lsat-0.9.7.1/0000755000175000001440000000000011012104333012115 5ustar number9userslsat-0.9.7.1/.DS_Store0000644000175000001440000005200411007333550013612 0ustar number9usersBud100 [eckmodcheckmodules.oIlocblobZqbpass.cIlocblob! check  @ @ @ @6 checknet.cIlocblobq checknet.oIlocblobqchecknetforward.cIlocblobZchecknetforward.oIlocblob checknetp.cIlocblob checknetp.oIlocblobZ)checkopenfiles.cIlocblob)checkopenfiles.oIlocblob) checkpasswd.cIlocblobZ checkpasswd.oIlocblob checkpkgs.cIlocblob checkpkgs.oIlocblobZ checkrc.cIlocblob checkrc.oIlocblobcheckrcperms.cIlocblobZ=checkrcperms.oIlocblob= checkrpm.cIlocblob= checkrpm.oIlocblobZchecksecuretty.cIlocblobchecksecuretty.oIlocblob checkset.cIlocblobZ checkset.oIlocblob checkssh.cIlocblob checkssh.oIlocblobZQ checkumask.cIlocblobQ checkumask.oIlocblobQ checkwrite.cIlocblobZ checkwrite.oIlocblob checkwww.cIlocblob checkwww.oIlocblobZ checkx.cIlocblob checkx.oIlocblob config.cacheIlocblobZe config.logIlocblobe config.statusIlocblobe configureIlocblobZ dostuff.cIlocblob dostuff.oIlocblobINSTALLIlocblobZ lsatIlocblob lsat.outIlocblob lsat.podIlocblobZ y lsatheader.hIlocblob y lsatmain.cIlocblob y lsatmain.oIlocblobZ MakefileIlocblob Makefile.inIlocblob modules.htmlIlocblobZ 1READMEIlocblob 1README.checkrpmIlocblob 1README.excludeIlocblobZ README.modulesIlocblob sample_exclude.txtIlocblob securitylinks.txtIlocblobZ $ changelogIlocblobZ! checkbpass.cIlocblob! checkbpass.oIlocblob! checkcfg.cIlocblobZ} checkcfg.oIlocblob} checkdisk.cIlocblob} checkdisk.oIlocblobZcheckdotfiles.cIlocblobcheckdotfiles.oIlocblob checkfiles.cIlocblobZ5 checkfiles.oIlocblob5 checkftp.cIlocblob5 checkftp.oIlocblobZcheckftpusers.cIlocblobcheckftpusers.oIlocblobcheckhostsfiles.cIlocblobZcheckhostsfiles.oIlocblob checkinetd.cIlocblob checkinetd.oIlocblobZIcheckinittab.cIlocblobIcheckinittab.oIlocblobI checkipv4.cIlocblobZ checkipv4.oIlocblob checkissue.cIlocblob checkissue.oIlocblobZ checkkbd.cIlocblob checkkbd.oIlocblob checklimits.cIlocblobZ] checklimits.oIlocblob]checklistening.cIlocblob]checklistening.oIlocblobZchecklogging.cIlocblobchecklogging.oIlocblob checkmd5.cIlocblobZ checkmd5.oIlocblobcheckmodules.cIlocblobstuff.oIlocblobINSTALLIlocblobZ lsatIlocblob lsat.outIlocblob lsat.podIlocblobZ y lsatheader.hIlocblob y lsatmain.cIlocblob y lsatmain.oIlocblobZ MakefileIlocblob Makefile.inIlocblob modules.htmlIlocblobZ 1READMEIlocblob 1README.checkrpmIlocblob 1README.excludeIlocblobZ README.modulesIlocblob sample_exclude.txtIlocblob securitylinks.txtIlocblobZ 0 E DSDB `8@ @ @checkipv4.oIlocblob checkissue.cIlocblob checkissue.oIlocblobZ checkkbd.cIlocblob checkkbd.oIlocblob checklimits.cIlocblobZ] checklimits.oIlocblob]checklistening.cIlocblob]checklistening.oIlocblobZchecklogging.cIlocblobchecklogging.oIlocblob checkmd5.cIlocblobZ checkmd5.oIlocblobcheckmodules.cIlocbloblsat-0.9.7.1/changelog/0000755000175000001440000000000011010401335014044 5ustar number9userslsat-0.9.7.1/changelog/changelog.html0000644000175000001440000004212511010401335016665 0ustar number9users LSAT changelog
Changelog for LSAT 


