backup1.int.autonlab.org daily security run output

punosevac72 at gmail.com punosevac72 at gmail.com
Tue Oct 13 03:50:35 EDT 2015 

Checking setuid files and devices:

Checking negative group permissions:

backup1.int.autonlab.org changes in mounted filesystems:
--- /var/log/mount.today	2015-09-15 03:44:28.000000000 -0400
+++ /tmp/security.3khhKi6x	2015-10-13 03:50:34.395749802 -0400
@@ -1,8 +1,9 @@
 devfs			/dev			devfs	rw,multilabel 	0 0
 storage			/storage		zfs	rw,nfsv4acls 	0 0
 storage/attic		/storage/attic		zfs	rw,nfsv4acls 	0 0
+storage/attic at 2015-10-12_23.00.27--7d /storage/attic/.zfs/snapshot/2015-10-12_23.00.27--7d zfs	ro,nosuid,noatime,nfsv4acls 	0 0
 storage/backups		/storage/backups	zfs	rw,nfsv4acls 	0 0
-storage/backups at 2015-09-14_22.08.51--1m /storage/backups/.zfs/snapshot/2015-09-14_22.08.51--1m zfs	ro,nosuid,noatime,nfsv4acls 	0 0
+storage/backups at 2015-10-12_23.22.49--7d /storage/backups/.zfs/snapshot/2015-10-12_23.22.49--7d zfs	ro,nosuid,noatime,nfsv4acls 	0 0
 tank/ROOT/10.2-RELEASE-up-20150821_180424 /			zfs	rw,nfsv4acls 	0 0
 tank/root		/root			zfs	rw,nfsv4acls 	0 0
 tank/tmp		/tmp			zfs	rw,nfsv4acls 	0 0

Checking for uids of 0:
root 0
toor 0

Checking for passwordless accounts:

Checking login.conf permissions:

backup1.int.autonlab.org pf denied packets:
+++ /tmp/security.KBzVLjOm	2015-10-13 03:50:34.535750037 -0400
+block return in all [ Evaluations: 3261727 Packets: 1834903 Bytes: 1046834848 States: 0 ]
+block return quick from <bruteforce> to any [ Evaluations: 3261727 Packets: 0 Bytes: 0 States: 0 ]
+block return in quick on egress proto tcp from <sshguard> to any port = ssh label "ssh bruteforce" [ Evaluations: 3261727 Packets: 0 Bytes: 0 States: 0 ]
+block drop in quick on ! lo0 inet from 127.0.0.0/8 to any [ Evaluations: 3261727 Packets: 0 Bytes: 0 States: 0 ]
+block drop in quick from urpf-failed to any [ Evaluations: 3098989 Packets: 0 Bytes: 0 States: 0 ]
+block return in on ! lo0 proto tcp from any to any port 6000:6010 [ Evaluations: 3098989 Packets: 0 Bytes: 0 States: 0 ]

backup1.int.autonlab.org login failures:

backup1.int.autonlab.org refused connections:

Checking for packages with security vulnerabilities:
Database fetched: Mon Oct 12 03:56:40 EDT 2015
pcre-8.37_2
screen-4.3.1_1
go-1.4.2,1

-- End of security output --

More information about the Autonlab-sysinfo mailing list