uranus.int.autonlab.org daily security run output

punosevac72 at gmail.com punosevac72 at gmail.com
Thu Jul 30 03:07:57 EDT 2015 

Checking setuid files and devices:

Checking negative group permissions:

uranus.int.autonlab.org changes in mounted filesystems:
--- /var/log/mount.today	2015-07-25 03:01:04.000000000 -0400
+++ /tmp/security.xGATjvDQ	2015-07-30 03:07:56.989493013 -0400
@@ -1,3 +1,14 @@
+archive			/archive		zfs	rw,nfsv4acls 	0 0
+archive/attic		/archive/attic		zfs	rw,nfsv4acls 	0 0
+backups			/backups		zfs	rw,nfsv4acls 	0 0
+backups/data		/backups/data		zfs	rw,nfsv4acls 	0 0
+backups/home		/backups/home		zfs	rw,nfsv4acls 	0 0
+backups/project		/backups/project	zfs	rw,nfsv4acls 	0 0
+backups/project/project	/backups/project/project zfs	rw,noatime,nfsv4acls 	0 0
+data0			/data0			zfs	rw,nfsv4acls 	0 0
+data0/ari0		/data0/ari0		zfs	rw,nfsv4acls 	0 0
+data1			/data1			zfs	rw,nfsv4acls 	0 0
+data1/ari1		/data1/ari1		zfs	rw,nfsv4acls 	0 0
 devfs			/dev			devfs	rw,multilabel 	0 0
 tank/ROOT/10.1-RELEASE-p25-up-20150725_003653 /			zfs	rw,noatime,nfsv4acls 	0 0
 tank/root		/root			zfs	rw,nfsv4acls 	0 0

Checking for uids of 0:
root 0
toor 0

Checking for passwordless accounts:

Checking login.conf permissions:

uranus.int.autonlab.org ipfw denied packets:

uranus.int.autonlab.org pf denied packets:
+++ /tmp/security.wbhdp9BC	2015-07-30 03:07:57.032491717 -0400
+block return in all [ Evaluations: 399914 Packets: 205978 Bytes: 117277082 States: 0 ]
+block return quick from <bruteforce> to any [ Evaluations: 399919 Packets: 0 Bytes: 0 States: 0 ]
+block return in quick on egress proto tcp from <sshguard> to any port = ssh label "ssh bruteforce" [ Evaluations: 399913 Packets: 0 Bytes: 0 States: 0 ]
+block drop in quick on ! lo0 inet from 127.0.0.0/8 to any [ Evaluations: 399915 Packets: 0 Bytes: 0 States: 0 ]
+block drop in quick from urpf-failed to any [ Evaluations: 366288 Packets: 0 Bytes: 0 States: 0 ]
+block return in on ! lo0 proto tcp from any to any port 6000:6010 [ Evaluations: 366296 Packets: 0 Bytes: 0 States: 0 ]

uranus.int.autonlab.org kernel log messages:
+++ /tmp/security.Xh2QJWQi	2015-07-30 03:07:57.052491711 -0400
+igb0: promiscuous mode enabled
+lo0: promiscuous mode enabled
+igb0: promiscuous mode disabled
+lo0: promiscuous mode disabled
+igb0: promiscuous mode enabled
+lo0: promiscuous mode enabled
+igb0: promiscuous mode disabled
+lo0: promiscuous mode disabled
+igb0: promiscuous mode enabled
+lo0: promiscuous mode enabled
+igb0: promiscuous mode disabled
+lo0: promiscuous mode disabled
+igb0: promiscuous mode enabled
+lo0: promiscuous mode enabled
+igb0: promiscuous mode disabled
+lo0: promiscuous mode disabled
+igb0: promiscuous mode enabled
+lo0: promiscuous mode enabled
+igb0: promiscuous mode disabled
+lo0: promiscuous mode disabled
+warning: KLD '/boot/kernel/smbus.ko' is newer than the linker.hints file
+ipmi0: <IPMI System Interface> port 0xca2,0xca3 on acpi0
+ipmi0: KCS mode found at io 0xca2 on acpi
+ipmi0: IPMI device rev. 1, firmware rev. 1.86, version 2.0
+ipmi0: Number of channels 2
+ipmi0: Attached watchdog
+ppc0: cannot reserve I/O port range

uranus.int.autonlab.org login failures:

uranus.int.autonlab.org refused connections:

Checking for packages with security vulnerabilities:
Database fetched: Wed Jul 29 03:01:10 EDT 2015
libxml2-2.9.2_2
php55-5.5.24
curl-7.42.1
pcre-8.35_2
libressl-2.1.6
php55-gd-5.5.24
ruby-2.0.0.645,1

-- End of security output --

More information about the Autonlab-sysinfo mailing list