-0.9.7.5- 05/07/2008
	- on RH/Fedora checklimits going to stdout, not a file, fixed
	- 
-0.9.7  - 05/04/2008
	- Added another limits check for resource limits. 
	- Added another check in checkcfg (redhat specific).
	- Added check for strict mode (should be on) in checkssh.
 	- Fixed an output error in checkcfg.
-0.9.6  - 05/20/2007
        - removed dependancy on popt library
	- added extra passwd and group checks under linux
	- added check for failed logins under linux/solaris
	- modified the kernel module check under linux
	- added check for kernel modules under Solaris
	- added network interface stats and routing checks
	- problem in checknetforward giving false positives, fixed
	- verbose output was not very consistent, fixed.
-0.9.5  - 04/26/2007
	- added check for listing current arp table.
	- proper headers missing from a number of modules, fixed.
	- checkrc was not working under linux kernel 2.6 and gentoo, fixed.
	- fixed possible symlink attack in various check modules
	- changed readme and modules howto to reflect sylink fix noted above
	- fixed checkinit module returning false positive under gentoo
	- changed checknet to reflect network promisc change under 2.6 kernel
	- various typos and formatting fixed
-0.9.4  - 09/14/2006
        - lsat: added explicit CentOS, CaOS and Fedora Core check (unspawn)
        - umask: don't pick up /etc/fstab and /etc/bash_completion (unspawn)
        - md5: find should also exclude kernel-2.6 /sys (unspawn)
        - openfiles: "-n" (no resolving) should make it slightly faster (unspawn)
        - listening: checks for applications listening (unspawn)
-0.9.3  - 10/06/2005
        - Fixed error in checkwww under slackware (znc)
	- Fixed error in checkhostfiles under Solaris (znc)
 	- Fixed typos in checkinittab.c (Triode)
	- General code cleanup (Triode)
-0.9.2  - 10/25/2004
        - Fixed error in checkwww under redhat9.x/fedora
-0.9.1  - 03/12/2004
        - Changes checkx module to check the running processes, in case the user          put in options on the CLI.
        - Close files/filepointers left open in checkfiles, checkhostfiles (Nordi)
- 0.9.0 - 01/09/2004
        - Tested on Fedora Core 1, Suse 9 (AMD64)
        - Should run fine on slackware now, thanks to JTO. 
        - Changed checkbpass to not print out boot loader password, just warn.
        - Changed checkx to check fs under X11
- 0.8.9 - 12/20/2003
        - Added checkftp to check basic settings (proftpd, pure-ftpd), mostly gentoo).
        - checkmd5 also excluding proc, dev, var and tmp. (thanks unspwan)
        - checkx module should now be able to be excluded. (thanks unspawn)
        - Typo fixes all over the place. (thanks also to unspawn)
- 0.8.8 - 10/22/2003
        - Fixed typo in checkx, would not check for gdm.conf file.
          (thanks to Rozman)
- 0.8.7 - 10/20/2003
        - Fixed problem with checkpasswd, can now handle any length passwd file.
        - Added protcol check for ssh checks
        - Fixed makefile errors
        - Added checkx module to check for X tcp listening
        - Added check to checkwww for nobody running apache/httpd
        - Kludged checkmd5 module, skips dev and proc for now until we
          fix md5sum. See module for more details.
- 0.8.6 - 10/10/2003
        - Added checkbpass module to check for password in boot loader 
          (grub/lilo only)
        - Added checkipv4 package to check more defualt network "stuff".
        - fixed some typos/errors in the advanced help.
        - manpage updated.
        - README updated and dependencies listed.
- 0.8.5 - 10/03/2003
	- Changed command line argument list, and added option to 
	  exclude an arbitrary number of modules from being run.
	- README.exclude file gives more info on -x option
	- Cleanups in lsatmain, it was not closing some open files. :O
	- Advanced help now available via the -a option; standard help
	  is available via -h, -?, --help. --usage gives condensed 
	  usage options.
	- Code cleanups, should compile under cc and not just gcc now
	- checknetp was checking under all OSs, did not work with Solaris, etc
	  so checknetp is no longer run unless the OS is linux.
- 0.8.1 - 08/09/2003 
	- Fixed checkumask module, spitting out wrong entries on some systems.
	- Fixed checkset module on systems with/dev/(watchdog,MAKEDEV,ibcs,etc)
	- Fixed checkmodules on systems running module enable kernel+lcap.
	(Above fixes by unspawn)
	- Added checknetp module to check if network interface is in PROMISC.
	- modules.html and README.modules files updated
- 0.8.0 - 08/01/2003
	- Fixed problem in checkwww module, newline char out of place.
	- Added chkrootkit to LSAT. Run this with the -c option.
	  (see http://www.chkrootkit.org, or thank
	  Nelson Murilo: nelson (at) pangeia (dot) com (dot) br ) 
	- Raised release level to 0.8.0, should be closer to one. :)
- 0.7.3 - 07/30/2003
	- fixed problem in checkpasswd under solaris.
	- fixed problem in checkmd5 under solaris.
	- checkmd5 should now do diffs. 
- 0.7.2 - 06/27/2003
        - fixed a problem in checkpasswd module. 
	- Added checks for + entries in checkpasswd module.
	- Added checks for empty passwords in checkpasswd module.
- 0.7.1 - 06/18/2003
        - cleaned and fixed checkinetd module, problems with xinetd checking.
	- checkumask module cleaned up. A lot.
	- Fixed problem in checknet module under gentoo
        - Fixed problem in checkmd5 under all distros. Possible error with filenames that contain spaces
- 0.7.0 - 06/06/2003
	- Fixed up the md5sum module call from main. It was confusing and incorrect.
	- Added nmap run to checknet module. (Checks to see if nmap is installed
          and if so, runs it and outputs the scan.)
        - Cleaned up some spelling and whitespace in a few modules and lsatmain
	- Added checklogging module to check for auth and authpriv facilities.
	- Added checkinittab module. Cheks to see that default runlevel is not 5.
	- Added check for /etc/banners to checkissue module
	- Added extra check for xinetd.conf file in checkinetd module
- 0.6.9 - 05/29/2003
        - LSAT ported to Mac OSX. Many modules modified for this. (Triode)
	- checkumask had problems in RedHat 9.0, fixed (Ting Meng Yean)
        - checkwrite split into two outpus (suggested by Eric Gerbier)
- 0.6.8 - 05/14/2003
	- Added checkrcperms module to check files in init.d 
	- Added to securitylinks.txt file
- 0.6.7 - 03/20/2003
	- checkpasswd was reporting that the sys account needed
	  to be removed. This has been changed, and more accounts
          that are not needed have been added. 
- 0.6.6 - 03/18/2003
        - Added -w option, output file in html
	- Added a check for /etc/hosts.equiv to checkhostsfiles
	- Added a check for /etc/hosts.lpd to checkhostsfiles
- 0.6.5 - 02/14/2003
	- major logical errors in checkinetd fixed.
	- lsatmain was not detecting Solaris/SunOS, fixed.
	- forcing the distro to be gentoo was not working, fixed.
	- Solaris failing in checkpkgs, checkinetd, checkssh, checkwww,
          checkopenfiles, fixed.
        - checkwww not checking for httpd, just apache.
- 0.6.4 - 01/31/2003
        - Fixed bug in lsatmain (if statement for checkmd5)
        - Added check to checkissue to check /etc/motd
        - Added checksecuretty to check for ttys other than tty[1-6]
- 0.6.3 - 01/28/2003
        - Added checkmodules file which checks for loadable kernel 
          modules being enabled
        - A make cleanall will do the same as make clean + rm Makefile and 
          config cache, log, status, lsat.out/old, lsatmd5.out/old
        - Added checkmd5 module which will generate a list of md5 sums of
          all regular files on the system. This list will not be in lsat.out,
          but in lsatmd5.out instead.
        - checkmd5 runs only when -m switch is used.
        - Small output error in checkwww fixed.
- 0.6.2 - 01/23/2003
        - Added checkwww module to check apache conf files.
        - Checkwww also checks that root is not running apache.
        - Some errors in regards to -v switch fixed.
        - Fixed error in checkpkgs for debian.
        - Added more links to securitylinks.txt file.
        - Updated the man page.
        - Updated modules.html.
        - README.modules updated/in sync with modules.html.
        - Added an INSTALL file to the distribution.
- 0.6.1 - 01/21/2003
	- Added some items to checkrc.c
        - Added checkissue which checks /etc/issue(.net)
        - Added checkopenfiles which checks open files
        - Added -l switch to not check open files :)
        - Minor code cleanups, spelling fixes, etc.
- 0.6.0 - 10/23/2002
	- Fixed some multi-line string literals in checkssh.c
        - Modified some checks to work under gentoo linux
- 0.5.9 - 07/11/2002
        - Added -x option -- skip local SUID/GUID and world/group read/write.
          The above will speed things up if the user does not want to check
          the local files again.
        - Added checkcfg module (RedHat and derivative specific).
          checkcfg prints output of chkconfig --list and is the last module run
          in lsat. This gives the user a visual inspection of all services run
          in each runlevel.
- 0.5.8 - 06/29/2002
	- various buffer and index checks added (Nordi)
        - some basic sshd config checks added. (Triodeo, Nordi)
- 0.5.7 - 05/30/2002
        - checkinetd should really work now, verified on RedHat 7.x (Nordi & Triode, mostly Nordi)
        - checkftpusers fixed. It was saying ftpusers did not exist when it did. (Triode)
        - fixed more symlink attacks, in checkfiles (Nordi)
        - all tempfiles conform to lsat standard now (Nordi)
- 0.5.6 - 05/17/2002
        - fixed more output typos
	- fixed tempfile problem in checkset module (Triode)
	- checkinetd did not always find inetd.conf and xinetd.d
	- fixed possible false negatives in checkinetd
	- fixed logical error in check for sticky dirs
	- some small stuff
	Nordi
- 0.5.5 - 05/08/2002
        - Fixed error in checkpkgs, not reporting bad packages.
        - Fixed error in dostuff module, failure on some shellcode.
        - Added checkrpm module and README.checkrpm for checkrpm module. Checkrpm
          checks and reports rpm integrity on RedHat based systems.
        - Checkrpm is enabled by the -r switch, it doe not run if lsat is given with no args.
- 0.5.4 - 05/06/2002
        - Fixed some incorrect variable defs. (Nordi)
        - unused variables removed from modules. (Nordi)
        - checkrc module had problem with large amounts of services, fixed. (Nordi)
        - verbose output cleaned up, out of alignment. (Nordi)
        - lsat now prints module name it is running during execution.
	- -s option added for silent mode, lsat only reports starting and ending in this mode.
        - checkfiles module now checks for files with no owner and no group.
- 0.5.2 - 05/03/2002
        - checknetforward module was not in lsatmain. :O
        - fixed output in checknetforward, should be better.
        - added checklimits module to check limits.conf file.
- 0.5.1 - 05/02/2002
        - checkinetd was still segfaulting under linux kernel 2.4. FIXED. 
- 0.5.0 - 05/02/2002
        - Added large section in README.modules on writing modules with the new dostuff module.
        - Added modules that were missing in README.modules.
        - Added function in lsatmain to clean up mess if a module bombs out.
        - Output format has been changed slightly in appearance.
        - Modified all modules to use module dostuff for creating, writing, deleting tempfiles
          and for writing out to outfile. This should make module creation easier as one can
          concentrate on module content and not opening/writing/etc files.
        - checkinetd broken under redhat 7.x (or those that use xinetd.d) Should be FIXED.
        - Cleaned up verbose msgs.
- 0.4.5 - 04/26/2002
        - Added checknetforward module which checks for IPV4 forwarding on the system. 
        - Since all files written are now chmod 600, umask is no longer changed in any lsat program. 
          A note is given to the user to check their umask settings.
        - Fixed output typo in checkwrite (it checks suid/sgid files/directories).
        - Header typo in checkpkgs.
        - Added more packages to check in checkpkgs module.
        - checkpkgs module was not checking all pkgs. Fixed.
        - Added check that vmlinuz is chmod 644 in checkfiles.
	- Added check for syslog.pid (syslogd.pid) to make sure it is chmod 644 in
          checkfiles.
	- Fixed error in checkumask module. Was not working properly on Mandrake.
- 0.4.4 - 04/19/2002
	- Fixed possible buffer overrun in lsatmain.c
	- Fixed possible buffer overrun/symlink attack in checkftpusers and 
	  checkrc modules. 
	- More typos fixed.
	- Thanks to Nordi for the tipoff on the buffer/symlink attacks I missed 	  while trying to fix them in 0.4.3.
- 0.4.3 - 04/19/2002 -
	- Added checkkbd function to check for ctrl-alt-del or STOP-A disable.
 	- Fixed file perms. LSAT was not making the output file chmod 0600.
	- Fixed module tempfiles. These were not being created chmod 0600 either.
	- The two above require include fcntl.h. I hope this does not break things.
        - Added more docs to lsatmain.c
- 0.4.2 - 04/18/2002 -
	- Again, more docs/cleanups in lsatmain.c
	- added securitylinks.txt file which has links to security related webpages.
	- Added checkrc module. Checks rc scripts in /etc/rc.d/init.d or 
	  /etc/rcn.d depending on which system it is on.
	- Added checkftpusers module. This checks to see that all users
	  in /etc/passwd are in /etc/ftpusers. 
	- Set umask before writing any files.
	- Set umask back to sensible value, regardless of previous value...
          (done so if user modifies files after running lsat the user will have a sensible umask)
	- lsat bails if it can not set umask.
	- Fixed error msg typos in lsatmain.c, checknet.c and checkfiles.c
- 0.4.0 - 04/15/2002 -
	- Unused vars in checkpkg removed.
	- Fixed bug in checkpasswd. (open file problem)
        - Now using mkstemp in lsatmain.c instead of just making a file.
          (this should be a little more secure in case of a tempfile exploit)
	- Many typos in checkdotfiles fixed.
	- Error msgs in all modules will (should) report module name on error.
	- Now using mkstemp in all modules. 
	- In lsatmain.c default value for distribution variable is now
	  redhat (1), since it errors out if not set at all. - Thanks: nordi
	- Fixed buffer overflow vulnerability in checknet. - Thanks: nordi
	- Fixed possible buffer overrun vulnerability in all modules.
	- Typo in checknet error msg, fixed.
	- more documentation added to lsatmain.c
- 0.3.3 - 04/12/2002 -
	- checkfiles now checks the following:
	  That utmp, wtmp, mtab, mtod are chmod 644
	  That /etc, /usr/etc, /bin, /usr/bin, /sbin, /usr/sbin, /tmp
          and /var/tmp are owned by root.
	- Various minor bugfixes
- 0.3.2 - 04/10/2002 -
	- Minor bugfixes in checkumask file
	- lsatmain.c now checks for redhat or debian distro
	- checkrpms is now checkpkgs and will check rpms if sys is
	  redhat or debs if sys is debian
	- Various small bugfixes
- 0.3.0 - 04/08/2002 -
	- Major bug fixes. After 0.2.0 release it was noted that
	  several check files were still not correct. These have
	  been fixed and tested (RedHat 6.2/sparc).
	- Added checkumask module to check default umasks on system.
	- Updated INSTALL file
	- Updated README.modules
	- Updated README
- 0.2.0 - 04/07/2002 -
	- Major bug fixed. Prior releases have modules which do
	  not fully check for what they are supposed to.
	- Added autoconf feature (thanks Fred Ollinger)
	- Added prelimenary manpage (thanks Fred Ollinger)
- 0.1.9 - 04/07/2002 - 
	- Fixed passwd check. Also includes check for uid=0 on other users.
- 0.1.8 - 04/06/2002 - 
	- Check /dev for non block/char files.
	- xinetd.d check broken on RedHat 7.2 FIXED
	- Added module for checking /etc/passwd. BROKEN.
- 0.1.7 - 04/05/2002 -
	- Added check for .rhosts/.netrc files to checkdotfiles module.
	- Added check for non block/char files in /dev to checkset module. 
	- xinetd.d checking is functional in checkinetd module.
	- verbose parameter added to all functions, -v now works.
	- release and kernel checking changed to be more generic.
- 0.1.6 - 04/03/2002 -
	- Added checkdotfiles module which checks for .exrc and .forward files.
	- Added checkwrite module which checks for world writable files/dirs.
	- Added INSTALL file.
- 0.1.5 - 04/03/2002 -
	- Did not change version number, but did the following:
	- tarball/zipfile now untars/zips into lsat- directory.
	- Added README file to the package.
	- Added this changelog to the package.
	- Added md5 checksums for the tar/zipfile. They are on the homepage.
- 0.1.5 - 04/02/2002 -
	- Fixed checkinetd.c, added checks for hosts.allow and deny files.
	- lsatmain.c now reports finishing.
	- Added checkset module to check setuid/setgid files.
	- Added more documentation throughout.
- 0.1.1 - 04/01/2002 -
	- Fixed typo in checkinetd.c (zinet.d -> xinetd.d).
	- Thanks: Eerik Kiskonen 
- 0.1   - 04/01/2002 -
	- Initial release
lsat-0.9.7.1/checkbpass.c0000644000175000001440000000460611007333550014406 0ustar number9users/****************************************/ /* This is the checkbpass module ...it */ /* checks for the presence of the */ /* password line in the grub or lilo */ /* configuration file. */ /* */ /* See lsatmain.c for more details. */ /****************************************/ #include "lsatheader.h" #include #include #include int checkbpass(distribution, filename, verbose, html) int distribution; const char *const filename; int verbose; int html; { const char * header =NULL; if (verbose >= 0) { printf(" Running checkbpass module...\n"); } /*first off, if we are on gentoo, /boot is not mounted...*/ if (distribution == 4) { /*gentoo, warn user*/ header = "You are on Gentoo, /boot is not mounted, \ncan not check for presence of a bootloader password"; } else { /* lets check grub first, look in the usual location */ if ((system("test -r /boot/grub/grub.conf")) == 0) { /* it exists, check it */ if ((system("grep -i -q password /boot/grub/grub.conf 2>/dev/null")) == 0) { header = "Password keyword is in grub.conf, good.\n"; } /* one more location to check */ if ((system("test -r /boot/grub.conf")) == 0) { if ((system("grep -i -q password /boot/grub/grub.conf 2>/dev/null")) == 0) { header = "Password keyword is in grub.conf, good.\n"; } } else { header = "Password keyword is not in grub.conf, please check.\n"; } } else { if ((system("test -r /etc/lilo.conf")) == 0) { if ((system("grep -i -q password /etc/lilo.conf 2>/dev/null")) == 0) { header = "Password keyword found in lilo.conf, good.\n"; } else { header = "Password keyword is not in lilo.conf, please check.\n"; } } else { header = "Can not locate grub or lilo conf files.\nPlease check that the password keyword is being used in them.\n"; } } } /* ok, call dostuff to print out the header */ /* to the output file... */ if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Creation of list failed."); return (-1); } if (verbose > 0) { printf(" Finished in checkbpass module.\n"); } return(0); } lsat-0.9.7.1/checkdisk.c0000644000175000001440000000322211007333550014221 0ustar number9users/****************************************/ /* This is the checkdisk.c module for */ /* lsat program. This module checks */ /* disk space usage and mount points. */ /* */ /* See lsatmain.c for more details. */ /****************************************/ #include "lsatheader.h" #include #include #include int checkdisk(filename, verbose, html) const char *const filename; int verbose; int html; { const char * tempfile =NULL; const char * shellcode=NULL; const char * header =NULL; if (verbose >= 0) { printf(" Running checkdisk module...\n"); } if (verbose > 0) { printf(" Creating list of mount points...\n"); } tempfile = "/tmp/lsat1.lsat"; shellcode= "/bin/mount 2>/dev/null >/tmp/lsat1.lsat"; header = "This is a list of mount points currently mounted.\nMake sure the permissions are reasonable (rw, ro, etc)."; if ((dostuff(tempfile, filename, shellcode, header, html)) < 0) { /* something went wrong */ perror(" Creation of list failed."); return (-1); } if (verbose > 0) { printf(" Creating list of disk usages...\n"); } tempfile = "/tmp/lsat1.lsat"; shellcode= "/bin/df -k 2>/dev/null >/tmp/lsat1.lsat"; header = "This is a list of disk utilizations on the system, in kilobytes.\nChcek to see that filesystems are not near capacity, etc."; if ((dostuff(tempfile, filename, shellcode, header, html)) < 0) { /* something went wrong */ perror(" Creation of list failed."); return (-1); } if (verbose > 0) { printf(" Finished in checkdisk module.\n"); } return(0); } lsat-0.9.7.1/checkdotfiles.c0000644000175000001440000000647311007333550015113 0ustar number9users/****************************************/ /* This is the checkdotfiles module for */ /* lsat program. This module checks for */ /* .forward and .exrc files and prints */ /* them to the outfile. */ /* 4/5/2002 Added checks for .rhost(s) */ /* and .netrc files. */ /* */ /* NOTE: this will miss some files if */ /* run as a non-root user. Not sure if */ /* you should run as root. :) */ /* */ /* See lsatmain.c for more details. */ /****************************************/ #include "lsatheader.h" #include #include #include int checkdotfiles(filename, verbose, html) const char *const filename; int verbose; int html; { const char * tempfile =NULL; const char * shellcode=NULL; const char * header =NULL; if (verbose >= 0) { printf(" Running checkdotfiles module...\n"); } if (verbose > 0) { printf(" Creating list of .exrc files...\n"); } /* generate list of all files called .exrc on */ /* system */ tempfile = "/tmp/lsat1.lsat"; shellcode = "find / -mount -name \'.exrc\' 2>/dev/null | tee > /tmp/lsat1.lsat"; header = "This is a list of .exrc files found\n"; if ((dostuff(tempfile, filename, shellcode, header, html)) < 0) { /* something went wrong */ perror(" Creation of .exrc list failed."); return(-1); } if (verbose > 0) { printf(" Creating list of .forward files...\n"); } /* generate list of .forward files... */ tempfile = "/tmp/lsat1.lsat"; shellcode = "find / -mount -find \'.forward\' 2>/dev/null |tee > /tmp/lsat1.lsat"; header = "This is a list of .forward files found on the system:\n"; if ((dostuff(tempfile, filename, shellcode, header, html)) < 0) { /* something went wrong */ perror(" Creation of .forward list failed."); return(-1); } if (verbose > 0) { printf(" Creating list of .rhosts files...\n"); } /* generate list of .rhosts files */ tempfile = "/tmp/lsat1.lsat"; shellcode = "find / -mount -name .rhosts 2>/dev/null | tee >/tmp/lsat1.lsat"; header = "This is a list of .rhosts files found on the system:\n"; if ((dostuff(tempfile, filename, shellcode, header, html)) < 0) { /* something went wrong */ perror(" Creation of .rhosts list failed."); return(-1); } if (verbose > 0) { printf(" Creating list of .netrc files...\n"); } tempfile = "/tmp/lsat1.lsat"; shellcode = "find / -mount -name .netrc 2>/dev/null | tee >/tmp/lsat1.lsat"; header = "This is a list of .netrc files found on the system\n"; /* get a list of .netrc files */ if ((dostuff(tempfile, filename, shellcode, header, html)) < 0) { /* something went wrong */ perror(" Creation of .netrc list failed."); return(-1); } if (verbose > 0) { printf(" Creating list of dotfiles...\n"); } tempfile = "/tmp/lsat1.lsat"; shellcode = "find / -mount -name \" \" -print 2>/dev/null | tee >/tmp/lsat1.lsat"; header = "This is a list of dotfiles found on the system\n"; if ((dostuff(tempfile, filename, shellcode, header, html)) < 0) { /*something went wrong */ perror(" Creation of dot list failed."); return(-1); } if (verbose >0) { printf(" Finished in checkdotfiles module.\n"); } return(0); } lsat-0.9.7.1/checkfiles.c0000644000175000001440000003431211007333550014375 0ustar number9users/**************************************/ /* This is the checkfiles module for */ /* the lsatmain.c program. It checks */ /* that /tmp and /var/tmp have the */ /* sticky bit set. Checks utmp, wtmp, */ /* motd, mtab for chmod 644. */ /* checks /usr, /var for root */ /* ownership. */ /* It also checks for files on the */ /* system that have no owner or group */ /* */ /* Future tests on dirs should be put */ /* in this file. I am working on it */ /**************************************/ #include "lsatheader.h" #include #include #include #include #include int checkfiles(filename, verbose, html) const char *const filename; int verbose; int html; { /* some local vars... */ const char * in_file = "/tmp/lsat1.lsat"; const char * secondtf = "/tmp/lsat2.lsat"; FILE *infile; /* infile/outfile pointers */ FILE *fileptr; char line[128]; /* temp storage for reading a line */ char chmod[12]="-rw-r--r--"; /* chmod 644 comparison string */ char rooted[2]="0"; /* uid=0 comparison string */ char *ptr; /* char ptr for strtok */ int count = 0; /* general counter */ int Linecount = 0; /* line counter for file */ int found = 0; /* var set if match found */ int fileval = 0; /* return val */ /* note we make tempstring the same as line. */ /* this _should_ thwart most buffer overruns, */ /* as we are doing a sizeof in fgets... */ char tempstring[128]; /* temp string for sscanf */ /* things needed for "dostuff" */ const char * tempfile =NULL; const char * shellcode=NULL; const char * header =NULL; if (verbose >= 0) { printf(" Running checkfiles module...\n"); } /* make a list of the files */ tempfile = "/tmp/lsat1.lsat"; shellcode = "ls -l / /var 2>/dev/null |grep tmp 2>/dev/null |tee >/tmp/lsat1.lsat"; if ((dostuff(tempfile, 0, shellcode, 0, html)) < 0) { /* something went wrong */ perror(" Creation of list failed."); return(-1); } /* open input file for read... */ infile = fopen("/tmp/lsat1.lsat", "r"); if (infile == NULL) { /* rhut-rho */ printf(" at first fopen..."); perror(" Can't open the file we just made!?!\n"); perror(" Giving up, check perms or something...\n"); return(-1); } /* open another temp file, to write out files */ /* chmod 600 to that one... */ /* create a temp file for storage */ if ((fileptr = fopen(secondtf, "a")) == NULL) { perror(" Could not make temp file...\n"); perror(" Possible link attack while creating/opening file!\n"); perror(" Bailing in checkfiles...\n"); exit(-1); } if (verbose > 0) { printf(" Checking for sticky bits...\n"); } /* get a line from the file... */ while (fgets(line, sizeof(line), infile) != NULL) { ptr = strtok(line, ", \n"); while (ptr != NULL) { if (sscanf(ptr, "%127s", tempstring) < 1) { perror(" sscanf bit the dust"); return(-1); } if ((count == 0) && (Linecount == 0)) { /* 1st line in file... */ /* note this is ls of / |grep tmp */ if ((tempstring[9] != 't') && (tempstring[9] != 'T')) { /* sticky bit NOT set ! */ found = 1; fprintf(fileptr, "Sticky bit not set on /tmp.\n"); fprintf(fileptr, "Please set sticky bit on /tmp.\n"); } } if ((count == 0) && (Linecount == 1)) { /* 2nd line in file */ /* this is ls of /var |grep tmp */ if ((tempstring[9] != 't') && (tempstring[9] != 'T')) { /* sticky bit NOT set! */ found = 1; fprintf(fileptr, "Sticky bit not set on /var/tmp.\n"); fprintf(fileptr, "Please set sticky bit on /var/tmp.\n"); } } /* grab another token */ ptr = strtok(NULL, ", \"\n"); if (ptr == NULL) { ; } /* inc counter...*/ count++; } /* end of while(ptr != NULL), reset the counter */ count=0; Linecount++; } /* end of while(fgets...) */ /* close files */ close(fileval); fclose(infile); fclose(fileptr); /* ok, we want to write that out to the outfile, */ /* and we want to delete the orig tempfile, as */ /* dostuff will del the new tempfile... */ header = "Checks for sticky bits on tmp files\n"; if ((dostuff(secondtf, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Writing temp file failed."); return(-1); } /* since dostuff will not do this... */ remove(in_file); /* second part... check utmp, wtmp, motd, mtab */ /* for chmod 644. */ /* the following will be cecked to see if they are */ /* chmod 644... */ /* if the system has any acceptable amount of */ /* ram subsequent calls to find should be fast */ tempfile = "/tmp/lsat1.lsat"; shellcode = "find /var -name utmp 2>/dev/null |grep -v find |xargs ls -ln 2>/dev/null >>/tmp/lsat1.lsat"; if ((dostuff(tempfile, 0, shellcode, 0, html)) < 0) { /* something went wrong */ perror(" Creation of list failed."); return(-1); } shellcode = "find /var -name wtmp 2>/dev/null |grep -v find |xargs ls -ln 2>/dev/null >>/tmp/lsat1.lsat"; if ((dostuff(0, 0, shellcode, 0, html)) < 0) { /* something went wrong */ perror(" Creation of list failed."); return(-1); } shellcode = "find /etc -name motd 2>/dev/null |grep -v find |xargs ls -ln 2>/dev/null >>/tmp/lsat1.lsat"; if ((dostuff(0, 0, shellcode, 0, html)) < 0) { /* something went wrong */ perror(" Creation of list failed."); return(-1); } shellcode = "find /etc -name mtab 2>/dev/null |grep -v find |xargs ls -ln 2>/dev/null >>/tmp/lsat1.lsat"; if ((dostuff(0, 0, shellcode, 0, html)) < 0) { /* something went wrong */ perror(" Creation of list failed."); return(-1); } shellcode = "find /var -name syslog\\*.pid 2>/dev/null |grep -v find |xargs ls -ln 2>/dev/null >>/tmp/lsat1.lsat"; if ((dostuff(0, 0, shellcode, 0, html)) < 0) { /* something went wrong */ perror(" Creation of list failed."); return(-1); } shellcode = "find /boot -name vmlinuz\\* 2>/dev/null |grep -v find |xargs ls -ln 2>/dev/null >>/tmp/lsat1.lsat"; if ((dostuff(0, 0, shellcode, 0, html)) < 0) { /* something went wrong */ perror(" Creation of list failed."); return(-1); } /* open input file for read... */ infile = fopen("/tmp/lsat1.lsat", "r"); if (infile == NULL) { /* rhut-rho */ perror(" Can't open the file we just made!?!\n"); perror(" Giving up, check perms or something...\n"); perror(" Problem was in module: checkfiles\n"); return(-1); } if (verbose > 0) { printf(" Checking files that should be chmod 644...\n"); } /* create a temp file for storage */ if ((fileptr = fopen(secondtf, "a"))==NULL) { perror(" Could not make file w/perms 0600...\n"); perror(" Possible link attack while creating/opening file!\n"); perror(" Bailing in checkfiles...\n"); exit(-1); } /* get a line from the file... */ /* reset counters/flags 1st */ found = 0; count = 0; while (fgets(line, sizeof(line), infile) != NULL) { ptr = strtok(line, ", \n"); while (ptr != NULL) { if (sscanf(ptr, "%127s", tempstring) < 1) { perror(" sscanf bit the dust"); perror(" Dust biting was in checkfiles.\n"); return(-1); } /* this counts the fields we are on */ count++; /* now check for chmod 644 */ /* recall 644 is -rw-r--r-- :) */ /* if count == 1 we should be at */ /* the 1st field... */ if (count == 1) { if ((strcmp(tempstring, chmod)) != 0) { /* not chmod 644 */ /* grab the filename, which should be */ /* the 9th field on the line and print it */ /* set flag to do this... */ found = 1; } } if ((found == 1) && (count == 9)) { /* we have a non-chmod 644 and we should */ /* be at the filename in the sscanf... */ fprintf(fileptr, "%s is not chmod 644.\n", tempstring); /* reset counters */ found = 0; count = 0; } /* grab another token */ ptr = strtok(NULL, ", \"\n"); if (ptr == NULL) { ; } } /* end while (ptr != NULL) */ /* reset counters just to be sure... */ found = 0; count = 0; } /* end while (fgets...) */ /* print footer */ fprintf(fileptr, "Check above files for chmod 644.\n"); /* close input file before rm */ close(fileval); /* close and rm the first tempfile */ fclose(infile); fclose(fileptr); remove(in_file); /* tell dostuff to print that out to the output file */ /* I put the header in the secondtmpfile... */ if ((dostuff(secondtf, filename, 0, 0, html)) < 0) { /* something went wrong */ perror(" Writing of tempfile failed."); return(-1); } /* finally, all dirs in the / should be owned by root */ /* additionally, all files in /usr should be owned by root, and */ /* /var/tmp should be owned by root. */ tempfile = "/tmp/lsat1.lsat"; shellcode = "ls -ln / |grep -v total 2>/dev/null |tee > /tmp/lsat1.lsat"; header = "Dirs that should be owned by root\n"; if ((dostuff(tempfile, 0, shellcode, header, html)) < 0) { /* something went wrong */ perror(" Writing of tempfile failed."); return(-1); } shellcode = "ls -ln /usr |grep -v total 2>/dev/null | tee >> /tmp/lsat1.lsat"; if (system(shellcode) < 0) { perror(" Writing to tempfile failed.\n"); return(-1); } shellcode = "ls -ln /var |grep -v total 2>/dev/null |tee >> /tmp/lsat1.lsat"; if (system(shellcode) < 0) { perror(" Writing to tempfile failed.\n"); return(-1); } /* open input file for read... */ infile = fopen("/tmp/lsat1.lsat", "r"); if (infile == NULL) { /* rhut-rho */ perror("Can't open the file we just made!?!\n"); perror("Giving up, check perms or something...\n"); perror("Error was in module: checkfiles.\n"); return(-1); } if (verbose > 0) { printf(" Checking files that should be owned by root...\n"); } /* create a temp file for storage */ if ((fileptr = fopen(secondtf, "a"))==NULL) { perror(" Could not make file w/perms 0600...\n"); perror(" Possible link attack while creating/opening file!\n"); perror(" Bailing in checkfiles...\n"); exit(-1); } /* get a line from the file... */ /* reset counters/flags 1st */ found = 0; count = 0; while (fgets(line, sizeof(line), infile) != NULL) { ptr = strtok(line, ", \n"); while (ptr != NULL) { if (sscanf(ptr, "%127s", tempstring) < 1) { perror(" sscanf bit the dust"); perror(" Dust biting was in checkfiles.\n"); return(-1); } /* this counts the fields we are on */ count++; if (count == 3) { if ((strcmp(tempstring, rooted)) != 0) { /* file/dir not owned by root! */ /* grab the filename, which should be */ /* the 9th field on the line and print it */ /* set flag to do this... */ found = 1; } } if ((found == 1) && (count == 9)) { /* we have a non-rooted file...we should */ /* be at the filename in the sscanf... */ fprintf(fileptr, "%s is not owned by root.\n", tempstring); /* reset counters */ found = 0; count = 0; } /* grab another token */ ptr = strtok(NULL, ", \"\n"); if (ptr == NULL) { ; } } /* end while (ptr != NULL) */ /* reset counters just to be sure... */ found = 0; count = 0; } /* end while (fgets...) */ /* footer */ fprintf(fileptr, "Check above dirs to ensure root ownership.\n"); fprintf(fileptr, "****************************************\n"); /* clean up */ fclose(infile); close(fileval); fclose(fileptr); /* rm 1st tempfile since dostuff will not do this */ remove(in_file); /* tell dostuff to print that out to the output file */ /* I put the header in the secondtmpfile... */ if ((dostuff(secondtf, filename, 0, 0, html)) < 0) { /* something went wrong */ perror(" Writing of tempfile failed."); return(-1); } if (verbose > 0) { printf(" Finding files with no owner or no group.\n"); } tempfile = "/tmp/lsat1.lsat"; shellcode = "find / -nouser -o -nogroup 2>/dev/null |grep -v find |tee 2>/dev/null >>/tmp/lsat1.lsat"; header = "List of files with no user or group:\n"; if ((dostuff(tempfile, filename, shellcode, header, html)) < 0) { /* something went wrong */ perror(" Creation of list failed."); return(-1); } if (verbose > 0) { printf(" Finished in checkfiles.\n"); } return(0); } lsat-0.9.7.1/checkftp.c0000644000175000001440000001754311007333550014073 0ustar number9users/****************************************/ /* This is the checkftp module for lsat */ /* It will check common ftp servers cfgs*/ /* in the usual locations, for errors...*/ /* */ /****************************************/ #include "lsatheader.h" #include #include #include #include int checkftp(filename, distribution, verbose, html) const char *const filename; int distribution; int verbose; int html; { const char * header =NULL; if (verbose >= 0) { printf(" Running checkftp module...\n"); } if (verbose > 0) { printf(" Checking ftp configs...\n"); } /* note if distribution = 4, we are on gentoo... */ /* check pure-ftpd on gentoo */ /* note, pure-ftpd compiled by hand typically has*/ /* no "real" config file, you just do cmd line */ /* switches... so we really don't check that yet */ if (distribution == 4) { /* we are on gentoo... */ if ((system("test -r /etc/conf.d/pure-ftpd")) == 0) { if ((system("grep \"AUTH=-lpuredb:\" /etc/conf.d/pure-ftpd")) == 0) { /* found it, they have the auth file */ header = "Found auth file in pro-ftpd config, good.\n"; } else { /* they have the conf file, but no auth line */ header = "Did not find AUTH line in pro-ftpd conf file.\nCheck the manpage for more info and add one\n."; } } if ((dostuff(0, filename, 0, header, html)) < 0) { /* rhut-rho...something bad happened */ perror(" Creation of list failed."); return(-1); } } /* check proftpd on gentoo */ /* other distros typical install location of cfg file */ /* is /usr/local/etc/proftpd.conf or /etc/proftpd.conf */ if (distribution == 4) { /* we are on gentoo */ /* first test to see if the proftpd is even there... */ if ((system("test -r /etc/proftpd/proftpd.conf")) == 0) { if ((system("grep \"ServerIdent on\" /etc/proftpd/proftpd.conf 2>/dev/null >/dev/null")) == 0) { /* found it */ header = "Looks like proftpd is checking Ident, good.\n"; } else { /* not there */ header = "Looks like you have proftpd, but it is not checking Ident.\n"; } } if ((dostuff(0, filename, 0, header, html)) < 0) { /* rhut-rho...something bad happened */ perror(" Creation of list failed."); return(-1); } } /* check some more proftpd on gentoo */ if (distribution == 4) { /* we are on gentoo */ /* again, test to see if it is there first */ if ((system("test -r /etc/proftpd/proftpd.conf")) == 0) { if ((system("grep \"RequireValidShell off\" /etc/proftpd/proftpd.conf 2>/dev/null >/dev/null")) == 0) { /* found it */ header = "Looks like proftpd is setup for virtual users.\nThis is good, double check it, though.\n"; } else { header = "Looks like proftpd requires a valid shell.\nThis is bad. Set RequireValidShell to off and then use Virtual Users.