- Monitor file integrity by generating a hash and verify it with Nessus
Some daemon processes on the remote host are associated with programs that have been installed manually.
System administration best practice dictates that an operating system’s native package management tools be used to manage software installation, updates, and removal whenever possible.
The remote SSH server is configured to allow either MD5 or 96-bit MAC algorithms, both of which are considered weak.
Note that this plugin only checks for the options of the SSH server, and it does not check for vulnerable software versions.
The SSH server is configured to support Cipher Block Chaining (CBC) encryption. This may allow an attacker to recover the plaintext message from the ciphertext.
Note that this plugin only checks for the options of the SSH server and does not check for vulnerable software versions.
Resources used for creating custom Nessus Auditfile for Red Hat Enterprise:
I’m working on a custom Linux auditfile with Oracle checks.
I want this audit file to be generic, so no hardcoded instance names in the auditfile.