Product SiteDocumentation Site

第 8 章 Debian 中的安全工具

8.1. 远程风险评估工具
8.2. 网络扫描器工具
8.3. 内部审计
8.4. 源代码的审核
8.5. 虚拟专用网
8.5.1. 点对点隧道
8.6. 公钥机制 (PKI)
8.7. SSL 机制
8.8. 病毒工具
8.9. GPG 代理
FIXME: 需要更多内容.
Debian provides also a number of security tools that can make a Debian box suited for security purposes. These purposes include protection of information systems through firewalls (either packet or application-level), intrusion detection (both network and host based), vulnerability assessment, antivirus, private networks, etc.
从 Debian 3.0(woody) 开始, 发行版就具有了将密码软件集成到主发行版中的特点. 缺省安装包括 OpenSSH 和 GPG(GNU Privacy Guard), 在浏览器, web服务器, 数据库, 等等中也出现了高强度加密. 计划在未来的发行版中, 进一步集成数据加密. 由于美国的出口限制, 这种软件是不允许随主发行版发布的, 只能包含在 non-US 站点上.

8.1. 远程风险评估工具

The tools provided by Debian to perform remote vulnerability assessment are: [55]
  • nessus
  • raccess
  • nikto (whisker's replacement)
显然, 最完善和最新的工具是 nessus, 它由一个GUI客户端(nessus), 和一个负责攻击的服务器端(nessusd)组成. Nessus 包括许多系统的远程漏洞如网络工具, ftp 服务器, www 服务器, 等等. 最新版本甚至可以解析网站, 并设法发现可以用于攻击的交互式页面. 并且还提供(没有包含在 Debian 中)用于连接管理服务器的 java 和 Win32 客户端.
nikto is a web-only vulnerability assessment scanner including anti-IDS tactics (most of which are not anti-IDS anymore). It is one of the best cgi-scanners available, being able to detect a WWW server and launch only a given set of attacks against it. The database used for scanning can be easily modified to provide for new information.

[55] Some of them are provided when installing the harden-remoteaudit package.