\n"; } } if ((dostuff(0, filename, 0, header, html)) < 0) { /* rhut-rho...something bad happened */ perror(" Creation of list failed."); return(-1); } } /* check some more proftpd on gentoo */ if (distribution == 4) { /* we are on gentoo */ /* again, test to see if it exists */ if ((system("test -r /etc/proftpd/proftpd.conf")) == 0) { if ((system("grep \"Umask 077\" /etc/proftpd/proftpd.conf 2>/dev/null >/dev/null")) == 0) { /* found it */ header = "Looks like proftpd is set Umask 077. Good.\n"; } else { header = "Looks like proftpd is not creating files umask 077.\nThis is bad. Check proftpd config and change it.\n"; } } if ((dostuff(0, filename, 0, header, html)) < 0) { /* rhut-rho...something bad happened */ perror(" Creation of list failed."); return(-1); } } /* check more proftpd stuffs */ if (distribution != 4) { /* we are not on gentoo */ if ((system("test -r /etc/proftpd.conf")) == 0) { if ((system("grep \"ServerIdent on\" /etc/proftpd.conf 2>/dev/null >/dev/null")) == 0) { /* found it */ header = "Looks like proftpd is checking Ident, good.\n"; } else { header = "Looks like you have proftpd, but it is not checking Ident. \nOr I could not find the config file.\n"; } } if ((system("test -r /usr/local/etc/proftpd.conf")) == 0) { if ((system("grep \"ServerIdent on\" /etc/proftpd.conf 2>/dev/null >/dev/null")) == 0) { /* found it */ header = "Looks like proftpd is checking Ident, good.\n"; } else { header = "Looks like you have proftpd, but it is not checking Ident. \nOr I could not find the config file.\n"; } } if ((dostuff(0, filename, 0, header, html)) < 0) { /* rhut-rho...something bad happened */ perror(" Creation of list failed."); return(-1); } } /* check some more proftpd */ if (distribution != 4) { /* we are not on gentoo */ if ((system("test -r /etc/proftpd.conf")) == 0) { if ((system("grep \"RequireValidShell off\" /etc/proftpd.conf 2>/dev/null >/dev/null")) == 0) { /* found it */ header = "Looks like proftpd is setup for virtual users.\nThis is good, double check it, though.\n"; } else { header = "Looks like proftpd requires a valid shell.\nThis is bad. Set RequireValidShell to off and then use Virtual Users.\n"; } } if ((system("test -r /usr/local/etc/proftpd.conf")) == 0) { if ((system("grep \"RequireValidShell off\" /usr/local/etc/proftpd.conf 2>/dev/null >/dev/null")) == 0) { /* found it */ header = "Looks like proftpd is setup for virtual users.\nThis is good, double check it, though.\n"; } else { header = "Looks like proftpd requires a valid shell.\nThis is bad. Set RequireValidShell to off and then use Virtual Users.\n"; } } if ((dostuff(0, filename, 0, header, html)) < 0) { /* rhut-rho...something bad happened */ perror(" Creation of list failed."); return(-1); } } /* check some more proftpd */ if (distribution != 4) { /* we are not on gentoo */ if ((system("test -r /etc/proftpd.conf")) == 0) { if ((system("grep \"Umask 077\" /etc/proftpd.conf 2>/dev/null >/dev/null")) == 0) { /* found it */ header = "Looks like proftpd is set Umask 077. Good.\n"; } else { header = "Looks like proftpd is not creating files umask 077.\nThis is bad. Check proftpd config and change it.\n"; } } if ((system("test -r /usr/local/etc/proftpd.conf")) == 0) { if ((system("grep \"Umask 077\" /usr/local/etc/proftpd.conf 2>/dev/null >/dev/null")) == 0) { /* found it */ header = "Looks like proftpd is set Umask 077. Good.\n"; } else { header = "Looks like proftpd is not creating files umask 077.\nThis is bad. Check proftpd config and change it.\n"; } } if ((dostuff(0, filename, 0, header, html)) < 0) { /* rhut-rho...something bad happened */ perror(" Creation of list failed."); return(-1); } } if (verbose > 0) { printf(" Finished in checkftp module.\n"); } return(0); } lsat-0.9.7.1/checkftpusers.c0000644000175000001440000002103511007333550015144 0ustar number9users/****************************************/ /* This is the chekftpusers module for */ /* the lsat program. It check the */ /* /etc/ftpusers file and sees what */ /* entries are NOT there that are in */ /* /etc/passwd. */ /* */ /* see lsatmain.c for more details */ /****************************************/ #include "lsatheader.h" #include #include #include #include #include int checkftpusers(filename, verbose, html) const char *const filename; int verbose; int html; { char *passptr; /* ptr to passwd line */ char *ftpptr; /* ptr to ftpusers line */ /* note we use awk to get only the first entry in */ /* the passwd list... we ass|u|me that a username */ /* will be < 120 chars. :O => line[120] */ char line[120]; /* array for a line */ char temparray[100][120]; /*temparray. */ char tempstring[100][120]; /* string to hold ftpusername */ int i=0; /* counter variable */ int j=0; /* counter variable */ int k=0; /* counter variable */ int inlist=0; /* flag for strcmp checks */ int linecount=0; /* line counter */ const char * tmp_file = "/tmp/lsat2.lsat"; FILE *outfile; /* output file pointer */ FILE *passfile; /* file pointer to templist file */ FILE *ftpfile; /* file pointer to ftpusers file */ FILE *fileptr; const char * tempfile =NULL; const char * shellcode=NULL; const char * header =NULL; /* init temparray */ for (i=0; i<100; i++) { for (j=0; j<120; j++) { temparray[i][j]=0; } } /* "you may ask yourself, how do I work this?" */ /* Talking Heads */ /* This program will read the /etc/passwd file */ /* and store the username in an array... */ /* It will then read the /etc/ftpusers file */ /* and see what entries are NOT in ftpusers. */ if (verbose >= 0) { printf(" Running checkftpusers module...\n"); } if (verbose > 0) { printf(" Checking ftpusers file...\n"); } /* check that /etc/ftpusers exists and is readable first */ if (system("test -r /etc/ftpusers")!=0) { /* we leave this part in even though we might */ /* be able to get it into the dostuff module..*/ outfile=fopen(filename, "a"); if (outfile == NULL) { perror(" Can't open outfile!\n"); perror(" Check perms or something...\n"); perror(" Error was in module: checkftpusers.\n"); return(-1); } /* ftpusers does not exist. */ /* this _could_ be ok for the user */ /* give a msg and leave the area. */ fprintf(outfile, "\n****************************************\n"); fprintf(outfile, "While checking ftpusers...\n"); fprintf(outfile, "/etc/ftpusers does not exist or is not readable.\n"); fprintf(outfile, "This is ok if you are not root, not\n"); fprintf(outfile, "running ftp or your ftp daemon\n"); fprintf(outfile, "does not use /etc/ftpusers.\n"); fprintf(outfile, "Please triple check your configuration\n"); fprintf(outfile, "and ensure you do not need /etc/ftpusers.\n\n"); fprintf(outfile, "*****************************************\n"); /* close up */ fclose(outfile); /* leave */ return(0); } /* ok, lets make one pass through the passwd */ /* note here we only pull the 1st field, which */ /* is the "account" name in /etc/passwd. */ tempfile = "/tmp/lsat1.lsat"; shellcode = "cat /etc/passwd |awk -F\":\" 'length($1) > 0 {print $1}' 2>/dev/null >/tmp/lsat1.lsat"; if ((dostuff(tempfile, 0, shellcode, 0, html)) < 0) { /* something went wrong */ perror(" Creation of list failed."); return(-1); } /* open the newly created file */ passfile=fopen("/tmp/lsat1.lsat", "r"); if (passfile == NULL) { perror(" Can't open templist...\n"); perror(" Strange, we just created that file...\n"); perror(" Giving up in checkftpusers...\n"); return(-1); } /* create another temp file so that we can */ /* run through that list and put it in there*/ /* we will then pass that list to dostuff */ if ((fileptr = fopen(tmp_file, "a")) == NULL) { perror(" Could not create temporary file...\n"); perror(" Possible link attack while creating/opening file!\n"); exit(-1); } /* Note: IIRC, strtok can not be nested if you */ /* are going to take another token on each one */ /* i.e. in checkrpms.c it works since we only */ /* strtok once on the outside loop since we */ /* are guarenteed there is only one line in the*/ /* file since that is how we created it. That */ /* is not the case here.... */ /* we therefore only grab one filed from the */ /* passwd file at a time and print that out. */ /* here we are checking accounts on the system */ /* reset counter */ i = 0; while (fgets(line, sizeof(line), passfile) != NULL) { passptr = strtok(line, ", \n"); /* if not while. we guarentee not more than */ /* one entry per line with the cat - awk */ if (passptr != NULL) { if (sscanf(passptr, "%119s", temparray[i]) < 1) { perror(" sscanf failed.\n"); perror(" Failure was in module: checkftpusers.\n"); return(-1); } passptr = strtok(NULL, ", \n"); if (passptr == NULL) { ; } } /* end if (passptr != NULL) */ /* inc the counter */ i++; if (i>100) { perror("Error in module checkftpusers: Too much data.\n"); return(-1); } } /* end while (fgets...) */ /* close the passfile */ fclose(passfile); /* rm it, no longer needed */ remove(tempfile); /* ok, we have all (we hope) entries from */ /* /etc/passwd. Now read in /etc/ftpusers */ /* and compare... I think just one at a */ /* time, 'non? */ /* open /etc/ftpusers for read-only */ ftpfile = fopen("/etc/ftpusers", "r"); if (ftpfile == NULL) { perror(" Can't open ftpusers!\n"); perror(" Check perms or check if file exists.\n"); perror(" Recall this file should exist. :)\n"); perror(" Giving up in checkftpusers...\n"); return(-1); } /* in the temparray. we just need */ /* to compare that to the entries.. */ /* reset counter */ j = 0; /* get a line from the ftpusers file */ while (fgets(line, sizeof(line), ftpfile) != NULL) { ftpptr = strtok(line, ", \n"); /* if not while. ftpusers = 1 entry per line */ if (ftpptr != NULL) { if (sscanf(ftpptr, "%119s", tempstring[linecount]) < 1) { perror(" sscanf failed.\n"); perror(" Failure was in module: checkftpusers.\n"); return(-1); } ftpptr = strtok(NULL, ", \n"); if (ftpptr == NULL) { ; } } /* end if (ftpptr != NULL) */ /* inc the linec ounter */ linecount++; if (linecount>100) { perror("Error in checkftpusers: Too much data."); return(-1); } } /* end while (fgets...) */ /* ok, now compare an entry in the userlist */ /* we have against the entries in ftpusers */ i = 100; for (j = 0; j < i; j++) { for (k=0; k < linecount; k++) { if ((strcmp(temparray[j], tempstring[k])) == 0) { /* match */ /* set flag that it is in list */ inlist = 1; } } /* flag was set on run? */ /* no? then that entry was not in ftpusers list */ if (inlist == 0) { fprintf(fileptr, "%s\n", temparray[j]); } /* reset flag */ inlist = 0; } /* close the tmpfile */ fclose(fileptr); header = "These accounts are NOT in /etc/ftpusers.\nEnsure that these accounts are in /etc/ftpusers\nor that they _really_ do not need to be restricted.\n"; if ((dostuff(tmp_file, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Creation of list failed."); return(-1); } /* clean up... */ fclose(ftpfile); if (verbose > 0) { printf(" Finished in checkftpusers module.\n"); } return(0); } lsat-0.9.7.1/checkhostsfiles.c0000644000175000001440000002226411007333550015461 0ustar number9users/****************************************/ /* This is the checkhostsfiles.c module */ /* for the lsat program. This module */ /* reads the /etc/hosts.allow and */ /* /etc/hosts.deny files. */ /* It checks for the existance of a */ /* ALL:ALL line in deny, since we think */ /* that a good security policy would be */ /* only admit services we want and deny */ /* all others. */ /* It also checks for the existance of */ /* /etc/hosts.equiv... which is bad */ /* Also checks for hosts.lpd, and again */ /* we (generally) consider this bad... */ /* */ /* See lsatmain.c for more details */ /****************************************/ #include "lsatheader.h" #include #include #include #include int checkhostsfiles(filename, verbose, html) const char *const filename; int verbose; int html; { int firstall=0; /* counter for target matches */ int found=0; /* found for target ALL:ALL */ int found2=0; /* found for target ALL */ int field; /* which field in a line we are on */ int linecount; /* line counter */ char *ptr; /* plain ol' char pointer */ char line[128]; /* for reading in a line from a file */ char tempstring[128]; /* temp char string */ char target[4]="ALL"; /* what we are looking for */ FILE *fileptr=NULL; /* file pointer for input file(s) */ char *strptr = target; const char * tempfile =NULL; const char * shellcode=NULL; const char * header =NULL; if (verbose >= 0) { printf(" Running checkhostsfiles module...\n"); } if (verbose > 0) { printf(" Checking list of entries in hosts.allow...\n"); } /* don't grep if its not there... we don't want to */ /* return an error if its not there, just continue */ if ((system("cat /etc/hosts.allow 1>/dev/null 2>/dev/null")) > 0) { /* hosts.allow is not there... */ header = "hosts.allow not present on this system"; dostuff(0, filename, 0, header, html); } else /* hosts.allow exists, do all this stuffs */ { /* first off, get the entries in /etc/hosts.allow */ /* that are not comments... */ /* note: grep returns * 0 on match * 1 on no match * 2 on system/file/read/other failure * HOWEVER, -v inverts the sense of 0,1. */ tempfile = "/tmp/lsat1.lsat"; shellcode = "grep -v \\# /etc/hosts.allow 1>/dev/null 2>/dev/null >/tmp/lsat1.lsat"; if ((dostuff(tempfile, 0, shellcode, 0, html)) < 0) { /* something went wrong */ perror(" Creation of list failed.\n"); return(-1); } /* there should be no "ALL:ALL" in here! */ /* check for it... */ /* open the file... */ fileptr = fopen("/tmp/lsat1.lsat", "r"); if (fileptr == NULL) { perror(" Error opening tmp file.\n"); perror(" Error was in checkhostsfiles module.\n"); return(-1); } /* start getting lines from it */ while (fgets(line, sizeof(line), fileptr) != NULL) { field=0; firstall=0; ptr = strtok(line, ", :\n"); while (ptr != NULL) { /* note we want to check for: */ /* a) any lines at all */ /* b) ALL:ALL */ /* c) :ALL */ /* d) ALL : ALL */ if (sscanf(ptr, "%127s", tempstring) < 1) { perror(" sscanf bit the dust.\n"); perror(" Dust biting was in checkhostsfiles.\n"); return(-1); } if (field == 0) { if ((strstr(tempstring, strptr)) != NULL) { /* found match, 1st field */ firstall = 1; } } if ((field == 1) || (field == 2)) { if (((strstr(tempstring, strptr)) != NULL) && (firstall ==1)) { /* found match, 2nd filed */ /* there is an ALL:ALL in hosts.allow */ found = 1; } if (strstr(tempstring, target) != NULL) { /* found match, 2nd filed, but not 1st. */ /* there is an allow all in hosts.allow */ found2 = 1; } } ptr = strtok(NULL, ", :\n"); if (ptr == NULL) { /* freak out */ break; } field++; } /* end while(ptr!=NULL) */ } /* end while(fgets...) */ /* we have checked hosts.allow. Close open files */ fclose(fileptr); fileptr=NULL; /* note dostuff will rm the tempfile */ header = "Lines found in hosts.allow\nMake sure you wish to allow the following:\n"; if ((dostuff(tempfile, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Creation of list failed."); return(-1); } } /* end the else of if the hosts.allow exists */ if (verbose > 0) { printf(" Checking entries in hosts.deny...\n"); } /* don't grep if its not there... we don't want to */ /* return an error if its not there, just continue */ if ((system("cat /etc/hosts.deny 1>/dev/null 2>/dev/null")) > 0) { /* hosts.allow is not there... */ header = "hosts.deny not present on this system"; dostuff(0, filename, 0, header, html); } else /* hosts.deny exists, do all this stuffs */ { /* now then, get the entries in /etc/hosts.deny */ /* that are not comments... */ /* note: grep returns * 0 on match * 1 on no match * 2 on system/file/read/other failure * HOWEVER, -v inverts the sense of 0,1. */ shellcode = "grep -v \\# /etc/hosts.deny 1>/dev/null 2>/dev/null >/tmp/lsat1.lsat"; if ((dostuff(tempfile, 0, shellcode, 0, html)) < 0) { /* something went wrong */ perror(" Creation of list failed."); return(-1); } /* two things to check for: */ /* a) this file should not be empty */ /* b) it should contain ALL:ALL, or ALL : ALL or the like*/ /* open the tempfile... */ fileptr = fopen("/tmp/lsat1.lsat", "r"); if (fileptr == NULL) { perror(" Error opening tmp file.\n"); perror(" Error was in checkhostsfiles module.\n"); return(-1); } /* reset flags... */ field = 0; found = 0; found2 = 0; /* start getting lines from this file */ linecount=0; while (fgets(line, sizeof(line), fileptr) != NULL) { ptr = strtok(line, ", \n"); while (ptr != NULL) { if (sscanf(line, "%127s", tempstring) < 1) { perror(" sscanf bit the dust.\n"); perror(" Dust biting was in checkhostsfiles.\n"); return(-1); } if (field == 0) { if ((strstr(tempstring, strptr)) != NULL) { /* found match, 1st field */ firstall = 1; } } if ((field == 1) || (field == 2)) { if (((strstr(tempstring, strptr)) != NULL) && (firstall ==1)) { /* found match, 2nd filed */ /* there is an ALL:ALL in hosts.allow */ found = 1; } if (strstr(tempstring, target) != NULL) { /* found match, 2nd filed, but not 1st. */ /* there is an allow all in hosts.allow */ found2 = 1; } } ptr = strtok(NULL, ", \n"); if (ptr == NULL) { break; } field++; } /* end while (ptr != NULL) */ linecount++; } /* end while(fgets...) */ /* if found = 0, there is _no_ ALL:ALL */ if (found == 0) { header = "Did not find ALL:ALL in hosts.deny.\nLines found in hosts.deny:\n"; } if (found == 1) { header = "ALL:ALL present in hosts.deny. Good.\nHere are the lines in hosts.deny:\n"; } if ((dostuff(tempfile, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Creation of list failed."); return(-1); } } /* end of else, for if hosts.deny exists */ /* this is bad unless you really use the "r" commands */ /* which you shouldn't.. :) */ if ((system("cat /etc/hosts.equiv 1>/dev/null 2>/dev/null")) == 0) { /* hosts.equiv is there... */ /* we consider this a bad thing. */ header = "/etc/hosts.equiv found on this system.\nUnless you really need it, remove it."; dostuff(0, filename, 0, header, html); } if ((system("cat /etc/hosts.lpd 1>/dev/null 2>/dev/null")) == 0) { /* hosts.lpd is there... */ /* we consider this a bad thing. */ header = "/etc/hosts.lpd found on this system.\nConsider preventing lpd from listening to the network.\nAt least make sure it contains fully qualified hostnames."; dostuff(0, filename, 0, header, html); } /* clean up */ if(fileptr) fclose(fileptr); if (verbose > 0) { printf(" Finished module checkhostsfiles.\n"); } return(0); } lsat-0.9.7.1/checkinetd.c0000644000175000001440000002130211007333550014371 0ustar number9users/************************************************/ /* This checks inetd.conf for baddies... */ /* This function checks inetd.conf or xinetd.d */ /* for unwanted services. It outputs the list */ /* of all servies running (all are unwanted, */ /* right?) to the outfile. */ /* If inetd.conf exists or if xinetd.d is */ /* present it also returns a 1 to main to tell */ /* main to run a check of /etc/hosts.deny. */ /* */ /* See lsatmain.c for more details... */ /************************************************/ #include "lsatheader.h" #include #include #include #include #include int checkinetd(filename, distribution, verbose, html) const char *const filename; int distribution; int verbose; int html; { char *ptr; char line[128]; /* temp line for reading */ char tempstring[128]; /* tempstring for inet */ int inetd = 0; /* do we use inetd? */ int xinetd = 0; /* do we use xinetd? */ int linecount, field; /* some vars... */ int emptyflag=1; /* is inet an empty file? */ FILE *infile; /* tempfile file pointer */ FILE *fileptr; const char * tmp_file = "/tmp/lsat2.lsat"; /* temp file */ const char * tempfile =NULL; const char * shellcode=NULL; const char * header =NULL; if (verbose >= 0) { printf(" Running checkinetd module...\n"); } /* really check if /etc/inetd.conf or /etc/xinetd.conf exist */ /* instead of guessing */ if (distribution != 3) /* we are not on Solaris... */ { /* check for /etc/inetd.conf */ if (system("test -e /etc/inetd.conf")==0) { inetd=1; } /* check for /etc/xinetd.d/ */ if (system("test -e /etc/xinetd.d")==0) { xinetd=1; } } if (distribution == 3) /* we are on Solaris, test -e does not work under sh */ { /* check for /etc/inetd.conf */ if (system("test -f /etc/inetd.conf")==0) { inetd=1; } /* check for /etc/xinetd.d/ */ if (system("test -f /etc/xinetd.d")==0) { xinetd=1; } } /* now we start to check */ if (inetd == 1) { if (verbose > 0) { printf(" Checking entries in /etc/inetd.conf...\n"); } /* note: grep returns * 0 on match * 1 on no match * 2 on system/file/read/other failure * HOWEVER, -v inverts the sense of 0,1. */ header = "inetd.conf entries:\n"; tempfile = "/tmp/lsat1.lsat"; /* use different shellcodes as linux grep is */ /* mo-betta than standard Solaris grep :) */ if (distribution != 3) { /* find all lines that do not _start_ with a "#" */ shellcode = "grep -Ev ^\\[:space:\\]*\\# /etc/inetd.conf >/tmp/lsat1.lsat"; } if (distribution == 3) { /* find all lines that do not _start_ with a "#" */ /* Note, either I suck with grep, or Solaris grep*/ /* is drain bramaged... have to just check for # */ shellcode = "grep -v \\# /etc/inetd.conf >/tmp/lsat1.lsat"; } if ((dostuff(tempfile, 0, shellcode, header, html)) < 0) { /* something went wrong */ perror(" Creation of list failed."); return(-1); } /* now instead of reading the whole file and */ /* say looking for baddie servies, I consider */ /* that all in there are evil. Merely tell the */ /* user what we have found that is open. */ /* perhaps also tell them to close them. :) */ /* note that if the file is empty, thats great. */ /* it _should_ mean that they have commented */ /* out everything in /etc/inetd.conf */ infile = fopen("/tmp/lsat1.lsat", "r"); if (infile == NULL) { perror(" Error opening tmp file.\n"); return(-1); } /* create another tmp file for entries... */ if ((fileptr = fopen(tmp_file, "a")) == NULL) { perror(" Could not create temporary file...\n"); perror(" Possible link attack while creating/opening file!\n"); exit(-1); } /* init linecount */ linecount = 0; /* init emptyflag */ emptyflag = 0; while (fgets(line, sizeof(line), infile) != NULL) { field=0; ptr = strtok(line, ", \"\n"); if (ptr == NULL) { if (linecount == 0) { /* 1st line was empty, must have been */ /* an empty file. This _should_ be a */ /* "good thing".... */ /* set flag, then break. */ emptyflag = 1; } } linecount++; while (ptr != NULL) { if (sscanf(ptr, "%127s", tempstring) < 1) { perror(" sscanf bit the dust"); perror(" Dust biting was in checkinetd.\n"); return(-1); } /* note: we just need the 1st field... */ if (field == 0) { fprintf(fileptr, "%s\n", tempstring); } ptr = strtok(NULL, ", \"\n"); if (ptr == NULL) { ; } field++; } } /* end while(fgets...) */ /* close files in use */ fclose(infile); /* close the tmp file, do not rm it */ fclose(fileptr); /* rm tempfile since dostuff will be called */ /* with the new tmpfile we created */ remove(tempfile); /* call dostuff to append the new tmpfile */ /* to the outfile. */ if (emptyflag == 1) { /* no baddies in inetd.conf */ header = "No non-essential items found in inetd.conf. Good.\n"; } if (emptyflag == 0) { /* found some lines not commented out... */ header = "Please comment out all of these from inetd.conf.\n"; } if ((dostuff(tmp_file, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Creation of list failed."); return(-1); } } /* end of if(inetexists==1) */ /* end of RedHat 5.x, 6.x check portion */ /* note that in the above dostuff it should */ /* have removed the tempfile, so we will */ /* reuse it below for xinetd.d entries... */ /* if we are on RedHat 7.x we use xinetd.d/ files */ if (xinetd == 1) { if (verbose > 0) { printf(" Checking entries in /etc/xinetd.d/...\n"); } /* init the linecount here */ linecount = 0; /* assume RedHat 7.x box */ /* read through the files in /etc/xinetd.c and */ /* check for ones that are not disabled. */ tempfile = "/tmp/lsat1.lsat"; shellcode = "grep disable /etc/xinetd.d/* 2>/dev/null |grep no 2>/dev/null |awk -F\" \" 'length($1 $4) > 0 {print($1 $4)}' >/tmp/lsat1.lsat"; header = "Entries below shall be services in xinetd.d that\nare not disabled.\nPlease verify that you do not want these disabled.\nIf nothing is listed below, all services in xinetd.d are disabled.\n"; if ((dostuff(tempfile, filename, shellcode, header, html)) < 0) { /* something went wrong */ perror(" Creation of list failed."); return(-1); } } /* end of RedHat 7.x check portion */ /* the xinetd.conf file may not exist on some systems (aka gentoo) */ if ((system("test -r /etc/xinetd.conf"))==0) { if ((system("grep only_from /etc/xinetd.conf 1>/dev/null 2>/dev/null >/dev/null") == 0)) { /* found only_from in xinetd.conf, tell user to check it */ /* later on I will check against the ifconfig output or */ /* something *smile* */ header = "Found only_from line in xinetd.conf.\nMake sure this matches what you want to allow\n"; } else { /* did not find only_from in xinetd.conf... user should */ /* add this to xinetd.conf... */ header = "Did not find only_from= in /etc/xinetd.conf.\nPlease add this to allow subnets that you want to give access to.\n"; } if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Creation of list failed."); return(-1); } } if (verbose > 0) { printf(" Finished module checkinetd.\n"); } /* instead of just returning 0 here */ /* we return (inetd or xinetd)... */ /* 0 for no existance, 1 if either exists */ return(inetd || xinetd); } lsat-0.9.7.1/checkinittab.c0000644000175000001440000000430211007333550014721 0ustar number9users/****************************************/ /* This is the checkinittab module for */ /* LSAT. It merely checks to see which */ /* runlevel is running, or actually, it */ /* just checks to see if we are running */ /* in 5 (Xwindows)... note this is not */ /* for Mac OSX. */ /* */ /* See lsatmain.c for more details. */ /****************************************/ #include "lsatheader.h" #include #include #include int checkinittab(filename, distribution, verbose, html) const char *const filename; int distribution; int verbose; int html; { const char * header = NULL; if (verbose >= 0) { printf(" Running checkinittab module...\n"); } /* if we are not on redhat or derivative, do not do this... */ if (distribution != 5) { /* we are not on Mac OSX */ if ((system("grep id:5:initdefault /etc/inittab 1>/dev/null 2>/dev/null >/dev/null") == 0)) { /* we have a match, they are running X as default init */ header = "default init level set to 5.\nUnless there is a reason to run a GUI full time on this system,\nconsider setting to runlevel 3.\n"; } else { /* we (hope) the runlevel is 3 and not 6 *smile* */ header = "default init level is not set to 5. Good.\n"; } } /* slackware check */ if (distribution == 6) /* JTO */ { /* we are on slackware */ if ((system("grep id:4:initdefault /etc/inittab 1>/dev/null 2>/dev/null >/dev/null")) == 0) { /* we have a match, they are running X as default init */ header = "default init level set to 4.\nUnless there is a reason to run a GUI full time on this system,\nconsider setting to runlevel 3.\n"; } else { /* we (hope) the runlevel is 3 and not 6 *smile* */ header = "default init level is not set to 4. Good.\n"; } } /* ok, call dostuff to print out the header */ /* to the output file... */ if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Creation of list failed."); return (-1); } if (verbose > 0) { printf(" Finished in checkinittab module.\n"); } return(0); } lsat-0.9.7.1/checkipv4.c0000644000175000001440000001535011007333550014156 0ustar number9users/****************************************/ /* This is the checkipv4 module ...it */ /* it checks for various proc entries */ /* that aid in a more secure system... */ /* */ /* See lsatmain.c for more details. */ /****************************************/ #include "lsatheader.h" #include #include #include int checkipv4(filename, verbose, html) const char *const filename; int verbose; int html; { const char * header =NULL; if (verbose >= 0) { printf(" Running checkipv4 module...\n"); } /* check to see if we ignore pings... */ if ((system("test -r /proc/sys/net/ipv4/icmp_echo_ignore_all 1>/dev/null")) == 0) { /* file is there, check it */ if ((system("grep 0 /proc/sys/net/ipv4/icmp_echo_ignore_all 1>/dev/null")) == 0) { /* it has a zero, we want a one in it. */ header = "/proc/sys/net/ipv4/icmp_echo_ignore_all exists, but is off.\nConsider placing a one in it to turn on.\n"; } else { /* its there and has a one. good. */ header = "You ignore all ICMP Echo requests, good.\n"; } } else { /* file is not there at all... */ header = "Consider ignoring icmp_echo...\n"; } /* ok, call dostuff to print out the header */ /* to the output file... */ if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Creation of list failed."); return (-1); } /* check to see if we ignore broadcasts... */ if ((system("test -r /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts 1>/dev/null")) == 0) { /* file is there, check it */ if ((system("grep 0 /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts 1>/dev/null")) == 0) { /* it has a zero, we want a one in it. */ header = "/proc/sys/net/ipv4/icmp_echo_ignore_broadcasts exists but it is off\nConsider turning it on by placing a one in it.\n"; } else { /* its there and has a one. good. */ header = "You ignore all ICMP Echo broadcasts, good.\n"; } } else { /* file is not there at all... */ header = "Consider turning on icmp_echo_ignore_broadcasts.\n"; } /* ok, call dostuff to print out the header */ /* to the output file... */ if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Creation of list failed."); return (-1); } /* check to see if we disable source routed packets */ if ((system("test -r /proc/sys/net/ipv4/conf/all/accept_source_route 1>/dev/null")) == 0) { /* it exists, check it */ if ((system("grep 1 /proc/sys/net/ipv4/conf/all/accept_source_route 1>/dev/null")) == 0) { /* its there and has a one, we want a zero */ header = "/proc/sys/net/ipv4/conf/all/accept_source_route exists, but it is off.\nConsider turning it on by putting a zero in it.\n"; } else { /* its there and its on */ header = "You are denying source routed packets. Good.\n"; } } else { /* file is not there at all... */ header = "Consider denying source routed packets.\n"; } /* ok, call dostuff to print out the header */ /* to the output file... */ if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Creation of list failed."); return (-1); } /* check to see if we disable redirect acceptance */ if ((system("test -r /proc/sys/net/ipv4/conf/all/accept_redirects 1>/dev/null")) == 0) { /* its there check it */ if ((system("grep 1 /proc/sys/net/ipv4/conf/all/accept_redirects 1>/dev/null")) == 0) { /* its off */ header = "/proc/sys/net/ipv4/conf/all/accept_redirects exists, but its off.\n"; } else { /* its there and it has a one */ header = "You are not accepting ipv4 redirects. Good\n"; } } else { /* that file does not even exist */ header = "Consider not accepting ipv4 redirects.\n"; } /* ok, call dostuff to print out the header */ /* to the output file... */ if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Creation of list failed."); return (-1); } /* check to see if we are protecting against bad err msgs */ if ((system("test -r /proc/sys/net/ipv4/icmp_ignore_bogus_error_responses")) == 0) { /* its there, check it */ if ((system("grep 0 /proc/sys/net/ipv4/icmp_ignore_bogus_error_responses 1>/dev/null")) == 0) { /* its has a zero, we want a one */ header = "IPV4 protection against bad err msgs is there, but it is off.\n"; } else { /* its there and on */ header = "You are ignoring bad err msgs in ipv4. Good.\n"; } } else { /* file was not there at all */ header = "You are not ignoring bad error msgs in ipv4.\nConsider turning this on.\n"; } /* ok, call dostuff to print out the header */ /* to the output file... */ if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Creation of list failed."); return (-1); } /* I am considering checking for reverse path filtering, but hesitate */ /* to add it just yet... */ /* check for logging of spoofed, source routed and redirected pkts */ if ((system("test -r /proc/sys/net/ipv4/conf/all/log_martians 1>/dev/null")) == 0) { /* it exists, check it */ if ((system("grep 0 /proc/sys/net/ipv4/conf/all/log_martians 1>/dev/null")) == 0) { /* its there but off */ header = "Logging of spoofed, etc packets is off.\nConsider turning on.\n"; } else { /* its on already. */ header = "You are logging spoofed, etc packets. Good.\n"; } } else { /* that file does not exist... */ header = "Consider turning on the logging of spoofed, source routed\nand redirected ipv4 packets.\n"; } /* ok, call dostuff to print out the header */ /* to the output file... */ if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Creation of list failed."); return (-1); } if (verbose > 0) { printf(" Finished in checkipv4 module.\n"); } return(0); } lsat-0.9.7.1/checkissue.c0000644000175000001440000000710311007333550014421 0ustar number9users/********************************************/ /* this module checks for existance of */ /* /etc/issue and /etc/issue.net files... */ /* If they exist, this is not really bad, */ /* but by default they give out system */ /* specific information which could be */ /* useful to an attacker. */ /* */ /* See lsatmain.c for more details. */ /********************************************/ #include "lsatheader.h" #include #include #include int checkissue(filename, verbose, html) const char *const filename; int verbose; int html; { const char * header =NULL; if (verbose >= 0) { printf(" Running checkissue module...\n"); } if ((system("cat /etc/issue 1>/dev/null 2>/dev/null >/dev/null")) == 0) /* its there, This is a "bad thing", perhaps. */ { header = "/etc/issue exists. Make sure it does not have any \n system specific information in it.\n"; if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Creation of list failed."); return(-1); } } else /* /etc/issue does not exist */ { header = "/etc/issue does not exist. Good.\n"; if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Creation of list failed."); return(-1); } } if ((system("cat /etc/issue.net 1>/dev/null 2>/dev/null >/dev/null")) == 0) /* its there, This is a "bad thing", perhaps. */ { header = "/etc/issue.net exists. Make sure it does not have any \n system specific information in it.\n"; if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Creation of list failed."); return(-1); } } else /* /etc/issue.net does not exist */ { header = "/etc/issue.net does not exist. Good.\n"; if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Creation of list failed."); return(-1); } } if ((system("cat /etc/motd 1>/dev/null 2>/dev/null >/dev/null")) == 0) /* its there, This is a "bad thing", perhaps. */ { header = "/etc/motd exists. Make sure it does not have any \n system specific information in it.\n"; if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Creation of list failed."); return(-1); } } else /* /etc/motd does not exist */ { header = "/etc/motd does not exist.\n"; if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Creation of list failed."); return(-1); } } if ((system("ls /etc/banners 1>/dev/null 2>/dev/null >/dev/null")) == 0) { /* it should be there then */ header = "/etc/banners exists... Check it to make sure its ok.\n"; } else { /* it is not there... */ header = "/etc/banners dir not found. \nCheck securitylinks.txt for more info.\n"; } if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Creation of list failed."); return(-1); } if (verbose > 0) { printf(" Finished in checkissue module.\n"); } return(0); } lsat-0.9.7.1/checkkbd.c0000644000175000001440000000464211007333550014036 0ustar number9users/************************************************/ /* This checks to see if the ctrlaltdel, or the */ /* STOP-A sequences are disabled in linux or */ /* Solaris, respectively. These should be */ /* disabled for security reasons. */ /* Where? */ /* Linux: /etc/inittab */ /* Solaris: /etc/default/kbd */ /* */ /* See lsatmain.c for more details... */ /************************************************/ #include "lsatheader.h" #include #include #include int checkkbd(release, filename, verbose, html) char release[50]; const char *const filename; int verbose; int html; { char Sunos[4]="Sun"; /* for comparison */ char Linux[4]="Lin"; /* for comparison */ char *sunptr=Sunos; /* char pointer */ char *lptr=Linux; /* char pointer */ const char * header =NULL; if (verbose >= 0) { printf(" Running checkkbd module...\n"); } /* ok, we also check here if we are on a Solaris */ /* machine. */ if (strstr(release, sunptr) != NULL) { if (verbose > 0) { printf(" Checking KEYBOARD_ABORT...\n"); } /* note, I am checking the existance of the line */ /* and that it is commented out, which is what */ /* we DO NOT want. */ if ((system("grep KEYBOARD_ABORT=disable /etc/default/kbd 2>/dev/null |grep -v \\# 1>/dev/null 2>/dev/null"))== 0) { header = "Make sure keyboard abort is disabled.\nIt is in /etc/default/kbd\n"; if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Write to outfile failed."); return(-1); } } } /* if not Solaris... must be linux. */ if (strstr(release, lptr) != NULL) { if (verbose > 0) { printf(" Checking ctrlaltdel...\n"); } /* note here, it is the opposite of SunOS */ /* in that the line _should_ be commented out */ if ((system("grep ctrlaltdel /etc/inittab 1>/dev/null 2>/dev/null | grep -v \\# 1>/dev/null 2>/dev/null")) == 0) { header = "Make sure the ctrlaltdel is commented out.\nIt is in /etc/inittab.\n"; if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Creation of list failed."); return(-1); } } } if (verbose > 0) { printf(" Finished module checkkbd.\n"); } return(0); } lsat-0.9.7.1/checklimits.c0000644000175000001440000000516211007403114014567 0ustar number9users/****************************************/ /* This is the checklimits.c module for */ /* lsat program. This module checks for */ /* the default setting in limits.conf */ /* This is not a complete check by far, */ /* but a good place to start. */ /* */ /* See lsatmain.c for more details. */ /****************************************/ #include "lsatheader.h" #include #include #include int checklimits(filename, verbose, html) const char *const filename; int verbose; int html; { const char * header =NULL; const char * tempfile =NULL; const char * shellcode =NULL; if (verbose >= 0) { printf(" Running checklimits module...\n"); } /* first check for the limits.conf file */ /* in the usual place. if its not there */ /* tell the user we cant find it. */ if ((system("test -r /etc/security/limits.conf")) == 0) { /* it exists, check it */ /* -v inverts sense of return value */ /* if == 1 there was a match (it is hashed out). */ /* if so, then we warn user. */ if ((system("grep \"\\*\" /etc/security/limits.conf 2>/dev/null |grep -v \\# 2>/dev/null")) != 0) { header = "Default limits hashed out in limits.conf.\nCheck /etc/security/limits.conf for the default entry.\nMake sure to set hard and soft limits for default \"*\",\nor for individual users.\n"; } else { header = "/etc/security/limits.conf looks ok.\nDouble check the limits just to be sure.\n"; } } else { header = "Can't seem to find limits.conf file.\nCheck to make sure you are using limits and,\nthat the default (hard/soft) limits are set.\n"; } /* ok, call dostuff to print out the header */ /* to the output file... */ if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Creation of list failed."); return (-1); } /* ok, we looked for the system limits in */ /* the limits file, but lets see what the */ /* current limits are... */ /* we think this works on all distros. :O */ shellcode = "ulimit -a 2>/dev/null >>/tmp/lsat1.lsat"; header = "Output from ulimit, check to see if these are reasonable limits.\nResource limits can help prevent DOS attacks,\nread up on them if you need to.\n"; tempfile = "/tmp/lsat1.lsat"; if ((dostuff(tempfile, filename, shellcode, header, html)) <0) { /* something went wrong */ perror(" Creation of list failed."); return(-1); } if (verbose > 0) { printf(" Finished in checklimits module.\n"); } return(0); } lsat-0.9.7.1/checklistening.c0000600000175000001440000000571111007333550015260 0ustar number9users/**********************************************/ /* This will check for applications listening */ /* on the system using /proc/net/packet and */ /* lsof because ifconfig and ip don't pick */ /* up everything. */ /* */ /* False positives like dhcpcd, dhclient and */ /* wpa_supplicant are expected but it is */ /* always "better" to know what =is= running. */ /* */ /* */ /* See lsatmain.c for more details. */ /**********************************************/ #include "lsatheader.h" #include #include #include int checklistening(filename, distribution, verbose, html) const char *const filename; int distribution; int verbose; int html; { const char * header =NULL; const char * tempfile =NULL; const char * shellcode=NULL; int lsof_installed = 0; if (verbose >= 0) { printf(" Running checklistening module...\n"); } /* it was noted that some distros do not install lsof by */ /* default, mainly gentoo... we therefore check here. */ if (distribution != 3) { if ((system("lsof 1>/dev/null 2>/dev/null >/dev/null")) != 0 ) { /* perhaps lsof is not installed */ header = "lsof is not installed on this system,\nor it is not in the path,\nor I just can not find it.\ncheckopenfiles was not run.\n"; lsof_installed = 1; } } if ((system("readlink 1>/dev/null 2>/dev/null >/dev/null")) != 0 ) { /* readlink aint there */ header = "readlink is not installed on this system,\nor it is not in the path,\nor I just can not find it.\nchecklistening was not run.\n"; /* we'll just use the other var since it makes no differency because we need both */ lsof_installed = 1; } /* Solaris */ if (distribution == 3) { header = "checklistening not supported on Solaris.\n"; lsof_installed = 1; } if (lsof_installed == 0) { header = "These applications are listening (processname, pid):\n"; tempfile = "/tmp/lsat1.lsat"; shellcode = "grep /proc/net/packet -ve ^sk|awk '{print $9}'|while read inode; do lsof -lMnP | grep '$inode' | awk '{print $2}'|while read pid; do name=$(readlink -f /proc/$pid/exe); echo '${name} $pid'; done 2>/dev/null >>/tmp/lsat1.lsat"; if ((dostuff(tempfile, filename, shellcode, header, html)) < 0) { /* something went wrong */ perror(" Creation of list failed."); return(-1); } } if (lsof_installed == 1) { if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Creation of list failed."); return(-1); } } if (verbose > 0) { printf(" Finished in checklistening module.\n"); } return(0); } lsat-0.9.7.1/checklogging.c0000644000175000001440000000630211007333550014717 0ustar number9users/****************************************/ /* This is the cheklogging module for */ /* LSAT. It merely checks that log auth */ /* and log authpriv facilities are being*/ /* used. */ /* it now also checks the faillog */ /* */ /* See lsatmain.c for more details. */ /****************************************/ #include "lsatheader.h" #include #include #include int checklogging(filename, distribution, verbose, html) const char *const filename; int distribution; int verbose; int html; { const char * header = NULL; const char * shellcode = NULL; const char * tmp_file = "/tmp/lsat1.lsat"; if (verbose >= 0) { printf(" Running checklogging module...\n"); } /* if we are not on redhat or derivative, do not do this... */ /* we shall append to this later for Solaris and Mac OSX */ /* check for the auth facility... */ if (distribution != 5) { /* we are not on Mac OSX */ if ((system("grep auth\\. /etc/syslog.conf 1>/dev/null 2>/dev/null >/dev/null") == 0)) { /* match, they are logging auth */ header = "_Looks_ like you are using the auth log facility\nin syslog. Good."; } else { /* no match. they are not logging auth */ header = "Consider placing: auth.*\t\t\t\t/var/log/secure\n in your /etc/syslog.conf file.\n"; } } /* ok, call dostuff to print out the header */ /* to the output file... */ if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Creation of list failed."); return (-1); } /* now check for authpriv facility... */ if (distribution != 5) { /* we are not on Mac OSX */ if ((system("grep authpriv\\. /etc/syslog.conf 1>/dev/null 2>/dev/null >/dev/null") == 0)) { /* match, they are logging authpriv */ header = "_Looks_ like you are using the authpriv log facility\nin syslog. Good."; } else { /* no match. they are not logging authpriv */ header = "Consider placing: authpriv.*\t\t\t\t/var/log/secure\n in your /etc/syslog.conf file.\n"; } } /* ok, call dostuff to print out the header */ /* to the output file... */ if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Creation of list failed."); return (-1); } /* Solaris and Linux should have this... I think OSX has it too */ if ((system("test -r /usr/bin/faillog")) == 0) { /* run failllog */ /* ops, we have to shorten the output of faillog */ /* e.g. what if we are on a big system w/1000s of*/ /* users? The faillog output could be huge... */ /* we cut it back to say 100... */ shellcode = "/usr/bin/faillog -a |head -100 2>/dev/null >/tmp/lsat1.lsat"; header = "The last 100 (or less) failed login attempts on the system\n"; if ((dostuff(tmp_file, filename, shellcode, header, html)) < 0) { /* something went wrong */ perror(" Creation of list failed."); return(-1); } } if (verbose > 0) { printf(" Finished in checklogging module.\n"); } return(0); } lsat-0.9.7.1/checkmd5.c0000644000175000001440000001441511007333550013762 0ustar number9users/********************************************/ /* This module will find all files on the */ /* system and print an md5sum for each one */ /* out to a file...not the lsat.out file. */ /* In this way the output can be diffed */ /* against an older one. If this module was */ /* already run, the old outfile will be */ /* renamed to .old. I may put in a switch */ /* to automagically diff the output.... */ /* */ /* See lsatmain.c for more details. */ /********************************************/ /********************************************/ /* Special note for md5sum (GNU/Linux) */ /* 10/20/2003: */ /* */ /* md5sum is "sortof" broken... who is at */ /* fault is really a matter of perspective, */ /* but nevertheless, if one tries to md5sum */ /* an "unreadable" file (say /proc/kmsg), */ /* md5sum will hang. This is due to the fact*/ /* that you can not really read the file, */ /* or better yet, the first few characters. */ /* e.g. if you cat /proc/kmsg (redhat 9.0) */ /* and strace it, you will receive a read */ /* error on the first two bytes. This causes*/ /* md5sum to hang. Even though they are */ /* checking to make sure the line pointer is*/ /* good in md5sum.c, they do not check if */ /* the first few bytes are actually readable*/ /* For this reason, until I can come up with*/ /* a good solution, (and then convincing the*/ /* md5sum maintainer is another thing) or */ /* think of a good test in here, I will be */ /* ignoring the /proc and /dev directories */ /* during the find for md5summing files... */ /* yuk. */ /* */ /* I will try to work on this and fix it as */ /* soon as I can. */ /********************************************/ #include "lsatheader.h" #include #include #include int checkmd5(filename, distribution, verbose, html, diff) const char *const filename; int verbose; int distribution; int html; int diff; { int outexists = 0; const char * header =NULL; const char * tempfile =NULL; const char * outfile2 =NULL; const char * shellcode=NULL; const char *outputfile = "lsatmd5.out"; char *newname = NULL; FILE *tempptr; if (verbose >= 0) { printf(" Running checkmd5 module...\n"); } header = "Check lsatmd5.out for output of checkmd5.\nIf this is a subsequent run, old one is called lsatmd5.out.old\n"; if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Creation of list failed.\n"); return(-1); } /* ok, make a temp file for holding the output */ tempfile="/tmp/lsat1.lsat"; /* lets get a list of files and md5(sum) them... */ /* denote again... under Mac OSX its md5 and not md5sum... */ if (distribution == 5) { shellcode = "find / -type f -print0 2>/dev/null |xargs -0 md5 2>/dev/null >> /tmp/lsat1.lsat"; } else { /* ugh, that is silly. */ /* yes, let's make it ((silly--)) */ /* this one really avoids proc dev and also var and tmp and /sys */ /* if thats too much for you, rip out the repective " -o -path -prune" parts */ shellcode = "find / -path /dev -prune -o -path /proc -prune -o -path /home -prune -o -path /var -prune -o -path /tmp -prune -o -path /sys -prune -o -type f -exec md5sum \\{\\} \\; 2>/dev/null >> /tmp/lsat1.lsat"; } if ((dostuff(tempfile, 0, shellcode, 0, html)) < 0) { /* something went wrong */ perror(" Creation of list failed.\n"); return(-1); } /* ok, now all of these find outputs are in the tempfile */ /* now we print that out to another .out file... */ outfile2 = "lsatmd5.out"; /* check if output exists, if it does, make a */ /* backup and rm the orig. named one. */ tempptr = fopen(outputfile, "r"); if (tempptr != 0) { /* output file exists */ /* make note of this in case we wish to diff... */ outexists = 1; if ((newname = (char *) calloc(2, sizeof(outputfile))) == NULL) { perror("Can not allocate temp memory in checkmd5.\n"); perror("Strange. Bailing...\n"); exit(-1); } fclose(tempptr); /* add .old onto the old outfile name */ sprintf(newname, "%s.old", outputfile); /* gnu, but should be ok... */ /* no failure check? eh, its ok... */ rename(outputfile, newname); /* free up calloc'd mem */ free(newname); } /* now that we have a backup, remove the outfile */ /* don't care about failure here... */ remove(outputfile); /* ok, now that we have a backup of the orig file*/ /* write the new one out to disk... */ if ((dostuff(tempfile, outfile2, 0, 0, html)) < 0) { /* something went wrong */ perror(" Creation of list failed.\n"); return(-1); } /* if the user wants a diff, do it here... */ /* do they want a diff? */ if (diff == 1) { /* make sure the old outfile exists */ if (outexists == 1) { /* note we just overwrite the old diff... */ /* this could be improved :) */ if (system("diff lsatmd5.out lsatmd5.out.old > lsatmd5.diff") < 0 ) { /* something went wrong */ perror(" diff failed in checkmd5 module.\n"); } header = "md5 diff completed, check lsatmd5.diff for output\n"; if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Creation of list failed.\n"); return(-1); } } else { /* old md5sum output file does not exist... */ /* user must have del it or not run lsat before. */ /* give warning, but don't bomb out... */ header = "Cound not find lsatmd5.out.old,\nno md5diff run was done; re-run lsat to generate one.\n"; if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Creation of list failed.\n"); return(-1); } } } if (verbose > 0) { printf(" Finished in checkmd5 module.\n"); } return(0); } lsat-0.9.7.1/checkmodules.c0000644000175000001440000000621311007333550014742 0ustar number9users/********************************************/ /* This module will (hopefully) check to see*/ /* if loadable modules are enabled in the */ /* kernel...for a really secure system, this*/ /* should be disabled and they should be */ /* static in the kernel. */ /* */ /* This will (obviously) not work under */ /* Solaris or AIX... */ /* Note I will check in lsatmain.c to see */ /* if we are on a linux distro before we */ /* run this. I think this will save some */ /* cpu cycles instead of coming here to do */ /* this check... */ /* */ /* See lsatmain.c for more details. */ /********************************************/ #include "lsatheader.h" #include #include #include int checkmodules(filename, verbose, html) const char *const filename; int verbose; int html; { const char * header =NULL; const char * tempfile =NULL; const char * shellcode=NULL; if (verbose >= 0) { printf(" Running checkmodules module...\n"); } if ((system("cat /proc/modules 1>/dev/null 2>/dev/null >/dev/null")) == 0 ) { if ((system("grep module /proc/ksyms 1>/dev/null 2>/dev/null >/dev/null")) == 0) { if (system("/sbin/lsmod 2>&1|grep -e QM_MODULES") == 0) { tempfile = "/tmp/lsat1.lsat"; header = "Modules appear to be enabled in the kernel.\nList of modules loaded:\n"; shellcode = "/usr/bin/strings -an1 /proc/modules 2>&1>/tmp/lsat1.lsat"; if ((dostuff(tempfile, filename, shellcode, header, html)) < 0) { /* rhut-rho...something bad happened */ perror(" Creation of list failed."); return(-1); } } else { tempfile = "/tmp/lsat1.lsat"; header = "Modules appear to be enabled in the kernel.\nList of modules loaded:\n"; shellcode = "/sbin/lsmod 2>&1>/tmp/lsat1.lsat"; if ((dostuff(tempfile, filename, shellcode, header, html)) < 0) { /* rhut-rho...something bad happened */ perror(" Creation of list failed."); return(-1); } } } } if ((system("test -r /sbin/modprobe")) == 0) { shellcode = "/sbin/modprobe -c -l 2>/dev/null >/tmp/lsat1.lsat"; header = "These are the kernel modules that are loaded on the system\nas given by the output of modprobe -c -l\nCheck to see if they are really needed.\n"; tempfile = "/tmp/lsat1.lsat"; if ((dostuff(tempfile, filename, shellcode, header, html)) < 0) { /* something went wrong */ perror(" Creation of list failed."); return(-1); } } /* I should just test for solaris here */ if ((system("test -r /usr/sbin/modinfo")) == 0) { shellcode = "/usr/sbin/modinfo 2>/dev/null >/tmp/lsat1.lsat"; header = "These are kernel modules that are loaded on the system\nas given by the output of modinfo.\nCheck to see if they are really needed.\n"; tempfile = "/tmp/lsat1.lsat"; if ((dostuff(tempfile, filename, shellcode, header, html)) < 0) { /* something went wrong */ perror(" Creation of list failed."); return(-1); } } if (verbose > 0) { printf(" Finished in checkmodules module.\n"); } return(0); } lsat-0.9.7.1/checknet.c0000644000175000001440000002050611007333550014061 0ustar number9users/************************************************/ /* This checks open network ports. */ /* This module checks for open network ports on */ /* the system by means of a netstat -an. */ /* the output is stripped for LISTEN lines and */ /* that is checked against /etc/services in */ /* order to print out a "guess" at what is */ /* running on that port. I could have used nmap */ /* or something else, but I wanted to just have */ /* a quick check without having to install */ /* yet another program (YAP). */ /* */ /* See lsatmain.c for more details... */ /************************************************/ #include "lsatheader.h" #include #include #include #include #include int checknet(filename, distribution, verbose, html) const char *const filename; int distribution; int verbose; int html; { char *ptr; /* char ptr for strtok */ char line[192]; /* temp line for reading */ char tempstring[192]; /* tempstring for entries */ int field; /* some vars... */ int i; /* counter */ FILE *infile; /* tempfile file pointer */ FILE *fileptr; const char * tmp_file = "/tmp/lsat2.lsat"; const char * tempfile =NULL; const char * shellcode=NULL; const char * header =NULL; if (verbose >= 0) { printf(" Running checknet module...\n"); } if (verbose > 0) { printf(" Checking for open/running network services...\n"); } if (distribution != 3) /* not on Solaris, go for it */ { tempfile = "/tmp/lsat1.lsat"; shellcode = "netstat -an |grep LISTEN |grep 0.0.0.0 2>/dev/null >>/tmp/lsat1.lsat"; if ((dostuff(tempfile, 0, shellcode, 0, html)) < 0) { /* something went wrong */ perror(" Creation of list failed."); return(-1); } /* create another temp file for storage */ if ((fileptr = fopen(tmp_file, "a")) == NULL) { perror("Could not make file w/perms 0600..."); perror("Possible link attack while creating/opening file!"); perror("Bailing in checknet..."); exit(-1); } /* ok, open the file dostuff just made for read */ infile = fopen("/tmp/lsat1.lsat", "r"); if (infile == NULL) { perror("Error opening tmp file."); perror("Error was in module: checknet."); return(-1); } /* ok, the file should look something like: */ /* protocol n n : : LISTEN */ /* so we want the port on the 1st : pair. */ /* we then want to look that port up in /etc/services */ /* and print out that line to the outfile... */ i = 0; /* counter for our array */ while (fgets(line, sizeof(line), infile) != NULL) { field=0; /* if we say a token is a ' ' or :, then we need to */ /* grab the 5th field of each line of the file. */ /* note here we will also print out the 1st field, */ /* although AFAIK they will all be tcp. */ ptr = strtok(line, ", :\n"); /* do not read in past field 5, buffer overflow can */ /* exist, thanks nordi. */ while ((ptr != NULL) && (field < 5)) { if (sscanf(ptr, "%191s", tempstring) < 1) { perror("sscanf bit the dust"); perror("Dust biting was in checknet.\n"); return(-1); } /* get the 1st field...*/ if (field == 0) { fprintf(fileptr, "%s\t\t", tempstring); } /* get the 5th field... */ if (field == 4) { fprintf(fileptr, "%s\n", tempstring); } ptr = strtok(NULL, ", :\n"); if (ptr == NULL) { /* freak out */ break; } field++; } /* end while (ptr!=NULL) */ } /* end while(fgets...) */ /* close infile */ fclose(infile); /* rm infile as dostuff is going to read in tmpfile */ remove(tempfile); /* dont forget to close tmpfile or dostuff will crash */ fclose(fileptr); header = "Check these ports in /etc/services to see what they are.\nClose all ports you do not need.\n\nPorts listening on this system:\nProtocol\tPort\n"; if ((dostuff(tmp_file, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Creation of list failed."); return(-1); } /* this ends the if (distribution != 3) function */ } if (distribution == 3) /* we are on Solaris, begin getting funky */ { tempfile = "/tmp/lsat1.lsat"; shellcode = "netstat -a -f inet |grep LISTEN |awk -F\" \" 'length($1) > 0 {print $1}' 2>/dev/null >> /tmp/lsat1.lsat"; header = "These ports were found to be listening on the system.\nClose all ports or services you do not need."; if ((dostuff(tempfile, filename, shellcode, header, html)) < 0) { /* something went wrong */ perror(" Creation of list failed."); return(-1); } } /* we shall attempt to do a check with nmap just for fun */ /* nmap has nice output, and is a very good program... */ if ((system("which nmap 1>/dev/null 2>/dev/null >/dev/null") == 0)) { /* it should be installed and in the PATH */ /* TODO */ /* we need to check if there is more than */ /* one interface on the box and then nmap */ /* each interface, except for loopback */ /* also note, some distrios outputs are different */ if (distribution == 5) { /* we are on Mac OSX */ shellcode = "nmap -v -T insane `ifconfig | grep inet | grep -v inet6 | awk -F\" \" 'length($2) > 0 {print $2}' |grep -v 127.0.0.1 |xargs` 2>/dev/null >>/tmp/lsat1.lsat"; } if (distribution == 4) { /* we are on gentoo */ shellcode = "nmap -v -T insane `/sbin/ifconfig |grep inet |awk -F\" \" 'length($2) > 0 {print $2}' |awk -F \":\" 'length($2) > 0 {print $2}' |grep -v 127.0.0.1 |xargs` 2>/dev/null >>/tmp/lsat1.lsat"; } if (distribution == 3) { /* we are on solaris */ /* hrm, is this going to work? */ shellcode = "nmap -v -T insane `grep loghost /etc/hosts |awk -F\" \" 'length($1) > 0 {print $1}' |xargs` 2>/dev/null >>/tmp/lsat1.lsat"; } if ((distribution == 1) || (distribution == 2)) { /* we assume a redhat deriviative */ /* I shove Debian in here too... */ /* untested on Debian thus far. */ shellcode = "nmap -v -T insane `/sbin/ifconfig |grep inet |grep -v 127.0.0.1 |awk -F\" \" 'length($2) > 0 {print $2}' |awk -F\":\" 'length($2) >0 {print $2}' |xargs` 2>/dev/null >>/tmp/lsat1.lsat"; } header = "Output from nmap run on local IP(s)\nCheck these services to see if they are critical.\nDisable services you do not need.\n"; if ((dostuff(tempfile, filename, shellcode, header, html)) < 0) { /* something went wrong */ perror(" Creation of list failed."); return(-1); } /* run arp to see if we have some arp poisen going on */ if ((system("which arp 1>/dev/null 2>/dev/null > /dev/null")) == 0) { shellcode = "arp -an 2>/dev/null >>/tmp/lsat1.lsat"; header = "Output from arp -a. \nIf you have arp poisoning, it should show up here.\n"; if ((dostuff(tempfile, filename, shellcode, header, html)) <0) { /* something went wrong */ perror(" Creation of list failed."); return(-1); } } /* check for kernel interface statistics */ if ((system("which netstat 1>/dev/null 2>/dev/null > /dev/null")) == 0) { shellcode = "netstat -i 2>/dev/null >/tmp/lsat1.lsat"; header = "Output from netstat -i showing Kernel interface statistics\n"; if ((dostuff(tempfile, filename, shellcode, header, html)) <0) { /* something went wrong */ perror(" Creation of list failed."); return(-1); } } /*check for routing*/ if ((system("which netstat 1>/dev/null 2>/dev/null > /dev/null")) == 0) { shellcode = "netstat -rn 2>/dev/null >/tmp/lsat1.lsat"; header = "Output from netstat -rn showing current routing\n"; if ((dostuff(tempfile, filename, shellcode, header, html)) <0) { /* something went wrong */ perror(" Creation of list failed."); return(-1); } } } if (verbose > 0) { printf(" Finished module checknet.\n"); } return(0); } lsat-0.9.7.1/checknetforward.c0000644000175000001440000001257311007333550015453 0ustar number9users/************************************************/ /* This module checks to see that we are not */ /* doing IP forwarding on the local machine. */ /* It basically just checks the ip_forward and */ /* ip_dynaddr files for 0 and also the network */ /* file in /etc/sysconfig should contain the */ /* line: FORWARD_IPV4=FALSE.... */ /* */ /* See lsatmain.c for more details... */ /************************************************/ #include "lsatheader.h" #include #include #include int checknetforward(filename, distribution, verbose, html) const char *const filename; int distribution; int verbose; int html; { const char * header =NULL; if (verbose >= 0) { printf(" Running checknetforward module...\n"); } if (verbose > 0) { printf(" Checking for existance of forwards...\n"); } /* on redhat/mandrake/slack check /proc/sys/net/ipv4/ip_forward */ /* & ip_dynaddr also check /etc/sysconfig/network */ if ((distribution != 3) && (distribution != 5)) { if (verbose > 0) { printf(" Checking ip_forward...\n"); } if ((system("grep 0 /proc/sys/net/ipv4/ip_forward 1>/dev/null 2>/dev/null")) != 0) { /* no 0 in ip_forward */ header = "\nLooks like ip_forward is enabled on this system\nensure /proc/sys/net/ipv4/ip_forward\ncontains a 0 only as its entry.\n"; if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Writing to output failed."); return(-1); } } if (verbose > 0) { printf(" Checking network file...\n"); } /* first see if /etc/sysconfig/network exists... */ if ((system("test -r /etc/sysconfig/network 1>/dev/null 2>/dev/null")) == 0) { if ((system("grep FORWARD_IPV4=FALSE /etc/sysconfig/network 1>/dev/null 2>/dev/null")) !=0) { /* no FALSE for IPforwarding */ header = "Hrm, do not see FORWARD_IPV4=FALSE in network.\nMake sure that /etc/sysconfig/network\ncontains the line FORWARD_IPV4=FALSE\n"; if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Writing to output failed."); return(-1); } } } } /* Assume Solaris/SunOS */ if ((distribution == 3)) { if (verbose > 0) { printf(" Checking ip_forwarding.\n"); } if ((system("grep \'ip_forwarding 0\' /etc/rc2.d/S69inet 1>/dev/null 2>/dev/null")) != 0) { header = "Make sure that ip_forwarding is disabled\nin /etc/rc2.d/S69inet\n"; if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Writing to output failed."); return(-1); } } if (verbose > 0) { printf(" Checking ip_forwarding_src_routed.\n"); } if ((system("grep \'ip_forwarding_src_routed 0\' /etc/rc2.d/S69inet 1>/dev/null 2>/dev/null")) != 0) { header = "Make sure that ip_forwarding_src_routed is disabled\nin /etc/rc2.d/S69inet\n"; if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Writing to output failed."); return(-1); } } if (verbose > 0) { printf(" Checking ip_forwarding_directed_broadcast\n"); } if ((system("grep \'ip_forwarding_directed_broadcast 0\' /etc/rc2.d/S69inet 1>/dev/null 2>/dev/null")) != 0) { header = "Make sure that ip_forwarding_directed_broadcast is disabled\nin /etc/rc2.d/S69inet\n"; if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Writing to output failed."); return(-1); } } if (verbose > 0) { printf(" Checking norouter file.\n"); } if ((system("cat /etc/norouter 1>/dev/null 2>/dev/null")) != 0) { header = "Please touch /etc/norouter\n"; if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Writing to output failed."); return(-1); } } if (verbose > 0) { printf(" Checking defaultrouter file.\n"); } if ((system("cat /etc/defaultrouter 1>/dev/null 2>/dev/null")) != 0) { header = "Please touch (at least) /etc/defaultrouter\n"; if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Writing to output failed."); return(-1); } } } if (distribution == 5) { /* Mac OSX */ if ((system("grep IPFORWARDING /etc/hostconfig | grep YES 1>/dev/null 2>/dev/null")) != 0) { /* it should be no in that case... good*/ header = "IPFORWARDING not enabled...good.\n"; } else { header = "IPFORWARDING is enabled!\nEdit /etc/hostconfig to disable.\n"; } if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Writing to output failed."); return(-1); } } if (verbose > 0) { printf(" Finished module checknetforward.\n"); } return(0); } lsat-0.9.7.1/checknetp.c0000644000175000001440000000511711007333550014242 0ustar number9users/****************************************/ /* This is the checknetpromis module for*/ /* lsat. It checks to see if the ethX */ /* is in promisuous mode... */ /* */ /* See lsatmain.c for calling function. */ /****************************************/ #include "lsatheader.h" #include #include #include #include int checknetp(kernel, filename, distribution, verbose, html) char kernel[]; const char *const filename; int distribution; int verbose; int html; { const char * header =NULL; const char * tempfile =NULL; char kernver[3][4]={"2.2", "2.4", "2.6"}; if (verbose >= 0) { printf(" Running checknetpromisc module...\n"); } if (verbose > 0) { printf(" Checking for promiscuous mode...\n"); } if ((distribution != 3) && (distribution != 5)) { /* we are on linux... */ /* note we need to check how to do this on */ /* solaris and the like so it should not */ /* be run at all from lsatmain... */ /* ... therefore the above check is redundant */ /* if we are on a 2.6 or greater kernel, */ /* this does not work. Check that first... */ if ((strcmp(kernel,kernver[2]))== 0) { /*we are on 2.6, uhoh */ header = "You are on a 2.6 kernel, you must check syslog\n to see if you are in promisc mode\n"; } else { /* we are on something else */ if ((system("test -x /sbin/ip")) == 0) { if ((system("/sbin/ip link show|grep -e PROMISC|cut -d':' -f 2 2>/dev/null >> /tmp/lsat1.lsat")) == 0) { header = "These network interfaces found to be in promisc mode using /sbin/ip.\n"; } else { header = "No interfaces found in promiscuous mode. Good.\n"; } } else { if ((system("/sbin/ifconfig |grep -B 2 PROMISC 2>/dev/null |grep Link 2>/dev/null |awk -F" " 'length($1) > 0 {print $1}' 2>/dev/null >> /tmp/lsat1.lsat")) == 0) { header = "No interfaces found in promisc mode. Good.\n"; } } tempfile = "/tmp/lsat1.lsat"; if ((dostuff(tempfile, filename, 0, header, html)) < 0) { /* rhut-rho...something bad happened */ perror(" Creation of list failed."); return(-1); } } /* end of else...*/ /* now we write out our heder with no tempfile */ if ((dostuff(0, filename, 0, header, html)) <0) { perror("Creation of list failed."); return(-1); } } if (verbose > 0) { printf(" Finished in checkpromisc module.\n"); } return(0); } lsat-0.9.7.1/checkopenfiles.c0000644000175000001440000000602611007333550015260 0ustar number9users/********************************************/ /* This will check open files on the */ /* system using lsof. This is a little */ /* out of control, but doing this and */ /* comparing to a previous output could */ /* prove to be useful. */ /* */ /* this module will later be expanded to */ /* write a temp file in the CWD, and then */ /* upon subsequent runs, it will diff them */ /* and print that output. That would prove */ /* much more useful. */ /* */ /* See lsatmain.c for more details. */ /********************************************/ #include "lsatheader.h" #include #include #include int checkopenfiles(filename, distribution, verbose, html) const char *const filename; int distribution; int verbose; int html; { const char * header =NULL; const char * tempfile =NULL; const char * shellcode=NULL; int lsof_installed = 0; if (verbose >= 0) { printf(" Running checkopenfiles module...\n"); } /* it was noted that some distros do not install lsof by */ /* default, mainly gentoo... we therefore check here. */ if (distribution != 3) { if ((system("lsof -i 1>/dev/null 2>/dev/null >/dev/null")) != 0 ) { /* perhaps lsof is not installed */ header = "lsof is not installed on this system,\nor it is not in the path,\nor I just can not find it.\ncheckopenfiles was not run.\n"; lsof_installed = 1; } } /* this is rediculous. If Solaris, we don't know if lsof is */ /* installed, however, which does not seem to return a value*/ /* and the shell does not seem to want to either on calling */ /* a command that is not there... we therefore do this. */ /* QOTD: we ran find already, so it should be fast... */ if (distribution == 3) { if ((system("find / -name lsof 1>/dev/null 2>/dev/null >/dev/null")) != 0) /* then we think lsof is not installed or not in the path */ { header = "lsof is not installed on this system,\nor it is not in the path,\nor I just can not find it.\ncheckopenfiles was not run.\n"; lsof_installed = 1; } } if (lsof_installed == 0) { header = "This is the lsof output, diff this against a previous run.\n"; tempfile = "/tmp/lsat1.lsat"; shellcode = "lsof -i 2>/dev/null >>/tmp/lsat1.lsat"; if ((dostuff(tempfile, filename, shellcode, header, html)) < 0) { /* something went wrong */ perror(" Creation of list failed."); return(-1); } } if (lsof_installed == 1) { if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Creation of list failed."); return(-1); } } if (verbose > 0) { printf(" Finished in checkopenfiles module.\n"); } return(0); } lsat-0.9.7.1/checkpasswd.c0000644000175000001440000001727711007333550014607 0ustar number9users/****************************************/ /* This is the checkpasswd module for */ /* the lsatmain.c program. It checks */ /* the /etc/passwd file for entries... */ /* makes sure only root is setuid 0 */ /* checks for accounts that should be */ /* terminated. */ /* */ /* under linux also runs pwck and grpck */ /* to check passwd and groups for */ /* entries that can be deleted... */ /* */ /* see lsatmain.c for more details */ /****************************************/ #include "lsatheader.h" #include #include #include #include #include #include #include int checkpasswd(filename, distribution, verbose, html) const char *const filename; int distribution; int verbose; int html; { char *passptr; /* ptr to passwd file */ /* note we use awk to get only the first entry in */ /* the passwd list... we ass|u|me that a username */ /* will be < 40 chars. :O => line[40] */ char line[40]; /* array for a line */ char temparray[2][128]; /*temparray. */ int j=0; /* counter variable */ int field; /* field counter */ int fileval; /* return val */ const char * tmp_file = "/tmp/lsat2.lsat"; /* temp file for storage */ const char * tempfile =NULL; const char * shellcode=NULL; const char * header =NULL; /* NOT a comprehensive list yet. */ /* just making sure this works... */ char acctlist[13][10] = {"cyrus", "lp", "uucp", "nuucp", "smtp", "listen", "man", "news", "noacces", "nobody4", "nut", "sync", "vpopmail"}; /* num of entries in above list */ int acctlistnum = 13; FILE *passfile; /* file pointer to templist file */ FILE *fileptr; if (verbose >= 0) { printf(" Running checkpasswd module...\n"); } if (verbose > 0) { printf(" Checking passwd file...\n"); } /* ok, lets make one pass through the passwd */ /* note here we only pull the 1st field, which */ /* is the "account" name in /etc/passwd. */ shellcode = "cat /etc/passwd |awk -F\":\" 'length($1) > 0 {print $1}' |grep -v \\# 1>/dev/null 2>/dev/null >/tmp/lsat1.lsat"; tempfile = "/tmp/lsat1.lsat"; if ((dostuff(tempfile, 0, shellcode, 0, html)) < 0) { perror(" Creation of list failed."); return(-1); } /* open the newly created file */ passfile=fopen("/tmp/lsat1.lsat", "r"); if (passfile == NULL) { perror(" Can't open templist...\n"); perror(" Strange, we just created that file...\n"); perror(" Giving up in checkpasswd...\n"); return(-1); } /* create a temp file for storage */ if ((fileptr = fopen(tmp_file, "a")) == NULL) { perror(" Could not open temp file...\n"); perror(" Possible link attack while creating/opening file!\n"); perror(" Bailing in checkpasswd...\n"); exit(-1); } /* Note: IIRC, strtok can not be nested if you */ /* are going to take another token on each one */ /* i.e. in checkrpms.c it works since we only */ /* strtok once on the outside loop since we */ /* are guarenteed there is only one line in the*/ /* file since that is how we created it. That */ /* is not the case here.... */ /* we therefore only grab one filed from the */ /* passwd file at a time and print that out. */ /* here we are checking accounts on the system */ if (verbose > 0) { printf(" Parsing passwd entries.\n"); } while (fgets(line, sizeof(line), passfile) != NULL) { field = 0; passptr = strtok(line, ", \n"); /* if not while. we guarentee not more than */ /* one entry per line with the cat - awk */ /* denote also we assume that an account */ /* name is no more than 127 chars... */ if (passptr != NULL) { if (sscanf(passptr, "%127s", temparray[1]) < 1) { perror(" sscanf failed.\n"); perror(" Failure was in module: checkpasswd.\n"); return(-1); } /* check that field against the account list */ for (j = 0; j < acctlistnum; j++) { if ((strcmp(temparray[1], acctlist[j])) == 0) { /* match */ fprintf(fileptr,"%s\n", temparray[1]); } } passptr = strtok(NULL, ", \n"); if (passptr == NULL) { ; } } /* end while (passptr != NULL) */ } /* end while (fgets...) */ /* close input file */ fclose(passfile); /* rm the tempfile, dostuff will use other one */ remove(tempfile); /* close the tmpfile */ fclose(fileptr); close(fileval); /* note dostuff below will rm tmpfile */ header = "Please consider removing these system accounts.\nCheck to see if you need them for your system applications before removing.\nAlso, consult the securitylinks.txt file for more information.\n"; if ((dostuff(tmp_file, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Write to outfile failed."); return(-1); } /* check UID field of passwd file... */ if (verbose > 0) { printf(" Checking UIDs in passwd file...\n"); } /* Don't forget to change tmpfile back... */ tempfile = "/tmp/lsat1.lsat"; header = "The following accounts are SUID 0 in /etc/passwd.\nRemove if needed.\n"; shellcode = "awk -F: '($3 == 0) {print $1}' /etc/passwd | grep -v root 1>/dev/null 2>/dev/null >/tmp/lsat1.lsat"; if ((dostuff(tempfile, filename, shellcode, header, html)) < 0) { /* something went wrong */ perror(" Creation of list failed."); return(-1); } /* now we will check for legacy "+" entries */ header = "Remove the following entries (if any) from the\n respective passwd/group file(s)\n"; if (distribution != 3) { /* we are not on solaris... go for it */ shellcode = "grep ^+: /etc/passwd /etc/shadow /etc/group 1>/dev/null 2>/dev/null >/tmp/lsat1.lsat"; } else { /* we are on solaris... */ shellcode = "/usr/xpg4/bin/egrep \\^\\[+:\\] /etc/passwd /etc/shadow /etc/group 1>/dev/null 2>/dev/null >/tmp/lsat1.lsat"; } if ((dostuff(tempfile, filename, shellcode, header, html)) < 0) { /* something went wrong */ perror(" Write to outfile failed."); return(-1); } /* now we check for accounts with empty passwords */ header = "The following accounts have no/empty passwords\n"; shellcode = "awk -F: '($2 == \"\") {print $1}' /etc/shadow 1>/dev/null 2>/dev/null >/tmp/lsat1.lsat"; if ((dostuff(tempfile, filename, shellcode, header, html)) < 0) { /* something went wrong */ perror(" Write to outfile failed."); return(-1); } if ((system("test -r /usr/sbin/pwck")) == 0) { header = "Output of pwck, note non existent directories, etc\n"; shellcode = "/usr/sbin/pwck -r 2>/dev/null >/tmp/lsat1.lsat"; if ((dostuff(tempfile, filename, shellcode, header, html)) < 0) { /* something went wrong */ perror(" Write to outfile failed."); return(-1); } } if ((system("test -r /usr/sbin/grpck")) == 0) { header = "Output of grpck, note groups it think should be deleted.