salut
Je suis en train de préparer mon petit-serveur distant.
j’ai installé le paquet tiger et j’ai lancé un scan.
Comme je m’y attendais, mon log n’est pas une merveille.
Après un temps fou " he oui newbie oblige" il me reste quelques alertes que je ne comprend pas.
serait il possible de m’aider. merci
Checking network configuration
–WARN-- [lin012w] The system accepts ICMP redirection messages
–FAIL-- [lin013f] The system is not protected against Syn flooding attacks
–FAIL-- [lin014f] The system permits the transmission of IP packets with
invalid addresses
–FAIL-- [lin016f] The system permits source routing from incoming packets
–WARN-- [lin017w] The system is not configured to log suspicious (martian)
packets
ou cela se corrige iptable ou autre ?
Checking for correct umask settings for init scripts…
–WARN-- [misc021w] There are no umask entries in /etc/init.d/rcS
rcS
…
#! /bin/sh
rcS
Call all S??* scripts in /etc/rcS.d/ in numerical/alphabetical order
exec /etc/init.d/rc S
la je vois pas :smt003
Checking services from /etc/services.
–WARN-- [inet003w] The port for service sieve is also assigned to service
cisco-sccp.
–WARN-- [inet003w] The port for service ndtp is also assigned to service
pipe_server.
–WARN-- [inet003w] The port for service ndtp is also assigned to service
search.
–WARN-- [inet003w] The port for service postgres is also assigned to service
postgresql.
–WARN-- [inet003w] The port for service postgres is also assigned to service
postgresql.
–WARN-- [inet003w] The port for service sane is also assigned to service
sane-port.
–WARN-- [inet003w] The port for service webcache is also assigned to service
http-alt.
–WARN-- [inet003w] The port for service webcache is also assigned to service
http-alt.
si le port est bien assigné alors pourquoi une alerte
Performing check of `cron’ entries…
–WARN-- [cron004w] Root crontab does not exist
–WARN-- [cron005w] Use of cron is not restricted
Checking entries from /etc/passwd.
–WARN-- [pass014w] Login (backup) is disabled, but has a valid shell.
–WARN-- [pass014w] Login (bin) is disabled, but has a valid shell.
–WARN-- [pass014w] Login (daemon) is disabled, but has a valid shell.
–WARN-- [pass014w] Login (games) is disabled, but has a valid shell.
–WARN-- [pass014w] Login (gnats) is disabled, but has a valid shell.
–WARN-- [pass014w] Login (irc) is disabled, but has a valid shell.
–WARN-- [pass014w] Login (libuuid) is disabled, but has a valid shell.
–WARN-- [pass014w] Login (list) is disabled, but has a valid shell.
–WARN-- [pass014w] Login (lp) is disabled, but has a valid shell.
–WARN-- [pass014w] Login (mail) is disabled, but has a valid shell.
–WARN-- [pass014w] Login (man) is disabled, but has a valid shell.
–WARN-- [pass014w] Login (news) is disabled, but has a valid shell.
–WARN-- [pass014w] Login (nobody) is disabled, but has a valid shell.
–WARN-- [pass014w] Login (proxy) is disabled, but has a valid shell.
–WARN-- [pass015w] Login ID sshd does not have a valid shell
(/usr/sbin/nologin).
–WARN-- [pass015w] Login ID sync does not have a valid shell (/bin/sync).
–WARN-- [pass014w] Login (sys) is disabled, but has a valid shell.
–WARN-- [pass014w] Login (uucp) is disabled, but has a valid shell.
–WARN-- [pass014w] Login (www-data) is disabled, but has a valid shell.
–WARN-- [pass006w] Integrity of password files questionable (/usr/sbin/pwck
-r)
pourtant tout le monde est la ??
less /etc/passwd
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/bin/sh
bin:x:2:2:bin:/bin:/bin/sh
sys:x:3:3:sys:/dev:/bin/sh
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/bin/sh
man:x:6:12:man:/var/cache/man:/bin/sh
lp:x:7:7:lp:/var/spool/lpd:/bin/sh
mail:x:8:8:mail:/var/mail:/bin/sh
news:x:9:9:news:/var/spool/news:/bin/sh
uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
proxy:x:13:13:proxy:/bin:/bin/sh
www-data:x:33:33:www-data:/var/www:/bin/sh
backup:x:34:34:backup:/var/backups:/bin/sh
list:x:38:38:Mailing List Manager:/var/list:/bin/sh
irc:x:39:39:ircd:/var/run/ircd:/bin/sh
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
libuuid:x:100:101::/var/lib/libuuid:/bin/sh
bind:x:101:103::/var/cache/bind:/bin/false
sshd:x:102:65534::/var/run/sshd:/usr/sbin/nologin
minusque:x:1000:1000::/home/minusque:/bin/bash
ntp:x:103:106::/home/ntp:/bin/false
Debian-exim:x:104:107::/var/spool/exim4:/bin/false
clamav:x:105:108::/var/lib/clamav:/bin/false