "| --check-update Check if an update of YASAT exists |" echo "| --send-support Same as --check-support but you will |" echo "| send also your OS version as parameter |" echo "| |" echo "| Thanks for using YASAT. |" echo "| |" echo "====================================================================" } ################################################################################ ################################################################################ #compare 2 right #example compare_right 666 640 YES said bad #example compare_right 666 640 YES said bad #example compare_right 400 640 NO said bad #example compare_right 400 640 YES said good #if arg #3 is NO, we want that $1 and $2 is stricly equal compare_right() { # RESULTAT='ERROR' if [ -z "$1" ] ; then echo "ERROR compare_right() missing arg #1 (right to test)" return 1; fi if [ -z "$2" ] ; then echo "ERROR compare_right() missing arg #2 (right wanted)" return 1; fi if [ -z "$3" ] ; then echo "ERROR compare_right() missing arg #3 (accept or not more restricted right)" return 1; fi WANT_U="`echo $2 | cut -c1`" TEST_U="`echo $1 | cut -c1`" WANT_G="`echo $2 | cut -c2`" TEST_G="`echo $1 | cut -c2`" WANT_O="`echo $2 | cut -c3`" TEST_O="`echo $1 | cut -c3`" # echo "$WANT_U vs $TEST_U" if [ $TEST_U -gt $WANT_U ] ; then return 2 else if [ "$3" = 'NO' -a $TEST_U -lt $WANT_U ]; then return 3 fi fi # echo "$WANT_G vs $TEST_G" if [ $TEST_G -gt $WANT_G ] ; then return 2 else if [ "$3" = 'NO' -a $TEST_G -lt $WANT_G ]; then return 3 fi fi # echo "$WANT_O vs $TEST_O" if [ $TEST_O -gt $WANT_O ] ; then return 2 else if [ "$3" = 'NO' -a $TEST_O -lt $WANT_O ]; then return 3 fi fi # RESULTAT='GOOD' return 0 } ################################################################################ ################################################################################ #864000s = 1DAY #2592000 = 30DAYS check_certificate() { if [ ! -e "$1" ] ; then echo "ERROR check_certificate() $1 do not exist" return 1; fi if [ -z "$2" ] ; then echo "ERROR check_certificate() missing #2" return 1; fi #command not found return error code 127 openssl version> /dev/null 2>> $ERROR_OUTPUT_FILE if [ $? -eq 127 ] ; then Display --indent $2 --text "No openssl binary" --result WARNING --color RED return 1; fi $ECHOCMD -n "\033[${2}C" && openssl x509 -in $1 -noout -enddate openssl x509 -in $1 -noout -checkend 2592000 if [ $? -eq 1 ] ; then Display --indent $2 --text "Cert < 1 month " --result WARNING --color RED --advice CERTIFICATE_OUTDATED #if < 1 month check for < 1 week openssl x509 -in $1 -noout -checkend 604800 if [ $? -eq 1 ] ; then Display --indent $2 --text "Cert < 1 week " --result WARNING --color RED --advice CERTIFICATE_OUTDATED else Display --indent $2 --text "Cert > 1 week " --result OK --color GREEN fi else Display --indent $2 --text "Cert > 1 month " --result OK --color GREEN fi } ################################################################################ ################################################################################ #check that a private key is well owned (generally root:root 600) #check also if it is password protected # arg1 is the file to be tested # arg2 is the indent for display # arg3 is the application type (optionnal) # arg4 is the owner (optionnal) # arg5 is the group (optionnal) check_private_key() { if [ ! -e "$1" ] ; then echo "ERROR check_private_key() $1 do not exist" return 1; fi if [ -z "$2" ] ; then echo "ERROR check_private_key() missing #2 (indent)" return 1; fi #TODO 600 is perhaps a bit too much, some OS have a sslcert/sslpriv group (and also ldap, mail) if [ $# -ge 3 ] ; then if [ "$3" = 'ssh' ] ; then check_a_file "$1" "$2" "$4" "$5" 600 else check_a_file "$1" "$2" root root 600 fi fi openssl version> /dev/null 2>> $ERROR_OUTPUT_FILE if [ $? -eq 127 ] ; then Display --indent $2 --text "No openssl binary" --result WARNING --color RED return 1; fi PASSWORD_PROTECTED='no' #sshd could not use password protected key if [ $# -ge 3 ] ; then if [ "$3" != 'sshd' -a "$3" != 'ssh' ] ; then #for the moment, I just test for this Proc-Type: 4,ENCRYPTED to know if a private key is password protected if [ -z "`grep 'Proc-Type: 4,ENCRYPTED' $1`" ] ; then Display --indent $2 --text "$1 is not password protected" --result BAD --color ORANGE --advice GLOBAL_PRIVATE_KEY_NOT_PASSWORD_PROTECTED else Display --indent $2 --text "$1 is password protected" --result OK --color GREEN PASSWORD_PROTECTED='yes' fi fi fi TMP_RESULT="${TEMPYASATDIR}/ssl.out" KEYTYPE="`grep 'BEGIN.*PRIVATE KEY-----' $1 | cut -d\ -f2`" if [ "$KEYTYPE" = 'PRIVATE' ] ; then #ok, we have a file with no information, try with that openssl x509 -in $1 -text > "$TMP_RESULT" 2>> $ERROR_OUTPUT_FILE if [ $? -ne 0 ] ; then openssl rsa -in $1 -text > "$TMP_RESULT" 2>> $ERROR_OUTPUT_FILE fi if [ ! -z "`grep -i rsa $TMP_RESULT`" ] ; then KEYTYPE='RSA' fi rm "${TMP_RESULT}" fi if [ "$KEYTYPE" = 'RSA' ] ; then if [ "$PASSWORD_PROTECTED" = 'no' ] ; then openssl rsa -in $1 -text 2>> $ERROR_OUTPUT_FILE > $TMP_RESULT if [ $? -eq 0 ] ; then KEYSIZE="`grep 'Private-Key' $TMP_RESULT |cut -d\ -f2 | cut -d\( -f2`" if [ $KEYSIZE -lt 2048 ] ; then Display --indent $2 --text "$1 keysize" --result $KEYSIZE --color RED --advice GLOBAL_RSA_KEY_SIZE else Display --indent $2 --text "$1 keysize" --result $KEYSIZE --color GREEN fi else Display --indent $2 --text "openssl error on $1" --result 'ERROR' --color RED --advice YASAT_BUG fi else Display --indent $2 --text "Cannot check size" --result 'SKIP' --color BLUE fi # else #it is a DSA or EC key #DSA key is 1024bits, so useless to test its size fi return $? } ################################################################################ ################################################################################ check_user_cron() { if [ -z "$1" ] then echo 'Erreur manque argument de check_user_cron()' fi if [ -e "/var/spool/cron/$1" ]; then RESULTAT="YES" else RESULTAT="NO" fi } ################################################################################ ################################################################################ check_user_crontab() { if [ -z "$1" ] then echo 'Erreur manque argument de check_user_cron()' fi RESULTAT=`crontab -l |grep -v 'no crontab for'` } ################################################################################ ################################################################################ #not finished check_system_cron() { grep -v '^#' /etc/crontab | while read line do # echo "$line" RESULTAT=`echo $line | awk '{print $7 }'` if [ ! -z "$RESULTAT" ] then TMP_CRONUSER=`echo $line | awk '{print $6 }'` echo "$line" echo "$TMP_CRONUSER" fi done } ################################################################################ ################################################################################ #Check file for # # $1 is the path to the file # $2 is the indent # $3 is the owner (or NULL) # $4 is the group (or NULL) # $5 is right check_a_file() { GOT_ERROR=0 if [ -z "$1" ] ; then echo "ERROR check_a_file() missing parameter #1 (path to the file)" return 1; fi if [ ! -e "$1" ] ; then echo "ERROR check_a_file() $1 do not exists" return 1; fi if [ -z "$2" ] ; then echo "ERROR check_a_file() missing parameter #2" return 1; fi if [ -z "$3" ] ; then echo "ERROR check_a_file() missing parameter #3" return 1; fi if [ -z "$4" ] ; then echo "ERROR check_a_file() missing parameter #4" return 1; fi if [ -z "$5" ] ; then echo "ERROR check_a_file() missing parameter #5" return 1; fi if [ "$3" != 'NULL' ] ; then USER="`stat $STAT_USER $1`" if [ "$USER" != "$3" ] ; then Display --indent $2 --text "$1 is not $3 owned" --result WARNING --color RED GOT_ERROR=1 fi fi if [ "$4" != 'NULL' ] ; then GROUP="`stat $STAT_GROUP $1`" if [ "$GROUP" != "$4" ] ; then Display --indent $2 --text "$1 is not $4 grouped" --result WARNING --color RED GOT_ERROR=1 fi fi if [ "$5" != 'NULL' ] ; then RIGHT="`stat $STAT_RIGHT $1`" compare_right $RIGHT $5 YES if [ $? -ne 0 ] ; then # if [ "$RIGHT" != "$5" ] ; then Display --indent $2 --text "$1 is not $5 but $RIGHT" --result WARNING --color RED add_correction "chmod $5 $1" GOT_ERROR=1 fi fi if [ $GOT_ERROR -eq 0 ] ; then Display --indent $2 --text "$1 is $3:$4 $RIGHT" --result GOOD --color GREEN fi return $GOT_ERROR } ################################################################################ ################################################################################ #Check file for # - Not writable by others # - Info when suid or other things # - Not root:root owned # # $1 is the path to the file # $2 is the indent # $3 is the type (NORMAL PRIVKEY BINARY CERT etc..) # check_file() { if [ "$1x" = "x" ] ; then echo "ERROR check_file() missing parameter #1" return 1; fi BINARY_TO_CHECK="$1" if [ "$2x" = "x" ] ; then echo "ERROR check_file() missing parameter #2" return 1; fi if [ "$3x" = "x" ] ; then echo "ERROR check_file() missing parameter #3" return 1; fi if [ ! -e "$1" ] ; then echo "ERROR check_file() $1 do not exist" return 1; fi if [ -L $1 ] ; then TARGET="`readlink $1`" # if [ "$TARGET" = "`basename $TARGET`" ] ; then if [ ! -z "`echo $TARGET |grep '\./' `" ] ; then BINARY_TO_CHECK="`dirname $1`/`readlink $1`" else BINARY_TO_CHECK="$TARGET" fi echo "Warning $1 is a link using $BINARY_TO_CHECK" fi GOOD=1 USER="`stat $STAT_USER $BINARY_TO_CHECK`" GROUP="`stat $STAT_GROUP $BINARY_TO_CHECK`" RIGHT="`stat $STAT_RIGHT $BINARY_TO_CHECK`" RIGHT_L="`echo $RIGHT | wc -c`" if [ "$USER" != 'root' ] ; then Display --indent $2 --text "$BINARY_TO_CHECK is not root owned" --result WARNING --color RED --advice GLOBAL_FILE_MUST_BE_OWNED_BY_ROOT GOOD=0 add_correction "chown root $BINARY_TO_CHECK" fi if [ "$GROUP" != "$ROOTGROUP" -a "$GROUP" != "ssl-cert" -a "$GROUP" != "keymastaa" ] ;then Display --indent $2 --text "$BINARY_TO_CHECK is not $ROOTGROUP (group) owned" --result WARNING --color RED --advice GLOBAL_FILE_MUST_BE_GROUPED_BY_ROOT GOOD=0 fi if [ "$3" = "CERT" ] ; then check_certificate $BINARY_TO_CHECK $2 fi if [ "$3" = "PRIVKEY" ] ; then check_private_key $BINARY_TO_CHECK $2 if [ $? -ne 0 ] ; then GOOD=0 fi fi if [ $RIGHT_L -ge 5 ] ; then #not common right RIGHT_O="`echo $RIGHT | cut -b 4`" Display --indent $2 --text "$BINARY_TO_CHECK is a spetial binary (suid etc)" --result WARNING --color RED #TODO check what is spetial else #common right RIGHT_O="`echo $RIGHT | cut -b 3`" case $3 in PRIVKEY) if [ $RIGHT_O -ge 1 ] ; then Display --indent $2 --text "$BINARY_TO_CHECK is other accessible" --result WARNING --color RED --advice GLOBAL_FILE_OTHER_READABLE GOOD=0 fi ;; NORMAL) if [ $RIGHT_O -eq 7 -o $RIGHT_O -eq 6 ] ; then Display --indent $2 --text "$BINARY_TO_CHECK is other writable" --result WARNING --color RED --advice GLOBAL_FILE_OTHER_WRITABLE GOOD=0 fi ;; CERT) if [ $RIGHT_O -eq 7 -o $RIGHT_O -eq 6 ] ; then Display --indent $2 --text "$BINARY_TO_CHECK is other writable" --result WARNING --color RED --advice GLOBAL_FILE_OTHER_WRITABLE GOOD=0 fi ;; BINARY) if [ $RIGHT_O -eq 7 -o $RIGHT_O -eq 6 ] ; then Display --indent $2 --text "$BINARY_TO_CHECK is other writable" --result WARNING --color RED --advice GLOBAL_FILE_OTHER_WRITABLE fi #how about non-linux ? if [ -z "`readelf -h $BINARY_TO_CHECK 2>/dev/null| grep 'Type:'`" ] ; then Display --indent $2 --text "$BINARY_TO_CHECK isnt a binary according to readelf" --result BAD --color OR else #check for SSP and PIE readelf -s $BINARY_TO_CHECK | grep -q '__stack_chk_fail' if [ $? -eq 0 ] ; then Display --indent $2 --text "$BINARY_TO_CHECK have SSP" --result GOOD --color GREEN else Display --indent $2 --text "$BINARY_TO_CHECK havent SSP" --result BAD --color ORANGE --advice GLOBAL_BINARY_SSP fi readelf -h $BINARY_TO_CHECK | grep -q 'Type:[[:space:]]*DYN' if [ $? -eq 0 ] ; then Display --indent $2 --text "$BINARY_TO_CHECK is PIE" --result GOOD --color GREEN else Display --indent $2 --text "$BINARY_TO_CHECK isnt PIE" --result BAD --color ORANGE --advice GLOBAL_BINARY_PIE fi fi GOOD=0 ;; *) echo "ERROR unrecognized type" ;; esac fi if [ $GOOD -eq 1 ] ; then Display --indent $2 --text "$BINARY_TO_CHECK $USER $GROUP $RIGHT" --result OK --color GREEN fi } ################################################################################ ################################################################################ #Check dir owner # Param #1 is the PATH to be checked # Param #2 is the user that must own the directory # Param #3 is the file that get