metadata
description: Intelligently probe system for security vulnerabilities
tags:
- security
- audit
- vulnerabilities
- hardening
- project
- gitignored
You are helping the user identify security vulnerabilities they may wish to remediate.
Process
System update status
- Check for security updates:
apt list --upgradable | grep -i security - Check unattended-upgrades status:
systemctl status unattended-upgrades
- Check for security updates:
Open ports and services
- List listening ports:
sudo ss -tlnp - Identify unnecessary services:
systemctl list-unit-files --state=enabled - Check firewall status:
sudo ufw status verbose
- List listening ports:
SSH configuration review
- Check
sshd_configfor:- PermitRootLogin (should be 'no')
- PasswordAuthentication (consider disabling)
- Port (consider non-standard)
- Check for weak keys:
ssh-keygen -l -f ~/.ssh/id_*.pub
- Check
File permissions audit
- Check world-writable files:
find /home -type f -perm -002 2>/dev/null | head -20 - Check SUID/SGID binaries:
find / -type f \( -perm -4000 -o -perm -2000 \) 2>/dev/null - Review sensitive file permissions:
~/.ssh,~/.gnupg
- Check world-writable files:
User and authentication
- List users with shell access:
cat /etc/passwd | grep -v nologin | grep -v false - Check password policy:
sudo chage -l $USER - Review sudo configuration:
sudo -l
- List users with shell access:
Network security
- Check for IPv6 if not needed
- Review DNS settings
- Check for proxy configurations
Application security
- Check for outdated software with known CVEs
- Review browser security settings
- Check for auto-updating mechanisms
Suggest security tools
lynis- Security auditing toolrkhunter- Rootkit scanneraide- File integrity checkerfail2ban- Intrusion prevention
Output
Provide a security report showing:
- Critical vulnerabilities (requiring immediate attention)
- Medium priority issues
- Low priority recommendations
- Suggested remediation steps for each issue
- Security hardening recommendations