You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Running checksec with --kernel on CentOS pollutes the output with errors for missing files:
sudo src/ossec/scripts/checksec.sh/checksec --kernel
* Kernel protection information:
Description - List the status of kernel protection mechanisms. Rather than
inspect kernel mechanisms that may aid in the prevention of exploitation of
userspace processes, this option lists the status of kernel configuration
options that harden the kernel itself against attack.
Kernel config:
/boot/config-2.6.32-754.9.1.el6.x86_64
Warning: The config on disk may not represent running kernel config!
Vanilla Kernel ASLR: Full
Protected symlinks: Disabled
Protected hardlinks: Disabled
Ipv4 reverse path filtering: Enabled
Ipv6 reverse path filtering: Disabled
Kernel heap randomization: Enabled
GCC stack protector support: Enabled
Enforce read-only kernel data: Enabled
Enforce read-only module data: Disabled
Exec Shield: Disabled
Restrict /dev/kmem access: Enabled
* X86 only:
* SELinux: Enforcing
Checkreqprot: cat: /sys/fs/selinux/checkreqprot: No such file or directory
Disabled
Deny Unknown: cat: /sys/fs/selinux/deny_unknown: No such file or directory
Disabled
* grsecurity / PaX: No GRKERNSEC
The grsecurity / PaX patchset is available here:
http://grsecurity.net/
Likewise, the respective JSON is broken:
{ "kernel": { "KernelConfig":"/boot/config-2.6.32-754.9.1.el6.x86_64","randomize_va_space":"full","protect_symlinks":"no","protect_hardlinks":"no","ipv4_rpath":"yes","ipv6_rpath":"no","kernel_heap_randomization":"yes","gcc_stack_protector":"yes","ro_kernel_data":"yes","ro_module_data":"no","restrict_dev_kmem_access":"yes",},"selinux":{ "enabled":"yes", "mode":"enforcing"cat: /sys/fs/selinux/checkreqprot: No such file or directory , "checkreqprot":"no"cat: /sys/fs/selinux/deny_unknown: No such file or directory
, "deny_unknown":"no" },"grsecurity": { "grsecurity_config":"no" } }
Debug Report
***** Checksec debug *****
uid=0(root) gid=0(root) groups=0(root) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
Linux xxx 2.6.32-754.9.1.el6.x86_64 #1 SMP Thu Dec 6 08:02:15 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
checksec version: 1.11.0 -- 2018122701
OS=CentOS release 6.10 (Final)
VER=2.6.32-754.9.1.el6.x86_64
-rwxr-xr-x. 1 root root 48568 Jun 19 2018 /bin/cat
/bin/cat: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.18, stripped
lrwxrwxrwx. 1 root root 4 Dec 10 19:10 /bin/awk -> gawk
-rwxr-xr-x. 1 root root 382752 Nov 10 2015 /bin/gawk
/bin/gawk: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.18, stripped
-rwxr-xr-x. 1 root root 19376 Jun 1 2018 /sbin/sysctl
/sbin/sysctl: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.18, stripped
-rwxr-xr-x. 1 root root 27776 Jun 19 2018 /bin/uname
/bin/uname: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.18, stripped
-rwxr-xr-x. 1 root root 38048 Jun 19 2018 /bin/mktemp
/bin/mktemp: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.18, stripped
-rwxr-xr-x. 1 root root 548184 Mar 22 2017 /usr/bin/openssl
/usr/bin/openssl: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.18, stripped
-rwxr-xr-x. 1 root root 167840 Mar 22 2017 /bin/grep
/bin/grep: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.18, stripped
-rwxr-xr-x. 1 root root 50984 Jun 19 2018 /usr/bin/stat
/usr/bin/stat: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.18, stripped
-rwxr-xr-x. 1 root root 19784 May 10 2016 /usr/bin/file
/usr/bin/file: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.18, stripped
-rwxr-xr-x. 1 root root 239000 Mar 1 2016 /bin/find
/bin/find: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.18, stripped
-rwxr-xr-x. 1 root root 36136 Jun 19 2018 /usr/bin/head
/usr/bin/head: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.18, stripped
-rwxr-xr-x. 1 root root 89504 Jun 1 2018 /bin/ps
/bin/ps: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.18, stripped
-rwxr-xr-x. 1 root root 40056 Jun 19 2018 /bin/readlink
/bin/readlink: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.18, stripped
-rwxr-xr-x. 1 root root 26264 Jun 19 2018 /bin/basename
/bin/basename: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.18, stripped
-rwxr-xr-x. 1 root root 32720 Jun 19 2018 /usr/bin/id
/usr/bin/id: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.18, stripped
-rwxr-xr-x. 1 root root 25528 Sep 23 2011 /usr/bin/which
/usr/bin/which: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.18, stripped
-rwxr-xr-x. 1 root root 366848 Mar 21 2017 /usr/bin/wget
/usr/bin/wget: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.18, stripped
-rwxr-xr-x. 1 root root 134504 Apr 3 2017 /usr/bin/curl
/usr/bin/curl: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.18, stripped
-rwxr-xr-x. 1 root root 303440 Jun 19 2018 /usr/bin/readelf
/usr/bin/readelf: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.18, stripped
-rwxr-xr-x. 1 root root 178616 May 10 2016 /usr/bin/eu-readelf
/usr/bin/eu-readelf: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.18, stripped
Command run to produce the error
Running checksec --kernel in Centos6 should suffice.
OS version and Kernel version
centos6 2.6.32-754.9.1.el6.x86_64 #1 SMP Thu Dec 6 08:02:15 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
Debug output
Same as --kerel output.
The text was updated successfully, but these errors were encountered:
Issue
Running checksec with
--kernel
on CentOS pollutes the output with errors for missing files:Likewise, the respective JSON is broken:
Debug Report
Command run to produce the error
Running
checksec --kernel
in Centos6 should suffice.OS version and Kernel version
centos6 2.6.32-754.9.1.el6.x86_64 #1 SMP Thu Dec 6 08:02:15 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
Debug output
Same as --kerel output.
The text was updated successfully, but these errors were encountered: