Tools

Network Information

This is where you can lookup information on domains, IP addresses, and hostnames.

Tool Description
DNS Perform DNS lookup of a hostname.
Whois Perform Whois lookup of a domain or IP address.
Geo Lookup the location of a hostname or IP address.
Map Display the location of a hostname or IP address on a Map.
ASN Lookup the BGP Prefix / Country and Netblock Owner of a hostname or IP address.
Ping Ping a hostname or IP address.
Trace Traceoute a hostname or IP address.
DNSBL Find out if a hostname or IP address is listed in an DNS blacklist.
SURBL Find out if a domain name is listed in an DNS blacklist.
SPF Lookup the SPF records for a domain and check if they are valid.
HTTPS Lookup the SSL information for a domain.

Iptables Search

Search the iptables and ip6tables rules for a match (IP address, CIDR, Port Number).

Security Check

Perform a basic security, stability and settings check on the server. If you set the fequency to daily, weekly, or monthly then an entry for the check will be added to the csf-cron file /etc/cron.d/csf-cron.

Firewall Checks
Check whether CSF is enabled
Check CSF is running
Check whether CSF is in TESTING mode
Check CSF AUTO_UPDATES option
Check whether lfd is enabled
Check incoming MySQL port
Check CSF LF_SSHD option
Check CSF LF_FTPD option
Check CSF LF_SMTPAUTH option
Check CSF LF_POP3D option
Check CSF LF_IMAPD option
Check CSF LF_HTACCESS option
Check CSF LF_MODSEC option
Check CSF SYSLOG_CHECK option
Check CSF LF_DIRWATCH option
Check CSF LF_INTEGRITY option
Server Check
Check /tmp permissions
Check /tmp ownership
Check /tmp is mounted as a filesystem
Check /var/tmp permissions
Check /var/tmp ownership
Check /var/tmp is mounted as a filesystem
Check /usr/tmp permissions
Check /usr/tmp ownership
Check /usr/tmp is mounted as a filesystem or is a symlink to /tmp
Check /dev/shm is mounted noexec,nosuid
Check for DNS recursion restrictions
Check for DNS random query source port
Check server runlevel
Check nobody cron
Check Operating System support
Check perl version
Check MySQL version
Check MySQL LOAD DATA disallows LOCAL
Check SUPERUSER accounts
Check for IPv6
Check for kernel logger
Server Check
Check SSHv1 is disabled
Check SSH on non-standard port
Check SSH PasswordAuthentication
Check SSH UseDNS
Check telnet port 23 is not in use
Server Services Check
Check server startup for cups
Check server startup for xfs
Check server startup for nfslock
Check server startup for canna
Check server startup for FreeWnn
Check server startup for cups-config-daemon
Check server startup for iiim
Check server startup for mDNSResponder
Check server startup for nifd
Check server startup for rpcidmapd
Check server startup for bluetooth
Check server startup for anacron
Check server startup for gpm
Check server startup for saslauthd
Check server startup for avahi-daemon
Check server startup for avahi-dnsconfd
Check server startup for hidd
Check server startup for pcscd
Check server startup for sbadm

RBL Check

Perform a check to see if the servers IP addresses are listed in any real-time blackhole lists. If you set the fequency to daily, weekly, or monthly then an entry for the check will be added to the csf-cron file /etc/cron.d/csf-cron.

Services

Monitor the status of the iptables firewall and login failure daemon.

IPtables Test

Check that iptables has the required modules to run the firewall.

Testing ip_tables/iptable_filter...OK
Testing ipt_LOG...OK
Testing ipt_multiport/xt_multiport...OK
Testing ipt_REJECT...OK
Testing ipt_state/xt_state...OK
Testing ipt_limit/xt_limit...OK
Testing ipt_recent...OK
Testing xt_connlimit...OK
Testing ipt_owner/xt_owner...OK
Testing iptable_nat/ipt_REDIRECT...OK
Testing iptable_nat/ipt_DNAT...OK

RESULT: CSF should function on this server

Related Pages