output of this function # Param #4 is the indent value for print info check_directory_owner() { if [ -z "$1" ] then echo 'Error missing parameter #1 (PATH) for check_directory_owner()' return 1; fi if [ ! -e $1 ] then echo "check_directory_owner() Error $1 do not exist" return 1; fi if [ -z "$2" ] then echo 'Error missing parameter #2 (owner id) for check_directory_owner()' return 1; fi if [ -z "$3" ] then echo 'Error missing parameter #3 (path to the output) for check_directory_owner()' return 1; fi if [ -z "$4" ] then echo 'Error missing parameter #4 (indent) for check_directory_owner()' return 1; fi find "$1" ! -user $2 > $3 RESULTAT=`cat $3 | wc -l` if [ $RESULTAT -eq 0 ] then Display --indent $4 --text "Owner of $1" --result OK --color GREEN else Display --indent $4 --text "$RESULTAT files have invalid owning != $2 in $1" --result WARNING --color RED --advice $5 fi } ################################################################################ ################################################################################ #Check that a directory is group-ed by a group # Param #1 is the PATH to be checked # Param #2 is the group that must own the directory # Param #3 is the file that get output of this function # Param #4 is the indent value for print info check_directory_group() { if [ -z "$1" ] ;then echo 'Error missing parameter #1 (PATH) for check_directory_group()' return 1; fi if [ ! -e "$1" ] ;then echo "check_directory_group() Error $1 do not exist" return 1; fi if [ -z "$2" ] ;then echo 'Error missing parameter #2 (group) for check_directory_group()' return 1; fi if [ -z "$3" ] ;then echo 'Error missing parameter #3 (path to the output) for check_directory_group()' return 1; fi if [ -z "$4" ] ;then echo 'Error missing parameter #4 (indent) for check_directory_group()' return 1; fi ADVICE="--advice $5" if [ -z "$5" ] ; then ADVICE='' fi find "$1" ! -group "$2" > "$3" RESULTAT=`cat "$3" | wc -l` if [ $RESULTAT -eq 0 ] ;then Display --indent $4 --text "Group of $1" --result OK --color GREEN else Display --indent $4 --text "$RESULTAT files have invalid group owning != $2 in $1" --result WARNING --color RED $ADVICE fi } ################################################################################ ################################################################################ #Check that a directory do not have right for the world # Param #1 is the PATH to be checked # Param #2 is the file that get output of this function # Param #3 is the indent value for print info # Param #4 is the advice check_directory_others() { if [ -z "$1" ] ;then echo 'Error missing parameter #1 (PATH) for check_directory_others()' return 1; fi if [ ! -e $1 ] ;then echo "check_directory_others() Error $1 do not exist" return 1; fi if [ -z "$2" ] ;then echo 'Error missing parameter #2 (path to the output) for check_directory_others()' return 1; fi if [ -z "$3" ] ;then echo 'Error missing parameter #3 (indent) for check_directory_others()' return 1; fi if [ -z "$4" ] ;then echo 'Error missing parameter #4 (advice) for check_directory_others()' return 1; fi find "$1" ! -type l -perm $ORWX > $2 RESULTAT=`cat $2 | wc -l` if [ $RESULTAT -eq 0 ] ;then Display --indent $3 --text "Rights of $1" --result OK --color GREEN else Display --indent $3 --text "$RESULTAT files have invalid others rights in $1" --result WARNING --color RED --advice $4 add_correction "chmod -R $CORRECT_ORWX $1" fi } ################################################################################ ################################################################################ #Check dir check_directory_writable_by_group() { if [ -z "$1" ] then echo 'Error missing parameter #1 (PATH) for check_directory_writable_by_group()' return 1; fi if [ ! -e $1 ] then echo "check_directory_writable_by_group() Error $1 do not exist" return 1; fi if [ -z "$2" ] then echo 'Error missing parameter #2 (group) for check_directory_writable_by_group()' return 1; fi if [ -z "$3" ] then echo 'Error missing parameter #3 (path to the output) for check_directory_writable_by_group()' return 1; fi if [ -z "$4" ] then echo 'Error missing parameter #4 (indent) for check_directory_writable_by_group()' return 1; fi find "$1" ! -type l -perm $PERM_GW > $3 RESULTAT=`cat $3 | wc -l` if [ $RESULTAT -eq 0 ] then Display --indent $4 --text "$2 cannot write $1" --result OK --color GREEN else Display --indent $4 --text "$2 can write $RESULTAT files in $1" --result WARNING --color RED --advice $5 fi } ################################################################################ ################################################################################ prepare_kernel_config() { if [ -e "${TEMPYASATDIR}/kernel_config" ] ;then rm "${TEMPYASATDIR}/kernel_config" fi #config can be found at /boot/config-`uname -r` if [ -e "/boot/config-`uname -r`" ] ;then Display --indent 2 --text "/boot/config-`uname -r`" --result FOUND --color GREEN cat "/boot/config-`uname -r`" > "${TEMPYASATDIR}/kernel_config" fi # if user give me the path to a .config, i wont read /proc/config.gz if [ -z ${YASAT_PATH_TO_KERNEL_CONFIG:-""} ] ;then YASAT_PATH_TO_KERNEL_CONFIG='/usr/src/linux/.config' if [ -e /proc/config.gz ] ;then Display --indent 2 --text "/proc/config.gz" --result FOUND --color GREEN zcat /proc/config.gz > ${TEMPYASATDIR}/kernel_config else if [ -e "${TEMPYASATDIR}/kernel_config" ] ;then #we have already found .config elsewhere Display --indent 2 --text "/proc/config.gz" --result NOTFOUND --color BLUE else Display --indent 2 --text "/proc/config.gz" --result NOTFOUND --color ORANGE --advice KERNEL_NO_CONFIG fi fi fi if [ ! -e "${TEMPYASATDIR}/kernel_config" ] ;then if [ -e "$YASAT_PATH_TO_KERNEL_CONFIG" ] ;then Display --indent 2 --text "$YASAT_PATH_TO_KERNEL_CONFIG" --result FOUND --color GREEN cat "$YASAT_PATH_TO_KERNEL_CONFIG" > ${TEMPYASATDIR}/kernel_config else Display --indent 2 --text "$YASAT_PATH_TO_KERNEL_CONFIG" --result NOTFOUND --color ORANGE --advice KERNEL_NO_CONFIG fi fi } ################################################################################ ################################################################################ prepare_apache_conf() { if [ -z "$1" ] then echo 'Error missing parameter #1 (apache directory) for prepare_apache_conf()' return 1; fi if [ ! -d $1 ] then echo "prepare_apache_conf() Error $1 is not a directory" return 1; fi if [ -e "$TEMPYASATDIR/apache.conf" ] ; then rm "$TEMPYASATDIR/apache.conf" fi if [ -e "$TEMPYASATDIR/apache.conf.found" ] ; then rm "$TEMPYASATDIR/apache.conf.found" fi if [ -e "$1/apache2.conf" ] ; then grep -v '^[[:space:]]*#' $1/apache2.conf > "$TEMPYASATDIR/apache.conf" echo "$1/apache2.conf" >> "$TEMPYASATDIR/apache.conf.found" fi if [ -e "$1/httpd.conf" ] ; then grep -v '^[[:space:]]*#' $1/httpd.conf >> "$TEMPYASATDIR/apache.conf" echo "$1/httpd.conf" >> "$TEMPYASATDIR/apache.conf.found" fi if [ -e "$1/httpd2.conf" ] ;then grep -v '^[[:space:]]*#' $1/httpd2.conf >> "$TEMPYASATDIR/apache.conf" echo "$1/httpd2.conf" >> "$TEMPYASATDIR/apache.conf.found" fi if [ ! -e "$TEMPYASATDIR/apache.conf" ] then Display --indent 2 --text "I cannot find apache configuration" --result WARNING --color RED return 1; fi FindValueOf "$TEMPYASATDIR/apache.conf" "ServerRoot" if [ -z "$RESULTAT" ] ; then Display --indent 2 --text "No ServerRoot found, defaulting to /etc/apache2" --result WARNING --color BLUE SERVERROOT='/etc/apache2' else SERVERROOT=`echo $RESULTAT | sed 's/^\"//' | sed 's/\"$//'` fi grep -i '^[[:space:]]*include' "$TEMPYASATDIR/apache.conf" | sed 's/^[[:space:]]*[a-zA-Z][a-zA-Z]*[[:space:]][[:space:]]*//g' | sort | uniq | while read TMP_FILES do # TMP_FILES="`echo \"$line\" | sed 's/^[[:space:]]*include[[:space:]]*//gI'`" # echo "$TMP_FILES" #Check for relative files FIRST_CHAR=`echo $TMP_FILES | cut -b 1` if [ "$FIRST_CHAR" != "/" ];then # echo "Debug relative path" TMP_FILES="$SERVERROOT/$TMP_FILES" fi if [ -d "$TMP_FILES" ];then Debug "$TMP_FILES has no wildward" TMP_FILES="$TMP_FILES/*" fi Debug "Add $TMP_FILES" echo "$TMP_FILES" >> "$TEMPYASATDIR/apache.conf.found" #-s for be sure that on a minimal config with no modules/*.conf no errors would be printed grep -vsh '^[[:space:]]*#' $TMP_FILES > "$TEMPYASATDIR/apache.conf.tmp" grep -vsh '^[[:space:]]*#' $TMP_FILES >> "$TEMPYASATDIR/apache.conf" #check recursivly for additional includes grep -ih '^[[:space:]]*include' "$TEMPYASATDIR/apache.conf.tmp" | sed 's/^[[:space:]]*[a-zA-Z][a-zA-Z]*[[:space:]][[:space:]]*//g' | sort | uniq | while read TMP_FILESS do # echo "$TMP_FILESS" grep -vh '^[[:space:]]*#' $TMP_FILESS >> "$TEMPYASATDIR/apache.conf" done done } ################################################################################ ################################################################################ prepare_bind_conf() { if [ -z "$1" ] then echo 'Error missing parameter #1 (named/bind directory) for prepare_bind_conf()' return 1; fi if [ ! -d $1 ] then echo "prepare_bind_conf() Error $1 is not a directory" return 1; fi if [ -e "$TEMPYASATDIR/named.conf" ] then rm "$TEMPYASATDIR/named.conf" fi if [ -e "$1/named.conf" ] then grep -v '^[[:space:]]*#' $1/named.conf | grep -v '^[[:space:]]*$' | grep -v '^/'> "$TEMPYASATDIR/named.conf" fi if [ ! -e "$TEMPYASATDIR/named.conf" ] then Display --indent 2 --text "I cannot find bind configuration" --result WARNING --color RED return 1; fi grep -i '^[[:space:]]*include' "$TEMPYASATDIR/named.conf" | sed 's/^[[:space:]]*[a-zA-Z][a-zA-Z]*[[:space:]][[:space:]]*//g' | sed 's/";*//g' | sort | uniq | while read TMP_FILES do #Check for relative files FIRST_CHAR=`echo $TMP_FILES | cut -b 1` if [ "$FIRST_CHAR" != "/" ] then # echo "Debug relative path" TMP_FILES="$1/$TMP_FILES" fi if [ -d "$TMP_FILES" ] then Debug "$TMP_FILES has no wildward" TMP_FILES="$TMP_FILES/*" fi Debug "Add $TMP_FILES" grep -vh '^[[:space:]]*#' $TMP_FILES > "$TEMPYASATDIR/named.conf.tmp" grep -vh '^[[:space:]]*#' $TMP_FILES >> "$TEMPYASATDIR/named.conf" #check recursivly for additional includes grep -ih '^[[:space:]]*include' "$TEMPYASATDIR/named.conf.tmp" | sed 's/^[[:space:]]*[a-zA-Z][a-zA-Z]*[[:space:]][[:space:]]*//g' | sed 's/";*//g' | sort | uniq | while read TMP_FILESS do # echo "$TMP_FILESS" grep -vh '^[[:space:]]*#' $TMP_FILESS | grep -v '^[[:space:]]*$' | grep -v '^/'>> "$TEMPYASATDIR/named.conf" done done } ################################################################################ ################################################################################ # with a initial config file, generate a parseable config file # add all files with include # similar to prepare_apache_conf prepare_generic_conf() { if [ -z "$1" ] then echo 'Error missing parameter #1 (initial config file) for prepare_generic_conf()' return 1; fi if [ ! -e $1 ] then echo "prepare_generic_conf() Error $1 is not a config file" return 1; fi if [ -z "$2" ] then echo "prepare_generic_conf() Missing parameter #2 (output file)" return 1; fi if [ -e "$2" ] then cp "$2" "$2.bak" rm "$2" fi grep -v '^[[:space:]]*#' $1 | grep -v '^[[:space:]]*$' | grep -v '^;' > "$2" if [ ! -e "$2" ] then Display --indent 2 --text "I cannot find output configuration" --result WARNING --color RED return 1; fi grep -i '^[[:space:]]*include' "$2" | sed 's/^[[:space:]]*[a-zA-Z][a-zA-Z]*[[:space:]][[:space:]]*//g' | sed 's/";*//g' | sort | uniq | while read TMP_FILES do #Check for relative files FIRST_CHAR=`echo $TMP_FILES | cut -b 1` if [ "$FIRST_CHAR" != "/" ] then # echo "Debug relative path" TMP_FILES="$1/$TMP_FILES" fi if [ -d "$TMP_FILES" ] then Debug "$TMP_FILES has no wildward" TMP_FILES="$TMP_FILES/*" fi Debug "Add $TMP_FILES" grep -vh '^[[:space:]]*#' $TMP_FILES > "$2.tmp" grep -vh '^[[:space:]]*#' $TMP_FILES >> "$2" #check recursivly for additional includes grep -ih '^[[:space:]]*include' "$2.tmp" | sed 's/^[[:space:]]*[a-zA-Z][a-zA-Z]*[[:space:]][[:space:]]*//g' | sed 's/";*//g' | sort | uniq | while read TMP_FILESS do # echo "$TMP_FILESS" grep -vh '^[[:space:]]*#' $TMP_FILESS | grep -v '^[[:space:]]*$' | grep -v '^/'>> "$2" done done } ################################################################################ ################################################################################ #return the options of the partition #we could do the same with mount but bsd do not print the same infos check_partition() { if [ -z "$1" ] ; then echo "ERROR check_partition() Missing arg #1 (mount point)" return 1; fi RESULTAT='' EL_MOUNT=`grep -v '^#' /etc/fstab |grep "$1/*[[:space:]]"` if [ -z "$EL_MOUNT" ] ; then Display --indent 2 --text "$1 is not on a separate partition" --result NOTFOUND --color RED --advice PARTITION_SEPARATE_PART return 1; fi RESULTAT=`echo $EL_MOUNT | sed 's/[[:space:]]/ /g' | cut -d\ -f4` Display --indent 2 --text "$1 is on a separate partition" --result FOUND --color GREEN } ################################################################################ ################################################################################ # # must produce a 4 digits results get_full_right() { if [ "$1x" = "x" ] then echo "ERROR get_right() missing parameter #1" return 1; fi if [ ! -e "$1" ] then echo "ERROR $1 do not exists" return 1; fi if [ "$OS" = "FreeBSD" ] then RESULTAT=`stat -f %Mp%Lp $1` else RESULTAT=`stat --format=%a $1` fi } ################################################################################ ################################################################################ # get the right of a file # must produce a 3 digits results get_simple_right() { RESULTAT='Error' if [ "$1x" = "x" ] then echo "ERROR get_simple_right() missing parameter #1 (file to be stated)" return 1; fi if [ ! -e "$1" ] then echo "ERROR $1 do not exists" return 1; fi if [ "$OS" = "FreeBSD" ] then RESULTAT=`stat -f %Lp $1` else RESULTAT=`stat --format=%a $1` fi } ################################################################################ ################################################################################ #For the fun draw_apache_tree() { if [ "$1x" = "x" ] then echo "ERROR check_partition() missing parameter #1" return 1; fi NUMINDENT=0 echo '' echo "Draw apache tree (still in development)" echo '' cat $1 | while read line do # echo $line if [ ! -z "`echo $line | grep -i '^VHOST'`" ] then echo "|-V- $line" | sed 's/VHOST=//g' NUMINDENT=2 fi if [ ! -z "`echo $line | grep -i '^ENDHOST'`" ] then echo "|" NUMINDENT=0 fi if [ ! -z "`echo $line | grep -i '^ALIAS'`" ] then if [ $NUMINDENT -ge 2 ] then echo "| |-A- $line" | sed 's/ALIAS=//g' else echo "|-A- $line" | sed 's/ALIAS=//g' fi fi if [ ! -z "`echo $line | grep -i '^PASSWORD'`" ] then if [ $NUMINDENT -ge 2 ] then echo '| | |--- PASSWORD' else echo '| |--- PASSWORD' fi fi if [ ! -z "`echo $line | grep -i '^DENYFROMALL'`" ] then if [ $NUMINDENT -ge 2 ] then echo '| | |--- DENYFROMALL' else echo '| |--- DENYFROMALL' fi fi if [ ! -z "`echo $line | grep -i '^AUTHFILE'`" ] then if [ $NUMINDENT -ge 2 ] then echo "| | |-P- $line" | sed 's/AUTHFILE=//g' else echo "| |-P- $line" | sed 's/AUTHFILE=//g' fi fi if [ ! -z "`echo $line | grep -i '^DIRECTORY'`" ] then if [ $NUMINDENT -ge 2 ] then echo "| |-D- $line" | sed 's/DIRECTORY=//g' else echo "|-D- $line" | sed 's/DIRECTORY=//g' fi fi if [ ! -z "`echo $line | grep -i '^LOCATION'`" ] then if [ $NUMINDENT -ge 2 ] then echo "| |-L- $line" | sed 's/LOCATION=//g' else echo "|-L- $line" | sed 's/LOCATION=//g' fi fi if [ ! -z "`echo $line | grep -i '^HLOC'`" ] then if [ $NUMINDENT -ge 2 ] then echo "| |-H- $line" | sed 's/HLOC=//g' else echo "|-H- $line" | sed 's/HLOC=//g' fi fi if [ ! -z "`echo $line | grep -i '^PROXY'`" ] then if [ $NUMINDENT -ge 2 ] then echo "| |-Pr- $line" | sed 's/PROXY=//g' else echo "|-Pr- $line" | sed 's/PROXY=//g' fi fi if [ ! -z "`echo $line | grep -i '^JKMOUNT'`" ] then if [ $NUMINDENT -ge 2 ] then echo "| |-J- $line" | sed 's/JKMOUNT=//g' else echo "|-J- $line" | sed 's/JKMOUNT=//g' fi fi if [ ! -z "`echo $line | grep -i '^SERVERNAME'`" ] then if [ $NUMINDENT -ge 2 ] then echo "| |-SN- $line" | sed 's/SERVERNAME=//g' else echo "|-SN- $line" | sed 's/SERVERNAME=//g' fi fi if [ ! -z "`echo $line | grep -i '^DEFLATE'`" ] ; then if [ $NUMINDENT -ge 2 ] ; then echo "| |-mD- $line" | sed 's/DEFLATE=//g' else echo "|-mD- $line" | sed 's/DEFLATE=//g' fi fi if [ ! -z "`echo $line | grep -i '^PHP_ADMIN_VALUE'`" ] ; then if [ $NUMINDENT -ge 2 ] ; then echo "| |-PHP- $line" | sed 's/PHP_ADMIN_VALUE=//g' else echo "|-PHP- $line" | sed 's/PHP_ADMIN_VALUE=//g' fi fi done echo '' echo '-D- Directory -L- Location -V- vhost -A- alias -J- JKmount -mD- ModDeflate -PHP- PHP specific value' } ################################################################################ ################################################################################ #extract path from get_path_from_apache_directives() { if [ -z "$1" ] then echo "Missing parameter #1 (line to proceed) for get_path_from_apache_directives()" return 1; fi #echo "->$1" export RESULTAT=`echo $1 | sed 's/^[[:space:]]*<[[:space:]]*[a-zA-Z0-9][a-zA-Z0-9]*[[:space:]]*//g'| sed 's/[[:space:]]*>.*//g' | cut -d\" -f2` #echo $1 | sed 's/^[[:space:]]*<[[:space:]]*//g' #export $RESULTAT return 0; } ################################################################################ ################################################################################ #extract path from armageddon() { echo "EXit via Ctrl-C" exit 1; } ################################################################################ ################################################################################ Do_the_host_is_a_virtual_machine() { HOST_IS_VIRTUAL_MACHINE=0 if [ "$OS_TYPE" = 'Linux' ] ;then CPUMODEL="`cat /proc/cpuinfo |grep QEMU`" if [ ! -z "$CPUMODEL" ] ;then export HOST_IS_VIRTUAL_MACHINE=1 else export HOST_IS_VIRTUAL_MACHINE=0 fi return 0; fi if [ "$OS_TYPE" = 'BSD' ] ;then CPUMODEL="`sysctl -a | grep -i 'hw.model' |grep QEMU`" if [ ! -z "$CPUMODEL" ] ;then export HOST_IS_VIRTUAL_MACHINE=1 else export HOST_IS_VIRTUAL_MACHINE=0 fi return 0; fi #unrecognized export HOST_IS_VIRTUAL_MACHINE=0 } ################################################################################ ################################################################################ # Check if a program is installed via the package manager or at hand # # $1 is the package to be searched # # RESULTAT is yes or no or NOTIMPLEMENTED or ERROR # RESULTAT_VERSION is the version number # use LIST_PKG for finding package, (rpm, dpkg, emerge) Is_installed_via_package_manager() { export RESULTAT='ERROR' if [ -z "$1" ] ;then echo "ERROR Is_installed_via_package_manager() missing parameter #1" return 1; fi if [ "$LIST_PKG" = "dpkg" -o "$LIST_PKG" = "apt-get" ] ;then PKGLIST="`dpkg -l |grep ^ii |grep -i $1`" if [ -z "$PKGLIST" ] ;then export RESULTAT='no' else export RESULTAT='yes' fi return 0; fi if [ "$LIST_PKG" = "rpm" ] ;then PKGLIST="`rpm -qa |grep ^$1`" if [ -z "$PKGLIST" ] ;then export RESULTAT='no' else export RESULTAT='yes' fi return 0; fi if [ "$LIST_PKG" = "emerge" ] ;then #TODO could be better PKGLIST="`equery -C -q l $1`" if [ -z "$PKGLIST" ] ;then export RESULTAT='no' else export RESULTAT='yes' fi return 0; fi if [ "$LIST_PKG" = "pacman" ] ;then PKGLIST="`pacman -Q | grep ^$1`" if [ -z "$PKGLIST" ] ;then export RESULTAT='no' else export RESULTAT='yes' fi return 0; fi #TODO pkg_ with pkg_info echo "Is_installed_via_package_manager() $LIST_PKG NOTIMPLEMENTED" export RESULTAT='NOTIMPLEMENTED' return 1; } ################################################################################ ################################################################################ # Check if a program is auto started # $1 is the package to be checked # RESULTAT is the result yes or no or NOTIMPLEMENTED or ERROR # RESULTAT_VERSION is the version number Check_auto_start() { export RESULTAT='ERROR' if [ -z "$1" ] then echo "ERROR Is_installed_via_package_manager() missing parameter #1" return 1; fi if [ "$LINUX_VERSION" = 'Red Hat' -o "$LINUX_VERSION" = 'Centos' ] then chkconfig $1 > /dev/null if [ $? -eq 0 ] then export RESULTAT='yes' else export RESULTAT='no' fi return 0; fi if [ "$LINUX_VERSION" = "Debian" ] then #could be better if [ ! -z "`find /etc/rc* |grep -i $1`" ] then export RESULTAT='yes' else export RESULTAT='no' fi return 0; fi if [ "$LINUX_VERSION" = "Gentoo" ] ; then RUNLEVEL="`rc-update show 2>> $ERROR_OUTPUT_FILE | grep $1 `" if [ $? -ne 0 ] ; then export RESULTAT='ERROR' return 1; fi if [ -z "$RUNLEVEL" ] ; then export RESULTAT='no' else export RESULTAT='yes' fi return 0; fi export RESULAT='NOTIMPLEMENTED' return 1; } ################################################################################ ################################################################################ Check_for_update() { RET=0 wget -nv "http://yasat.sourceforge.net/get_last_yasat_version.php?current=$YASAT_VERSION" -O latest if [ $? -ne 0 -o ! -e latest ];then echo "Error with wget" rm latest exit 2 fi LAST_VERSION="`cat latest`" echo "You have yasat version $YASAT_VERSION and the latest is $LAST_VERSION" if [ "$YASAT_VERSION" -eq "$LAST_VERSION" ];then echo "You have already the latest version of YASAT" fi if [ "$YASAT_VERSION" -lt "$LAST_VERSION" ];then echo "A new version is available at http://yasat.sourceforge.net/" RET=1 fi rm latest exit $RET } ################################################################################ ################################################################################ send_support() { . ${YASAT_ROOT}/osdetection RET=0 SYSTEME="${LINUX_VERSION}${OS}$OS_FULLNAME" wget -nv "http://yasat.sourceforge.net/get_last_yasat_version.php?current=$YASAT_VERSION&systeme=$SYSTEME" -O latest if [ $? -ne 0 -o ! -e latest ] ;then echo "Error with wget" rm latest exit 2 fi LAST_VERSION="`cat latest`" echo "You have yasat version $YASAT_VERSION and the latest is $LAST_VERSION" if [ "$YASAT_VERSION" -eq "$LAST_VERSION" ];then echo "You have already the latest version of YASAT" fi if [ "$YASAT_VERSION" -lt "$LAST_VERSION" ];then echo "A new version is available at http://yasat.sourceforge.net/" RET=1 fi rm latest exit $RET } ################################################################################ ################################################################################ #Try to identify which technology is behind a vhost or a directory #example PHP mod_perl JAVA/JK # for the moment test a very simple case:) # # param $1 is the directory to scan # param $2 (optional) identify_web_tech_in_dir() { WEBTECH='unknown' if [ -z "$1" ] ; then echo "ERROR identify_web_tech_dir missing parameter #1" return 1; fi #check if $1 contain a * if [ ! -z "`echo $1 |grep '*'`" ] ; then return ; fi if [ $1 = '/' ] ; then return ; fi if [ -e "$1/index.php" ] ; then echo "PHP" export WEBTECH="PHP" return ; fi if [ $# -ge 2 ] ; then if [ "$2" = "recursive" ] ; then if [ ! -z "`find $1 -maxdepth 2 -type f |grep 'php$'`" ] ; then export WEBTECH="PHP" return ; fi fi fi } ################################################################################ ################################################################################ qa_test() { if [ "$1" != "$2" ] ; then echo "BAD got $1 not $2" else echo "GOOD (result is $1)" fi } ################################################################################ ################################################################################ # find witch file have a specific directive find_file_with_directive() { export RES_FILE_WITH_DIRECTIVE='/tmp/nonexistent' if [ -z "$1" ] ; then echo 'Error missing parameter #1 directory for find_file_with_directive()' return 1; fi if [ -z "$2" ] ; then echo 'Error missing parameter #2 directive for find_file_with_directive()' return 1; fi RES_FILE_WITH_DIRECTIVE="`grep -rli $2 $1 | head -n 1`" #manpage said that -l return only one line but it seems false } ################################################################################ ################################################################################ # add_correction() { echo "$1" >> "$CORRECT_FILE" } ################################################################################ ################################################################################ # list all test comment. In the future we could list by reference id (by CCE ID for example) list_all_yasat_test() { grep -h '#YASAT_TEST' ${PLUGINS_REP}/*.test | sed 's/^[[:space:]]*//g' } ################################################################################ ################################################################################ #check_value value_tested value_wanted bad_if_empty? text colour advice check_value() { if [ -z "$2" ] ; then echo 'Error missing parameter #2 value_wanted for check_value()' return 1; fi if [ -z "$3" ] ; then echo 'Error missing parameter #3 bad_if_empty? for check_value()' return 1; fi if [ -z "$4" ] ; then echo 'Error missing parameter #4 text for check_value()' return 1; fi if [ -z "$5" ] ; then echo 'Error missing parameter #5 colour for check_value()' return 1; fi if [ -z "$6" ] ; then echo 'Error missing parameter #5 advice for check_value()' return 1; fi if [ -z "$1" ] ; then if [ "$3" = 'true' ] ; then Display --indent 2 --text "$4" --result "NOTFOUND" --color $5 --advice $6 else Display --indent 2 --text "$4" --result "NOTFOUND" --color GREEN fi return 0; fi if [ "$1" != "$2" ]; then Display --indent 2 --text "$4" --result "$1" --color $5 --advice $6 else Display --indent 2 --text "$4" --result "$1" --color GREEN fi } ################################################################################ ################################################################################ #get the value after i"$1" in a line #used for apache_vhosts, we assume $1 is present get_value_in_string() { if [ -z "$1" ] ; then echo 'Error missing parameter #1 value_wanted for get_value_in_string()' return 1; fi if [ -z "$2" ] ; then echo 'Error missing parameter #2 string to be seeked for get_value_in_string()' return 1; fi export RESULTAT="`echo $2 | sed 's/^[[:space:]]*//' | sed 's,#.