\n"; shellcode = "/usr/sbin/grpck -r 2>/dev/null >/tmp/lsat1.lsat"; if ((dostuff(tempfile, filename, shellcode, header, html)) < 0) { /* something went wrong */ perror(" Write to outfile failed."); return(-1); } } if (verbose > 0) { printf(" Finished in checkpasswd module.\n"); } return(0); } lsat-0.9.7.1/checkpkgs.c0000644000175000001440000001511711007333550014241 0ustar number9users/****************************************/ /* This is the checkpkgs module for the */ /* lsatmain.c program. It checks the */ /* currently installed pkgs against a */ /* (somewhat small) list of unwanted */ /* rpms. It then prints out this list */ /* to the outfile. */ /* */ /* see lsatmain.c for more details */ /****************************************/ #include "lsatheader.h" #include #include #include #include #include int checkpkgs(distribution, filename, verbose, html) int distribution; const char *const filename; int verbose; int html; { /* note if distribution = 1, redhat */ /* if distribution = 2, debian */ /* if distribution = 4, gentoo */ /* if distribution = 3, solaris, not implemented yet */ char *templistptr; /* ptr to templist file */ char line[80]; /* array for a line */ char temp1[80]; /* temp char */ int i=0; /* counter variable */ int submatch=0; /* match flag */ /* list of rpms to check? */ /* NOT a comprehensive list yet. */ /* just making sure this works... */ char rpmlist[17][15] = {"bind", "identd", "lpd", "linuxconf", "netfs", "nfs", "portmap", "routed", "rstatd", "rusersd", "rwalld", "rwhod", "sendmail", "webmin", "ypbind", "yppasswdd", "ypserv"}; FILE *templist; /* file pointer to templist file */ FILE *fileptr; const char * tmp_file = "/tmp/lsat2.lsat"; /* tmp file for output */ const char * tempfile =NULL; const char * shellcode=NULL; const char * header =NULL; if (verbose >= 0) { printf(" Running checkpkgs module...\n"); } /* ok, if we are on Mac OSX, we (as of yet) have no * cool built in for this, so we basically bail out */ if (distribution == 5) { /* we are on Darwin */ ; } else { /* tempfile for either case */ /* note carefully, the above tmp_file is for the second tempfile */ tempfile = "/tmp/lsat1.lsat"; /* if distro = redhat, use rpm */ if (distribution == 1) { if (verbose > 0) { printf(" Generating list of rpms on system.\n"); } shellcode = "rpm -qa >> /tmp/lsat1.lsat"; if ((dostuff(tempfile, 0, shellcode, 0, html)) < 0) { /* rhut-rho...something bad happened */ perror(" Creation of list failed."); return(-1); } } /* if distro = debian, use dpkg */ if (distribution == 2) { if (verbose > 0) { printf(" Generating list of pkgs on system.\n"); } shellcode = "dpkg -l |awk -F\" \" 'length($2) > 0 {print $2}' 1>/dev/null 2>/dev/null >> /tmp/lsat1.lsat"; if ((dostuff(tempfile, 0, shellcode, 0, html)) < 0) { /* rhut-rho...something bad happened */ perror(" Creation of list failed."); return(-1); } } /* if distro = solaris, use pkginfo */ if (distribution == 3) { if (verbose > 0) { printf(" Generating list of pkgs on system.\n"); } shellcode = "pkginfo -x |awk -F" " 'length($1) > 0 {print $1}' 1>/dev/null 2>/dev/null >> /tmp/lsat1.lsat"; if ((dostuff(tempfile, 0, shellcode, 0, html)) < 0) { /* rhut-rho...something bad happened */ perror(" Creation of list failed."); return(-1); } } /* if distro = gentoo, use pkglist */ if (distribution == 4) { if (verbose > 0) { printf(" Generating list of pkgs on system.\n"); } shellcode = "/usr/lib/portage/bin/pkglist 2>/dev/null >>/tmp/lsat1.lsat"; if ((dostuff(tempfile, 0, shellcode, 0, html)) < 0) { /* rhut-rho...something bad happened */ perror(" Creation of list failed."); return(-1); } } /* if distro = slackware, use ls */ if (distribution == 6) /* JTO */ { if (verbose > 0) { printf(" Generating list of pkgs on system.\n"); /* JTO - changed 'rpms' to 'pkgs' */ } shellcode = "ls /var/log/packages >>/tmp/lsat1.lsat"; if ((dostuff(tempfile, 0, shellcode, 0, html)) < 0) { /* rhut-rho...something bad happened */ perror(" Creation of list failed."); return(-1); } } /* open the file we just made for read */ templist=fopen("/tmp/lsat1.lsat", "r"); if (templist == NULL) { perror(" Can't open /tmp/templist.txt!!\n"); perror(" Check perms or something...\n"); perror(" Error was in module: checkpkgs.\n"); return(-1); } /* create another tmp file for putting items in */ if ((fileptr = fopen(tmp_file, "a")) == NULL) { perror(" Could not create temporary file...\n"); perror(" Possible link attack while creating/opening file!\n"); exit(-1); } if (verbose > 0) { printf(" Checking rpm list...\n"); } /* ok, for each entry in rpmlist we want to */ /* check if that exitst in templist... */ /* to speed things up, we only read through */ /* templist once, for each line in it */ /* we compare to all in the rpmlist... */ while (fgets(line, sizeof(line), templist) != NULL) { templistptr = strtok(line, ", \n"); if (templistptr != NULL) { if (sscanf(templistptr, "%79s", temp1) < 1) { perror(" sscanf failed.\n"); perror(" Failure in module: checkpkgs.\n"); return(-1); } for (i=0; i<16; i++) { if (strstr(temp1, rpmlist[i]) != NULL) { /* substring matched */ /* set flag */ submatch = 1; /* print match out */ fprintf(fileptr, "%s\n", temp1); } } } } /* close the templist */ fclose(templist); /* rm it since dostuff will work with the second one */ remove(tempfile); /* close the second temp file */ fclose(fileptr); if (submatch == 1) { header = "Please consider removing these packages.\n"; } if (submatch == 0) { header = "No installed rpms matched my list of non-essentials. Good.\n"; } if ((dostuff(tmp_file, filename, 0, header, html)) < 0) { perror(" Write to outfile failed."); return(-1); } /* this curly ends the else from the start where we see if this is Mac OSX */ } if (verbose > 0) { printf(" Finished in checkpkgs module.\n"); } return(0); } lsat-0.9.7.1/checkrc.c0000644000175000001440000002145111007333550013677 0ustar number9users/****************************************/ /* This is the checkrc module for */ /* the lsatmain.c program. */ /* It checks /etc/rcn.d or */ /* /etc/rc.d/init.d depending on sys. */ /* It scans the startup scripts and */ /* compares them to a known list of */ /* scripts that one should not have. */ /* */ /* see lsatmain.c for more details */ /****************************************/ #include "lsatheader.h" #include #include #include #include int checkrc(release, kernel, distribution, filename, verbose, html) char release[]; /* 1st field of uname -a */ char kernel[]; /* 3rd field of uname -a */ int distribution; /* see lsatmain.c for details on this one */ const char *const filename; /* output file name */ int verbose; /* should we be verbose? */ int html; { char *rcptr; /* ptr to passwd file */ char line[30]; /* array for a line */ const int maxlist = 350; /* how many filenames we can handle*/ const int maxlength= 30; /* how long a filename may be*/ char temparray[maxlist][maxlength+1]; /*temparray. */ char kernver[4][6]={"2.2", "2.4", "SunOS", "2.6"}; /* kernel versions */ int i=0; /* counter variable */ int j=0; /* counter variable */ int osflag=1; /* what OS/kern are we at/on? */ /* 1= lnx2.2, 2=lnx2.4, 3=Solaris */ /* NOT a comprehensive list yet. */ /* Need to go over these to make sure...*/ /* Linux 2.x-2 kernel */ char lnx2list[14][14] = {"lpd", "inetd", "nfs", "nfslock", "nmb", "portmap", "rwalld", "rwhod", "rstatd", "sendmail", "smb", "ypbind", "ypasswd", "named"}; int lnx2listnum=14; /* how many items in above list? */ /* Linux 2.4 kernel */ char lnx4list[18][14] = {"S05kudzu", "S13portmap", "S14nfslock", "S20nfs", "S20rstatd", "S20rwalld", "S20rwhod", "S25netfs", "S34yppasswdd", "S50snmpd", "S60lpd", "S65identd", "S74ntpd", "S74ypserv", "S74ypxfrd", "S80sendmail", "S95anacron"}; int lnx4listnum=17; char sollist[9][12] = {"S71rpc", "S76smpdx", "S77dmi", "S99dtlogin", "S74autofs", "S88sendmail", "nfs.server", "nfs.client"}; int sollistnum=8; const char * header; const char * shellcode; const char * tempfile; FILE *outfile; /* output file pointer */ FILE *rcfile; /* file pointer to templist file */ if (verbose >= 0) { printf(" Running checkrc module...\n"); } /* since there is a location difference between */ /* kernel 2.2 and 2.4, we check the kernel */ /* release we are on. Also chekc for SunOS, */ /* which has a different naming convention */ if ((strcmp(kernel, kernver[0])) == 0) { /* kernel 2.2 */ osflag=1; } if ((strcmp(kernel, kernver[1])) == 0) { /* kernel 2.4 */ osflag=2; } if ((strcmp(release, kernver[2])) == 0) { /* SunOS */ osflag=3; } if ((strcmp(kernel, kernver[3])) == 0) { /* kernel 2.6, treat as 2.4 */ osflag=2; } /* note default is assume 2.2 style... */ if (verbose > 0) { printf(" Checking rc scripts...\n"); } header="Checking rc startup scripts:\n"; dostuff (NULL, filename, NULL, header, html); tempfile="/tmp/lsat1.lsat"; /* perform ls based on which sys we are on */ /* check for gentoo 1st, then check osflag on others */ if (distribution == 4) { shellcode="ls /etc/init.d/ 2>/dev/null >/tmp/lsat1.lsat"; } else { /* 2.2 sys... */ if (osflag == 1) { /*works for SuSE, but is supposed to be /init.d/ */ shellcode="ls /etc/rc.d/ 2>/dev/null >/tmp/lsat1.lsat"; /* do some double escapes so C will ignore them */ /* shellcode="find /etc/rc.d/ -exec basename \{\\} \\; 2>/dev/null >/tmp/lsat1.lsat; echo finished"; */ } /* 2.4 sys... */ /* note here we do same for Solaris. */ /* Sunos rc dirs are the same structure as 2.4, */ /* however, we need to know if it is Solaris */ /* due to the naming convention of the files */ /* in the rc directories on Solaris. */ if ((osflag == 2) || (osflag == 3) ) { /* we peform as two ls's here for ease of reading in */ /* the file since for example an ls / /usr will put */ /* extra blank lines and the directory name in to the */ /* output file... */ if (distribution == 6) /* JTO */ { shellcode = "ls /etc/rc.d 2>/dev/null >/tmp/lsat1.lsat"; } else { shellcode="ls /etc/rc2.d/ 2>/dev/null >/tmp/lsat1.lsat || ls /etc/rc3.d/ 2>/dev/null >/tmp/lsat1.lsat"; } } } /* end of else */ /* now we actually do something! */ dostuff(tempfile, NULL, shellcode, NULL, html); /* open the newly created file */ if ((rcfile=fopen("/tmp/lsat1.lsat", "r"))==NULL) { perror(" Can't open templist...\n"); perror(" Strange, we just created that file...\n"); perror(" Giving up in checkrc...\n"); return(-1); } /* open the outfile */ outfile=fopen(filename, "a"); if (outfile == NULL) { perror(" Can't open outfile!\n"); perror(" Check perms or something...\n"); perror(" Problem was in module checkrc.\n"); return(-1); } /* grab a line from the lsat1.lsat */ /* store it in the temparray */ while (fgets(line, sizeof(line), rcfile) != NULL) { rcptr = strtok(line, ", \n"); /* if not while. we guarentee not more than */ /* one entry per line */ if (rcptr != NULL) { /* increased %s from 30 to 60, */ /* as the names are large w/gentoo */ if (sscanf(rcptr, "%60s", temparray[i]) < 1) { perror(" sscanf failed.\n"); perror(" Failure was in module: checkrc.\n"); return(-1); } i++; if (i>maxlist) /* too much for the static list? */ { perror (" Error in checkrc: Too many files.\n"); return -1; } rcptr = strtok(NULL, ", \n"); if (rcptr == NULL) { ; } } /* end while (rcptr != NULL) */ } /* end while (fgets...) */ /* now we compare the entries in the temparray */ /* to the rc scripts that are problematic. */ /* note that we have three lists, one for 2.2 */ /* based kernels, one for 2.4 based kernels */ /* and one for SunOS/Solaris systems. */ /* linux 2.2 based system */ if (osflag==1) { for (i = 0; i < maxlist; i++) { for (j = 0; j < lnx2listnum; j++) { if ((strcmp(temparray[i], lnx2list[j])) == 0) { /* match */ fprintf(outfile, "%s\n", temparray[i]); } } } } /* linux 2.4 based system */ if (osflag == 2) { for (i = 0; i < maxlist; i++) { for (j = 0; j < lnx4listnum; j++) { if ((strcmp(temparray[i], lnx4list[j])) == 0) { /* match */ fprintf(outfile, "%s\n", temparray[i]); } } } } /* SunOS/Solaris based system */ if (osflag == 3) { for (i = 0; i < maxlist; i++) { for (j = 0; j < sollistnum; j++) { if ((strcmp(temparray[i], sollist[j])) == 0) { /* match */ fprintf(outfile, "%s\n", temparray[i]); } } } } /* print some footer information */ fprintf(outfile, "\n"); if (osflag == 1) { fprintf(outfile, "These services were found in /etc/rc.d/init.d\n"); } if ((osflag == 2) || (osflag == 3)) { if (distribution == 6) /* JTO */ { fprintf(outfile, "These services were found in /etc/rc.d\n"); } if (distribution == 4) /*gentoo*/ { fprintf(outfile, "These services were found in /etc/init.d/\n"); } else { fprintf(outfile, "These services were found in /etc/rc(2/3).d\n"); } } fprintf(outfile, "Consider removing or disabling unneeded services.\n"); fprintf(outfile, "****************************************\n"); /* clean up */ fclose(outfile); /* close input file */ fclose(rcfile); /* rm the input file */ if (system("rm -f /tmp/lsat1.lsat") < 0) { perror(" Can't rm tempfile??\n"); perror(" Strange, we made the file...\n"); perror(" Giving up in checkrc...\n"); return(-1); } if (verbose > 0) { printf(" Finished in checkrc module.\n"); } return(0); } lsat-0.9.7.1/checkrcperms.c0000644000175000001440000000475011007333550014751 0ustar number9users/*****************************************/ /* This is the checkrcperms.c module for */ /* lsat program. This module checks for */ /* files in /etc/rc.d/init.d without the */ /* permission 700. */ /* This module by Jose Morelli Neto, */ /* with added support for Solaris, gentoo*/ /* by Triode... */ /* */ /* See lsatmain.c for more details. */ /*****************************************/ #include "lsatheader.h" #include #include #include int checkrcperms(filename, distribution, verbose, html) const char *const filename; int distribution; int verbose; int html; { const char *const tempfile="/tmp/lsat1.lsat"; const char * shellcode; const char * header; /* Generate a list of files in /etc/rc.d/init.d */ /* That have permission equal 700 */ if (verbose >= 0) { printf(" Running checkrcperms module...\n"); } if (verbose > 0) { printf(" Checking files in init.d for perms...\n"); } if ((distribution == 1) || (distribution == 2)) { shellcode="find /etc/rc.d/init.d/ -type f ! \\( -perm 700 \\) -exec ls {} \\; | tee >/tmp/lsat1.lsat"; header ="This is a list of files in /etc/rc.d/init.d without permission 700\nWe recommend that you change the permission of this files to 700\n"; if ((dostuff(tempfile, filename, shellcode, header, html)) < 0) { /* something went wrong */ perror(" Error in module checkrcperms. Aborting."); return (-1); } } if ((distribution == 3) || (distribution == 4)) { /* we are on Solaris or gentoo */ shellcode="find /etc/init.d/ -type f ! \\( -perm 700 \\) -exec ls {} \\; | tee >/tmp/lsat1.lsat"; header = "This is a list of files in /etc/init.d that are not permission 700\nWe recommend that you change permissions to 700.\n"; if ((dostuff(tempfile, filename, shellcode, header, html)) < 0) { /* something went wrong */ perror(" Error in module checkrcperms. Aborting."); return (-1); } } if ((distribution == 5)) { /* we are on Mac OS X */ ; /* smile */ } if ((distribution == 6)) /* JTO */ { /* slack */ ; /* there is no init.d, we will check later on for states */ } if (verbose > 0) { printf(" Finished in checkrcperms module.\n"); } return(0); } lsat-0.9.7.1/checkrpm.c0000644000175000001440000000237511007333550014075 0ustar number9users/****************************************/ /* This is the checkrpm module for the */ /* LSAT program. It performs a rpm -Va */ /* on the system. Please read the */ /* README.checkrpm file for details. */ /****************************************/ #include "lsatheader.h" #include #include #include #include int checkrpm(filename, verbose, html) const char *const filename; int verbose; int html; { /* note if distribution = 1, redhat */ /* if distribution = 2, debian */ const char * tempfile =NULL; const char * shellcode=NULL; const char * header =NULL; if (verbose >= 0) { printf(" Running checkrpm module...\n"); } if (verbose > 0) { printf(" Checking rpm integrity...\n"); } tempfile = "/tmp/lsat1.lsat"; header = "Integrity check of rpm packages.\nPlease read README.redhat for more info.\n"; shellcode = "rpm -Va 2>/dev/null >/tmp/lsat1.lsat"; if ((dostuff(tempfile, filename, shellcode, header, html)) < 0) { /* rhut-rho...something bad happened */ perror(" Creation of list failed."); return(-1); } if (verbose > 0) { printf(" Finished in checkrpm module.\n"); } return(0); } lsat-0.9.7.1/checksecuretty.c0000644000175000001440000000353711007333550015327 0ustar number9users/********************************************/ /* this module does a (simple) check to see */ /* if ttys above 6 are on the system. */ /* In general, its a bad idea to have above */ /* 6, since root can log into them. root */ /* should only have console access... */ /* so also check for anything other than */ /* "tty" in the file... */ /* */ /* See lsatmain.c for more details. */ /********************************************/ #include "lsatheader.h" #include #include #include int checksecuretty(filename, verbose, html) const char *const filename; int verbose; int html; { const char * header =NULL; if (verbose >= 0) { printf(" Running checksecuretty module...\n"); } if ((system("grep tty7 /etc/securetty 1>/dev/null 2>/dev/null >/dev/null")) == 0) /* its in there. Keep in mind this is a simple check... */ { header = "/etc/securetty has tty's over 6.\nConsider disabeling all ttys over tty6 (console).\n"; if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Creation of list failed."); return(-1); } } if ((system("grep -v tty /etc/securetty 1>/dev/null 2>/dev/null >/dev/null")) ==0 ) /* some console other than tty is there, probably vty/n */ { header = "/etc/securetty has ttys other than the console.\nConsider removing any lines in /etc/securetty other than tty[1-6].\n"; if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Creation of list failed."); return(-1); } } if (verbose > 0) { printf(" Finished in checksecuretty module.\n"); } return(0); } lsat-0.9.7.1/checkset.c0000644000175000001440000000517211007333550014070 0ustar number9users/****************************************/ /* This is the checkset.c module for */ /* lsat program. This module checks for */ /* setuid and setgid files/dirs on the */ /* local system and prints them to the */ /* outfile. */ /* */ /* 4/5/2002, added code to check for */ /* files in /dev that do not belong */ /* */ /* See lsatmain.c for more details. */ /****************************************/ #include "lsatheader.h" #include #include #include int checkset(filename, verbose, html) const char *const filename; int verbose; int html; { const char *const tempfile="/tmp/lsat1.lsat"; const char * shellcode; const char * header; /* Generate a list of SUID/SGID files/dirs. */ /* This should be done from /, but use -xdev so */ /* that we don't traverse other filesystems. */ /* Note, we use -mount for compatibility with */ /* other versions of find. */ if (verbose >= 0) { printf(" Running checkset module...\n"); } if (verbose > 0) { printf(" Creating list of SUID files...\n"); printf(" Note: we are not traversing \"other\" filesystems.\n"); } shellcode="find / -mount -perm +4000 2>/dev/null | tee >/tmp/lsat1.lsat"; header ="This is a list of SUID files on the system:\n"; if ((dostuff(tempfile, filename, shellcode, header, html)) < 0) { /* something went wrong */ perror(" Error in module checkset. Aborting."); return (-1); } if (verbose > 0) { printf(" Creating list of SGID files and directories...\n"); printf(" Note: we are not traversing \"other\" filesystems.\n"); } shellcode="find / -mount -perm -2000 2>/dev/null | tee >/tmp/lsat1.lsat"; header ="This is a list of SGID files/directories on the system:\n"; if ((dostuff(tempfile, filename, shellcode, header, html)) < 0) { /* something went wrong */ perror(" Error in module checkset. Aborting"); return (-1); } if (verbose > 0) { printf(" Creating list of normal files in /dev...\n"); } /* Pass by /dev/{watchdog,MAKEDEV.ibcs,X0R} */ shellcode="find /dev -mount -type f 2>/dev/null|grep -v X0R 2>/dev/null|grep -v watchdog 2>/dev/null|grep -v MAKEDEV.ibcs 2>/dev/null| tee > /tmp/lsat1.lsat"; header ="List of normal files in /dev. MAKEDEV is ok, but there\nshould be no other files:\n"; if ((dostuff(tempfile, filename, shellcode, header, html)) < 0) { /* something went wrong */ perror(" Error in module checkset. Aborting"); return(-1); } if (verbose > 0) { printf(" Finished in checkset module.\n"); } return(0); } lsat-0.9.7.1/checkssh.c0000644000175000001440000002305211007335224014067 0ustar number9users/****************************************/ /* This is the chekssh module for */ /* the lsat program. It checks the */ /* /etc/ssh/sshd_config file for some */ /* entries... note this is hard coded */ /* for RedHat x.x... */ /* should be fine on Solaris 8,9, less */ /* the grep [:space:] stuffs... :O */ /* */ /* see lsatmain.c for more details */ /****************************************/ #include "lsatheader.h" #include #include #include #include int checkssh(filename, distribution, verbose, html) const char *const filename; int distribution; int verbose; int html; { const char * header =NULL; if (verbose >= 0) { printf(" Running checkssh module...\n"); } if (verbose > 0) { printf(" Checking ssh config file...\n"); } header = "sshd config file entries\nMake sure these are commented out."; if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Writing to outfile failed."); return(-1); } /* Mac OS X is a little different. I should make lsat look */ /* for the file instead of hardcoding it... hrmph */ /* note that on MacOSX the actual file is readable by all. */ /* this is a bad thing. Not sure why that is the default. */ if (distribution == 5) { /* we are on Darwin */ if (system("grep \"PermitRootLogin yes\" /etc/sshd_config 2>/dev/null |grep -Ev ^\\[:space:\\]*\\# 1>/dev/null 2>/dev/null") == 0 ) { header = "PermitRootLogin yes found in sshd config."; if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Writing to outfile failed."); return(-1); } } if (system("grep \"X11Forwarding yes\" /etc/sshd_config 2>/dev/null |grep -Ev \\[:space:\\]*\\# 1>/dev/null 2>/dev/null") == 0) { header = "X11 Forwarding is enabled in ssh config."; if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Writing to outfile failed."); return(-1); } } if (system("grep \"RhostsAuthentication yes\" /etc/sshd_config 2>/dev/null |grep -Ev \\[:space:\\]*\\# 1>/dev/null 2>/dev/null") == 0) { header = "RhostsAuthentication is enabled in ssh config."; if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Writing to outfile failed."); return(-1); } } if (system("grep \"PermitEmptyPasswords yes\" /etc/sshd_config 2>/dev/null |grep -Ev \\[:space:\\]*\\# 1>/dev/null 2>/dev/null") == 0) { header = "PermitEmptyPasswords is enabled in ssh config."; if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Writing to outfile failed."); return(-1); } } if (system("grep \"IgnoreRhosts yes\" /etc/sshd_config 2>/dev/null |grep -Ev \\[:space:\\]*\\# 1>/dev/null 2>/dev/null") == 0) { header = "IgnoreRhosts is not enabled in ssh config."; if ((dostuff(0, filename, 0, header, html)) > 0) { /* something went wrong */ perror(" Writing to outfile failed."); return(-1); } } if (system("grep \"StrictModes yes\" /etc/sshd_config 2>/dev/null |grep -Ev \\[:space:\\]*\\# 1>/dev/null 2>/dev/null") == 0) { header = "StrictModes is disabled in ssh config."; if ((dostuff(0, filename, 0, header, html)) > 0) { /* something went wrong */ perror(" Writing to outfile failed."); return(-1); } } /* end of if (distro != 5) */ } /* once again, I must check distro, as Solaris standard */ /* grep does not accept [:space:] as a regex... */ if ((distribution != 3) && (distribution != 5)) /* we are not on Solaris, go for it... */ { if (system("grep \"Protocol 2\" /etc/ssh/sshd_config 2>/dev/null |grep -Ev ^\\[:space:\\]*\\# 1>/dev/null 2>/dev/null") != 0) { header = "Protcol 2 not found in sshd config, or you are doing 1,2.\nChange to protcol 2 only."; if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Writing to outfile failed."); return(-1); } } if (system("grep \"PermitRootLogin yes\" /etc/ssh/sshd_config 2>/dev/null |grep -Ev ^\\[:space:\\]*\\# 1>/dev/null 2>/dev/null") == 0 ) { header = "PermitRootLogin yes found in sshd config."; if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Writing to outfile failed."); return(-1); } } if (system("grep \"X11Forwarding yes\" /etc/ssh/sshd_config 2>/dev/null |grep -Ev \\[:space:\\]*\\# 1>/dev/null 2>/dev/null") == 0) { header = "X11 Forwarding is enabled in ssh config."; if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Writing to outfile failed."); return(-1); } } if (system("grep \"RhostsAuthentication yes\" /etc/ssh/sshd_config 2>/dev/null |grep -Ev \\[:space:\\]*\\# 1>/dev/null 2>/dev/null") == 0) { header = "RhostsAuthentication is enabled in ssh config."; if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Writing to outfile failed."); return(-1); } } if (system("grep \"PermitEmptyPasswords yes\" /etc/ssh/sshd_config 2>/dev/null |grep -Ev \\[:space:\\]*\\# 1>/dev/null 2>/dev/null") == 0) { header = "PermitEmptyPasswords is enabled in ssh config."; if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Writing to outfile failed."); return(-1); } } if (system("grep \"IgnoreRhosts yes\" /etc/ssh/sshd_config 2>/dev/null |grep -Ev \\[:space:\\]*\\# 1>/dev/null 2>/dev/null") == 0) { header = "IgnoreRhosts is not enabled in ssh config."; if ((dostuff(0, filename, 0, header, html)) > 0) { /* something went wrong */ perror(" Writing to outfile failed."); return(-1); } } if (system("grep \"StrictModes yes\" /etc/sshd_config 2>/dev/null |grep -Ev \\[:space:\\]*\\# 1>/dev/null 2>/dev/null") == 0) { header = "StrictModes is disabled in ssh config."; if ((dostuff(0, filename, 0, header, html)) > 0) { /* something went wrong */ perror(" Writing to outfile failed."); return(-1); } } /* end of if (distro != 3) */ } if (distribution == 3) /* again, either I suck, or Solaris grep sucks, */ /* but I can not get Solaris grep or egrep to */ /* do [:space:]... hope for the best here... */ { if (system("grep \"Protcol 2\" /etc/ssh/sshd_config 2>/dev/null |grep -v \\# 1>/dev/null 2>/dev/null") != 0) { header = "Protcol 2 not found in sshd config, or you are doing 1,2.\nChange to protcol 2 only."; if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Writing to outfile failed."); return(-1); } } if (system("grep \"PermitRootLogin yes\" /etc/ssh/sshd_config 2>/dev/null |grep -v \\# 1>/dev/null 2>/dev/null") == 0 ) { header = "PermitRootLogin yes found in sshd config."; if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Writing to outfile failed."); return(-1); } } if (system("grep \"X11Forwarding yes\" /etc/ssh/sshd_config 2>/dev/null |grep -v \\# 1>/dev/null 2>/dev/null") == 0) { header = "X11 Forwarding is enabled in ssh config."; if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Writing to outfile failed."); return(-1); } } if (system("grep \"RhostsAuthentication yes\" /etc/ssh/sshd_config 2>/dev/null |grep -v \\# 1>/dev/null 2>/dev/null") == 0) { header = "RhostsAuthentication is enabled in ssh config."; if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Writing to outfile failed."); return(-1); } } if (system("grep \"PermitEmptyPasswords yes\" /etc/ssh/sshd_config 2>/dev/null |grep -v \\# 1>/dev/null 2>/dev/null") == 0) { header = "PermitEmptyPasswords is enabled in ssh config."; if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Writing to outfile failed."); return(-1); } } if (system("grep \"IgnoreRhosts yes\" /etc/ssh/sshd_config 2>/dev/null |grep \\# 1>/dev/null 2>/dev/null") == 0) { header = "IgnoreRhosts is not enabled in ssh config."; if ((dostuff(0, filename, 0, header, html)) > 0) { /* something went wrong */ perror(" Writing to outfile failed."); return(-1); } } if (system("grep \"StrictModes yes\" /etc/sshd_config 2>/dev/null |grep \\# 1>/dev/null 2>/dev/null") == 0) { header = "StrictModes is disabled in ssh config."; if ((dostuff(0, filename, 0, header, html)) > 0) { /* something went wrong */ perror(" Writing to outfile failed."); return(-1); } } /* end of if (distro == 3) */ } if (verbose > 0) { printf(" Finished in checkssh module.\n"); } return(0); } lsat-0.9.7.1/checkumask.c0000644000175000001440000000366711007333550014424 0ustar number9users/* This is the checkumask module for */ /* the lsatmain.c program. It checks */ /* It checks /etc/csh.login and profile */ /* for the umask setting. It makes sure */ /* that is it set at 022, 027 or 077. */ /* */ /* see lsatmain.c for more details */ /****************************************/ #include "lsatheader.h" #include #include #include #include #define utempi 200 /* added tingmy */ int checkumask(filename, verbose, html) const char *const filename; int verbose; int html; { const char * tempfile; const char * shellcode; const char * header; if (verbose >= 0) { printf(" Running checkumask module...\n"); } /* Note: After looking around at gentoo/redhat/etc I have decided to forego the check I used to be performing which was quite freakish, and just do a grep of all files in /etc and print out only the file and the matching umask found in it. The output will tell the user to check that file and umask setting. */ /* - I REALLY wanted to have "^[^#]\{1,\}.*umask[ ]\+.\{3,\}.*" ... - using "grep -he umask|grep -v ^#" isn't good either, no filenames... */ tempfile="/tmp/lsat1.lsat"; shellcode="grep -e umask /etc/* 2>/dev/null|grep -v bash_completion |grep -v fstab |grep -v :# 2>/dev/null |grep -v directory 2>/dev/null |grep -v if 2>/dev/null|awk -F\"umask\" 'length($1 $2) > 0 {print($1 $2)}' |grep -v octal >/tmp/lsat1.lsat"; header="Checking default umask on system:\n\nDefault umask should be 022, 027 or 077. 002 is ok for RedHat.\nHere are the filenames, and the umask number\nfound in each. Please read through the file and ensure that is what you want.\n"; if ((dostuff(tempfile, filename, shellcode, header, html)) < 0) { /* something went wrong */ perror(" Could not write to outfile."); return(-1); } if (verbose > 0) { printf(" Finished in checkumask module.\n"); } return(0); } lsat-0.9.7.1/checkwrite.c0000644000175000001440000000764411007333550014435 0ustar number9users/****************************************/ /* This is the checkwrite.c module for */ /* lsat program. This module checks for */ /* world/group writable files and dirs */ /* and prints them to the outfile. */ /* */ /* NOTE: this will miss some files if */ /* run as a non-root user. Not sure if */ /* you should run as root. :) */ /* */ /* See lsatmain.c for more details. */ /****************************************/ #include "lsatheader.h" #include #include #include int checkwrite(filename, distribution, verbose, html) const char *const filename; int distribution; int verbose; int html; { const char * tempfile =NULL; const char * shellcode=NULL; const char * header =NULL; if (verbose >= 0) { printf(" Running checkwrite module...\n"); } if (verbose > 0) { printf(" Creating list of world writable files...\n"); if (distribution != 5) { printf(" Note: we are not traversing \"other\" filesystems.\n"); } } /* Generate a list of world/group writables from / . -mount is used so that we don't traverse other filesystems. We use -mount instead of -xdev for compatibility with other versions of find. Note that Mac OSX does not have -mount, and the man claims that -x is the old -xdev... I am not so sure about that... WTF were they smoking? */ tempfile = "/tmp/lsat1.lsat"; if (distribution == 5) { /* OSX */ shellcode = "find / -type f -perm -o+w 2>/dev/null |tee >/tmp/lsat1.lsat"; } else { shellcode= "find / -mount -type f -perm -2 2>/dev/null | tee >/tmp/lsat1.lsat"; } header = "This is a list of world writable files\n"; if ((dostuff(tempfile, filename, shellcode, header, html)) < 0) { /* something went wrong */ perror(" Creation of list failed."); return (-1); } if (verbose > 0) { printf(" Creating list of world writable directories...\n"); printf(" Note: we are not traversing \"other\" filesystems.\n"); } tempfile = "/tmp/lsat1.lsat"; if (distribution == 5) { /* OSX */ shellcode = "find / -type f -perm -g+w 2>/dev/null |tee >/tmp/lsat1.lsat"; } else { shellcode= "find / -mount -type f -perm -20 2>/dev/null | tee > /tmp/lsat1.lsat"; } header = "This is a list of group writable files\n"; if ((dostuff(tempfile, filename, shellcode, header, html)) < 0) { /* something went wrong */ perror(" Creation of list failed."); return (-1); } if (verbose > 0) { printf(" Creating list of group writable directories...\n"); printf(" Note: we are not traversing \"other\" filesystems.\n"); } /* and now the directories */ tempfile ="/tmp/lsat1.lsat"; if (distribution == 5) { /* OSX */ shellcode = "find / -type d -perm -o+w 2>/dev/null |tee >/tmp/lsat1.lsat"; } else { shellcode="find / -mount -type d -perm -2 2>/dev/null | tee >/tmp/lsat1.lsat"; } header ="List of group writable directories:\n"; if ((dostuff(tempfile, filename, shellcode, header, html)) < 0) { /* something went wrong */ perror(" Creation of list failed."); return (-1); } tempfile ="/tmp/lsat1.lsat"; if (distribution == 5) { /* OSX */ shellcode = "find / -type d -perm -o+w 2>/dev/null |tee >/tmp/lsat1.lsat"; } else { shellcode = "find / -mount -type d -perm -20 2>/dev/null | tee >/tmp/lsat1.lsat"; } header ="List of world writable directories:\n"; if ((dostuff(tempfile, filename, shellcode, header, html)) < 0) { /* something went wrong */ perror(" Creation of list failed."); return (-1); } if (verbose > 0) { printf(" Finished in checkwrite module.\n"); } return(0); } lsat-0.9.7.1/checkwww.c0000644000175000001440000001625711007333550014127 0ustar number9users/****************************************/ /* This is the checkwww module for lsat */ /* It is not totally complete at the */ /* moment, but should check for SSIs and*/ /* CGI bins in the web server... */ /* also checks that root is not running */ /* the web server */ /* */ /* see lsatmain.c for more details */ /****************************************/ #include "lsatheader.h" #include #include #include #include int checkwww(filename, distribution, verbose, html) const char *const filename; int distribution; int verbose; int html; { const char * header =NULL; int execfound = 0; if (verbose >= 0) { printf(" Running checkwww module...\n"); } if (verbose > 0) { printf(" Checking www config files...\n"); } /* since apache is _mostly_ installed in /etc or /usr */ /* we will look there for the conf files. I suppose on*/ /* Solaris it could be in /opt. OTOH, it could be in */ /* any location, but then a find / would take time */ /* once again, Solaris std location grep can't hang */ /* with kewl regexes, so we make exceptions... */ if (distribution != 3) /* we are not on Solaris, go for it... */ { if (system("find /etc /usr -name commonapache.conf 2>/dev/null |xargs grep \"Options ExecCGI\" 2>/dev/null |grep -Ev ^\\[:space:\\]*\\# 1>/dev/null 2>/dev/null") == 0 ) { execfound = 1; header = "ExecCGIs were found in commonapache.conf."; if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Writing to outfile failed."); return(-1); } } if (system("find /etc /usr -name apache.conf 2>/dev/null |xargs grep \"Options ExecCGI\" >/dev/null |grep -Ev \\[:space:\\]*\\# 1>/dev/null 2>/dev/null") == 0) { execfound = 1; header = "ExecCGIs were found in apache.conf."; if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Writing to outfile failed."); return(-1); } } if (system("find /etc /usr -name httpd.conf 2>/dev/null |xargs grep \"Options ExecCGI\" 2>/dev/null |grep -Ev \\[:space:\\]*\\# 1>/dev/null 2>/dev/null") == 0) { execfound = 1; header = "ExecCGIs were found in httpd.conf."; if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Writing to outfile failed."); return(-1); } } /* end of if (distro != 3) */ } if (distribution == 3) /* once again, Solaris does not like [:space:] */ /* hope for the best here... */ { if (system("find /etc /usr -name commonapache.conf 2>/dev/null |xargs grep \"Options ExecCGI\" 2>/dev/null |grep -v \\# 1>/dev/null 2>/dev/null") == 0 ) { execfound = 1; header = "ExecCGIs were found in commonapache.conf."; if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Writing to outfile failed."); return(-1); } } if (system("find /etc /usr -name apache.conf 2>/dev/null |xargs grep \"Options ExecCGI\" >/dev/null |grep -v \\# 1>/dev/null 2>/dev/null") == 0) { execfound = 1; header = "ExecCGIs were found in apache.conf."; if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Writing to outfile failed."); return(-1); } } if (system("find /etc /usr -name httpd.conf 2>/dev/null |xargs grep \"Options ExecCGI\" 2>/dev/null |grep -v \\# 1>/dev/null 2>/dev/null") == 0) { execfound = 1; header = "ExecCGIs were found in httpd.conf."; if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Writing to outfile failed."); return(-1); } } /* end of if (distro == 3) */ } if (execfound == 1) { header = "Please ensure that the ExecCGIs in the apache \nconf files are needed.