Buck Security is a collection of security checks for Linux. It was designed for Debian and Ubuntu servers, but can be useful for any Linux system.
The aim of Buck Security is, to allow you to get a quick overview of the security status of your system. As a linux system administrator – but also as a normal linux user – you often wonder if your system is secure. In this situation it is useful to get an overvirew of the security status of the system immediately. Buck Security was designed exactly for this. It runs important tests and returns the results to you after a couple of minutes.
By now the following tests are implemented:
Searching for worldwriteable files
Searching for worldwriteable directories
Searching for programs where the setuid is set
Searching for programs where the setgid is set
Checking your umask
Checking if the sticky-bit is set for /tmp
Searching for superusers
Searching for installed attack tools packages
The next version of buck-security will be released soon in March 2010.
It will include major changes and new checks like
generate and verifiy checksums of important programs (/bin/, /sbin/,…)
check firewall (iptables) policies
check if sshd configuration is secure
More documentation is available HERE