*,,' | sed 's,[[:space:]][[:space:]]*, ,g' | cut -d\ -f2`" } yasat/README0000640000175000017500000000602111751712001013277 0ustar montjoiemontjoieHello, Thanks for using Y.A.S.A.T. 1 PRESENTATION YASAT (Yet Another Stupid Audit Tool) is a simple stupid audit tool. Its goal is to be as simple as possible with minimum binary dependencies (only sed, grep and cut) Second goal is to document each test with maximum information and links to official documentation. It do many tests for checking security configuration issue or others good practice. You may think that some test is pedantic, useless or too paranoiac, sorry for that, it is just my point of view of I want to check. Don't forget that YASAT is not the only audit tool, you can also use tiger, lynis, sectool, nessus, openvas, Debian's checksecurity, etc... for checking your systems 2 INSTALLATION, CONFIGURATION Dependencies: sed, cut, grep. YASAT will use also openssl for some tests. Latest version can be found at http://yasat.sourceforge.net 2.1 On-my-home installation Simply untar the yasat tarball tar xvzf yasat-version.tar.gz Change directory to yasat directory cd yasat and type ./yasat 2.2 On the FS installation Just do make install and type yasat You can configure override some variable of yasat by using /etc/yasat/yasat.conf or /usr/local/etc/yasat/yasat.conf or ~/.yasat/yasat.conf (Priority in this order) Example 1: if you are under Linux kernel and dont have compiled CONFIG_IKCONFIG_PROC, you can provided .config through YASAT_PATH_TO_KERNEL_CONFIG . Example 2: You can give to YASAT the path to a manual installation of apache through POSSIBLE_APACHE_CONFIG_LOCATION . 3 USAGE For standard test, type ./yasat -s 4 PATCHS, CRITICS Patch, contributions, critics ( even bad:) ) are welcome. You can mail me at corentin.labbe@geomatys.fr with, and if possible, a subject beginning by [YASAT]. You can also perhaps find me on channel #yasat on Freenode IRC servers. 5 CONTENTS, PLUGIN WRITING (TO FINISH) ./tests/ In this directory, you will find all scripts for testing yasat (non regressions, etc... ) ./plugins/ In this directory, you will find plugins. A plugin is segmented in 3 files: plugin.test : All test to do for this plugin plugin.data : All data necessary for the plugin (ex: all directives to check ) plugin.advice : List of advice for each check made by the plugin For writing plugins you have many functions at your disposal get_simple_right() get_full_right() get_path_from_apache_directives() check_file() check_directory_group() check_directory_others() check_directory_writable_by_group() FindValueOf() FindValueOfEqual() FindValueOfDDot() CheckPresenceOf() Title() For referencing tests done by YASAT, now use the following comment. Put external reference like PCIDSS RedHat compliance etc... #CCE http://cce.mitre.org/lists/cce_list.html #YASAT_TEST_name_of_test [RH=xxx] [PCIDSS=xx] [CCEID=xxx] description of the test 6 THANKS thanks to all alpha/betatesters ptipimousse cain khali Etienne JC Eldwin Celius Raphink Damien B. Mikal Sande Richard Dumais yasat/yasat.advices0000640000175000017500000003744311754413611015124 0ustar montjoiemontjoieEN,ACCOUNTING_NOT_ENABLED=Enable the accounting with accton ADVICEEND EN,ACCOUNTING_BSD_NOT_ENABLED=Enable the accounting in rc.conf with accounting_enable=YES ADVICEEND EN,ACCOUNTING_MISSING_FILE=This file is missing, touch it ADVICEEND EN,ACCOUNTING_BTMP=Create this file for the lastb command ADVICEEND EN,ACCOUNTING_FAILLOG=Create this file for the faillog command ADVICEEND EN,INSTALL_AUDITD=Install the auditd daemon ADVICEEND EN,APACHE_CONF_TIMEOUT=configure timeout below 20s ADVICEEND EN,APACHE_CONF_HOSTNAMELOOKUPS=Set HostNameLookup to off ADVICEEND EN,APACHE_CONF_SERVERSIGNATURE=Hide apache version by setting serversignature off ADVICEEND EN,APACHE_CONF_SERVERTOKENS=Hide apache version by setting servertokens to prod ADVICEEND EN,APACHE_CONF_SSL_SSLV2=SSLV2 is deprecated, disable it with -SSLv2 ADVICEEND EN,APACHE_CONF_PROXYREQUESTS=You are acting as an open-proxy, check your configuration for be sure to enable only local users ADVICEEND EN,APACHE_CONF_TRACEENABLE=Disable the TRACE debugging function. ADVICEEND EN,APACHE_CONF_LIMITREQUESTBODY=Set the limitrequestbody directive ADVICEEND EN,APACHE_CONF_LIMITREQUESTFIELDS=Set the LimitRequestFields directive ADVICEEND EN,APACHE_CONF_LIMITREQUESTFIELDSIZE=Set the LimitRequestFieldsize directive ADVICEEND EN,APACHE_CONF_LIMITREQUESTLINE=Set the limitrequestline directive ADVICEEND EN,APACHE_ERRORDOC_CUSTOM=Use a custom ErrorDocument ADVICEEND EN,APACHE_CONF_KEEPALIVES=Enable keepalive ADVICEEND EN,APACHE_CONF_KEEPALIVE_TIMEOUT=Decrease the value of keepalivetimeout ADVICEEND EN,APACHE_MODULE_ERROR_CODE=Check your apache configuration ADVICEEND EN,APACHE_MODULE_DISABLE_UNNECESSARY_MODULES=Disable unnecessary modules ADVICEEND EN,APACHE_USER_OWNER_CONF_REP=Apache configuration files must be owned by root ADVICEEND EN,APACHE_USER_GROUP_CONF_REP=Apache configuration files must be group owned by root ADVICEEND EN,APACHE_USER_OTHERS_CONF_REP=Apache configuration files must not have others access ADVICEEND EN,APACHE_USER_BAD_SHELL=apache must not have a shell ADVICEEND EN,APACHE_USER_PASSWD_IN_CONF_REP=It's preferred to put htpasswd files in a directory group owned by apache that is not a docroot ADVICEEND EN,APACHE_VHOSTS_OPTIONS_INDEXES=Disable the directory's content providing ADVICEEND EN,APACHE_VHOSTS_OPTIONS_EXECCGI=Disable the possibility to use CGI scripts ADVICEEND EN,APACHE_VHOSTS_NO_ORDER_CLAUSE=Add an order allow,deny clause to your vhost ADVICEEND EN,APACHE_VHOSTS_DOCROOT_BADGROUP=The docroot's files must be group owned by apache ADVICEEND EN,APACHE_VHOSTS_DOCROOT_OTHERRIGHTS=The docroot's files must not be readable by others ADVICEEND EN,APACHE_VHOSTS_DOCROOT_GROUPW=The docroot's files must not be writable by apache ADVICEEND EN,APACHE_VHOSTS_KNOWN_NAME=TODO is this location useful? ADVICEEND EN,APACHE_VHOSTS_NO_ROBOTS_TXT=You can put a robots.txt for controlling where the search engine goes ADVICEEND EN,APACHE_VHOSTS_NO_ACCESSLOG=Define an accesslog ADVICEEND EN,APACHE_VHOSTS_NO_ERRORLOG=Define an errorlog ADVICEEND EN,APACHE_VHOSTS_AUTHFILE_NOTFOUND=You have defined an authfile, but I can't find it ADVICEEND EN,APACHE_VHOSTS_VAR_WWW=It's preferable to use a docroot like /var/www/servername/ ADVICEEND EN,APACHE_VHOSTS_NO_DOCROOT=Define a documentroot ADVICEEND EN,BINARIES_UNKNOWN=This binary is not in yasat's SetUID db ADVICEEND EN,BINARIES_BAD_RIGHT=THIS CHECK IS IN DEVELOPMENT EN,BINARIES_NO_AIDE=Install AIDE integrity checker ADVICEEND EN,BINARIES_NO_TRIPWIRE=Install TRIPWIRE integrity checker ADVICEEND EN,BINARIES_NO_CHKROOTKIT=Install chkrootkit ADVICEEND EN,BINARIES_REMOVE_SETUID=Limit the number of set-uid binary ADVICEEND EN,BINARIES_NO_POSIXCAPSTOOLS=I cannot test POSIX CAPS for your setuid binaries ADVICEEND EN,BINARIES_CAN_HAVE_POSIX_CAPS=You can set POSIX CAPS ADVICEEND EN,UMASK_NOT027=Set umask to 027 ADVICEEND EN,NO_FORK_BOMB_PREVENTION=Set a hard ulimit ADVICEEND EN,FILES_WITHOUT_OWNER=Correct the permissions for these files ADVICEEND EN,FILES_WITHOUT_GROUP=Correct the group permissions for these files EN,LIMITS_NO_CORE_RESTRICTION=Prevent the creation of core files ADVICEEND EN,LD_SO_CONF_UNK_LIB=Check if this libray location is normal EN,SUID_COREDUMPABLE=Disable coredump for suid binaries ADVICEEND EN,PASSWORD_MIN_LENGHT=Set minimal password length to at least 8 or more ADVICEEND EN,PATH_UNKNOWN=Check if this value is supposed to be in your PATH ADVICEEND EN,CUPS_LISTEN=If possible, restrict CUPS to listen only on localhost ADVICEEND EN,BIND_HIDE_VERSION=Hide bind's version ADVICEEND EN,BIND_HIDE_HOSTNAME=Hide bind's hostname ADVICEEND EN,BIND_HIDE_SERVERID=Hide bind's server-id ADVICEEND EN,BIND_DISALLOW_RECURSIVE_QUERY=Disallow global access to recursive query ADVICEEND EN,BIND_MAX_CACHE_SIZE=Limit the amount of cache used by bind ADVICEEND EN,FIREWALL_POLICY_INPUT=Configure your firewall with a drop by default policy ADVICEEND EN,FIREWALL_POLICY_OUTPUT=Configure your firewall with a drop by default policy ADVICEEND EN,FIREWALL_POLICY_FORWARD=Unless this machine is a router, DROP forwarding ADVICEEND EN,FIREWALL_TEST_ERROR=Arggg i can't test your firewall ADVICEEND EN,FIREWALL_IPV6_NO_FW=Install ip6tables and configure a firewall ADVICEEND EN,FIREWALL_PF_NOT_ENABLED=Enable PF firewall ADVICEEND EN,FIREWALL_PF_NO_RULES=TODO ADVICEEND EN,KERNEL_CONFIG_COMPAT_BRK=TODO ADVICEEND EN,KERNEL_CONFIG_COMPAT_VDSO=TODO ADVICEEND EN,KERNEL_MMAP_MIN_ADDR=Set this to 4096 ADVICEEND EN,KERNEL_CONFIG_MCE ADVICEEND EN,KERNEL_NO_NX_BIT=Check NX bit support for your processor ADVICEEND EN,KERNEL_NO_CONFIG=Can't find you kernel config ADVICEEND EN,KERNEL_CONFIG_STRICT_DEVMEM=Disable access to /dev/mem ADVICEEND EN,KERNEL_CONFIG_DEVKMEM=Disable the creation of /dev/kmem ADVICEEND EN,KERNEL_EXEC_SHIELD=Enable Exec-Shield ADVICEEND EN,OPENBSD_SECURE_LEVEL_BELOW_ZERO=Set secure level at level 0 or more ADVICEEND EN,KERNEL_CONFIG_PAX=Use PAX to harden your kernel ADVICEEND EN,KERNEL_CONFIG_GRSEC=Use GRsec to harden your kernel ADVICEEND EN,KERNEL_CONFIG_SECURITY_SELINUX=Use SELinux to harden your kernel ADVICEEND EN,KERNEL_USB_MODULES=On a server, disable USB ADVICEEND EN,KERNEL_FIREWIRE_MODULES=On a server, disable FireWire ADVICEEND EN,KERNEL_RANDOM_VA_SPACE=Activate the randomize_va_space ADVICEEND EN,KERNEL_CONFIG_DEBUG_SET_MODULE_RONX=Set KERNEL_CONFIG_DEBUG_SET_MODULE_RONX ADVICEEND EN,KERNEL_CONFIG_DEBUG_RODATA=Set KERNEL_CONFIG_DEBUG_RODATA ADVICEEND EN,KERNEL_CONFIG_DEBUG_STRICT_USER_COPY_CHECKS=Set KERNEL_CONFIG_DEBUG_STRICT_USER_COPY_CHECKS ADVICEEND EN,LDAP_NO_TLS=Enable TLS for slapd ADVICEEND EN,LDAP_PASSWD_CLEAR=Use a secure storage for passwd ADVICEEND EN,LDAP_BINDV2=Disable bindv2 ADVICEEND EN,LDAP_BIND_ANON=Disable anonymous bind ADVICEEND EN,LDAP_REQUIRE_AUTHC=Set require authc ADVICEEND EN,SYSTEM_LOG_TWO_LOGGERS=Strange, you have two system loggers ADVICEEND EN,SYSTEM_LOG_NO_LOGGERS=Configure and run a system logger ADVICEEND EN,SYSLOGNG_NOLOGHOST=Set up a remote logging server ADVICEEND EN,SYSLOG_NOLOGHOST=Set up a remote logging server ADVICEEND EN,RSYSLOG_NOLOGHOST=Set up a remote logging server ADVICEEND EN,LOGROTATE_NOT_ROTATED=Define logrotation for this log EN,LOGWATCH_TMPDIR_OTHER_READABLE=The TmpDir used by logwatch should not be readble by others. ADVICEEND EN,LOGWATCH_SAVE_OTHER_READABLE=The Save directory used by logwatch should no be readable by others. ADVICEEND EN,LOGWATCH_LOW_DETAIL_SETTING=Low detail setting can lead to loss of important information. EN,LOGWATCH_PROBLEMATIC_RANGE_TODAY=Using the log from today can lead to loss of infornation. ADVICEEND EN,LOGWATCH_PROBLEMATIC_RANGE_ALL=Using all logs can be too much. ADVICEEND EN,LOGWATCH_CHECK_ALL_SERVICES=You could be missing important information ADVICEEND EN,LOGWATCH_DISABLED_SERVICE_CHECK=You should check whether the disabled checks are needed. EN,LOGWATCH_TMPDIR_DEFAULT=The default setting is /var/cache/logwatch. EN,LOGWATCH_NO_SERVICES_FOUND=No Services are checked! ADVICEEND EN,LOGWATCH_NO_LOGDIR=The LogDir is either a file or doesn't exist. ADVICEEND EN,LOGWATCH_LOGDIR_OTHER_WRITABLE=LogDir should not be writable by anyone other than the owner. EN,LOGWATCH_ONLY_ONE_LOGFILE=Checking only one logfile can lead to loss of information. ADVICEEND EN,LOGWATCH_NO_LOGS_CHECKED=Could not find any logfiles that are to be checked. ADVICEEND EN,LOGWATCH_DEFAULT_SETTING=Consider setting this directive in the config. EN,LOGWATCH_NO_LOGS_CHECKED=Could not find any logfiles that are to be checked. ADVICEEND EN,LOGWATCH_TMPDIR_NOT_FOUND=Isn't a directory. ADVICEEND EN,LOGWATCH_ARCHIVES_NOT_CHECKED=Log archives are not parsed. This should be enabled. ADVICEEND EN,LOGWATCH_HOSTLIMIT_NO=Unless this is logserver, HostLimit should be enabled. EN,MYSQL_CONF_BIND=If possible, mysql should listen only on localhost EN,MYSQL_CONF_NO_SLOWQUERY_LOG=Log slow query ADVICEEND EN,MYSQL_CONF_BINLOGS=Are the binlogs useful to you ? ADVICEEND EN,MYSQL_CONF_NO_EXPIRELOGSDAYS=Set an expire_logs_days ADVICEEND EN,MYSQL_RUN_AS_ROOT=mysqld must not be run as root ADVICEEND EN,MYSQL_USER_HAVE_SHELL=Mysqld user must not have a shell ADVICEEND EN,MYSQL_LOG=Disable request log ADVICEEND EN,NETWORK_ICMP_ECHO_IGNORE_BROADCASTS=Set icmp_echo_ignore_broadcasts to 1 ADVICEEND EN,NETWORK_FIN_TIMEOUT=Decrease tcp_fin_timeout value ADVICEEND EN,NETWORK_IGNORE_BOGUS_ERROR_RESPONSES=Set icmp_ignore_bogus_error_responses to 1 ADVICEEND EN,NETWORK_CONF_ALL_ACCEPT_REDIRECTS=TODO ADVICEEND EN,NETWORK_CONF_DEFAULT_ACCEPT_REDIRECTS=TODO ADVICEEND EN,NETWORK_TCP_SYNCOOKIES=Enable TCP_SYN_COOKIE ADVICEEND EN,NETWORK_CONF_ALL_ACCEPT_SOURCE_ROUTE=TODO ADVICEEND EN,NETWORK_CONF_DEFAULT_ACCEPT_SOURCE_ROUTE=TODO ADVICEEND EN,NETWORK_CONF_ENABLE_IP_SPOOFING_PROTECTION=Enable IP spoofing protection ADVICEEND EN,NETWORK_CONF_TODO=TODO EN,NFS_EXPORT_SUBTREE_CHECK=TODO ADVICEEND EN,NFS_EXPORT_NO_ROOT_SQUASH=If you can, unset no_root_squash ADVICEEND EN,NFS_EXPORT_NO_INTR=Set intr option ADVICEEND EN,NFS_EXPORT_UDP=Prefer TCP over UDP ADVICEEND EN,NFS_CLIENT_NOAC=For performance, unset noac ADVICEND EN,NTPD_NO_NTPD=Install an NTP daemon ADVICEEND EN,PACKAGES_USELESS=On a server, if this packages is not used, remove it ADVICEEND EN,PACKAGES_NO_PORTAUDIT=Install portaudit ADVICEEND EN,PACKAGES_PORTAUDIT_TOOOLD=Refresh portaudit database ADVICEEND EN,PACKAGE_REDHAT_RHNSD_DISABLED=Enable rhnsd ADVICEEND EN,PARTITION_NODEV=Add a nodev options in /etc/fstab EN,PARTITION_NOEXEC=Add a noexec options in /etc/fstab EN,PARTITION_NOSUID=Add a nosuid options in /etc/fstab EN,PARTITION_SEPARATE_PART=With a separate partition, you can put options like nodev,noexec,nosuid EN,PHP_CONF_SAFEMODE=If possible use safe_mode ADVICEEND EN,PHP_CONF_REGISTER_GLOBALS=Don't use register-globals!! ADVICEEND EN,PHP_CONF_ALLOW_URL_INCLUDE=Don't use allow_url_include ADVICEEND EN,PHP_CONF_SORT_OPEN_TAG=Don't use short_open_tag ADVICEEND EN,PHP_CONF_DISPLAY_ERRORS=Don't display php errors, log them ADVICEEND EN,PHP_CONF_ENABLE_DL=Set enable_dl to off ADVICEEND EN,PHP_CONF_EXPOSE_PHP=Set expose_php to off ADVICEEND EN,PHP_CONF_FILE_UPLOADS=Set file_uploads to off if possible ADVICEEND EN,PHP_CONF_REGISTER_LONG_ARRAYS=Set it to off, it's deprecated ADVICEEND EN,PHP_CONF_REGISTER_ARGC_ARGV=Set it to off ADVICEEND EN,PHP_CONF_EXECCOMM=This function can launch dangerous commands EN,PHP_CONF_INFODISCLOSURE=This function can display confidential information EN,PHP_CONF_PHPSESSID=Change the default PHPSESSID name EN,POSTFIX_OBSOLETE_TLS=see http://www.postfix.org/TLS_README.html ADVICEEND EN,POSTFIX_NO_TLS=Enable TLS for sending mail via a TLS secured connection ADVICEEND EN,PROCESS_NOT_BE_ROOT=This process must not be run as root EN,PROCESS_ONLY_ROOT=Logically, this process must be run as root (send a bug ?) EN,PROCESS_MAY_NOT_BE_ROOT=Does this process need to be run as root ? EN,PROCESS_CAN_BE_ROOT=This process may be run as a non-root user in some cases EN,TEMP_SENSORS=Install lm_sensors to monitor temperature. ADVICEEND EN,IPMI_NO_BINARY=Install freeipmi/openipmi/ipmitool on a server ADVICEEND EN,IPMI_BAD_SNMP_COMM=Change this community string ADVICEEND EN,TEMP_SENSOR_PROGRAM_UNK=I don't know the temperature monitoring program for your OS ADVICEEND EN,SNMPD_SECMODEL_V1=If possible, use only SNMP v2 or v3 ADVICEEND EN,SNMPD_DEFAULT_COMMUNITY=Change the default community ADVICEEND EN,SQUID_USER_BAD_SHELL=squid must not have a shell ADVICEEND EN,SQUID_HIDE_VERSION=Hide the squid version ADVICEEND EN,SQUID_ALLOW_UNDERSCORE=Deactivate underscore hostname support ADVICEEND EN,SQUID_FTP_SANITYCHECK=Enable FTP sanitycheck ADVICEEND EN,SQUID_UNKNOWN_NAMESERVER=Enable ignore_unknown_nameservers ADVICEEND EN,SQUID_CHECK_HOSTNAMES=Enable check_hostname ADVICEEND EN,SSH_ROOT_LOGIN=Disable direct root login ADVICEEND EN,SSH_X11FORWARDING=Disable X11Forwarding ADVICEEND EN,SSH_IGNORERHOSTS=Disable IgnoreRhosts ADVICEEND EN,SSL_BAD_PRIVATE_RIGHT=This directory and its contents must not have others rights. EN,TODO=Test in development ADVICEEND EN,HDD_SMARTCTL=Monitor your hdd with S.M.A.R.T. ADVICEEND EN,HDD_READ_AHEAD_HIGH=Check the value of read_ahead ADVICEEND EN,SYSTEM_USER_UMASK=umask must be 027, 022 by default is not strict enough. EN,SYSTEM_USER_DOTFILES=This file must be chmod 600 EN,SYSTEM_USER_DOTDIR=This directory must be chmod 700 EN,SYSTEM_USER_HOMEDIR_ROOT_SLASH=Why is the homedir / ? EN,SYSTEM_USER_HOMEDIR_READABLE_BY_OTHERS=The homedir is readable by others EN,SYSTEM_USER_USELESS=Does this user used by your system ? EN,SYSTEM_USER_RSA_VS_DSA=RSA keys are preferred. ADVICEEND EN,--SYSTEM_USER_PASSWORD_LEAKING=Caution, some password might be visible ADVICEEND EN,SYSTEM_USER_MYSQL_HISTORY_PASSWORD_LEAKING=Caution, some password might be visible ADVICEEND EN,SYSTEM_USER_USER_wITH_UID0=Check if this account is necessary ADVICEEND EN,SYSTEM_USER_NO_HOMEDIR=This user has no homedir, why? ADVICEEND EN,SYSTEM_USER_NOPASS_AND_SHELL=This account probably doesn't need a shell ADVICEEND EN,SYSTEM_USER_FIREFOX_MIXED_HTTPS=Enable warning of loading mixed HTTP/HTTPS content ADVICEEND EN,SYSTEM_USER_FIREFOX_NO_AUTO_UPDATE=Enable automatic check of firefox updates ADVICEEND EN,TOMCAT_DEFAULT_WEBAPP=If you don't use this default webapp, remove it EN,TOMCAT_DEFAULT_PASSWORD=Change the password EN,VSFTPD_ANONYMOUS_LOGIN=Disable anonymous connection if possible EN,VSFTPD_ANONYMOUS_UPLOAD=Disable anonymous upload if possible EN,VSFTPD_ANONYMOUS_ASCII=Disable ASCII mode EN,VSFTPD_ANONYMOUS_NO_XFERLOG=Add an xferlog entry EN,VSFTPD_ANONYMOUS_NOCHROOTLOCAL=Chroot local users if possible EN,XINETD_SERVICES_USELESS=Remove unused services from xinetd (even if disabled) EN,XINETD_SERVICES_OPTIONAL=Are these services in use ?(remove it otherwise) EN,XINETD_SERVICES_NODISABLE=Disable this services if you don't use it EN,XINETD_SERVICES_NO_LOG_TYPE=Add a log_type entry ADVICEEND EN,XINETD_SERVICES_NO_LOG_FAILURE=Add a log_on_failure entry ADVICEEND EN,XINETD_SERVICES_NO_ONLY_FROM=Add a only_from entry ADVICEEND EN,GLOBAL_MULTIPLE_DECLARATIONS=Unable to discern which declaration is really used EN,GLOBAL_FILE_CHMOD640=This file must be chmoded 640 or 600 ADVICEEND EN,GLOBAL_FILE_CHMOD600=This file must be chmoded 600 ADVICEEND EN,GLOBAL_FILE_MUST_BE_OWNED_BY_ROOT=This file must be owned by the root user EN,GLOBAL_FILE_MUST_BE_GROUPED_BY_ROOT=This file must be group owned by the root user (root or wheel) EN,GLOBAL_FILE_OTHER_WRITABLE=Do a chmod o-w name_of_the_file EN,GLOBAL_FILE_OTHER_READABLE=Do a chmod o-rxw name_of_the_file EN,GLOBAL_INTERNAL_ERROR=Internal error, probably a bug EN,GLOBAL_SKIPPED_LONG_TESTS=Long tests skipped, use -f to include them EN,YASAT_BUG=Argg a bug, please report it. EN,YASAT_DENIED=You got a permission denied, are you root ? EN,CERTIFICATE_OUTDATED=This certificate will outdated soon. EN,GLOBAL_PACKAGE_INSTALLED_AT_HAND=Why have you installed this package manually ? ADVICEEND EN,GLOBAL_PRIVATE_KEY_NOT_PASSWORD_PROTECTED=Password protect you private key ADVICEEND EN,GLOBAL_RSA_KEY_SIZE=RSA keys must be 2048bits at minimum ADVICEEND EN,GLOBAL_BINARY_PIE=TODO ADVICEEND EN,GLOBAL_BINARY_SSP=TODO ADVICEEND yasat/LICENCE0000640000175000017500000010451311502432340013410 0ustar montjoiemontjoie GNU GENERAL PUBLIC LICENSE Version 3, 29 June 2007 Copyright (C) 2007 Free Software Foundation, Inc. Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The GNU General Public License is a free, copyleft license for software and other kinds of works. The licenses for most software and other practical works are designed to take away your freedom to share and change the works. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change all versions of a program--to make sure it remains free software for all its users. We, the Free Software Foundation, use the GNU General Public License for most of our software; it applies also to any other work released this way by its authors. You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for them if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs, and that you know you can do these things. To protect your rights, we need to prevent others from denying you these rights or asking you to surrender the rights. Therefore, you have certain responsibilities if you distribute copies of the software, or if you modify it: responsibilities to respect the freedom of others. For example, if you distribute copies of such a program, whether gratis or for a fee, you must pass on to the recipients the same freedoms that you received. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights. Developers that use the GNU GPL protect your rights with two steps: (1) assert copyright on the software, and (2) offer you this License giving you legal permission to copy, distribute and/or modify it. For the developers' and authors' protection, the GPL clearly explains that there is no warranty for this free software. For both users' and authors' sake, the GPL requires that modified versions be marked as changed, so that their problems will not be attributed erroneously to authors of previous versions. Some devices are designed to deny users access to install or run modified versions of the software inside them, although the manufacturer can do so. This is fundamentally incompatible with the aim of protecting users' freedom to change the software. The systematic pattern of such abuse occurs in the area of products for individuals to use, which is precisely where it is most unacceptable. Therefore, we have designed this version of the GPL to prohibit the practice for those products. If such problems arise substantially in other domains, we stand ready to extend this provision to those domains in future versions of the GPL, as needed to protect the freedom of users. Finally, every program is threatened constantly by software patents. States should not allow patents to restrict development and use of software on general-purpose computers, but in those that do, we wish to avoid the special danger that patents applied to a free program could make it effectively proprietary. To prevent this, the GPL assures that patents cannot be used to render the program non-free. The precise terms and conditions for copying, distribution and modification follow. TERMS AND CONDITIONS 0. Definitions. "This License" refers to version 3 of the GNU General Public License. "Copyright" also means copyright-like laws that apply to other kinds of works, such as semiconductor masks. "The Program" refers to any copyrightable work licensed under this License. Each licensee is addressed as "you". "Licensees" and "recipients" may be individuals or organizations. To "modify" a work means to copy from or adapt all or part of the work in a fashion requiring copyright permission, other than the making of an exact copy. The resulting work is called a "modified version" of the earlier work or a work "based on" the earlier work. A "covered work" means either the unmodified Program or a work based on the Program. To "propagate" a work means to do anything with it that, without permission, would make you directly or secondarily liable for infringement under applicable copyright law, except executing it on a computer or modifying a private copy. Propagation includes copying, distribution (with or without modification), making available to the public, and in some countries other activities as well. To "convey" a work means any kind of propagation that enables other parties to make or receive copies. Mere interaction with a user through a computer network, with no transfer of a copy, is not conveying. An interactive user interface displays "Appropriate Legal Notices" to the extent that it includes a convenient and prominently visible feature that (1) displays an appropriate copyright notice, and (2) tells the user that there is no warranty for the work (except to the extent that warranties are provided), that licensees may convey the work under this License, and how to view a copy of this License. If the interface presents a list of user commands or options, such as a menu, a prominent item in the list meets this criterion. 