This is where you can lookup information on domains, IP addresses, and hostnames.
Tool | Description |
---|---|
Reputation | Perform IP address reputation lookups using AbuseIPDB. |
DNS | Perform DNS lookup of a hostname. |
Whois | Perform Whois lookup of a domain or IP address. |
Geo | Lookup the location of a hostname or IP address. |
Map | Display the location of a hostname or IP address on a Map. |
ASN | Lookup the BGP Prefix / Country and Netblock Owner of a hostname or IP address. |
Ping | Ping a hostname or IP address. |
Trace | Traceoute a hostname or IP address. |
DNSBL | Find out if a hostname or IP address is listed in an DNS blacklist. |
SURBL | Find out if a domain name is listed in an DNS blacklist. |
SPF | Lookup the SPF records for a domain and check if they are valid. |
HTTPS | Lookup the SSL information for a domain. |
Search the iptables and ip6tables rules for a match (IP address, CIDR, Port Number).
Perform a basic security, stability and settings check on the server. If you set the fequency to daily, weekly, or monthly then an entry
for the check will be added to the csf-cron file /etc/cron.d/csf-cron
.
Firewall Checks |
---|
Check whether CSF is enabled |
Check CSF is running |
Check whether CSF is in TESTING mode |
Check CSF AUTO_UPDATES option |
Check whether lfd is enabled |
Check incoming MySQL port |
Check CSF LF_SSHD option |
Check CSF LF_FTPD option |
Check CSF LF_SMTPAUTH option |
Check CSF LF_POP3D option |
Check CSF LF_IMAPD option |
Check CSF LF_HTACCESS option |
Check CSF LF_MODSEC option |
Check CSF SYSLOG_CHECK option |
Check CSF LF_DIRWATCH option |
Check CSF LF_INTEGRITY option |
Server Check |
---|
Check /tmp permissions |
Check /tmp ownership |
Check /tmp is mounted as a filesystem |
Check /var/tmp permissions |
Check /var/tmp ownership |
Check /var/tmp is mounted as a filesystem |
Check /usr/tmp permissions |
Check /usr/tmp ownership |
Check /usr/tmp is mounted as a filesystem or is a symlink to /tmp |
Check /dev/shm is mounted noexec,nosuid |
Check for DNS recursion restrictions |
Check for DNS random query source port |
Check server runlevel |
Check nobody cron |
Check Operating System support |
Check perl version |
Check MySQL version |
Check MySQL LOAD DATA disallows LOCAL |
Check SUPERUSER accounts |
Check for IPv6 |
Check for kernel logger |
Server Check |
---|
Check SSHv1 is disabled |
Check SSH on non-standard port |
Check SSH PasswordAuthentication |
Check SSH UseDNS |
Check telnet port 23 is not in use |
Server Services Check |
---|
Check server startup for cups |
Check server startup for xfs |
Check server startup for nfslock |
Check server startup for canna |
Check server startup for FreeWnn |
Check server startup for cups-config-daemon |
Check server startup for iiim |
Check server startup for mDNSResponder |
Check server startup for nifd |
Check server startup for rpcidmapd |
Check server startup for bluetooth |
Check server startup for anacron |
Check server startup for gpm |
Check server startup for saslauthd |
Check server startup for avahi-daemon |
Check server startup for avahi-dnsconfd |
Check server startup for hidd |
Check server startup for pcscd |
Check server startup for sbadm |
Perform a check to see if the servers IP addresses are listed in any real-time blackhole lists. If you set the fequency to daily, weekly, or monthly then an entry
for the check will be added to the csf-cron file /etc/cron.d/csf-cron
.
Monitor the status of the iptables firewall and login failure daemon.
Check that iptables has the required modules to run the firewall.
Testing ip_tables/iptable_filter...OK
Testing ipt_LOG...OK
Testing ipt_multiport/xt_multiport...OK
Testing ipt_REJECT...OK
Testing ipt_state/xt_state...OK
Testing ipt_limit/xt_limit...OK
Testing ipt_recent...OK
Testing xt_connlimit...OK
Testing ipt_owner/xt_owner...OK
Testing iptable_nat/ipt_REDIRECT...OK
Testing iptable_nat/ipt_DNAT...OK
RESULT: CSF should function on this server