| Test code |
Imp Score
|
Res Score
|
| 1 User Passwords |
|
|
| 1.1 Duplicate names in password file |
3
|
6
|
| 1.2 Users without passwords |
9
|
7
|
| 1.3 Disabled accounts |
2
|
4
|
| 1.4 Incorrect number of fields |
4
|
5
|
| 1.5 Unmatched password file entries |
6
|
9
|
| 1.6 Password lifetimes |
6
|
9
|
| 1.7 Account information |
1
|
1
|
| 2 User UIDs |
|
|
| 2.1 UID=0 |
4
|
5
|
| 2.2 No UID |
7
|
9
|
| 2.3 Invalid UIDs |
7
|
7
|
| 2.4 Duplicate UIDs in the password file |
4
|
9
|
| 3 User GIDs |
|
|
| 3.1 Users with GID=0 |
3
|
8
|
| 3.2 Users with no GID |
4
|
9
|
| 3.3 Users with an invalid GID |
5
|
7
|
| 3.4 Duplicate GIDs in the password file |
1
|
9
|
| 3.5 Non-existent GIDs |
3
|
9
|
| 4 User Home dirs. |
|
|
| 4.1 No home directory |
3
|
9
|
| 4.2 Invalid home directory |
5
|
9
|
| 4.3 Shared home directory |
3
|
9
|
| 4.4 Non-Sticky home directory |
3
|
5
|
| 4.5 Writeable home directory |
4
|
9
|
| 4.6 Home directory contains suspicious files |
7
|
7
|
| 5 User Shells |
|
|
| 5.1 No shell shown |
2
|
9
|
| 5.2 Invalid shells |
3
|
9
|
| 5.3 Shared shells |
3
|
9
|
| 5.4 Shells which are SUID/SGID |
4
|
9
|
| 5.5 Shells which are writeable |
4
|
9
|
| 6 Groups |
|
|
| 6.1 Duplicate group names |
3
|
7
|
| 6.2 Password protected |
1
|
2
|
| 6.3 Improper number of fields |
2
|
8
|
| 6.4 No users |
2
|
9
|
| 6.5 Non-existent users |
2
|
9
|
| 6.6 Duplicate users |
2
|
9
|
| 6.7 Users in each group |
1
|
1
|
| 7 Group GIDs |
|
|
| 7.1 GID=0 |
3
|
8
|
| 7.2 No GID |
2
|
8
|
| 7.3 Invalid GIDs |
3
|
8
|
| 7.4 Duplicate GIDs |
2
|
9
|
| 8 Files |
|
|
| 8.1 Files - Unknown owners |
2
|
7
|
| 8.2 Files - Unknown groups |
2
|
9
|
| 8.3 Files - WORLD writeable |
6
|
7
|
| 8.4 Files - WORLD executable |
5
|
1
|
| 8.5 Files - GROUP writeable |
3
|
9
|
| 8.6 Files - GROUP executable |
3
|
1
|
| 8.7 Files - Uneven privileges |
5
|
7
|
| 8.8 Files - SUID |
3
|
1
|
| 8.9 Files - SGID |
2
|
1
|
| 8.10 Files - Sticky |
2
|
1
|
| 8.11 Files - SUID/SGID and WORLD executable/writeable |
5
|
5
|
| 8.12 Files likely to contain host information |
5
|
5
|
| 8.13 Startup files which are world writeable |
7
|
5
|
| 9 Directories |
|
|
| 9.1 Dir - Unknown owners |
4
|
5
|
| 9.2 Dir - Unknown groups |
3
|
8
|
| 9.3 Dir - WORLD writeable |
5
|
8
|
| 9.4 Dir - WORLD executable |
5
|
1
|
| 9.5 Dir - GROUP writeable |
4
|
9
|
| 9.6 Dir - GROUP executable |
4
|
5
|
| 9.7 Dir - Uneven privileges |
4
|
7
|
| 9.8 Dir - SGID |
3
|
9
|
| 9.9 Dir - Not Sticky |
3
|
7
|
| 10 FTP |
|
|
| 10.1 Anonymous FTP bin directory has wrong owner |
3
|
1
|
| 10.2 Anonymous FTP etc directory has wrong owner |
5
|
1
|
| 10.3 Anonymous FTP home directory has wrong owner |
4
|
2
|
| 11 /etc |
|
|
| 11.1 Directories under /etc has world write access |
4
|
1
|
| 11.2 File /etc/default/passwd has insecure permissions |
5
|
7
|
| 11.3 File /etc/profile has insecure permissions |
4
|
1
|
| 12 Log files |
|
|
| 12.1 The login log file does not exist |
4
|
5
|
| 12.2 Login log not owned by user root and group root or
sys |
5
|
5
|
| 14 AIX |
|
|
| 15 NIS |
|
|
| 15.1 Is NIS being used. |
1
|
1
|