System Local Audit Daemon 2.0 review
DownloadSLAD is a tool for performing local security checks against GNU/Linux systems. SLAD has been primarily developed for the BOSS proj
|
|
SLAD is a tool for performing local security checks against GNU/Linux systems.
SLAD has been primarily developed for the BOSS project to work together with Nessus to enhance its local scanning capabilities. For example, scanning for weak passwords with a tool like John-the-Ripper is something that simply cannot be achieved by a network scan.
Therefore, SLAD is required to be installed on every GNU/Linux system where local auditing needs to be done. SLAD can then be used as a stand-alone application or more conveniently through Nessus. For usage with Nessus two NASL plugins are provided for interfacing between Nessus and SLAD
The Version 2.0 provides a XML Interface for Parameters and easy integration of additional audit-parameters and tools. To help the administrator to integrate a new feature-set, a development-documentation is provided with the cvs.
SLAD has been tested and verified on the following platforms:
RedHat Fedora Core 3
SuSe 9.2
Debian 3.0 (woody)
Debian 3.1 (sarge)
ERPOSS3
Gentoo Linux 2004.3
SLAD is implemented in Perl and provides an extendable plugin architecture allowing to use various GPL-based security scanners and auditing tools under one common framework. Currently, SLAD comes packaged with
John-the-Ripper
Chkrootkit
LSOF
ClamAV
Tripwire
TIGER
As a result SLAD delivers reports of these locally installed auditing and analysis tools. When used with Nessus the individual reports are wrapped into a standard Nessus report.
SLAD as well as the SLAD NASL Plugins can be downloaded from this Website in their current stable release V2.0.
Installation:
You can use our "easy-to-use" GTK installer, this installer downloads the lastest SLAD Release Binary, and install it on the target system. You only need to provide the login for the traget system.
System Local Audit Daemon 2.0 search tags