1. Source Code. The "source code" for a work means the preferred form of the work for making modifications to it. "Object code" means any non-source form of a work. A "Standard Interface" means an interface that either is an official standard defined by a recognized standards body, or, in the case of interfaces specified for a particular programming language, one that is widely used among developers working in that language. The "System Libraries" of an executable work include anything, other than the work as a whole, that (a) is included in the normal form of packaging a Major Component, but which is not part of that Major Component, and (b) serves only to enable use of the work with that Major Component, or to implement a Standard Interface for which an implementation is available to the public in source code form. A "Major Component", in this context, means a major essential component (kernel, window system, and so on) of the specific operating system (if any) on which the executable work runs, or a compiler used to produce the work, or an object code interpreter used to run it. The "Corresponding Source" for a work in object code form means all the source code needed to generate, install, and (for an executable work) run the object code and to modify the work, including scripts to control those activities. However, it does not include the work's System Libraries, or general-purpose tools or generally available free programs which are used unmodified in performing those activities but which are not part of the work. For example, Corresponding Source includes interface definition files associated with source files for the work, and the source code for shared libraries and dynamically linked subprograms that the work is specifically designed to require, such as by intimate data communication or control flow between those subprograms and other parts of the work. The Corresponding Source need not include anything that users can regenerate automatically from other parts of the Corresponding Source. The Corresponding Source for a work in source code form is that same work. 2. Basic Permissions. All rights granted under this License are granted for the term of copyright on the Program, and are irrevocable provided the stated conditions are met. This License explicitly affirms your unlimited permission to run the unmodified Program. The output from running a covered work is covered by this License only if the output, given its content, constitutes a covered work. This License acknowledges your rights of fair use or other equivalent, as provided by copyright law. You may make, run and propagate covered works that you do not convey, without conditions so long as your license otherwise remains in force. You may convey covered works to others for the sole purpose of having them make modifications exclusively for you, or provide you with facilities for running those works, provided that you comply with the terms of this License in conveying all material for which you do not control copyright. Those thus making or running the covered works for you must do so exclusively on your behalf, under your direction and control, on terms that prohibit them from making any copies of your copyrighted material outside their relationship with you. Conveying under any other circumstances is permitted solely under the conditions stated below. Sublicensing is not allowed; section 10 makes it unnecessary. 3. Protecting Users' Legal Rights From Anti-Circumvention Law. No covered work shall be deemed part of an effective technological measure under any applicable law fulfilling obligations under article 11 of the WIPO copyright treaty adopted on 20 December 1996, or similar laws prohibiting or restricting circumvention of such measures. When you convey a covered work, you waive any legal power to forbid circumvention of technological measures to the extent such circumvention is effected by exercising rights under this License with respect to the covered work, and you disclaim any intention to limit operation or modification of the work as a means of enforcing, against the work's users, your or third parties' legal rights to forbid circumvention of technological measures. 4. Conveying Verbatim Copies. You may convey verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice; keep intact all notices stating that this License and any non-permissive terms added in accord with section 7 apply to the code; keep intact all notices of the absence of any warranty; and give all recipients a copy of this License along with the Program. You may charge any price or no price for each copy that you convey, and you may offer support or warranty protection for a fee. 5. Conveying Modified Source Versions. You may convey a work based on the Program, or the modifications to produce it from the Program, in the form of source code under the terms of section 4, provided that you also meet all of these conditions: a) The work must carry prominent notices stating that you modified it, and giving a relevant date. b) The work must carry prominent notices stating that it is released under this License and any conditions added under section 7. This requirement modifies the requirement in section 4 to "keep intact all notices". c) You must license the entire work, as a whole, under this License to anyone who comes into possession of a copy. This License will therefore apply, along with any applicable section 7 additional terms, to the whole of the work, and all its parts, regardless of how they are packaged. This License gives no permission to license the work in any other way, but it does not invalidate such permission if you have separately received it. d) If the work has interactive user interfaces, each must display Appropriate Legal Notices; however, if the Program has interactive interfaces that do not display Appropriate Legal Notices, your work need not make them do so. A compilation of a covered work with other separate and independent works, which are not by their nature extensions of the covered work, and which are not combined with it such as to form a larger program, in or on a volume of a storage or distribution medium, is called an "aggregate" if the compilation and its resulting copyright are not used to limit the access or legal rights of the compilation's users beyond what the individual works permit. Inclusion of a covered work in an aggregate does not cause this License to apply to the other parts of the aggregate. 6. Conveying Non-Source Forms. You may convey a covered work in object code form under the terms of sections 4 and 5, provided that you also convey the machine-readable Corresponding Source under the terms of this License, in one of these ways: a) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by the Corresponding Source fixed on a durable physical medium customarily used for software interchange. b) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by a written offer, valid for at least three years and valid for as long as you offer spare parts or customer support for that product model, to give anyone who possesses the object code either (1) a copy of the Corresponding Source for all the software in the product that is covered by this License, on a durable physical medium customarily used for software interchange, for a price no more than your reasonable cost of physically performing this conveying of source, or (2) access to copy the Corresponding Source from a network server at no charge. c) Convey individual copies of the object code with a copy of the written offer to provide the Corresponding Source. This alternative is allowed only occasionally and noncommercially, and only if you received the object code with such an offer, in accord with subsection 6b. d) Convey the object code by offering access from a designated place (gratis or for a charge), and offer equivalent access to the Corresponding Source in the same way through the same place at no further charge. You need not require recipients to copy the Corresponding Source along with the object code. If the place to copy the object code is a network server, the Corresponding Source may be on a different server (operated by you or a third party) that supports equivalent copying facilities, provided you maintain clear directions next to the object code saying where to find the Corresponding Source. Regardless of what server hosts the Corresponding Source, you remain obligated to ensure that it is available for as long as needed to satisfy these requirements. e) Convey the object code using peer-to-peer transmission, provided you inform other peers where the object code and Corresponding Source of the work are being offered to the general public at no charge under subsection 6d. A separable portion of the object code, whose source code is excluded from the Corresponding Source as a System Library, need not be included in conveying the object code work. A "User Product" is either (1) a "consumer product", which means any tangible personal property which is normally used for personal, family, or household purposes, or (2) anything designed or sold for incorporation into a dwelling. In determining whether a product is a consumer product, doubtful cases shall be resolved in favor of coverage. For a particular product received by a particular user, "normally used" refers to a typical or common use of that class of product, regardless of the status of the particular user or of the way in which the particular user actually uses, or expects or is expected to use, the product. A product is a consumer product regardless of whether the product has substantial commercial, industrial or non-consumer uses, unless such uses represent the only significant mode of use of the product. "Installation Information" for a User Product means any methods, procedures, authorization keys, or other information required to install and execute modified versions of a covered work in that User Product from a modified version of its Corresponding Source. The information must suffice to ensure that the continued functioning of the modified object code is in no case prevented or interfered with solely because modification has been made. If you convey an object code work under this section in, or with, or specifically for use in, a User Product, and the conveying occurs as part of a transaction in which the right of possession and use of the User Product is transferred to the recipient in perpetuity or for a fixed term (regardless of how the transaction is characterized), the Corresponding Source conveyed under this section must be accompanied by the Installation Information. But this requirement does not apply if neither you nor any third party retains the ability to install modified object code on the User Product (for example, the work has been installed in ROM). The requirement to provide Installation Information does not include a requirement to continue to provide support service, warranty, or updates for a work that has been modified or installed by the recipient, or for the User Product in which it has been modified or installed. Access to a network may be denied when the modification itself materially and adversely affects the operation of the network or violates the rules and protocols for communication across the network. Corresponding Source conveyed, and Installation Information provided, in accord with this section must be in a format that is publicly documented (and with an implementation available to the public in source code form), and must require no special password or key for unpacking, reading or copying. 