Metadata-Version: 1.0
Name: HnTool
Version: 0.1
Summary: A hardening tool for *nixes
Home-page: http://code.google.com/p/hntool/
Author: Hugo Doria
Author-email: hugodoria@gmail.com
License: GPL-2
Description: HnTool
        ------
        
        What is it?
        ~~~~~~~~~~~
        
        HnTool is an open source (GPLv2) hardening tool for Unix. It scans your system for
        vulnerabilities or problems in configuration files allowing you to get a quick
        overview of the security status of your system.
        
        To use HnTool download it and run: ::
        
        	# ./hntool
        
        Supported systems
        ~~~~~~~~~~~~~~~~~
        
        HnTool was already tested and is working on:
        
         * Arch Linux
         * CentOS
         * Debian
         * Fedora
         * Gentoo
         * Ubuntu
        
        If you are using HnTool on a system that is not listed above, please, let us know.
        
        How to install
        ~~~~~~~~~~~~~~
        
        To install HnTool run the following command, as root: ::
        
        	# python setup.py install --prefix /usr/ --root /
        
        How to use
        ~~~~~~~~~~
        
        Run HnTool with: ::
        
        	# ./hntool
        
        You can also see the hntool(1) manual by typing 'man hntool' at the command line
        or see the usage help: ::
        
        	$ hntool -h
        
        
        Understanding the output
        ~~~~~~~~~~~~~~~~~~~~~~~~
        
        There are 5 types of results:
        
         * OK :
        	Means that the item checked is fine and that you do not need to worry
        
         * INFO:
        	Means that you should know the item status, but probably it is fine. A port
        	opened, for example.
        
         * LOW:
        	Means that a security problem was found, but it does not provides a high risk
        	for your system.
        
         * MEDIUM:
        	Things are getting worse and you should start to worry about these itens.
        
         * HIGH:
        	You have an important security hole/problem on your system and you
        	should fix it NOW or run and save your life.
        
        
        How can I help?
        ~~~~~~~~~~~~~~~
        
        There are several ways that you can contribute and help HnTool's development.
        You can contribute with code, patchs, bugs and feature requests.
        
        To report a bug or a feature request for HnTool, file a issue in our Google Code
        page: http://code.google.com/p/hntool/
        
        If you're reporting a bug, please give concrete examples of how and where the
        problem occurs.
        
        If you've a patch (fixing a bug or a new HnTool module), then you can file an
        issue on Google Code too: http://code.google.com/p/hntool/issues/list
        
        HnTool's source is available on:
        
        http://code.google.com/p/hntool/
        
        
        How to create a module
        ~~~~~~~~~~~~~~~~~~~~~~
        
        This section documents the innards of HnTool and specifies how to create
        a new module.
        
        The main HnTool program (hntool.py) runs a list of rules defined in __files__
        and __services__.
        
         * __files__ :
        	defines the rules which process simple files and configs.
        
         * __services__ :
        	defines the rules which checks the security on services and
        	daemons.
        
        Once your module is finalized, remember to add it to the appropriate array
        (__files__ or __services__) defined in hntool/__init__.py
        
        A sample HnTool module is like this (hntool/ssh.py): ::
        
        	import os
        
        	class rule:
        		def short_name(self):
        			return "ssh"
        		def long_name(self):
        			return "Checks security problems on sshd config file"
        		def __init__(self, options):
        			pass
        		def analyze(self, options):
        			check_results = {'ok': [], 'low': [], 'medium': [], 'high': [], 'info': []}
        			ssh_conf_file = ['/etc/ssh/sshd_config', '/etc/sshd_config']
        
        			for sshd_conf in ssh_conf_file:
        				if os.path.isfile(sshd_conf):
        					try:
        						fp = open(sshd_conf,'r')
        					except IOError, (errno, strerror):
        						check_results['info'].append('Could not open %s: %s' % (sshd_conf, strerror))
        						continue
        
        					lines = [x.strip('\n') for x in fp.readlines()]
        
        					# Checking if SSH is using the default port
        					if 'Port 22' in lines or '#Port 22' in lines:
        						check_results['low'].append('SSH is using the default port')
        					else:
        						check_results['ok'].append('SSH is not using the default port')
        
        					# Closing the sshd_config file
        					fp.close()
        
        				return check_results
        		def type(self):
        			return "files"
        
        
        Mostly, the code is self-explanatory. The following are the list of the methods
        that each HnTool module must have:
        
         * short_name(self)
        	Returns a string containing a short name of the module. Usually,this is the
        	same as the basename of the module file.
        
         * long_name(self)
        	Returns a string containing a concise description of the module. This
        	description is used when listing all the rules using hntool -l.
        
         * analyze(self)
        	Should return a list comprising in turn of five lists: ok, low, medium,
        	high and info.
        
         * type(self)
        	"files" for a module processing simple files and configs
        	"services" for a module processing services and daemons
Platform: UNKNOWN