\nConsider the Options IncludeNoExec directive, or \ngetting rid of all ExecCGI directives."; if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Writing to outfile failed."); return(-1); } } if (execfound == 0) { header = "No ExecCGIs found. Good."; if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Writing to outfile failed."); return(-1); } } /* check that root/nobody is not running the */ /* web server. Note that we will have to look */ /* for apache and httpd... note also that this*/ /* is not going to work under Solaris. I will */ /* fix that later on... */ /* recall grep -v changes return code... */ /* Solaris ps not the same.... */ /* Hrm, for some reason this no workie on OSX */ /* will have to check this out later... */ if (distribution == 3) /* on Solaris */ { if (system("ps -ef |grep apache |awk -F\" \" 'length($1) > 0 {print $1}' |grep -v root |grep -v nobody 1>/dev/null 2>/dev/null") != 0) { header = "apache is being run as root or nobody. Look into this."; if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Writing to outfile failed."); return(-1); } } if (system("ps -ef |grep httpd |awk -F\" \" 'length($1) > 0 {print $1}' |grep -v root |grep -v nobody 1>/dev/null 2>/dev/null") != 0) { header = "httpd is being run as root or nobody. Look into this."; if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Writing to outfile failed."); return(-1); } } } else if (distribution == 6) { /* slackware */ if ((system("pgrep -u root httpd||apache 1>/dev/null 2>/dev/null") == 0) || (system("pgrep -u nobody httpd||apache 1>/dev/null 2>/dev/null") == 0)) { header = "apache is being run as root or nobody. Change this."; if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Writing to outfile failed."); return(-1); } } } else { /* assume Linux grep */ if (system("ps aux |grep -E \"apache|httpd\" |awk -F\" \" 'length($1) > 0 {print $1}' |grep root |grep nobody 1>/dev/null 2>/dev/null") == 0) { header = "apache is being run as root or nobody. Change this."; if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Writing to outfile failed."); return(-1); } } } if (verbose > 0) { printf(" Finished in checkwww module.\n"); } return(0); } lsat-0.9.7.1/checkx.c0000644000175000001440000000737111007333550013547 0ustar number9users/****************************************/ /* This is the checkx module for LSAT */ /* It will check for the nolisten option*/ /* in the X startup files */ /* */ /* See lsatmain.c for more details. */ /****************************************/ /* */ /* note: the user could put some command*/ /* options to startx on the command line*/ /* and therefore, we should check the */ /* ps output as well as xinitd and */ /* other places to make sure we at least*/ /* check most configs... */ /****************************************/ #include "lsatheader.h" #include #include #include int checkx(filename, verbose, html) const char *const filename; int verbose; int html; { const char * header =NULL; const char * tempfile =NULL; const char * shellcode=NULL; int listen; /* are we listening? :) */ listen = 1; if (verbose >= 0) { printf(" Running checkx module...\n"); } /* Check for X startup locations */ /* don't forget the user could be doing gdm or xdm */ if ((system("test -r /usr/X11R6/bin/startx")) == 0) { /* it exists, check it */ if ((system("grep -i defaultserverargs /usr/X11R6/bin/startx 2>/dev/null |grep \"nolisten tcp\" 1>/dev/null 2>/dev/null")) == 0) { listen = 0; header = "X is not listening for tcp, good.\n"; } } /* check gdm... */ if ((system("test -r /etc/X11/gdm/gdm.conf")) == 0) { if ((system("grep -i \"command=/usr/X11R6\" /etc/X11/gdm/gdm.conf 2>/dev/null |grep \"nolisten tcp\" 1>/dev/null 2>/dev/null")) == 0) { listen = 0; header = "X is not listening for tcp, good.\n"; } } /* check xdm and kdm... */ if ((system("test -r /etc/X11/xdm/Xservers")) == 0) { if ((system("grep -i \"command=/usr/X11R6\" /etc/X11/xdm/Xservers 2>/dev/null |grep \"nolisten tcp\" 1>/dev/null 2>/dev/null")) == 0) { listen = 0; header = "X is not listening for tcp, good.\n"; } } /* check fs... */ if ((system("test -r /etc/X11/fs/config")) == 0) { if ((system("grep -qi \"^no-listen = tcp\" /etc/X11/fs/config 1>/dev/null 2>/dev/null")) == 0) { listen = 0; header = "X is not listening for tcp, good.\n"; } } if (listen == 1) { /* found xconfig, but no -nolisten tcp */ header = "X seems to be listening for tcp connections.\nConsider turning this off with\n-nolisten tcp in your X startup file.\n"; } /* ok, call dostuff to print out the header */ /* to the output file... */ if ((dostuff(0, filename, 0, header, html)) < 0) { /* something went wrong */ perror(" Creation of list failed."); return (-1); } /* ok, check and see if startx is running, */ /* and print that out... this way we catch */ /* if the user started it from the CLI with */ /* some listen options. */ if ((system("ps -afl |grep startx 2>/dev/null |grep -v grep 1>/dev/null 2>/dev/null") == 0)) { /* we have found a startx in ps listing, print it out */ shellcode = "ps -afl |grep startx 2>/dev/null |grep -v grep 2>/dev/null >/tmp/lsat1.lsat"; header = "This is the actual startx command, with info.\nIf it contains a listen or vty or pty, etc,\nconsider changing command line options.\n"; tempfile = "/tmp/lsat1.lsat"; if ((dostuff(tempfile, filename, shellcode, header, html)) < 0) { /* something went wrong */ perror(" Creation of list failed."); return (-1); } } if (verbose > 0) { printf(" Finished in checkx module.\n"); } return(0); } lsat-0.9.7.1/configure0000755000175000001440000010445211007333550014043 0ustar number9users#! /bin/sh # Guess values for system-dependent variables and create Makefiles. # Generated automatically using autoconf version 2.13 # Copyright (C) 1992, 93, 94, 95, 96 Free Software Foundation, Inc. # # This configure script is free software; the Free Software Foundation # gives unlimited permission to copy, distribute and modify it. # Defaults: ac_help= ac_default_prefix=/usr/local # Any additions from configure.in: # Initialize some variables set by options. # The variables have the same names as the options, with # dashes changed to underlines. build=NONE cache_file=./config.cache exec_prefix=NONE host=NONE no_create= nonopt=NONE no_recursion= prefix=NONE program_prefix=NONE program_suffix=NONE program_transform_name=s,x,x, silent= site= srcdir= target=NONE verbose= x_includes=NONE x_libraries=NONE bindir='${exec_prefix}/bin' sbindir='${exec_prefix}/sbin' libexecdir='${exec_prefix}/libexec' datadir='${prefix}/share' sysconfdir='${prefix}/etc' sharedstatedir='${prefix}/com' localstatedir='${prefix}/var' libdir='${exec_prefix}/lib' includedir='${prefix}/include' oldincludedir='/usr/include' infodir='${prefix}/info' mandir='${prefix}/man' # Initialize some other variables. subdirs= MFLAGS= MAKEFLAGS= SHELL=${CONFIG_SHELL-/bin/sh} # Maximum number of lines to put in a shell here document. ac_max_here_lines=12 ac_prev= for ac_option do # If the previous option needs an argument, assign it. if test -n "$ac_prev"; then eval "$ac_prev=\$ac_option" ac_prev= continue fi case "$ac_option" in -*=*) ac_optarg=`echo "$ac_option" | sed 's/[-_a-zA-Z0-9]*=//'` ;; *) ac_optarg= ;; esac # Accept the important Cygnus configure options, so we can diagnose typos. case "$ac_option" in -bindir | --bindir | --bindi | --bind | --bin | --bi) ac_prev=bindir ;; -bindir=* | --bindir=* | --bindi=* | --bind=* | --bin=* | --bi=*) bindir="$ac_optarg" ;; -build | --build | --buil | --bui | --bu) ac_prev=build ;; -build=* | --build=* | --buil=* | --bui=* | --bu=*) build="$ac_optarg" ;; -cache-file | --cache-file | --cache-fil | --cache-fi \ | --cache-f | --cache- | --cache | --cach | --cac | --ca | --c) ac_prev=cache_file ;; -cache-file=* | --cache-file=* | --cache-fil=* | --cache-fi=* \ | --cache-f=* | --cache-=* | --cache=* | --cach=* | --cac=* | --ca=* | --c=*) cache_file="$ac_optarg" ;; -datadir | --datadir | --datadi | --datad | --data | --dat | --da) ac_prev=datadir ;; -datadir=* | --datadir=* | --datadi=* | --datad=* | --data=* | --dat=* \ | --da=*) datadir="$ac_optarg" ;; -disable-* | --disable-*) ac_feature=`echo $ac_option|sed -e 's/-*disable-//'` # Reject names that are not valid shell variable names. if test -n "`echo $ac_feature| sed 's/[-a-zA-Z0-9_]//g'`"; then { echo "configure: error: $ac_feature: invalid feature name" 1>&2; exit 1; } fi ac_feature=`echo $ac_feature| sed 's/-/_/g'` eval "enable_${ac_feature}=no" ;; -enable-* | --enable-*) ac_feature=`echo $ac_option|sed -e 's/-*enable-//' -e 's/=.*//'` # Reject names that are not valid shell variable names. if test -n "`echo $ac_feature| sed 's/[-_a-zA-Z0-9]//g'`"; then { echo "configure: error: $ac_feature: invalid feature name" 1>&2; exit 1; } fi ac_feature=`echo $ac_feature| sed 's/-/_/g'` case "$ac_option" in *=*) ;; *) ac_optarg=yes ;; esac eval "enable_${ac_feature}='$ac_optarg'" ;; -exec-prefix | --exec_prefix | --exec-prefix | --exec-prefi \ | --exec-pref | --exec-pre | --exec-pr | --exec-p | --exec- \ | --exec | --exe | --ex) ac_prev=exec_prefix ;; -exec-prefix=* | --exec_prefix=* | --exec-prefix=* | --exec-prefi=* \ | --exec-pref=* | --exec-pre=* | --exec-pr=* | --exec-p=* | --exec-=* \ | --exec=* | --exe=* | --ex=*) exec_prefix="$ac_optarg" ;; -gas | --gas | --ga | --g) # Obsolete; use --with-gas. with_gas=yes ;; -help | --help | --hel | --he) # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat << EOF Usage: configure [options] [host] Options: [defaults in brackets after descriptions] Configuration: --cache-file=FILE cache test results in FILE --help print this message --no-create do not create output files --quiet, --silent do not print \`checking...' messages --version print the version of autoconf that created configure Directory and file names: --prefix=PREFIX install architecture-independent files in PREFIX [$ac_default_prefix] --exec-prefix=EPREFIX install architecture-dependent files in EPREFIX [same as prefix] --bindir=DIR user executables in DIR [EPREFIX/bin] --sbindir=DIR system admin executables in DIR [EPREFIX/sbin] --libexecdir=DIR program executables in DIR [EPREFIX/libexec] --datadir=DIR read-only architecture-independent data in DIR [PREFIX/share] --sysconfdir=DIR read-only single-machine data in DIR [PREFIX/etc] --sharedstatedir=DIR modifiable architecture-independent data in DIR [PREFIX/com] --localstatedir=DIR modifiable single-machine data in DIR [PREFIX/var] --libdir=DIR object code libraries in DIR [EPREFIX/lib] --includedir=DIR C header files in DIR [PREFIX/include] --oldincludedir=DIR C header files for non-gcc in DIR [/usr/include] --infodir=DIR info documentation in DIR [PREFIX/info] --mandir=DIR man documentation in DIR [PREFIX/man] --srcdir=DIR find the sources in DIR [configure dir or ..] --program-prefix=PREFIX prepend PREFIX to installed program names --program-suffix=SUFFIX append SUFFIX to installed program names --program-transform-name=PROGRAM run sed PROGRAM on installed program names EOF cat << EOF Host type: --build=BUILD configure for building on BUILD [BUILD=HOST] --host=HOST configure for HOST [guessed] --target=TARGET configure for TARGET [TARGET=HOST] Features and packages: --disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no) --enable-FEATURE[=ARG] include FEATURE [ARG=yes] --with-PACKAGE[=ARG] use PACKAGE [ARG=yes] --without-PACKAGE do not use PACKAGE (same as --with-PACKAGE=no) --x-includes=DIR X include files are in DIR --x-libraries=DIR X library files are in DIR EOF if test -n "$ac_help"; then echo "--enable and --with options recognized:$ac_help" fi exit 0 ;; -host | --host | --hos | --ho) ac_prev=host ;; -host=* | --host=* | --hos=* | --ho=*) host="$ac_optarg" ;; -includedir | --includedir | --includedi | --included | --include \ | --includ | --inclu | --incl | --inc) ac_prev=includedir ;; -includedir=* | --includedir=* | --includedi=* | --included=* | --include=* \ | --includ=* | --inclu=* | --incl=* | --inc=*) includedir="$ac_optarg" ;; -infodir | --infodir | --infodi | --infod | --info | --inf) ac_prev=infodir ;; -infodir=* | --infodir=* | --infodi=* | --infod=* | --info=* | --inf=*) infodir="$ac_optarg" ;; -libdir | --libdir | --libdi | --libd) ac_prev=libdir ;; -libdir=* | --libdir=* | --libdi=* | --libd=*) libdir="$ac_optarg" ;; -libexecdir | --libexecdir | --libexecdi | --libexecd | --libexec \ | --libexe | --libex | --libe) ac_prev=libexecdir ;; -libexecdir=* | --libexecdir=* | --libexecdi=* | --libexecd=* | --libexec=* \ | --libexe=* | --libex=* | --libe=*) libexecdir="$ac_optarg" ;; -localstatedir | --localstatedir | --localstatedi | --localstated \ | --localstate | --localstat | --localsta | --localst \ | --locals | --local | --loca | --loc | --lo) ac_prev=localstatedir ;; -localstatedir=* | --localstatedir=* | --localstatedi=* | --localstated=* \ | --localstate=* | --localstat=* | --localsta=* | --localst=* \ | --locals=* | --local=* | --loca=* | --loc=* | --lo=*) localstatedir="$ac_optarg" ;; -mandir | --mandir | --mandi | --mand | --man | --ma | --m) ac_prev=mandir ;; -mandir=* | --mandir=* | --mandi=* | --mand=* | --man=* | --ma=* | --m=*) mandir="$ac_optarg" ;; -nfp | --nfp | --nf) # Obsolete; use --without-fp. with_fp=no ;; -no-create | --no-create | --no-creat | --no-crea | --no-cre \ | --no-cr | --no-c) no_create=yes ;; -no-recursion | --no-recursion | --no-recursio | --no-recursi \ | --no-recurs | --no-recur | --no-recu | --no-rec | --no-re | --no-r) no_recursion=yes ;; -oldincludedir | --oldincludedir | --oldincludedi | --oldincluded \ | --oldinclude | --oldinclud | --oldinclu | --oldincl | --oldinc \ | --oldin | --oldi | --old | --ol | --o) ac_prev=oldincludedir ;; -oldincludedir=* | --oldincludedir=* | --oldincludedi=* | --oldincluded=* \ | --oldinclude=* | --oldinclud=* | --oldinclu=* | --oldincl=* | --oldinc=* \ | --oldin=* | --oldi=* | --old=* | --ol=* | --o=*) oldincludedir="$ac_optarg" ;; -prefix | --prefix | --prefi | --pref | --pre | --pr | --p) ac_prev=prefix ;; -prefix=* | --prefix=* | --prefi=* | --pref=* | --pre=* | --pr=* | --p=*) prefix="$ac_optarg" ;; -program-prefix | --program-prefix | --program-prefi | --program-pref \ | --program-pre | --program-pr | --program-p) ac_prev=program_prefix ;; -program-prefix=* | --program-prefix=* | --program-prefi=* \ | --program-pref=* | --program-pre=* | --program-pr=* | --program-p=*) program_prefix="$ac_optarg" ;; -program-suffix | --program-suffix | --program-suffi | --program-suff \ | --program-suf | --program-su | --program-s) ac_prev=program_suffix ;; -program-suffix=* | --program-suffix=* | --program-suffi=* \ | --program-suff=* | --program-suf=* | --program-su=* | --program-s=*) program_suffix="$ac_optarg" ;; -program-transform-name | --program-transform-name \ | --program-transform-nam | --program-transform-na \ | --program-transform-n | --program-transform- \ | --program-transform | --program-transfor \ | --program-transfo | --program-transf \ | --program-trans | --program-tran \ | --progr-tra | --program-tr | --program-t) ac_prev=program_transform_name ;; -program-transform-name=* | --program-transform-name=* \ | --program-transform-nam=* | --program-transform-na=* \ | --program-transform-n=* | --program-transform-=* \ | --program-transform=* | --program-transfor=* \ | --program-transfo=* | --program-transf=* \ | --program-trans=* | --program-tran=* \ | --progr-tra=* | --program-tr=* | --program-t=*) program_transform_name="$ac_optarg" ;; -q | -quiet | --quiet | --quie | --qui | --qu | --q \ | -silent | --silent | --silen | --sile | --sil) silent=yes ;; -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb) ac_prev=sbindir ;; -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \ | --sbi=* | --sb=*) sbindir="$ac_optarg" ;; -sharedstatedir | --sharedstatedir | --sharedstatedi \ | --sharedstated | --sharedstate | --sharedstat | --sharedsta \ | --sharedst | --shareds | --shared | --share | --shar \ | --sha | --sh) ac_prev=sharedstatedir ;; -sharedstatedir=* | --sharedstatedir=* | --sharedstatedi=* \ | --sharedstated=* | --sharedstate=* | --sharedstat=* | --sharedsta=* \ | --sharedst=* | --shareds=* | --shared=* | --share=* | --shar=* \ | --sha=* | --sh=*) sharedstatedir="$ac_optarg" ;; -site | --site | --sit) ac_prev=site ;; -site=* | --site=* | --sit=*) site="$ac_optarg" ;; -srcdir | --srcdir | --srcdi | --srcd | --src | --sr) ac_prev=srcdir ;; -srcdir=* | --srcdir=* | --srcdi=* | --srcd=* | --src=* | --sr=*) srcdir="$ac_optarg" ;; -sysconfdir | --sysconfdir | --sysconfdi | --sysconfd | --sysconf \ | --syscon | --sysco | --sysc | --sys | --sy) ac_prev=sysconfdir ;; -sysconfdir=* | --sysconfdir=* | --sysconfdi=* | --sysconfd=* | --sysconf=* \ | --syscon=* | --sysco=* | --sysc=* | --sys=* | --sy=*) sysconfdir="$ac_optarg" ;; -target | --target | --targe | --targ | --tar | --ta | --t) ac_prev=target ;; -target=* | --target=* | --targe=* | --targ=* | --tar=* | --ta=* | --t=*) target="$ac_optarg" ;; -v | -verbose | --verbose | --verbos | --verbo | --verb) verbose=yes ;; -version | --version | --versio | --versi | --vers) echo "configure generated by autoconf version 2.13" exit 0 ;; -with-* | --with-*) ac_package=`echo $ac_option|sed -e 's/-*with-//' -e 's/=.*//'` # Reject names that are not valid shell variable names. if test -n "`echo $ac_package| sed 's/[-_a-zA-Z0-9]//g'`"; then { echo "configure: error: $ac_package: invalid package name" 1>&2; exit 1; } fi ac_package=`echo $ac_package| sed 's/-/_/g'` case "$ac_option" in *=*) ;; *) ac_optarg=yes ;; esac eval "with_${ac_package}='$ac_optarg'" ;; -without-* | --without-*) ac_package=`echo $ac_option|sed -e 's/-*without-//'` # Reject names that are not valid shell variable names. if test -n "`echo $ac_package| sed 's/[-a-zA-Z0-9_]//g'`"; then { echo "configure: error: $ac_package: invalid package name" 1>&2; exit 1; } fi ac_package=`echo $ac_package| sed 's/-/_/g'` eval "with_${ac_package}=no" ;; --x) # Obsolete; use --with-x. with_x=yes ;; -x-includes | --x-includes | --x-include | --x-includ | --x-inclu \ | --x-incl | --x-inc | --x-in | --x-i) ac_prev=x_includes ;; -x-includes=* | --x-includes=* | --x-include=* | --x-includ=* | --x-inclu=* \ | --x-incl=* | --x-inc=* | --x-in=* | --x-i=*) x_includes="$ac_optarg" ;; -x-libraries | --x-libraries | --x-librarie | --x-librari \ | --x-librar | --x-libra | --x-libr | --x-lib | --x-li | --x-l) ac_prev=x_libraries ;; -x-libraries=* | --x-libraries=* | --x-librarie=* | --x-librari=* \ | --x-librar=* | --x-libra=* | --x-libr=* | --x-lib=* | --x-li=* | --x-l=*) x_libraries="$ac_optarg" ;; -*) { echo "configure: error: $ac_option: invalid option; use --help to show usage" 1>&2; exit 1; } ;; *) if test -n "`echo $ac_option| sed 's/[-a-z0-9.]//g'`"; then echo "configure: warning: $ac_option: invalid host type" 1>&2 fi if test "x$nonopt" != xNONE; then { echo "configure: error: can only configure for one host and one target at a time" 1>&2; exit 1; } fi nonopt="$ac_option" ;; esac done if test -n "$ac_prev"; then { echo "configure: error: missing argument to --`echo $ac_prev | sed 's/_/-/g'`" 1>&2; exit 1; } fi trap 'rm -fr conftest* confdefs* core core.* *.core $ac_clean_files; exit 1' 1 2 15 # File descriptor usage: # 0 standard input # 1 file creation # 2 errors and warnings # 3 some systems may open it to /dev/tty # 4 used on the Kubota Titan # 6 checking for... messages and results # 5 compiler messages saved in config.log if test "$silent" = yes; then exec 6>/dev/null else exec 6>&1 fi exec 5>./config.log echo "\ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. " 1>&5 # Strip out --no-create and --no-recursion so they do not pile up. # Also quote any args containing shell metacharacters. ac_configure_args= for ac_arg do case "$ac_arg" in -no-create | --no-create | --no-creat | --no-crea | --no-cre \ | --no-cr | --no-c) ;; -no-recursion | --no-recursion | --no-recursio | --no-recursi \ | --no-recurs | --no-recur | --no-recu | --no-rec | --no-re | --no-r) ;; *" "*|*" "*|*[\[\]\~\#\$\^\&\*\(\)\{\}\\\|\;\<\>\?]*) ac_configure_args="$ac_configure_args '$ac_arg'" ;; *) ac_configure_args="$ac_configure_args $ac_arg" ;; esac done # NLS nuisances. # Only set these to C if already set. These must not be set unconditionally # because not all systems understand e.g. LANG=C (notably SCO). # Fixing LC_MESSAGES prevents Solaris sh from translating var values in `set'! # Non-C LC_CTYPE values break the ctype check. if test "${LANG+set}" = set; then LANG=C; export LANG; fi if test "${LC_ALL+set}" = set; then LC_ALL=C; export LC_ALL; fi if test "${LC_MESSAGES+set}" = set; then LC_MESSAGES=C; export LC_MESSAGES; fi if test "${LC_CTYPE+set}" = set; then LC_CTYPE=C; export LC_CTYPE; fi # confdefs.h avoids OS command line length limits that DEFS can exceed. rm -rf conftest* confdefs.h # AIX cpp loses on an empty file, so make sure it contains at least a newline. echo > confdefs.h # A filename unique to this package, relative to the directory that # configure is in, which we can look for to find out if srcdir is correct. ac_unique_file=checkhostsfiles.c # Find the source files, if location was not specified. if test -z "$srcdir"; then ac_srcdir_defaulted=yes # Try the directory containing this script, then its parent. ac_prog=$0 ac_confdir=`echo $ac_prog|sed 's%/[^/][^/]*$%%'` test "x$ac_confdir" = "x$ac_prog" && ac_confdir=. srcdir=$ac_confdir if test ! -r $srcdir/$ac_unique_file; then srcdir=.. fi else ac_srcdir_defaulted=no fi if test ! -r $srcdir/$ac_unique_file; then if test "$ac_srcdir_defaulted" = yes; then { echo "configure: error: can not find sources in $ac_confdir or .." 1>&2; exit 1; } else { echo "configure: error: can not find sources in $srcdir" 1>&2; exit 1; } fi fi srcdir=`echo "${srcdir}" | sed 's%\([^/]\)/*$%\1%'` # Prefer explicitly selected file to automatically selected ones. if test -z "$CONFIG_SITE"; then if test "x$prefix" != xNONE; then CONFIG_SITE="$prefix/share/config.site $prefix/etc/config.site" else CONFIG_SITE="$ac_default_prefix/share/config.site $ac_default_prefix/etc/config.site" fi fi for ac_site_file in $CONFIG_SITE; do if test -r "$ac_site_file"; then echo "loading site script $ac_site_file" . "$ac_site_file" fi done if test -r "$cache_file"; then echo "loading cache $cache_file" . $cache_file else echo "creating cache $cache_file" > $cache_file fi ac_ext=c # CFLAGS is not in ac_cpp because -g, -O, etc. are not valid cpp options. ac_cpp='$CPP $CPPFLAGS' ac_compile='${CC-cc} -c $CFLAGS $CPPFLAGS conftest.$ac_ext 1>&5' ac_link='${CC-cc} -o conftest${ac_exeext} $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS 1>&5' cross_compiling=$ac_cv_prog_cc_cross ac_exeext= ac_objext=o if (echo "testing\c"; echo 1,2,3) | grep c >/dev/null; then # Stardent Vistra SVR4 grep lacks -e, says ghazi@caip.rutgers.edu. if (echo -n testing; echo 1,2,3) | sed s/-n/xn/ | grep xn >/dev/null; then ac_n= ac_c=' ' ac_t=' ' else ac_n=-n ac_c= ac_t= fi else ac_n= ac_c='\c' ac_t= fi echo $ac_n "checking how to run the C preprocessor""... $ac_c" 1>&6 echo "configure:529: checking how to run the C preprocessor" >&5 # On Suns, sometimes $CPP names a directory. if test -n "$CPP" && test -d "$CPP"; then CPP= fi if test -z "$CPP"; then if eval "test \"`echo '$''{'ac_cv_prog_CPP'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else # This must be in double quotes, not single quotes, because CPP may get # substituted into the Makefile and "${CC-cc}" will confuse make. CPP="${CC-cc} -E" # On the NeXT, cc -E runs the code through the compiler's parser, # not just through cpp. cat > conftest.$ac_ext < Syntax Error EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" { (eval echo configure:550: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` if test -z "$ac_err"; then : else echo "$ac_err" >&5 echo "configure: failed program was:" >&5 cat conftest.$ac_ext >&5 rm -rf conftest* CPP="${CC-cc} -E -traditional-cpp" cat > conftest.$ac_ext < Syntax Error EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" { (eval echo configure:567: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` if test -z "$ac_err"; then : else echo "$ac_err" >&5 echo "configure: failed program was:" >&5 cat conftest.$ac_ext >&5 rm -rf conftest* CPP="${CC-cc} -nologo -E" cat > conftest.$ac_ext < Syntax Error EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" { (eval echo configure:584: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` if test -z "$ac_err"; then : else echo "$ac_err" >&5 echo "configure: failed program was:" >&5 cat conftest.$ac_ext >&5 rm -rf conftest* CPP=/lib/cpp fi rm -f conftest* fi rm -f conftest* fi rm -f conftest* ac_cv_prog_CPP="$CPP" fi CPP="$ac_cv_prog_CPP" else ac_cv_prog_CPP="$CPP" fi echo "$ac_t""$CPP" 1>&6 echo $ac_n "checking for ANSI C header files""... $ac_c" 1>&6 echo "configure:609: checking for ANSI C header files" >&5 if eval "test \"`echo '$''{'ac_cv_header_stdc'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < #include #include #include EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" { (eval echo configure:622: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` if test -z "$ac_err"; then rm -rf conftest* ac_cv_header_stdc=yes else echo "$ac_err" >&5 echo "configure: failed program was:" >&5 cat conftest.$ac_ext >&5 rm -rf conftest* ac_cv_header_stdc=no fi rm -f conftest* if test $ac_cv_header_stdc = yes; then # SunOS 4.x string.h does not declare mem*, contrary to ANSI. cat > conftest.$ac_ext < EOF if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | egrep "memchr" >/dev/null 2>&1; then : else rm -rf conftest* ac_cv_header_stdc=no fi rm -f conftest* fi if test $ac_cv_header_stdc = yes; then # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI. cat > conftest.$ac_ext < EOF if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | egrep "free" >/dev/null 2>&1; then : else rm -rf conftest* ac_cv_header_stdc=no fi rm -f conftest* fi if test $ac_cv_header_stdc = yes; then # /bin/cc in Irix-4.0.5 gets non-ANSI ctype macros unless using -ansi. if test "$cross_compiling" = yes; then : else cat > conftest.$ac_ext < #define ISLOWER(c) ('a' <= (c) && (c) <= 'z') #define TOUPPER(c) (ISLOWER(c) ? 'A' + ((c) - 'a') : (c)) #define XOR(e, f) (((e) && !(f)) || (!(e) && (f))) int main () { int i; for (i = 0; i < 256; i++) if (XOR (islower (i), ISLOWER (i)) || toupper (i) != TOUPPER (i)) exit(2); exit (0); } EOF if { (eval echo configure:689: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null then : else echo "configure: failed program was:" >&5 cat conftest.$ac_ext >&5 rm -fr conftest* ac_cv_header_stdc=no fi rm -fr conftest* fi fi fi echo "$ac_t""$ac_cv_header_stdc" 1>&6 if test $ac_cv_header_stdc = yes; then cat >> confdefs.h <<\EOF #define STDC_HEADERS 1 EOF fi echo $ac_n "checking for working const""... $ac_c" 1>&6 echo "configure:714: checking for working const" >&5 if eval "test \"`echo '$''{'ac_cv_c_const'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <j = 5; } { /* ULTRIX-32 V3.1 (Rev 9) vcc rejects this */ const int foo = 10; } ; return 0; } EOF if { (eval echo configure:768: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* ac_cv_c_const=yes else echo "configure: failed program was:" >&5 cat conftest.$ac_ext >&5 rm -rf conftest* ac_cv_c_const=no fi rm -f conftest* fi echo "$ac_t""$ac_cv_c_const" 1>&6 if test $ac_cv_c_const = no; then cat >> confdefs.h <<\EOF #define const EOF fi for ac_func in strstr do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 echo "configure:792: checking for $ac_func" >&5 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < /* Override any gcc2 internal prototype to avoid an error. */ /* We use char because int might match the return type of a gcc2 builtin and then its argument prototype would still apply. */ char $ac_func(); int main() { /* The GNU C library defines this for functions which it implements to always fail with ENOSYS. Some functions are actually named something starting with __ and the normal name is an alias. */ #if defined (__stub_$ac_func) || defined (__stub___$ac_func) choke me #else $ac_func(); #endif ; return 0; } EOF if { (eval echo configure:820: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else echo "configure: failed program was:" >&5 cat conftest.$ac_ext >&5 rm -rf conftest* eval "ac_cv_func_$ac_func=no" fi rm -f conftest* fi if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then echo "$ac_t""yes" 1>&6 ac_tr_func=HAVE_`echo $ac_func | tr 'abcdefghijklmnopqrstuvwxyz' 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'` cat >> confdefs.h <&6 fi done trap '' 1 2 15 cat > confcache <<\EOF # This file is a shell script that caches the results of configure # tests run on this system so they can be shared between configure # scripts and configure runs. It is not useful on other systems. # If it contains results you don't want to keep, you may remove or edit it. # # By default, configure uses ./config.cache as the cache file, # creating it if it does not exist already. You can give configure # the --cache-file=FILE option to use a different cache file; that is # what configure does when it calls configure scripts in # subdirectories, so they share the cache. # Giving --cache-file=/dev/null disables caching, for debugging configure. # config.status only pays attention to the cache file if you give it the # --recheck option to rerun configure. # EOF # The following way of writing the cache mishandles newlines in values, # but we know of no workaround that is simple, portable, and efficient. # So, don't put newlines in cache variables' values. # Ultrix sh set writes to stderr and can't be redirected directly, # and sets the high bit in the cache file unless we assign to the vars. (set) 2>&1 | case `(ac_space=' '; set | grep ac_space) 2>&1` in *ac_space=\ *) # `set' does not quote correctly, so add quotes (double-quote substitution # turns \\\\ into \\, and sed turns \\ into \). sed -n \ -e "s/'/'\\\\''/g" \ -e "s/^\\([a-zA-Z0-9_]*_cv_[a-zA-Z0-9_]*\\)=\\(.*\\)/\\1=\${\\1='\\2'}/p" ;; *) # `set' quotes correctly as required by POSIX, so do not add quotes. sed -n -e 's/^\([a-zA-Z0-9_]*_cv_[a-zA-Z0-9_]*\)=\(.*\)/\1=${\1=\2}/p' ;; esac >> confcache if cmp -s $cache_file confcache; then : else if test -w $cache_file; then echo "updating cache $cache_file" cat confcache > $cache_file else echo "not updating unwritable cache $cache_file" fi fi rm -f confcache trap 'rm -fr conftest* confdefs* core core.* *.core $ac_clean_files; exit 1' 1 2 15 test "x$prefix" = xNONE && prefix=$ac_default_prefix # Let make expand exec_prefix. test "x$exec_prefix" = xNONE && exec_prefix='${prefix}' # Any assignment to VPATH causes Sun make to only execute # the first set of double-colon rules, so remove it if not needed. # If there is a colon in the path, we need to keep it. if test "x$srcdir" = x.; then ac_vpsub='/^[ ]*VPATH[ ]*=[^:]*$/d' fi trap 'rm -f $CONFIG_STATUS conftest*; exit 1' 1 2 15 # Transform confdefs.h into DEFS. # Protect against shell expansion while executing Makefile rules. # Protect against Makefile macro expansion. cat > conftest.defs <<\EOF s%#define \([A-Za-z_][A-Za-z0-9_]*\) *\(.*\)%-D\1=\2%g s%[ `~#$^&*(){}\\|;'"<>?]%\\&%g s%\[%\\&%g s%\]%\\&%g s%\$%$$%g EOF DEFS=`sed -f conftest.defs confdefs.h | tr '\012' ' '` rm -f conftest.defs # Without the "./", some shells look in PATH for config.status. : ${CONFIG_STATUS=./config.status} echo creating $CONFIG_STATUS rm -f $CONFIG_STATUS cat > $CONFIG_STATUS </dev/null | sed 1q`: # # $0 $ac_configure_args # # Compiler output produced by configure, useful for debugging # configure, is in ./config.log if it exists. ac_cs_usage="Usage: $CONFIG_STATUS [--recheck] [--version] [--help]" for ac_option do case "\$ac_option" in -recheck | --recheck | --rechec | --reche | --rech | --rec | --re | --r) echo "running \${CONFIG_SHELL-/bin/sh} $0 $ac_configure_args --no-create --no-recursion" exec \${CONFIG_SHELL-/bin/sh} $0 $ac_configure_args --no-create --no-recursion ;; -version | --version | --versio | --versi | --vers | --ver | --ve | --v) echo "$CONFIG_STATUS generated by autoconf version 2.13" exit 0 ;; -help | --help | --hel | --he | --h) echo "\$ac_cs_usage"; exit 0 ;; *) echo "\$ac_cs_usage"; exit 1 ;; esac done ac_given_srcdir=$srcdir trap 'rm -fr `echo "Makefile" | sed "s/:[^ ]*//g"` conftest*; exit 1' 1 2 15 EOF cat >> $CONFIG_STATUS < conftest.subs <<\\CEOF $ac_vpsub $extrasub s%@SHELL@%$SHELL%g s%@CFLAGS@%$CFLAGS%g s%@CPPFLAGS@%$CPPFLAGS%g s%@CXXFLAGS@%$CXXFLAGS%g s%@FFLAGS@%$FFLAGS%g s%@DEFS@%$DEFS%g s%@LDFLAGS@%$LDFLAGS%g s%@LIBS@%$LIBS%g s%@exec_prefix@%$exec_prefix%g s%@prefix@%$prefix%g s%@program_transform_name@%$program_transform_name%g s%@bindir@%$bindir%g s%@sbindir@%$sbindir%g s%@libexecdir@%$libexecdir%g s%@datadir@%$datadir%g s%@sysconfdir@%$sysconfdir%g s%@sharedstatedir@%$sharedstatedir%g s%@localstatedir@%$localstatedir%g s%@libdir@%$libdir%g s%@includedir@%$includedir%g s%@oldincludedir@%$oldincludedir%g s%@infodir@%$infodir%g s%@mandir@%$mandir%g s%@CPP@%$CPP%g CEOF EOF cat >> $CONFIG_STATUS <<\EOF # Split the substitutions into bite-sized pieces for seds with # small command number limits, like on Digital OSF/1 and HP-UX. ac_max_sed_cmds=90 # Maximum number of lines to put in a sed script. ac_file=1 # Number of current file. ac_beg=1 # First line for current file. ac_end=$ac_max_sed_cmds # Line after last line for current file. ac_more_lines=: ac_sed_cmds="" while $ac_more_lines; do if test $ac_beg -gt 1; then sed "1,${ac_beg}d; ${ac_end}q" conftest.subs > conftest.s$ac_file else sed "${ac_end}q" conftest.subs > conftest.s$ac_file fi if test ! -s conftest.s$ac_file; then ac_more_lines=false rm -f conftest.s$ac_file else if test -z "$ac_sed_cmds"; then ac_sed_cmds="sed -f conftest.s$ac_file" else ac_sed_cmds="$ac_sed_cmds | sed -f conftest.s$ac_file" fi ac_file=`expr $ac_file + 1` ac_beg=$ac_end ac_end=`expr $ac_end + $ac_max_sed_cmds` fi done if test -z "$ac_sed_cmds"; then ac_sed_cmds=cat fi EOF cat >> $CONFIG_STATUS <> $CONFIG_STATUS <<\EOF for ac_file in .. $CONFIG_FILES; do if test "x$ac_file" != x..; then # Support "outfile[:infile[:infile...]]", defaulting infile="outfile.in". case "$ac_file" in *:*) ac_file_in=`echo "$ac_file"|sed 's%[^:]*:%%'` ac_file=`echo "$ac_file"|sed 's%:.*%%'` ;; *) ac_file_in="${ac_file}.in" ;; esac # Adjust a relative srcdir, top_srcdir, and INSTALL for subdirectories. # Remove last slash and all that follows it. Not all systems have dirname. ac_dir=`echo $ac_file|sed 's%/[^/][^/]*$%%'` if test "$ac_dir" != "$ac_file" && test "$ac_dir" != .; then # The file is in a subdirectory. test ! -d "$ac_dir" && mkdir "$ac_dir" ac_dir_suffix="/`echo $ac_dir|sed 's%^\./%%'`" # A "../" for each directory in $ac_dir_suffix. ac_dots=`echo $ac_dir_suffix|sed 's%/[^/]*%../%g'` else ac_dir_suffix= ac_dots= fi case "$ac_given_srcdir" in .) srcdir=. if test -z "$ac_dots"; then top_srcdir=. else top_srcdir=`echo $ac_dots|sed 's%/$%%'`; fi ;; /*) srcdir="$ac_given_srcdir$ac_dir_suffix"; top_srcdir="$ac_given_srcdir" ;; *) # Relative path. srcdir="$ac_dots$ac_given_srcdir$ac_dir_suffix" top_srcdir="$ac_dots$ac_given_srcdir" ;; esac echo creating "$ac_file" rm -f "$ac_file" configure_input="Generated automatically from `echo $ac_file_in|sed 's%.*/%%'` by configure." case "$ac_file" in *Makefile*) ac_comsub="1i\\ # $configure_input" ;; *) ac_comsub= ;; esac ac_file_inputs=`echo $ac_file_in|sed -e "s%^%$ac_given_srcdir/%" -e "s%:% $ac_given_srcdir/%g"` sed -e "$ac_comsub s%@configure_input@%$configure_input%g s%@srcdir@%$srcdir%g s%@top_srcdir@%$top_srcdir%g " $ac_file_inputs | (eval "$ac_sed_cmds") > $ac_file fi; done rm -f conftest.s* EOF cat >> $CONFIG_STATUS <> $CONFIG_STATUS <<\EOF exit 0 EOF chmod +x $CONFIG_STATUS rm -fr confdefs* $ac_clean_files test "$no_create" = yes || ${CONFIG_SHELL-/bin/sh} $CONFIG_STATUS || exit 1 lsat-0.9.7.1/dostuff.c0000644000175000001440000001163311007333550013750 0ustar number9users/* This is a function that does all the filehandling stuff for the lsat modules so that you don't have to reinvent the wheel every time you want to do something. After all we have to get rid off, eradicate and stamp out all kinds of redundancies. As arguments it takes four pointers to strings: tempfile, outfile, shellcode and header. Additionally, it takes one other argument, html, which is an int. Header can be NULL, then it simply will not be printed. One of the other pointers can be NULL as well. In this case refer to the following list: no NULL pointer default behaviour create tempfile run shellcode append header to outfile append tempfile to outfile delete tempfile outfile == NULL if you want to keep working with tempfile create tempfile run shellcode tempfile == NULL if you already have a tempfile and want to keep it run shellcode shellcode == NULL if you already got a tempfile but now you're finished append header to outfile append tempfile to outfile delete tempfile Special Case: just print the header to the outfile tempfile==shellcode==NULL append header to outfile html = 0 Output is normal html = 1 Output is in html format html = 2 First time we ran dostuff, print html header html = 3 Final part, print html footer Will return 0 on success and negative value on failure. */ #include #include #include #include "lsatheader.h" int dostuff (tempfile, outfile, shellcode, header, html) const char *const tempfile; const char *const outfile; const char *const shellcode; const char *const header; int html; { int fileval=0; /* return val */ char line[512]; /* for reading lines */ FILE *out; /* file pointer for outfile */ FILE *tmp; /* file pointer for tempfile */ /* create a temp file for storage */ if ((tempfile!=NULL)&&(shellcode!=NULL)) { if ((fileval = open(tempfile, O_RDWR | O_CREAT | O_EXCL, 0600)) < 0) { perror(" Could not create temporary file...\n"); perror(" Possible link attack while creating/opening file!\n"); exit(-1); } } /* run the shellcode */ if (shellcode!=NULL) { if ((system(shellcode)) < 0 ) { perror(" Problem running the shellcode or writing to tempfile\n"); /* sanity check */ printf(" This was shellcode: %s\n",shellcode); return(-1); } } /* output the header (if given) and append tempfile to outfile and remove tempfile*/ if (outfile!=NULL) /* &&(tempfile!=NULL)) */ { /* open outfile for append */ out = fopen(outfile, "a"); if (out == NULL) { perror(" Error opening outfile!\n"); return(-1); } /* print header to outfile if given */ /* Check to see if html = 1; if it is, do html. */ if (!(header==NULL)) { /* if html = 2, this is the first time we print anything */ /* so we want to print the html headers... */ if (html == 2) { fprintf(out, "\n"); fprintf(out, "\n"); fprintf(out, "\n"); fprintf(out, "LSAT output page\n"); fprintf(out, "\n"); fprintf(out, "\n"); fprintf(out, "
\n"); fprintf(out, "

