OnWorks favicon

lsat - Online in the Cloud

Run lsat in OnWorks free hosting provider over Ubuntu Online, Fedora Online, Windows online emulator or MAC OS online emulator

This is the command lsat that can be run in the OnWorks free hosting provider using one of our multiple free online workstations such as Ubuntu Online, Fedora Online, Windows online emulator or MAC OS online emulator



lsat - a security auditing tool


lsat [OPTION]


Linux Security Auditing Tool (LSAT) is a post install security auditing tool. It is
modular in design, so new features can be added quickly. It checks inetd entries and scans
for unneeded RPM packages. It is being expanded to work with Linux distributions other
than Red Hat, and checks for kernel versions.

Output is in lsat.out. On subsequent runs, previous output is in lsat.old.


diff current and old md5 runs, output in lsatmd5.diff

-m <distribution> Force a specific distribution test Names are: redhat, debian,
mandrake, solaris, gentoo

-h Show LSAT help

Show LSAT advanced help

-o <filename> Output filename, default is last.out

-r Check rpm integrity. RedHat or Mandrake only.

-s Be silent. No output at all.

-x <filename>
Filename is a text file consisting of modules to
exclude from being run. This should be a comma,
tab or newline delimited file, with just the name(s)
below one wishes to exclude.
Module names (with a small description) are:

bpass check for bootloader passwd
cfg check runlevel daemons (redhat)
dotfiles check for dotfiles
files check for sticky bits, etc
forward check for network forwarding
ftpusers check ftpusers file for bad entries
inetd check for unneeded services
inittab check runlevel, etc.
ipv4 check for other things in ipv4
issue check issue banner
kbd check kbd/login perms
limits check limits file
logging check for enough logging
md5 perform md5 of all files on sys
modules check for loadable kern mod.
net check network
open check open files
passwd check passwd file for bad entries
perms check permissions on files
pkgs check for unwanted packages
promisc are we in promisc mode?
rc check for unwanted rc files
rpm perform rpm integrity check
securetty check secure tty
set check for SUID files
ssh check ssh config
startx check for tcp listening in X
umask check default umask
write check world read/write files
www output in html

-v Be verbose about it.

Output file is in html format.


Current modules are checkbpass, checkdotfiles, checkfiles, checkftpusers, checkhostsfiles,
checkinetd, checkipv4, checkissue, checkkbd, checklimits, checkmodule, checkmd5, checknet,
checknetforward, checknetp, checkopenfiles, checkpasswd, checkperms, checkpkgs, checkrc,
checkrpm, checksecuretty, checkset, checkssh, checkumask, checkwrite and checkwww. A breif
description is included in each module. Writing a module is fairly easy and
straightforward. See README.modules for more information.

Use lsat online using onworks.net services

Free Servers & Workstations

Download Windows & Linux apps

Linux commands

  • 1
    4g8 - Packet Capture and Interception
    for Switched Networks ...
    Run 4g8
  • 2
    4s-admin � 4store cluster management
    tool ...
    Run 4s-adminJ
  • 3
    cpipe - copy stdin to stdout while
    counting bytes and reporting progress ...
    Run cpipe
  • 4
    cplay - a front-end for various audio
    players ...
    Run cplay
  • 5
    g.ppmtopng - Converts between PPM/PGM
    and PNG image formats. KEYWORDS:
    general, display ...
    Run g.ppmtopnggrass
  • 6
    g.proj - Prints or modifies GRASS
    projection information files (in various
    co-ordinate system descriptions). Can
    also be used to create new GRASS
    locations. KE...
    Run g.projgrass
  • More »