7. Additional Terms. "Additional permissions" are terms that supplement the terms of this License by making exceptions from one or more of its conditions. Additional permissions that are applicable to the entire Program shall be treated as though they were included in this License, to the extent that they are valid under applicable law. If additional permissions apply only to part of the Program, that part may be used separately under those permissions, but the entire Program remains governed by this License without regard to the additional permissions. When you convey a copy of a covered work, you may at your option remove any additional permissions from that copy, or from any part of it. (Additional permissions may be written to require their own removal in certain cases when you modify the work.) You may place additional permissions on material, added by you to a covered work, for which you have or can give appropriate copyright permission. Notwithstanding any other provision of this License, for material you add to a covered work, you may (if authorized by the copyright holders of that material) supplement the terms of this License with terms: a) Disclaiming warranty or limiting liability differently from the terms of sections 15 and 16 of this License; or b) Requiring preservation of specified reasonable legal notices or author attributions in that material or in the Appropriate Legal Notices displayed by works containing it; or c) Prohibiting misrepresentation of the origin of that material, or requiring that modified versions of such material be marked in reasonable ways as different from the original version; or d) Limiting the use for publicity purposes of names of licensors or authors of the material; or e) Declining to grant rights under trademark law for use of some trade names, trademarks, or service marks; or f) Requiring indemnification of licensors and authors of that material by anyone who conveys the material (or modified versions of it) with contractual assumptions of liability to the recipient, for any liability that these contractual assumptions directly impose on those licensors and authors. All other non-permissive additional terms are considered "further restrictions" within the meaning of section 10. If the Program as you received it, or any part of it, contains a notice stating that it is governed by this License along with a term that is a further restriction, you may remove that term. If a license document contains a further restriction but permits relicensing or conveying under this License, you may add to a covered work material governed by the terms of that license document, provided that the further restriction does not survive such relicensing or conveying. If you add terms to a covered work in accord with this section, you must place, in the relevant source files, a statement of the additional terms that apply to those files, or a notice indicating where to find the applicable terms. Additional terms, permissive or non-permissive, may be stated in the form of a separately written license, or stated as exceptions; the above requirements apply either way. 8. Termination. You may not propagate or modify a covered work except as expressly provided under this License. Any attempt otherwise to propagate or modify it is void, and will automatically terminate your rights under this License (including any patent licenses granted under the third paragraph of section 11). However, if you cease all violation of this License, then your license from a particular copyright holder is reinstated (a) provisionally, unless and until the copyright holder explicitly and finally terminates your license, and (b) permanently, if the copyright holder fails to notify you of the violation by some reasonable means prior to 60 days after the cessation. Moreover, your license from a particular copyright holder is reinstated permanently if the copyright holder notifies you of the violation by some reasonable means, this is the first time you have received notice of violation of this License (for any work) from that copyright holder, and you cure the violation prior to 30 days after your receipt of the notice. Termination of your rights under this section does not terminate the licenses of parties who have received copies or rights from you under this License. If your rights have been terminated and not permanently reinstated, you do not qualify to receive new licenses for the same material under section 10. 9. Acceptance Not Required for Having Copies. You are not required to accept this License in order to receive or run a copy of the Program. Ancillary propagation of a covered work occurring solely as a consequence of using peer-to-peer transmission to receive a copy likewise does not require acceptance. However, nothing other than this License grants you permission to propagate or modify any covered work. These actions infringe copyright if you do not accept this License. Therefore, by modifying or propagating a covered work, you indicate your acceptance of this License to do so. 10. Automatic Licensing of Downstream Recipients. Each time you convey a covered work, the recipient automatically receives a license from the original licensors, to run, modify and propagate that work, subject to this License. You are not responsible for enforcing compliance by third parties with this License. An "entity transaction" is a transaction transferring control of an organization, or substantially all assets of one, or subdividing an organization, or merging organizations. If propagation of a covered work results from an entity transaction, each party to that transaction who receives a copy of the work also receives whatever licenses to the work the party's predecessor in interest had or could give under the previous paragraph, plus a right to possession of the Corresponding Source of the work from the predecessor in interest, if the predecessor has it or can get it with reasonable efforts. You may not impose any further restrictions on the exercise of the rights granted or affirmed under this License. For example, you may not impose a license fee, royalty, or other charge for exercise of rights granted under this License, and you may not initiate litigation (including a cross-claim or counterclaim in a lawsuit) alleging that any patent claim is infringed by making, using, selling, offering for sale, or importing the Program or any portion of it. 11. Patents. A "contributor" is a copyright holder who authorizes use under this License of the Program or a work on which the Program is based. The work thus licensed is called the contributor's "contributor version". A contributor's "essential patent claims" are all patent claims owned or controlled by the contributor, whether already acquired or hereafter acquired, that would be infringed by some manner, permitted by this License, of making, using, or selling its contributor version, but do not include claims that would be infringed only as a consequence of further modification of the contributor version. For purposes of this definition, "control" includes the right to grant patent sublicenses in a manner consistent with the requirements of this License. Each contributor grants you a non-exclusive, worldwide, royalty-free patent license under the contributor's essential patent claims, to make, use, sell, offer for sale, import and otherwise run, modify and propagate the contents of its contributor version. In the following three paragraphs, a "patent license" is any express agreement or commitment, however denominated, not to enforce a patent (such as an express permission to practice a patent or covenant not to sue for patent infringement). To "grant" such a patent license to a party means to make such an agreement or commitment not to enforce a patent against the party. If you convey a covered work, knowingly relying on a patent license, and the Corresponding Source of the work is not available for anyone to copy, free of charge and under the terms of this License, through a publicly available network server or other readily accessible means, then you must either (1) cause the Corresponding Source to be so available, or (2) arrange to deprive yourself of the benefit of the patent license for this particular work, or (3) arrange, in a manner consistent with the requirements of this License, to extend the patent license to downstream recipients. "Knowingly relying" means you have actual knowledge that, but for the patent license, your conveying the covered work in a country, or your recipient's use of the covered work in a country, would infringe one or more identifiable patents in that country that you have reason to believe are valid. If, pursuant to or in connection with a single transaction or arrangement, you convey, or propagate by procuring conveyance of, a covered work, and grant a patent license to some of the parties receiving the covered work authorizing them to use, propagate, modify or convey a specific copy of the covered work, then the patent license you grant is automatically extended to all recipients of the covered work and works based on it. A patent license is "discriminatory" if it does not include within the scope of its coverage, prohibits the exercise of, or is conditioned on the non-exercise of one or more of the rights that are specifically granted under this License. You may not convey a covered work if you are a party to an arrangement with a third party that is in the business of distributing software, under which you make payment to the third party based on the extent of your activity of conveying the work, and under which the third party grants, to any of the parties who would receive the covered work from you, a discriminatory patent license (a) in connection with copies of the covered work conveyed by you (or copies made from those copies), or (b) primarily for and in connection with specific products or compilations that contain the covered work, unless you entered into that arrangement, or that patent license was granted, prior to 28 March 2007. Nothing in this License shall be construed as excluding or limiting any implied license or other defenses to infringement that may otherwise be available to you under applicable patent law. 12. No Surrender of Others' Freedom. If conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot convey a covered work so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not convey it at all. For example, if you agree to terms that obligate you to collect a royalty for further conveying from those to whom you convey the Program, the only way you could satisfy both those terms and this License would be to refrain entirely from conveying the Program. 13. Use with the GNU Affero General Public License. Notwithstanding any other provision of this License, you have permission to link or combine any covered work with a work licensed under version 3 of the GNU Affero General Public License into a single combined work, and to convey the resulting work. The terms of this License will continue to apply to the part which is the covered work, but the special requirements of the GNU Affero General Public License, section 13, concerning interaction through a network will apply to the combination as such. 14. Revised Versions of this License. The Free Software Foundation may publish revised and/or new versions of the GNU General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies that a certain numbered version of the GNU General Public License "or any later version" applies to it, you have the option of following the terms and conditions either of that numbered version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of the GNU General Public License, you may choose any version ever published by the Free Software Foundation. If the Program specifies that a proxy can decide which future versions of the GNU General Public License can be used, that proxy's public statement of acceptance of a version permanently authorizes you to choose that version for the Program. Later license versions may give you additional or different permissions. However, no additional obligations are imposed on any author or copyright holder as a result of your choosing to follow a later version. 15. Disclaimer of Warranty. THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 16. Limitation of Liability. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 17. Interpretation of Sections 15 and 16. If the disclaimer of warranty and limitation of liability provided above cannot be given local legal effect according to their terms, reviewing courts shall apply local law that most closely approximates an absolute waiver of all civil liability in connection with the Program, unless a warranty or assumption of liability accompanies a copy of the Program in return for a fee. END OF TERMS AND CONDITIONS How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively state the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. Copyright (C) This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . Also add information on how to contact you by electronic and paper mail. If the program does terminal interaction, make it output a short notice like this when it starts in an interactive mode: Copyright (C) This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, your program's commands might be different; for a GUI interface, you would use an "about box". You should also get your employer (if you work as a programmer) or school, if any, to sign a "copyright disclaimer" for the program, if necessary. For more information on this, and how to apply and follow the GNU GPL, see . The GNU General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. But first, please read . yasat/CHANGELOG0000640000175000017500000000553111756442032013647 0ustar montjoiemontjoie* 21 May 2012 YASAT 526 - Now test the SSLCipherSuite for apache - Enhancement: Check size of private key - bug: The availability of echo -e was badly tested - bug: apache_vhost tested certificate as private key instead of certificate filetype - bug: apache_vhost could badly analyze order by clause - typo some advice links was bad - internal: link tester for advices - Enhancement: ssh test - Enhancement: vsftpd test - Fix some remaining bashism - Check the presence of Firewire kernel modules - Correction of some problems with dash and some empty variables (shift: cant shift that many) - Renamed yasat.sh to yasat - Lots of spelling fix - Enhancement: now correctly find the user running bind9 under debian - Lots of small fix for future Debian Wheezy * 29 December 2011 YASAT 456 - add chronyd to known ntpd servers - add CONFIG_DEBUG_SET_MODULE_RONX to kernel test - add logwatch test from Mr Sande - add password encryption test for shadow - add the list of command needed to correct problems reported by YASAT in yasat_correct.shell - More kernel checks - Check for remote syslog logging - Check for auditd daemon - Arch Linux detection and pacman support - Lots of misc enhancement * 14 June 2011 YASAT 421 - Skip option patch from Mr Sande - Misc enhancement from Mr Didier - Lots of known location added to apache_vhosts - Typo in partition.test - Misc enhancement - POSIX CAPS test for setuid binaries * 07 March 2011 YASAT 400 - YASAT incorrectly searched umask value (thanks to Mikal Sande for report and patch) - YASAT now have a manpage - The CheckFile function will now check if the binary tested have SSP and PIE - Lots of advice spell checking and enhancement by Mikal Sande. * 04 January 2011 YASAT 385 - Misc modifications of PHP, apache, LDAP, SSH, MySQL - Initial test of security options of firefox - Better BIND server test - Basic support of checking technology behind a vhost (like PHP for testing php_admin_values like open_basedir) - Test of NFS mount options and NFSD exports options - Basic test if private key is password protected * 02 August 2010 YASAT 351 - Minor corrections for FreeBSD - yasat.sh is no longer /bin/bash (all bashisms seems fixed) * 12 July 2010 YASAT 347 - Add CUPS tests - Add Squid tests - Add Samba tests - more tests for mysql, kernel, bind, cyrus - Minor improvement for apache, package, network, snmp tests - Add the check-update option to YASAT - Add a css to html report for better HTML report (add div command and div conf) - Add test for password visible in mysql_history - Added Debian Lenny to binaries checks - And still lots of minor bugs corrections and improvements * 03 June 2010 YASAT 286 - Correct makefile * 26 May 2010 YASAT 280 - Better support of OpenBSD (securelevel, encrypted swap, etc...) - apache mod_deflate tests - more kernel test - Inetd basic support * 02 March 2010 YASAT 247 - Better support of RedHat yasat/tests/0000750000175000017500000000000011714714441013572 5ustar montjoiemontjoieyasat/tests/test.test0000750000175000017500000000603011677022160015452 0ustar montjoiemontjoie#!/bin/bash ################################################################################ # # # Copyright (C) 2008-2012 LABBE Corentin # # YASAT is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # YASAT is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with YASAT. If not, see . # # ################################################################################ export PLUGINS_REP="./tests" DEBUG=0 QUIET=0 . ./common . ./osdetection FindValueOfEqual $PLUGINS_REP/test.data test echo "test $RESULTAT" if [ "$RESULTAT" != '0' ] then exit 1 fi FindValueOfEqual $PLUGINS_REP/test.data test1 echo "test1 $RESULTAT" if [ "$RESULTAT" != '1' ] then exit 1 fi FindValueOfEqual $PLUGINS_REP/test.data test2 echo "test2 $RESULTAT" if [ "$RESULTAT" != '2' ] then exit 1 fi FindValueOfEqual $PLUGINS_REP/test.data test3 echo "test3 $RESULTAT" if [ "$RESULTAT" != '3' ] then exit 1 fi FindValueOfEqual $PLUGINS_REP/test.data test4 echo "test4 $RESULTAT" if [ "$RESULTAT" != '4' ] then exit 1 fi FindValueOfEqual $PLUGINS_REP/test.data test5 echo "test5 $RESULTAT" if [ "$RESULTAT" != '5' ] then exit 1 fi FindValueOfEqual $PLUGINS_REP/test.data test6 echo "test6 $RESULTAT" if [ "$RESULTAT" != '6' ] then exit 1 fi FindValueOfEqual $PLUGINS_REP/test.data test7 echo "test7 $RESULTAT" if [ "$RESULTAT" != '7' ] then exit 1 fi FindValueOfEqual $PLUGINS_REP/test.data test8 echo "test8 $RESULTAT" if [ "$RESULTAT" != '8' ] then exit 1 fi FindValueOf $PLUGINS_REP/test.data test9 echo "test9 $RESULTAT" if [ "$RESULTAT" != '9' ] then exit 1 fi FindValueOfEqual $PLUGINS_REP/test.data test10 echo "test10 $RESULTAT" if [ "$RESULTAT" != '10' ] then exit 1 fi FindValueOfEqual $PLUGINS_REP/test.data test11 echo "test11 $RESULTAT" if [ "$RESULTAT" != '11' ] then exit 1 fi echo "Test 1 toto" get_path_from_apache_directives '' echo " $RESULTAT" echo "Test 2 toto/" get_path_from_apache_directives '' echo " $RESULTAT" echo "Test 3 /" get_path_from_apache_directives '' echo " $RESULTAT" echo "Test 4 /i" get_path_from_apache_directives '' echo " $RESULTAT" echo "Got 666 want 640" compare_right 666 640 YES qa_test $? 2 echo "Got 777 want 640" compare_right 777 640 YES qa_test $? 2 echo "Got 400 want 640" compare_right 400 640 YES qa_test $? 0 echo "Got 400 want 640 (strict)" compare_right 400 640 NO qa_test $? 3 #check_system_cron yasat/tests/test_links.bash0000750000175000017500000000074211714712404016613 0ustar montjoiemontjoie#!/bin/bash grep -ri 'http://' * | grep -v .svn | sed 's,http://,\nhttp://,g' | grep ^http | cut -d\ -f1 |\ grep -viE 'www.gnu.org/licenses|yasat.sourceforge.net|fsf.org|your-proxy:8080|sf.net/yasat/yasat|www.gnu.org/philosophy/why-not-lgpl' |\ grep -viE 'downloads.sourceforge.net/project/yasat|ftp.jp.debian.org/debian-non-US' \ | sed 's,,,' | cut -d\" -f1 | while read line do wget -q $line -O plop echo "test $line" if [ $? -ne 0 ] ; then echo "PAS BON" fi done yasat/tests/test.data0000640000175000017500000000021311677022160015377 0ustar montjoiemontjoietest=0 test1=1 test2 = 2 test3 =3 test4= 4 test5= 5 test6 =6 test7 = 7 test8 = 8 test9 9 test10 = 10;commentaire test11 = 11#commentaire yasat/tests/monotest.test0000640000175000017500000000371411677022160016347 0ustar montjoiemontjoie#!/bin/bash ################################################################################ # # # Copyright (C) 2008-2012 LABBE Corentin # # YASAT is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # YASAT is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with YASAT. If not, see . # # ################################################################################ export APACHE_VHOST="/etc/apache2/vhosts.d/" export APACHE_CONF_REP="/etc/apache2" export APACHE_BIN="/usr/sbin/apache2" export PHP_CONF_REP="/etc/php/apache2-php5/" POSSIBLE_APACHE_CONFIG_LOCATION="/etc/apache2 /etc/apache /usr/local/etc/httpd /usr/local/etc/apache22 /usr/apache22/etc" POSSIBLE_SNMP_DAEMON_CONFIG_LOCATION="/etc/snmpd /etc/snmp /usr/local/etc/snmpd /usr/local/etc/snmp /usr/local/etc" POSSIBLE_PHP_CONF_REP="/etc/php.ini /etc/php5/apache2/php.ini /private/etc/php.ini /etc/php/apache2-php5/php.ini /usr/local/etc/php.ini /usr/local/lib/php.ini /var/www/conf/php.ini" export DEBUG=0 export CRONJOB=0 export QUIET=0 SCANTYPE='FULL' export PLUGINS_REP="./plugins" . ./common . ./osdetection Display --indent 2 --text "- Detecting OS... " --result DONE --color GREEN echo ${LINUX_VERSION} ${OS} $OS_FULLNAME ADVICELANG='EN' LISTE_ADVICE=`ls $PLUGINS_REP/*advice` grep $ADVICELANG $LISTE_ADVICE > yasat.advices . $1 yasat/BUGS0000640000175000017500000000013511677022132013110 0ustar montjoiemontjoieBUG1 on OpenBSD makefile dont work (SOLVED) BUG2 on OpenBSD sed 's///gI' dont work (SOLVED) yasat/man/0000750000175000017500000000000011756442071013206 5ustar montjoiemontjoieyasat/man/yasat.80000640000175000017500000000552011756442071014423 0ustar montjoiemontjoie.TH YASAT 8 "21 May 2012" "526" "YASAT 526" .SH "NAME" \fB \fB \fB YASAT \fP\- simple stupid audit tool \fB .SH "SYNOPSIS" \fByasat .RB [\-\-standard(\-s)] .RB [\-\-list(\-l)] .RB [\-\-debug(\-d)] .RB [\-\-help(\-h)] .RB [\-\-html(\-H)] .RB [\-\-html-output .IR PATH ] .RB [\-\-advice-lang .IR LANG ] .RB [\-\-full-scan(\-f)] .RB [\-\-plugins-dir(\-P) .IR PATH ] .RB [\-\-nopause(\-a)] .RB [\-\-plugin(\-1) .IR PATH] .RB [\-\-Plugin(\-p) .IR NAME] .RB [\-\-print-level .IR X] .RB [\-\-check-update] .SH "DESCRIPTION" \fBYASAT\fP (Yet Another Stupid Audit Tool) is a simple stupid audit tool. Its goal is to be as simple as possible with minimum binary dependencies (only sed, grep and cut) Second goal is to document each test with maximum information and links to official documentation. It do many tests for checking security configuration issue or others good practice. .PP It checks many software configurations like: Apache, Bind DNS, CUPS, PHP, kernel configuration, mysql, network configuration, openvpn, Packages update, samba, snmpd, squid, tomcat, user accounting, vsftpd, xinetd, .SH "OPTIONS" .TP .B \-\-standard (or \-a) YASAT will performs a standard check of the system, printing out the results of each test to stdout. A log is also created in ~/.yasat/yasat.result by default .TP .B \-\-list (or \-l) List all plugins available .TP .B \-\-html (or \-H) YASAT will export results in html (default to ~/yasat/yasat.html) .TP .B \-\-html-output PATH With -H, this option permit to change the file where to store html output. .TP .B \-\-advice-lang LANG By default, YASAT print message in english (EN), you can change the displayed lang with this option. LANG is the 2letter digit of the lang you want. For the moment only EN is supported. .TP .B \-\-full-scan (or \-f) YASAT will do extra (long) tests (lots of find). .TP .B \-\-plugins-dir PATH (or \-P) Set the path where YASAT can find plugins to use. (default is ./plugins ) .TP .B \-\-nopause (or \-a) By default, YASAT made a pause after each plugin. For automatize tests you can use this. .TP .B \-\-plugin PATH (or \-1) YASAT will just use the plugin pointed by PATH (ex: yasat -1 kernel) .TP .B \-\-print-level x (or \-1) YASAT will print infos equal or above the level X (All = 0 (default), infos = 1 warnings(orange) = 2, errors(red) = 3 .TP .B \-\-skip TEST A comma separated list of tests to skip without the .test (ex: --skip nfs,ntp). See yasat --list for all tests. .TP .B \-\-check\-update Check if an update of YASAT exists .TP .B \-\-send\-support Like \-\-check\-update, but it will send also as parameter your OS version for statistics. In the future, perhaps also a sort of send_bugs. .SH "LICENSING" YASAT is licensed under the GPL v3 license and under development by LABBE Corentin. .SH "CONTACT INFORMATION" All contacts informations could be found at http://yasat.sourceforge.net/ yasat/yasat.css0000640000175000017500000000032011502432340014245 0ustar montjoiemontjoiediv.central { background-color: #FFFFFF; padding: 0.5em; } div.conf { background-color: #999999; padding: 0.5em; } div.command { background-color: #999999; padding: 0.5em; } h1 { border-bottom: 1px solid; }