LSAT output page

\n"); fprintf(out, "

\n
\n");
	}
	/* if html == 1 the user wants all parts in html  */
	if (html == 1)
	{
	    fprintf(out, "
\n");
	    fprintf(out, "\n");
	    fprintf(out, "%s\n", header);
	    fprintf(out, "\n");
	}
        /* no html, please  */
	if (html == 0)
	{
	    fprintf(out, "\n****************************************\n");
            fprintf(out, "%s\n", header);
	}
        /* if html == 3 this is the last one, but we still */
	/* need to print the last header... */
	if (html == 3)
	{
	    fprintf(out, "
\n");
            fprintf(out, "\n");
            fprintf(out, "%s\n", header);
            fprintf(out, "\n");
	    fprintf(out, "
\n\n\n"); } } /* do tempfile stuff if given */ if (tempfile!=NULL) { /* open tempfile for reading */ tmp = fopen(tempfile, "r"); if (tmp == NULL) { perror(" Error opening tempfile for read!\n"); fclose(out); return(-1); } /* append everything in tempfile to outfile */ /* note to self, mod this to use getline in the future. */ /* note2, fgets can crash here if sizeof(line) > 512. */ /* this is really bad, causes segfault... need fix. lazy. */ while (fgets(line, sizeof(line), tmp) != NULL) { fprintf(out, "%s", line); } /* close the tempfile and rm it */ fclose(tmp); remove(tempfile); } /* close up */ fclose(out); } return(0); } lsat-0.9.7.1/INSTALL0000644000175000001440000000473711007333550013172 0ustar number9users------------------------------------------------------ -INSTALL file for LSAT (Linux Security Auditing Tool)- ------------------------------------------------------ We assume that you have not even unpacked LSAT yet... kindof strange as this is the first set of instructions, but nevertheless, here we go... Dowload lsat-.tgz or .zip, depending on your preference and place it in any good looking directory. I prefer to put it in my home dir. You can use the built in "install" feature to install it where you want later. For the .tgz file: tar -xvzf lsat-.tgz For the .zip file: unzip lsat-.tgz cd lsat- ./configure make If configure complains, please send me an email. If you don't have configure, you probably need it. You could do a manual build by reading through the make file. Being as you are paranoid (you are using this right?) you have probably already checked the Makefile.in just to make sure I was not doing anything clever. :O To install lsat in /usr/local/bin do a make install To build the manpage do a make manpage To install the manpage do a make installman If you are modifying or building your own modules, you will find that make clean can come in really handy, so I included it for you. :) Developers may find a make cleanall really helpful. Read the Makefile for more details. To run lsat do a ./lsat For help and (up to date) command line options do a ./lsat -h Any number of options can be specified on the command line. This may take some time on older systems as it (at some point in time) does an rpm -qa while checking installed packages (pkginfo on Solaris). It also checks all SETUID and SETGID files on the system. On a system more "modern" than mine (80Mhz) it should not take long. The output is in the file in the directory where lsatmain was run and should be called lsat.out. If you have previously run lsatmain then the previous output will be moved to lsat.old. This is so that you may check your imcremental security improvements to the system. Ok, the documentation for LSAT is as follows: in order of how often they are modified: modules.html and README.modules - gives a nice descript of what each module does and also a primier on how to build modules. changelog - whats new, whats old. README - basic stuffs, sometimes added to. INSTALL - a new file, but I do not see it changing much. :) You can reach me (sometimes) at and othertimes at lsat-0.9.7.1/lsat.pod0000644000175000001440000000702411007333550013600 0ustar number9users# Let's see what happens here now =head1 NAME lsat - a security auditing tool =head1 SYNOPSIS B [OPTION] =head1 DESCRIPTION Linux Security Auditing Tool (LSAT) is a post install security auditing tool. It is modular in design, so new features can be added quickly. It checks inetd entries and scans for unneeded RPM packages. It is being expanded to work with Linux distributions other than Red Hat, and checks for kernel versions. Output is in lsat.out. On subsequent runs, previous output is in lsat.old. =head1 OPTIONS -d diff current and old md5 runs, output in lsatmd5.diff -m Force a specific distribution test Names are: redhat, debian, mandrake, solaris, gentoo -h Show LSAT help -a Show LSAT advanced help -o Output filename, default is last.out -r Check rpm integrity. RedHat or Mandrake only. -s Be silent. No output at all. -x Filename is a text file consisting of modules to exclude from being run. This should be a comma, tab or newline delimited file, with just the name(s) below one wishes to exclude. Module names (with a small description) are: bpass check for bootloader passwd cfg check runlevel daemons (redhat) dotfiles check for dotfiles files check for sticky bits, etc forward check for network forwarding ftpusers check ftpusers file for bad entries inetd check for unneeded services inittab check runlevel, etc. ipv4 check for other things in ipv4 issue check issue banner kbd check kbd/login perms limits check limits file logging check for enough logging md5 perform md5 of all files on sys modules check for loadable kern mod. net check network open check open files passwd check passwd file for bad entries perms check permissions on files pkgs check for unwanted packages promisc are we in promisc mode? rc check for unwanted rc files rpm perform rpm integrity check securetty check secure tty set check for SUID files ssh check ssh config startx check for tcp listening in X umask check default umask write check world read/write files www output in html -v Be verbose about it. -w Output file is in html format. =head1 MODULES Current modules are checkbpass, checkdotfiles, checkfiles, checkftpusers, checkhostsfiles, checkinetd, checkipv4, checkissue, checkkbd, checklimits, checkmodule, checkmd5, checknet, checknetforward, checknetp, checkopenfiles, checkpasswd, checkperms, checkpkgs, checkrc, checkrpm, checksecuretty, checkset, checkssh, checkumask, checkwrite and checkwww. A breif description is included in each module. Writing a module is fairly easy and straightforward. See README.modules for more information. =head1 LICENSE This software is licensed under the GNU/GPL, please see http://www.gnu.org for more details. =head1 BUGS Doesn't correct the problems that it discovers (yet). Running on Solaris is not fully functional. =head1 AUTHOR Robert Minvielle If that fails, lsat-0.9.7.1/lsatheader.h0000644000175000001440000001246411007333550014422 0ustar number9users/************************* header file for lsatmain.c *************************/ /* these are in lsatmain.c itself... */ void usage(); int findexclude(char xlisting[], int *xlist); int versions(char release[], char kernel[], int verbose); int lsatrm(void); /* end of list of funcs inside lsatmain.c itself */ /* dostuff does all sortfs of stuff, read it for details. */ int dostuff(const char *const tempfile, const char *const outfile, const char *const shellcode, const char *const header, int html); /* checks rpms against a list of unnecessary ones */ int checkpkgs(int distribution, const char *const filename, int verbose, int html); /* check /etc/inetd.conf file for entries. */ /* if running xinetd.d, check that. */ int checkinetd(const char *const outfile, int distribution, int verbose, int html); /* check that the default runlevel is not set to 5 */ int checkinittab(const char *const outfile, int distribution, int verbose, int html); /* if running inetd or xinetd.d, check that */ /* hosts.deny has ALL:ALL, at least. */ int checkhostsfiles(const char *const outfile, int verbose, int html); /* check for auth and authpriv facilities */ int checklogging(const char *const outfile, int distribution, int verbose, int html); /* check rpm integrity, only run if -r switch given */ int checkrpm(const char *const outfile, int verbose, int html); /* check SETUID/SETGID files on the sustem */ int checkset(const char *const outfile, int verbose, int html); /* check for world WRITABLE files and directories */ int checkwrite(const char *const outfile, int distribution, int verbose, int html); /* check for .exrc and .forward files */ int checkdotfiles(const char *const outfile, int verbose, int html); /* check for UID 0 other than root and unwated users */ int checkpasswd(const char *const outfile, int distribution, int verbose, int html); /* check for sticky bits on /tmp, /var/tmp */ /* this will do more later. */ int checkfiles(const char *const outfile, int verbose, int html); /* check for umask settings in /etc/ */ int checkumask(const char *const outfile, int verbose, int html); /* check for entries in /etc/ftpusers */ int checkftpusers(const char *const outfile, int verbose, int html); /* check for errors in ftp configs... */ int checkftp(const char *const outfile, int verbose, int distribution, int html); /* check rc files for unneeded ones */ int checkrc(char release[], char kernel[], int distribution, const char *const outfile, int verbose, int html); /* check for ctrl-alt-del (linux) or STOP-A (SunOS) disable */ int checkkbd(char release[], const char *const outfile, int verbose, int html); /* check for limits.conf file */ int checklimits(const char *const outfile, int verbose, int html); /* check for sshd config errors */ int checkssh(const char *const outfile, int distribution, int verbose, int html); /* check network ports we are listening on */ int checknet(const char *const outfile, int distribution, int verbose, int html); /* check for network forwarding */ int checknetforward(const char *const outfile, int distribution, int verbose, int html); /* print out all daemons in all runlevels for the user to inspect */ /* this is a redhat (and derivative) specific module... */ int checkcfg(const char *const outfile, int verbose, int html); /* do a lsof check. See checkopenfiles for details. */ /* this module will be expanded later on. */ int checkopenfiles(const char *const outfile, int distribution, int verbose, int html); /* this will check for /etc/issue and /etc/issue.net */ /* see the module for more details */ int checkissue(const char *const outfile, int verbose, int html); /* this checks for execcgis... should also check for SSIs later */ int checkwww(const char *const outfile, int distribution, int verbose, int html); /* this checks to see if kernel modules are enabled */ int checkmodules(const char *const outfile, int verbose, int html); /* this gives a list of all md5sums of all files on the system */ /* if run previously, the old list is called lsatmd5.old, the */ /* list generated by checkmd5 is called lsatmd5.out... */ int checkmd5(const char *const outfile, int distribution, int verbose, int html, int diff); /* check /etc/securetty for entries... */ int checksecuretty(const char *const outfile, int verbose, int html); /* check that files in /etc/rc.d/init.d are perm 700 */ int checkrcperms(const char *const outfile, int distribution, int verbose, int html); /* check that the network interfaces are not in promisc mode */ int checknetp(char kernel[], const char *const outfile, int distribution, int verbose, int html); /* check that the bootloaders are using passwords */ int checkbpass(int distribution, const char *const outfile, int verbose, int html); /* check some ipv4 stuffs in /proc */ int checkipv4(const char *const outfile, int verbose, int html); /* check to see if X is listening for tcp connections */ int checkx(const char *const outfile, int verbose, int html); /* Check for listening apps. See checklistening for details. */ /* will this module ever be expanded later on? */ int checklistening(const char *const outfile, int distribution, int verbose, int html); /* perform some very basic disk checking, like mounted */ /* filesystems and current disk usage. Will expand this later */ int checkdisk(const char *outfile, int verbose, int html); lsat-0.9.7.1/lsatmain.c0000644000175000001440000011126311007333550014106 0ustar number9users/************************************************************************/ /* This is the main file for lsat */ /* It contains the main program and also does two checks of its own. */ /* It gives the user some usage info (perhaps) and will check the */ /* kernel version and release level of software running on the box. */ /* */ /* Current release is 0.9.0. */ /* Project started on 04/01/2002 */ /* homepage: http://www.dimlight.org/lsat */ /* changelog: http://www.dimlight.org/lsat/changelog.html */ /* */ /* This software Licensed under the GNU General Public License */ /* see the bottom of this file for details. */ /* */ /* This program is _supposed_ to be modular in nature. That is to say: */ /* all security checks are sub-functions called from this main prog. */ /* */ /************************************************************************/ /****************/ /* Includes */ /****************/ #include #include #include #include #include "lsatheader.h" #include #include #include /********************************************************/ /* Usage function. Tell user command line options */ /********************************************************/ void usage() { fprintf(stderr, "Usage is lsat [options]\n"); fprintf(stderr, "Options:\n"); fprintf(stderr, "\t-d\t\t\tdiff current and old md5, output in lsatmd5.diff\n"); fprintf(stderr, "\t-m \tForce a specific distribution test.\n"); fprintf(stderr, "\t\t\t\tDistro names are: \n"); fprintf(stderr, "\t\t\t\tdebian\n"); fprintf(stderr, "\t\t\t\tgentoo\n"); fprintf(stderr, "\t\t\t\tmandrake\n"); fprintf(stderr, "\t\t\t\tmacosx\n"); fprintf(stderr, "\t\t\t\tredhat\n"); fprintf(stderr, "\t\t\t\tslackware\n"); fprintf(stderr, "\t\t\t\tsolaris\n"); fprintf(stderr, "\t\t\t\tIf no -f option, lsat will guess. If lsat can\n"); fprintf(stderr, "\t\t\t\tnot guess the distribution, default is redhat.\n"); fprintf(stderr, "\t-a\t\t\tShow this (advanced) help page\n"); fprintf(stderr, "\t-o \t\tOutput file name -- default is lsat.out\n"); fprintf(stderr, "\t-r\t\t\tCheck rpm integrity -- redhat or mandrake only\n"); fprintf(stderr, "\t-s\t\t\tSilent mode\n"); fprintf(stderr, "\t-v\t\t\tVerbose output\n"); fprintf(stderr, "\t-w\t\t\tOutput file in html format\n"); fprintf(stderr, "\t-x \t\teXclude module(s) in filelist from checks...\n"); fprintf(stderr, "\t\t\t\tmodules listed in filename will be excluded\n\t\t\t\tfrom checks. Valid module names are the module\n\t\t\t\tnames themselves without the check.\n\t\t\t\t(e.g. set not checkset)\n\t\t\t\tsee manpage or README for more info\n"); exit(8); } /********************************************************/ /* findexclude function. See if target is in exclude */ /* list that was on the command line... */ /********************************************************/ int findexclude(char xlisting[100], int *xlist) { FILE *fileptr; int i=0; char *token; char tempstring[26]; char line[256]; char thelist[33][12] = { {"pkgs"}, {"rpm"}, {"inetd"}, {"inittab"}, {"logging"}, {"set"}, {"write"}, {"dotfiles"}, {"passwd"}, {"files"}, {"umask"}, {"ftpusers"}, {"rc"}, {"kbd"}, {"limits"}, {"ssh"}, {"open"}, {"issue"}, {"www"}, {"md5"}, {"modules"}, {"securetty"}, {"perms"}, {"net"}, {"forward"}, {"promisc"}, {"listening"}, {"cfg"}, {"bpass"}, {"ipv4"}, {"startx"}, {"ftp"}, {"disk"} }; if ((fileptr = fopen(xlisting, "r"))==NULL) { perror("Error opening exclude file\n"); return(-1); } while (fgets(line, sizeof(line), fileptr) != NULL) { token = strtok(line, ", \"\n"); if (token == NULL) { break; } /* not blank?? Do some stuff... */ while (token != NULL) { if (sscanf(token, "%25s", tempstring) < 1) { perror("sscanf bit the dust"); perror("Error was in lsatmain.\n"); return(-1); } /* ok, now here we compare */ /* we go through our array of module names and */ /* see if they match. If they do, the user does */ /* not want to run that module, so we put it in */ /* another array of ints to look through later. */ for (i=0;i<33;i++) { if ((strcmp(thelist[i], tempstring)) == 0) { /* we have a match. */ xlist[i]=1; } } token = strtok(NULL, ", \"\n"); if (token == NULL) { /* freak out */ break; } } /* end while (ptr != NULLL) */ } /* end while (fgets...) */ /* clean up */ fclose(fileptr); return(0); } /***************************************************/ /* Check what version and kernel release we are at */ /* Changed: 4/4/2002: */ /* we will no longer cat /etc/redhat-release */ /* in main... we will now just grab the 1st field */ /* from the uname -a output so that it is easier */ /* (later on too) to figure out what we should do. */ /* We shall still grab the "kernel/release" field */ /* (field 3) to get the linux kernel or release */ /* (e.g. Solaris version) that we are on. This (I */ /* think) will give us greater flexibility in */ /* porting to other *NIXs like Solaris or AIX. */ /* */ /* Note: release will be field 1, kernel field 3 */ /***************************************************/ int versions(char release[], char kernel[], int verbose) { /* some local vars... */ FILE *infile; /* file pointer to input file */ char *ptr; /* char pointer for strtok */ char line[100]; /* temp array for reading lines */ /* note make tempstring 100 also, avoid buffer overruns */ char tempstring[100]; /* temp string for sscanf */ int linecount=0; /* line counter */ int field=0; /* field counter for strtok */ int i=0; /* general counter variable */ int fileval=0; /* return value */ /* First off, get the output of uname -a */ /* this is silly, I should know how to do this more easily */ if ((fileval = open("/tmp/lsat1.lsat", O_RDWR | O_CREAT | O_EXCL | O_EXCL, 0600)) < 0) { perror("Could not make file w/perms 0600...\n"); perror("Possible link attack while creating/opening file!\n"); perror("Bailing in lsatmain...\n"); exit(-1); } /* get the uname, redirect to tempfile */ if ( (system("uname -a >> /tmp/lsat1.lsat")) < 0) { /* rhut-rho...something bad happened. */ perror("Problem executing pwd...\n"); perror("Error was in lsatmain.\n"); return(0); } /* open input file for read... */ if (NULL == (infile = fdopen(fileval, "r"))) { /* rhut-rho */ perror("Can't open the file we just made!?!\n"); perror("Giving up, check perms or something...\n"); perror("Error was in lsatmain.\n"); return(-1); } /* get a line from the file... it should contain only 2 */ /* 1st line is uname -a, so the third field is the kernel version */ while (fgets(line, sizeof(line), infile) != NULL) { /* (re)set field... */ field=0; ptr = strtok(line, ", \"\n"); if (ptr == NULL) { break; } /* not blank?? Do some stuff... */ while (ptr != NULL) { /* if linecount == 0, get 1st field */ if (sscanf(ptr, "%99s", tempstring) < 1) { perror("sscanf bit the dust"); perror("Error was in lsatmain.\n"); return(-1); } if ((field == 0) && (linecount == 0)) { for (i = 0; i < 50; i++) { release[i]=tempstring[i]; } } if ((field == 2) && (linecount == 0)) { for (i = 0; i < 3; i++) { kernel[i]=tempstring[i]; } } ptr = strtok(NULL, ", \"\n"); if (ptr == NULL) { /* freak out */ break; } /* increment counter for the field we are reading */ field++; } /* end while(ptr != NULL) */ /* increment the line counter */ linecount++; } /* end while (fgets...) */ close(fileval); /* clean up even though we will rm it */ close(infile); if ( (system("rm -f /tmp/lsat1.lsat")) < 0) { /* rhut-rho...something bad happened. */ perror("Problem rm'ing tempfile...\n"); perror("Error was in lsatmain.\n"); return(0); } if (verbose > 0) { printf("System type is: %s\n", release); printf("Kernel/release level is: %s\n", kernel); } return(0); } /****************************************************************/ /* lsatrm. This function will remove temp files that lsat uses */ /* should a module bomb out. All temp files should be called */ /* lsatn.lsat where n is an integer, and should be in /tmp/ */ /****************************************************************/ int lsatrm(void) { if ((system("rm -f /tmp/lsat*.lsat 1>/dev/null 2>/dev/null")) != 0) { perror("Error removing tmp files.\n"); perror("This could be a symlink attack.\n"); return(-1); } return(0); } /****************************************************************/ /* Main All sub-programs/functions should be called */ /* from here. Note: they should also be listed in lsatheader.h */ /****************************************************************/ int main(int argc, char *argv[]) { int retval=0; /* a return value indicator */ int verbose=0; /* for verbosity */ /* note: switches: * lsat -a = advanced help * lsat -d = perform a diff of the md5output and old md5output * lsat -v = verbose, verbose = 1 * lsat = slightly verbose, verbose = 0, * the module name is printed as it performes each module * lsat -s = silent, verbose = -1, nothing printed at all. * lsat -r = run checkrpm module. * lsat -m = force a distribution mode, e.g. lsat -m redhat * lsat -h = give help output * lsat -o outfile = put output in outfile instead of lsat.out * lsat -w = print output in html format * lsat -x module = exclude module from checks */ int diff=0; /* do we run the md5 diff? */ int rpmmodule=0; /* do we run the rpm module? */ int inetexists=0; /* if inetd.conf exists, this is 1 */ int distribution=1; /* what distro are we on? */ /* -1=user specified a distro, its in man_distro * 1=redhat * 2=debian * 3=solaris * 4=gentoo * 5=macosx * 6=slackware * default = redhat */ int html=0; /* html output? */ /* html = 0: normal output * html = 1: user wants html output */ char release[50]; /* array for release level */ char kernel[50]; /* what kernel user is running */ static char *man_distro; /* if the user specifies a distribution */ const char * header =NULL; /* to print out the header */ static char *out_file = "lsat.out"; /* output filename var */ char xlist[100]; /* modules to exclude */ int xarray[33] = {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}; int somethinginxlist = 0; /* note if no filename given, default = lsat.out */ FILE *tempptr; /* a temp file pointer */ uid_t uidme; uidme = getuid(); /* we used to set the umask of the user here... */ /* note that does not work all of the time. */ /* instead use open with options below. Also, */ /* warn user at bottom about setting umask to */ /* sensible value before modifying files. */ /* we will again try to set umask here... */ mode_t old_umask; old_umask=(umask(0177)); /* Now do options processing */ int i; for (i=1; i < argc; i++) { if(argv[i][0] == '-') { switch (argv[i][1]) { case 'a': usage(); break; case 'h': usage(); break; case 'd': diff = 1; break; case 'm': strcpy(man_distro, argv[i]+3); break; case 'o': strcpy(out_file, argv[i]+3); break; case 'r': rpmmodule = 1; break; case 's': verbose = -1; break; case 'v': verbose = 1; break; case 'w': html = 1; out_file="lsat.html"; break; case 'x': strcpy(xlist,argv[i]+3); somethinginxlist = 1; break; default : usage(); break; } } } if (!out_file) /* if no filename after -o */ { usage(); /* note usage() will exit lsat */ } /* if an exclude list was given, parse the file and */ /* fill the array of excludes.. */ if (somethinginxlist == 1) { if (findexclude(xlist, xarray) != 0) { /* something went wrong */ perror("Error reading exclude list...\n"); return(-1); } } /* check if output exists, if it does, make a */ /* backup and rm the orig. named one. */ tempptr = fopen(out_file, "r"); if (tempptr != 0) { /* output file exists */ /* make a backup copy */ char *newname = NULL; if ((newname = (char *) calloc(2, sizeof(out_file))) == NULL) { perror("Can not allocate temp memory in lsatmain.\n"); perror("Strange. Bailing...\n"); exit(-1); } fclose(tempptr); /* add .old onto the old outfile name */ sprintf(newname, "%s.old", out_file); /* gnu, but should be ok... */ /* whoops, we are now failure checking this... */ retval = 0; retval = rename(out_file, newname); if (retval < 0) { /* damn, rename bombed */ perror("GNU rename bombed in lsatmain.\n"); perror("Very odd, you should have seen errors, report them :) \n"); exit(-1); } /* free up calloc'd mem */ free(newname); } /* now that we have a backup, remove the outfile */ /* don't care about failure here... */ remove(out_file); /* not seem to work 100% of the time on my system*/ /* for making files w/chmod 0600... */ /* reverting to open with options... */ retval = 0; if ((retval = open(out_file, O_RDWR | O_CREAT | O_EXCL, 0600)) < 0) { perror("Could not make file w/perms 0600...\n"); perror("Possible link attack while creating/opening file!\n"); perror("Bailing in lsatmain...\n"); exit(-1); } /* we print this out no matter what verbose is */ printf("Starting LSAT...\n"); /* remove old tempfiles (if lsat got killed) */ /* if this fails, we should stop _now_! */ if (lsatrm() < 0) { perror("Could not remove tempfiles during startup.\n"); perror("You may need root permissions to do this.\n"); return(-1); } /* read that in, check kernel version and "release" */ if (verbose >= 0) { printf("Getting system information...\n"); } retval = versions(release, kernel, verbose); if (retval < 0) { /* something went wrong... */ perror("Problem in versions function.\n"); return(0); } /* note about Mandrake: until I can find vast differences */ /* between RedHat/Mandrake in terms of configs, we assume */ /* that it is redhat and don't check /etc/mandrake_rel... */ /* simple check to see if we are on RedHat or Debian */ /* first, did the user specify a distro? */ if (distribution != -1) { if ((system("cat /etc/redhat-release 1>/dev/null 2>/dev/null >/dev/null")) == 0) { /* we are on redhat */ distribution = 1; } if ((system("cat /etc/debian_version 1>/dev/null 2>/dev/null >/dev/null")) == 0) { /* we are on debian */ distribution = 2; } if ((system("uname |grep SunOS 1>/dev/null 2>/dev/null >/dev/null")) == 0) { /* we are on Solaris/SunOS */ distribution = 3; } if ((system("uname -a |grep gentoo 1>/dev/null 2>/dev/null >/dev/null")) == 0) { /* we are on gentoo */ distribution = 4; } if ((system("uname |grep Darwin 1>/dev/null 2>/dev/null >/dev/null")) == 0) { /* we are on Mac OSX */ distribution = 5; } if ((system("cat /etc/slackware-version 1>/dev/null 2>/dev/null >/dev/null")) == 0) /* JTO */ { /* we are on slack */ distribution = 6; } } if (distribution == -1) { /* user specified a distribution */ if ((strcmp(man_distro, "redhat")) == 0) { /* redhat */ distribution = 1; } if ((strcmp(man_distro, "centos")) == 0) { /* CentOS, RHEL-alike */ distribution = 1; } if ((strcmp(man_distro, "caos")) == 0) { /* CaOS, RHL-alike */ distribution = 1; } if ((strcmp(man_distro, "fedora")) == 0) { /* Post-RHL */ distribution = 1; } if ((strcmp(man_distro, "debian")) == 0) { /* debian */ distribution = 2; } if ((strcmp(man_distro, "solaris")) == 0) { /* solaris */ distribution = 3; } if ((strcmp(man_distro, "mandrake")) == 0) { /* mandrake, same as redhat, sortof */ distribution = 1; } if ((strcmp(man_distro, "gentoo")) == 0) { /* gentoo */ distribution = 4; } if ((strcmp(man_distro, "macosx")) == 0) { /* Mac OSX */ distribution = 5; } if ((strcmp(man_distro, "slackware")) == 0) /* JTO */ { /* slackware- JTO */ distribution = 6; } /* default is redhat */ else { distribution = 1; } } /* end if (distribution == -1) */ /* ********* checks are below ****************** */ /* ok, we should have enough info, run the checks */ if (verbose >= 0) { printf("Running modules...\n"); } /* we need to make a header if html = 1, as this */ /* could confuse the issue by putting it in the */ /* first module... call dostuff here... */ if (html == 1) { html = 2; /* this tells dostuff to write out header html */ header = "\n"; /* can't be NULL */ if ((dostuff(0, out_file, 0, header, html)) < 0) { /* something went wrong */ perror(" Creation of list failed."); return (-1); } html = 1; /* change html int back to one */ } /* run checkpkgs */ /* did user put it in exclude list? */ if (xarray[0] == 0 ) { retval = 0; retval = checkpkgs(distribution, out_file, verbose, html); if (retval < 0) { /* something went wrong... */ perror("Problem in checkpkgs module.\n"); perror("You should have seen errors...\n"); /* module bombed, clean up */ lsatrm(); return(0); } } /* run checkrpm if rpmmodule = 1 and distribution =1 */ /* did user put it in exclude list? */ if (xarray[1] == 0) { retval = 0; if ((rpmmodule == 1) && (distribution == 1)) { retval = checkrpm(out_file, verbose, html); if (retval < 0) { /* something went wrong... */ perror("Problem in checkrpm module.\n"); perror("You should have seen errors...\n"); /* module bombed, clean up */ lsatrm(); return(0); } } } /* run checkinetd */ /* did user put it in exclude list? */ if (xarray[2] == 0) { /* if hosts file exists run checkhostsfiles */ inetexists = checkinetd(out_file,distribution, verbose, html); /* if inetexists == 1, it does! */ /* if inetexists == 0, it does not... */ /* if inetexists == -1, we had some problems. */ if (inetexists == 1) { checkhostsfiles(out_file, verbose, html); } if (inetexists == 0) { /* do nothing... */ ; } if (inetexists == -1) { /* there was a problem. User should have seen */ /* messages from checkinetd program. */ /* do nothing here and continue... */ /* module bombed, clean up */ lsatrm(); } } /* check inittab */ /* did user put it in exclude list? */ if (xarray[3] == 0) { retval = 0; retval = checkinittab(out_file, distribution, verbose, html); if (retval < 0) { /* something went wrong... */ perror("Problem in checkinittab module.\n"); perror("You should have seen errors...\n"); /* module bombed, clean up */ lsatrm(); return(0); } } /* check logging */ /* did user put it in exclude list? */ if (xarray[4] == 0) { retval = 0; retval = checklogging(out_file, distribution, verbose, html); if (retval < 0) { /* something went wrong... */ perror("Problem in checklogging module.\n"); perror("You should have seen errors...\n"); /* module bombed, clean up */ lsatrm(); return(0); } } /* check for setuid/setgid files */ /* did user put it in exclude list? */ if (xarray[5] == 0) { retval = 0; retval = checkset(out_file, verbose, html); if (retval < 0) { /* something went wrong... */ perror("Problem in checkset module.\n"); perror("You should have seen errors...\n"); /* module bombed, clean up */ lsatrm(); return(0); } } /* check for world writable files/directories */ /* did user put it in exclude list? */ if (xarray[6] == 0) { retval = 0; retval = checkwrite(out_file, distribution, verbose, html); if (retval < 0) { /* something went wrong... */ perror("Problem in checkwrite module.\n"); perror("You should have seen errors...\n"); /* module bombed, clean up */ lsatrm(); return(0); } } /* check for .exrc and .forward files */ /* did user put it in exclude list? */ if (xarray[7] == 0) { retval = 0; retval = checkdotfiles(out_file, verbose, html); if (retval < 0) { /* something went wrong... */ perror("Problem in checkdotfiles module.\n"); perror("You should have seen errors...\n"); /* module bombed, clean up */ lsatrm(); return(0); } } /* check /etc/passwd for uid 0 other than */ /* root and users not needed on the sys. */ /* did user put it in exclude list? */ if (xarray[8] == 0) { retval = 0; retval = checkpasswd(out_file, distribution, verbose, html); if (retval < 0) { /* something went wrong... */ perror("Problem in checkpasswd module.\n"); perror("You should have seen errors...\n"); /* module bombed, clean up */ lsatrm(); return(0); } } /* check to see if sticky bits are set */ /* on /tmp & /var/tmp. I will add more */ /* to this later on... */ /* did user put it in exclude list? */ if (xarray[9] == 0) { retval = 0; retval = checkfiles(out_file, verbose, html); if (retval < 0) { /* something went wrong... */ perror("Problem in checkfiles module.\n"); perror("You should have seen errors...\n"); /* module bombed, clean up */ lsatrm(); return(0); } } /* did user put it in exclude list? */ if (xarray[10] == 0) { retval = 0; retval = checkumask(out_file, verbose, html); if (retval < 0) { /* something went wrong... */ perror("Problem in chumask module.\n"); perror("You should have seen errors...\n"); /* module bombed, clean up */ lsatrm(); return(0); } } /* did user put it in exclude list? */ if (xarray[11] == 0) { retval = 0; retval = checkftpusers(out_file, verbose, html); if (retval < 0) { /* something went wrong... */ perror("Problem in checkftpusers module.\n"); perror("You should have seen errors...\n"); /* module bombed, clean up */ lsatrm(); return(0); } } /* did user put it in exclude list? */ if (xarray[12] == 0) { retval = 0; retval = checkrc(release, kernel, distribution, out_file, verbose, html); if (retval < 0) { /* something went wrong... */ perror("Problem in checkrc module.\n"); perror("You should have seen errors...\n"); /* module bombed, clean up */ lsatrm(); return(0); } } /* did user put it in exclude list? */ if (xarray[13] == 0) { retval = 0; retval = checkkbd(release, out_file, verbose, html); if (retval < 0) { /* something went wrong... */ perror("Problem in checkkbd module.\n"); perror("You should have seen errors...\n"); /* module bombed, clean up */ lsatrm(); return(0); } } /* did user put it in exclude list? */ if (xarray[14] == 0) { if (distribution != 6) /* need to fix for slack, JTO */ { retval = 0; retval = checklimits(out_file, verbose, html); if (retval < 0) { /* something went wrong... */ perror("Problem in checklimits module.\n"); perror("You should have seen errors...\n"); /* module bombed, clean up */ lsatrm(); return(0); } } /* end if its not slack if statement */ } /* did user put it in exclude list? */ if (xarray[15] == 0) { retval = 0; retval = checkssh(out_file, distribution, verbose, html); if (retval < 0) { /* something went wrong.. */ perror("Problem in checkssh module.\n"); perror("You should have seen errors...\n"); lsatrm(); return(0); } } /* did user put it in exclude list? */ if (xarray[16] == 0) { retval = 0; retval = checkopenfiles(out_file, distribution, verbose, html); if (retval < 0) { /* something went wrong.. */ perror("Problem in checkopenfiles module.\n"); perror("You should have seen errors...\n"); lsatrm(); return(0); } } /* did user put it in exclude list? */ if (xarray[17] == 0) { retval = 0; retval = checkissue(out_file, verbose, html); if (retval < 0) { /* something went wrong.. */ perror("Problem in checksissue module.\n"); perror("You should have seen errors...\n"); lsatrm(); return(0); } } /* did user put it in exclude list? */ if (xarray[18] == 0) { retval = 0; retval = checkwww(out_file, distribution, verbose, html); if (retval < 0) { /* something went wrong.. */ perror("Problem in checkwww module.\n"); perror("You should have seen errors...\n"); lsatrm(); return(0); } } /* did user put it in exclude list? */ if (xarray[19] == 0) { retval = 0; retval = checkmd5(out_file, distribution, verbose, html, diff); if (retval < 0) { /* something went wrong.. */ perror("Problem in checkmd5 module.\n"); perror("You should have seen errors...\n"); lsatrm(); return(0); } } /* did user put it in exclude list? */ if (xarray[20] == 0) { if ((distribution != 3) && (distribution !=5)) /* we are not on Solaris, so we can run this module */ { retval = 0; retval = checkmodules(out_file, verbose, html); if (retval < 0) { /* something went wrong.. */ perror("Problem in checkmodules module.\n"); perror("You should have seen errors...\n"); lsatrm(); return(0); } } } /* did user put it in exclude list? */ if (xarray[21] == 0) { retval = 0; retval = checksecuretty(out_file, verbose, html); if (retval < 0) { /* something went wrong.. */ perror("Problem in checksecuretty module.\n"); perror("You should have seen errors...\n"); lsatrm(); return(0); } } /* did user put it in exclude list? */ if (xarray[22] == 0) { retval = 0; retval = checkrcperms(out_file, distribution, verbose, html); if (retval < 0) { /* something went wrong... */ perror("Problem in checkrcperms module.\n"); perror("You should have seen errors...\n"); lsatrm(); return(0); } } /* did user put it in exclude list? */ if (xarray[23] == 0) { retval = 0; retval = checknet(out_file, distribution, verbose, html); if (retval < 0) { /* something went wrong... */ perror("Problem in checknet module.\n"); perror("You should have seen errors...\n"); /* module bombed, clean up */ lsatrm(); return(0); } } /* did user put it in exclude list? */ if (xarray[24] == 0) { retval = 0; retval = checknetforward(out_file, distribution, verbose, html); if (retval < 0) { /* something went wrong... */ perror("Problem in checknetforward module.\n"); perror("You should have seen errors...\n"); /* module bombed, clean up */ lsatrm(); return(0); } } /* did user put it in exclude list? */ if (xarray[25] == 0) { if ((distribution !=3) && (distribution != 5)) { /* we are on linux... */ retval = 0; retval = checknetp(kernel, out_file, distribution, verbose, html); if (retval < 0) { perror("Problem in checknetpromisc module.\n"); perror("You should have seen errors...\n"); lsatrm(); return(0); } } } /* did user put it in exclude list? */ if (xarray[26] == 0) { if (distribution == 1) /* redhat (or derived) specific */ { retval = 0; retval = checkcfg(out_file, verbose, html); if (retval < 0) { /* something went wrong... */ perror("Problem in checkcfg module.\n"); perror("You should have seen errors...\n"); /* module bombed, clean up */ lsatrm(); return(0); } } } /* did user put it in exclude list? */ if (xarray[27] == 0) { if ((distribution !=3) && (distribution != 5)) /* we are on linux */ { retval = 0; retval = checkbpass(distribution, out_file, verbose, html); if (retval < 0) { /* something went wrong... */ perror("Problem in checkbpass module.\n"); perror("You should have seen errors...\n"); /* module bombed, clean up */ lsatrm(); return(0); } } } /* did user put it in exclude list? */ if (xarray[28] == 0) { if ((distribution != 3) && (distribution != 5)) /* we are on linux */ { retval = 0; retval = checkipv4(out_file, verbose, html); if (retval < 0) { /* something went wrong... */ perror("Problem in checkipv4 module.\n"); perror("You should have seen errors...\n"); /* module bombed, clean up */ lsatrm(); return(0); } } } /* did user put it in exclude list? */ if (xarray[29] == 0) { if ((distribution !=3) && (distribution !=5)) /* we are on linux */ { retval = 0; retval = checkx(out_file, verbose, html); if (retval < 0) { /* something went wrong... */ perror("Problem in checkx module.\n"); perror("You should have seen errors...\n"); /* module bombed, clean up */ lsatrm(); return(0); } } } /* did user put it in exclude list? */ if (xarray[30] == 0) { if ((distribution !=3) && (distribution !=5)) /* we are on linux */ { retval = 0; retval = checkftp(out_file, distribution, verbose, html); if (retval < 0) { /* something went wrong... */ perror("Problem in checkftp module.\n"); perror("You should have seen errors...\n"); /* module bombed, clean up */ lsatrm(); return(0); } } } /* did user put it in exclude list? */ if (xarray[31] == 0) { retval = 0; retval = checklistening(out_file, distribution, verbose, html); if (retval < 0) { /* something went wrong.. */ perror("Problem in checklistening module.\n"); perror("You should have seen errors...\n"); lsatrm(); return(0); } } /* did user put it in exclude list? */ if (xarray[32] == 0) { retval = 0; retval = checkdisk(out_file, verbose, html); if (retval < 0) { /* something went wrong... */ perror("Problem in checkdisk module.\n"); perror("You should have seen errors...\n"); lsatrm(); return(0); } } /* this is to put a footer html at the end of the output */ /* file if the user wanted html output. */ if (html == 1) { html = 3; /* tells dostuff to do an html footer */ header = "\n"; /* can't be NULL */ if ((dostuff(0, out_file, 0, header, html)) < 0) { /* something went wrong */ perror(" Creation of list failed."); return (-1); } html = 1; /* set html int back... habit */ } else { /* print a general footer */ header = "\n"; if ((dostuff(0, out_file, 0, header, 0)) < 0) { /* something went wrong */ perror(" Creation of footer failed."); return(-1); } } /* tell the user we are finished and where the output is */ /* we print this out no matter what verbose is */ printf("Finished.\n"); printf("Check %s for details.\n", out_file); /* in silent mode we don't say much */ if (verbose >= 0) { printf("Don't forget to check your umask or file perms\n"); printf("when modifying files on the system.\n"); } /* set the umask back... */ umask(old_umask); return(0); } /********************************************************************** Copyright (C) 2002 Robert Minvielle (number9) This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA **********************************************************************/ lsat-0.9.7.1/Makefile.in0000644000175000001440000000251511007333550014176 0ustar number9users# # Makefile for lsat program # SHELL=/bin/sh SOURCES.c= lsatmain.c dostuff.c checkpkgs.c checkrpm.c checkinetd.c checkinittab.c checkhostsfiles.c checklogging.c checkset.c checkwrite.c checkdotfiles.c checkpasswd.c checkfiles.c checkumask.c checkftpusers.c checkrc.c checkkbd.c checklimits.c checkssh.c checknetforward.c checknet.c checkcfg.c checkopenfiles.c checklistening.c checkissue.c checkwww.c checkmodules.c checkmd5.c checksecuretty.c checkrcperms.c checknetp.c checkbpass.c checkipv4.c checkx.c checkftp.c checkdisk.c INCLUDES= CFLAGS= LDFLAGS= SLIBS= PROGRAM= lsat INSTALL = /usr/bin/install -c prefix = @prefix@ BINDIR = @bindir@ DATADIR = @datadir@ MANDIR = @mandir@ OBJECTS= $(SOURCES.c:.c=.o) .KEPP_STATE: debug: all debug: $(PROGRAM) install: $(INSTALL) -d $(DESTDIR)$(BINDIR) $(INSTALL) $(PROGRAM) $(DESTDIR)$(BINDIR) $(PROGRAM): $(INCLUDES) $(OBJECTS) $(LINK.c) -o $@ $(OBJECTS) $(SLIBS) clean: rm -f $(PROGRAM) $(OBJECTS) cleanall: rm -f $(PROGRAM) $(OBJECTS) Makefile config.* lsat.old lsatmd5.out lsatmd5.old manpage: pod2man $(PROGRAM).pod > $(PROGRAM).tmp sed 's/perl v5.6.1/LSAT/g' $(PROGRAM).tmp| \ sed 's/Perl/LSAT/g'\ > $(PROGRAM).1 rm -f $(PROGRAM).tmp # cp -vf $(PROGRAM).1 debian/manpage.1.ex installman: $(INSTALL) -d $(DESTDIR)$(MANDIR)/man1 $(INSTALL) $(PROGRAM).1 $(DESTDIR)$(MANDIR)/man1/ lsat-0.9.7.1/modules.html0000644000175000001440000002311511007333550014466 0ustar number9users LSAT Modules README
This is the readme for modules. 



