Ecora Auditor: UNIX Sample Reports

Back to Report Gallery

  • Documentation Reports:
  • Baseline Reports:
  • Change Reports:
  • Fact Finding Reports:
    • Vulnerability Assessment

      SANS and the FBI have produced a list of the top 10 most security vulnerabilities for UNIX systems: http://www.sans.org/top20/

      Ecora Auditor Professional provides many "out of the box" report definitions that focus on the vulnerabilities identified by SANS and the FBI.

      • RPC Vulnerability Assessment – This report identifies systems running any number of Remote Procedure Call (RPC) based services. RPC services is rated by SANS and the FBI as the most exploited vulnerability for UNIX systems. This report identifies any system running RPC services on the standard RPC service ports. If the system is required to run the RPC services, routinely check for patches related to these services.
      • SNMP Vulnerability Assessment – This report identifies systems running Simple Network Management Protocol (SNMP) processes. SNMP is rated by SANS and the FBI as the fourth most exploited vulnerability for UNIX systems. If the system is required to run SNMP services, routinely check for patches.
      • FTP Vulnerability Assessment – This report identifies systems running file transfer protocol (FTP) services. FTP is rated by SANS and the FBI as the fifth most commonly exploited vulnerability. If FTP is required on the system, stay up to date with the necessary patches from the operating system supplier. If FTP services are not required, make the necessary changes to /etc/inetd.conf to secure the system.
      • LPD Vulnerability Assessment – This report identifies systems running Line Printer Daemon services (LPD), rated by SANS and the FBI as seventh most exploited vulnerability for UNIX. This vulnerability most known for denial of service attacks. If LPD is required on the system, stay up to date with the necessary patches from the operating system supplier. If LPD services are not required, make the necessary changes to /etc/inetd.conf to secure the system.
    • Asset Management/Inventory Reporting:
      • Summary Report – This summary report identifies common system and network configuration settings to support routine inventory audits.
      • Operating System Report – Use this summary report for UNIX OS inventory information.
      • Network Interface Configuration – This summary report for UNIX Network Interface configuration settings is useful for asset management and inventory report for Network Management of IP addresses and default routing tables.
    • Capacity Planning reports:
      • Filesystem Usage – Supplement your capacity planning projects related to enterprise storage reporting. This report has two forms, static reporting or one-time configuration reporting and trending data by including the snapshot creation time in the report.
    • File Integrity:
      • File Integrity Appendix and Checksums – This sample report is intended to report on key system files. These files can be text or binary. This report provides ownership, permissions, size, modification date/times, and content (if it is a text file). If the file is a binary file, the checksum is reported.
    • Installed Patches