- date
2011-10-20 11:38
- author
kura
- slug
amisecure
This program is still in Alpha phase and is nowhere near complete. It's purpose is quite simply to be run on a server and let you know if there are any possible security holes in your configuration. It is designed and configured around Debian so will not work properly on Red Hat-based distributions without modifications to the tests.
- OpenSSH
- nginx
- Apache2
- PHP5
- DenyHosts
Am I secure will open up your configuration files in the order that each program would include them in, for example Apache2 includes them in the following order on Debian-based systems;
- /etc/apache2/apache2.conf,
- /etc/apache2/mods-enabled/*,
- /etc/apache2/httpd.conf,
- /etc/apache2/ports.conf,
- /etc/apache2/conf.d/*,
- /etc/apache2/sites-enabled/*,
it will then run through each this, ignoring commented out config options and show you where things are configured insecurely.
Am I Secure is a tool that helps show possible security holes, but it is just a basic tool.
*Please note this is alpha software.*
- Python >2.6
Once downloaded simply run
sudo python amisecure.py
You can fork, modify and create pull requests on GitHub.