buck-security / News: Recent posts

Because of some troubling developments at SourceForge buck-security has moved to github and now resides at https://github.com/davewood/buck-security Please download the latest releases directly from github. The SourceForge page will not be updated anymore.

The Linux security scanner buck-security is looking for a new lead developer and maintainer!
buck-security is still heavily used by many people (it was downloaded more than 200 times last month), unfortunately I didn't had time to continue development over the last couple of years. That doesn't mean that there isn't a lot of stuff that could be done to improve buck-security. Additional checks could be added, the usability further increased or a much needed .deb package created.... read more

We're happy to announce that buck-security has a new project maintainer now, user name mulhern. mulhern has worked on the integration of buck-security to the yocto project (see https://www.yoctoproject.org/blogs/andrei-dinu/2013/meta-security-layer-now-available) and provided a major patch. The patch (see http://git.yoctoproject.org/cgit/cgit.cgi/poky-contrib/commit/?h=mulhern/buck-security-final&id=786823656dce8845424cf7f0d31af48588376c4a) will be included in the next release of buck-security.

We are proud to annouce the release ob buck-security 0.6, our security scanner for Debian and Ubuntu Linux.
buck-security is a collection of security checks for Linux. It was designed for Debian and Ubuntu servers, but can be useful for any Linux system.

There have been some major and minor changes in this release.

We added 1 new check:
- Check for listening services (learn more at http://www.buck-security.org/documentation.html#c_services\)... read more

The next version 0.6 of buck-security will be released soon in May 2010.
buck-security is a security scanner for Linux. It was designed for Debian and Ubuntu servers, but can be useful for any Linux system.

The new version 0.6 will include major changes and 2 new checks. The most important changes will be:

* buck-security 0.6 will be provided as a debian package too
* check for running services (open ports)
* check for users that can login
* improved results output (links included where to find more information)

The support forum for buck-security where you can ask your question and propose new features is now open for everybody (no registration needed anymore to post new topics).

Check out at http://sourceforge.net/projects/buck-security/forums

We are proud to annouce the release ob buck-security 0.5, our security scanner for Debian and Ubuntu Linux.
Buck Security is a collection of security checks for Linux. It was designed for Debian and Ubuntu servers, but can be useful for any Linux system.

There have been some major and minor changes in this Release.

We added 3 new checks:
- Check firewall policies
- Check if sshd is secured (thanks to Jef Lui for his help)
- Make and check checksums of system programs... read more

Buck-security is now on Twitter.
http://twitter.com/bucksecurity
Follow us for news, announcements and stories from behind the scenes.

The next version of buck-security will be released soon in March 2010.

It will include major changes and new checks like:

* generate and verifiy checksums of important programs (/bin/, /sbin/,...)
* check firewall (iptables) policies
* check if sshd configuration is secure

We are proud to annouce the release ob buck-security 0.4
Buck Security is a collection of small security checks for Linux. It was designed for Debian server, but can be useful for any Linux system.

There have been many major and minor changes.

The most important are:
- Wildcards (*) are now possible in the exceptions
- it is now possible to add checks written in perl as well
- added new check to search for superusers
- added new check to search for attack tools packages... read more

Buck-Security is a collection of small security checks for Debian Linux. It enables you to quickly overview the security status of your Debian Linux Server.

We are proud to announce the release of buck-security 0.3. The latest version marks a major step in the development since it gives us the base for the next upcoming features.

buck-security 0.3 includes the following new features:

* Bugfix - fixed a bug which gave a false warning in version 0.2... read more

During the next days a new version of buck-security will be released.

Improvements:
- fixed a bug which gave a false warning in version 0.2
- added default whitelists for all checks, based on a standard Debian Lenny server
- improved documentation
- improved output

There is a small, stupid bug in version 0.2

Description:
You'll get a warning even if there are no alerts. For example: if there aren't any worldwriteable files on your system (which is normal) you'll get a warning anyway.

This bug will be fixed in the upcoming version 0.3 which will be released in the next days.
http://sourceforge.net/projects/buck-security/