It contains a list of the modules in the lsat
package and what they check for.

It also has a premier at the end for creating
modules.

----------------------------------------------------------------------------
Modules in the LSAT package:

checkbpass:
- This module check for a boot loader password
- Currently only for grub and lilo

checkcfg:
- This module is performed last
- RedHat specific. Just prints out /sbin/chkconfig --list so that
  the user can perform a visual inspection.

checkdotfiles:
- Looks for .forward, .exrc, .rhosts and .netrc files on the system.
- Does not span "other" filesystems. 

checkfiles:
- checks that /tmp and /var/tmp have sitcky bit set
- checks utmp, wtmp, motd, mtab for chmod 644.
- checks /usr, /var dirs/files for root ownership.

checkftpusers:
- checks that all accounts in /etc/passwd are in /etc/ftpusers.

checkhostsfiles:
- Reads /etc/hosts.allow and /etc/hosts.deny files
- Checkes deny for ALL:ALL statement.
- Checks allow for any ALL statements.

checkinetd:
- Checks either /etc/inetd.conf or /etc/xinetd.d/* 
- If inetd.conf, it checks for entries not hashed out.
	(All entries should be commented out :)
- If xinetd.d it checks all files in that dir for disable = yes.

checkinittab:
- Check to see if the default runlevel is 5. If it is, give the user a warning.

checkipv4:
- Checks for common forwarding and ignore settings in ipv4.

checkissue:
- checks to make sure that /etc/motd, /etc/issue and /etc/issue.net
  do not exist, or if they do, warn the user.

checkkbd:
- checks that ctrlaltdel function is disabled under linux.
- checks for KEYBOARD_DISABLE to be enabled under Solaris.

checklimits:
- performs simple check of limits.conf file

checklogging:
- simple check to see if the auth and authpriv logging facilities are on.
  This is mostly for older versions of linux, as I know redhat and others
  have this on by default now...

checkmodules:
- checks to see if loadable kernel modules are enabled

checkmd5:
- performs a system-wide md5sum on all regular files.
- only executes if -m switch is used
- output is in lsatmd5.out, previous output in lsatmd5.old

checknet:
- checks what ports the system is listening to.
- (may not check _all_ ports. I have to RTFM on this one)

checknetforward:
- checks that ipv4 forwarding is disabled under linux
- checks that ipforwarding & source routing are disabled under Solaris
- checks that norouter & defaultrouter exist under Solaris

checknetp:
- checks that no interface is in Promiscuous mode

checkopenfiles:
- checks for all open files on the system using lsof (if installed)

checkpasswd:
- checks /etc/passwd for unneeded accounts.
- checks that only root is SUID=0.

checkrcperms:
- checks files in init.d dir to see if they are chmod 700

checkpkgs:
- Checks list of packages (rpms, debs) installed on the system.
- Checks against a list of "should not have" rpms.
- (this list quite possibly needs to be expanded)

checkrc:
- checks /etc/rcn.d or /etc/rc.d/init.d and reports unneeded scripts.

checkrpm: (redhat specific)
- check to see if we are on redhat, and if we are...
- use the built in rpm -Va to verify rpms on the system.

checksecuretty:
-check to see if only tty[0-6] are in /etc/securetty

checkset:
- Checks system for all setuid/setgid files.
- Also checks for block or char files in /dev/ that do not belong.

checkssh:
- check some security features of ssh for instance:
  root logins, X11 forwarding and the like.

checkumask:
- checks that the default umask on the system is sensible.

checkwrite:
- Checks system for world writable files.

checkwww:
- check to see if ExecCGIs are enabled.
- check to see who is running httpd/apache.

checkx:
- Checks for some common security measures on X windows


-------------------------------------------------------------------------
Writing modules:

All modules are (thus far) written in C. (hopefully ANSI C)
Looking back on this, perhaps it should have been in Python...
or perl or ADA or LISP or [insert your favorite prog language here]...

All modules (execpt dostuff.c) are called from lsatmain.c
A small description of the module is in lsatheader.h

Parameters:
A module (read function) can be passed (as of now) up
to four parameters. They are:

char release[]: basically the first field of "uname -a" output
char kernel[]: basically the third field of "uname -a" output
const char *const out_file: the file that lsat will output checks to
int verbose: integer flag to indicate we should be verbose

A module (in my mind :) should be an independant entity. 
If I were to take a module and stick it in a "main" c function
and pass it whatever parameters listed above it needs it should
function. Properly.

In doing the above I am setting this up to where modules can 
be added or deleted without problems. Having a module depend
on the output of another is not my goal or desire. It may 
run a little slower for some things like this, but one
can customize it whenever and however they see fit with
relative ease.

Modules should return zero or greater on success and a negative
number on failure. Modules should themselves output error msgs,
not lsatmain.c. (although lsatmain.c will say "Module x failed,
you should have seen errors.", upon receiving a negative number
from a returning module)

Modules should have a small description at the top and _should_
be able to cope with being on different systems (Linux vs
Solaris for instance). Yes I still need to work on mine. :O

The dostuff module is a module (written by nordi (nordi at addcom dot de))
that is used to run shellcode, write to tempfiles, and append headers
and/or the tempfile to the output file. The description at the top
of dostuff is given below... written by Nordi, I quote:

"This is a function that does all the filehandling stuff for the lsat modules 
so that you don't have to reinvent the wheel every time you want to do something. 
Afterall we have to get rid of, eradicate and stamp out all kinds of redundancies.

As arguments it takes four pointers to strings: tempfile, outfile, shellcode and
header. Header can be NULL, then it simply will not be printed. One of the other
pointers can be NULL as well. In this case refer to the following list:

no NULL pointer            default behaviour
  create tempfile
  run shellcode
  append header to outfile
  append tempfile to outfile
  delete tempfile

outfile == NULL            if you want to do keep working with tempfile
  create tempfile
  run shellcode

tempfile == NULL           if you already have a tempfile and want to keep it
  run shellcode

shellcode == NULL          if you already got a tempfile but now you're finished
  append header to outfile
  append tempfile to outfile
  delete tempfile

Special Case:              just print the header to the outfile
tempfile==shellcode==NULL
  append header to outfile

Will return 0 on success and negative value on failure." - End Nordi quote.


This has (thus far) made it a lot easier to write modules. In general,
using dostuff.c one can concentrate more on exactly what they want
a module to do and not have to worry about opening files and writing
temp files etal every time one writes a module.

A basic template for a module (IMHO) would be:

int module(release, kernel, distribution, filename, verbose)
{
	/* above parameters are optional, depending on module */

	/* some internal variable defs here */

	
	/* these should be in all modules */
	const char * tempfile =NULL;
        const char * shellcode=NULL;
        const char * header   =NULL;

	if (verbose > 0)
	{
		printf("Starting module: module\n");
	}
	
	/* do something you want to... */
	/* we ALWAYS call the tempfiles lsatn.lsat, 	*/
	/* where n is an integer... this is for cleanup */
	/* purposes...					*/

 	if (verbose > 0)
	{
		printf(" Generating list of badstuffs\n");
	}
        tempfile = "/tmp/lsat1.lsat";
	shellcode = "find / -name badstuff 2>/dev/null >/tmp/lsat1.lsat";
        header = "I am finding the bad stuff man\n";
	if ((dostuff(tempfile, filename, shellcode, header)) < 0)
	{
		/* "but Den, with the Loc-nar we could have returned to earth..." */
		perror(" Could not generate list");
		return(-1);
	}

	if (verbose > 0)
	{
		printf("Finished in module: module...\n");
	}
	
	return(0);
}

Some things worth noting are this:
- We always call tempfiles lsatn.lsat where n is an integer.
- We always use verbose > 0, and the first and last verbose
statements have no space before the output. The inner
verbose statements have a space. This makes verbose output pertty.
- We always check the return value of dostuff, and perror if problems.
- We always return 0 on success and something less than 0 on
failure.

There are times when one needs to create a temp file for storage 
due to the fact tha the module may be looping through some data 
that the shellcode has generated. This can be done and is ok, but
use the following example as a guide to (safely) create a temp file:

int fileval;
if ((fileval = open("/tmp/lsat4.lsat", O_RDWR | O_CREAT, 0600)) < 0)
{
    perror("Could not make file w/perms 0600...\n");
    perror("Possible link attack while creating/opening file!\n");
    exit(-1);
}

One thing to point out is to be careful of open files when
doing this two temp file procedure. If one calls dostuff and
the file was already open, it will puke, hurl and pass out.

I will put some more info in here when I get some time :)



../number9
lsat-0.9.7.1/README0000644000175000001440000001321411007333550013007 0ustar number9usersThis is the README file for LSAT (Linux Security Auditing Tool) NOTE: This is still BETA software and should be treated as such. -------------------------------------------------------------------------------- Hoempage: The homepage for lsat is http://usat.sourceforge.net The backup homepage is http://www.dimlight.org/lsat The homepage for lsat used to be http://www.dimlight.org/~number9/lsat -------------------------------------------------------------------------------- About: Linux Security Auditing Tool (LSAT) is a post install security auditing tool. It is modular in design, so new features can be added quickly. It checks inetd entries and scans for unneeded RPM packages. It is being expanded to work with Linux distributions other than Red Hat, and checks for kernel versions. -------------------------------------------------------------------------------- Changes: See changelog/changelog.html for changes. -------------------------------------------------------------------------------- Current working systems: LSAT currently compiles and works under RedHat 5.x, 6.x, 7.x, 8.x, 9.x and Gentoo linux systems. (tested on RedHat 8,9 and Gentoo 1.4) It should compile and run under RedHat derivative systems, Debian, and the x86_64 based systems. The goal is to have it work under many *NIX systems, including but not limited to Solaris, Debian, RedHat (and derivatives), FreeBSD etc. -------------------------------------------------------------------------------- REQUIREMENTS: LSAT was intended to build with a minimal of fuss, but it does require one thing that is not installed on some systems (I have heard this from Suse users in particular). popt. If make fails or complains about popt, please install the popt-devel package as you need the popt header files. Other things that would be nice, but LSAT will run without: To be clear, the following are OPTIONAL, but are useful anyhows, and LSAT will use them if you have them to give you more information. nmap Yes LSAT calls nmap to do that one extra scan of your ip address. lsof This is not installed by default on many systems. Your distribution most probably has a package of this ready to be installed. ip This is on newer redhat boxen, replaces ipconfig, gives more output. -------------------------------------------------------------------------------- Compilation: LSAT now has autoconf: building should just be (in the lsat- dir: ./configure make If you like you can do a: make install after the make. This will place lsat in /usr/local/bin and man pages in /usr/local/man. -------------------------------------------------------------------------------- Running: To run the program: ./lsat [OPTIONS] Options: -d diff current and old md5, output in lsatmd5.diff -f Force a specific distribution test. Distro names are: redhat debian mandrake solaris gentoo macosx If no -f option, lsat will guess. If lsat can not guess the distribution, default is redhat. -a Show this (advanced) help page -o Output file name -- default is lsat.out -r Check rpm integrity -- redhat or mandrake only -s Silent mode -v Verbose output -w Output file in html format -x eXclude module(s) in filelist from checks... modules listed in filename will be excluded from checks. Valid module names are the module names themselves without the check. (e.g. set not checkset) NOTE: The valid names for the -x (exclude) option are the following: pkgs, rpm, inetd, inittab, logging, set, write, dotfiles, passwd, files, umask, ftpusers, rc, kbd, limits, ssh, open, issue, www, md5, modules, securetty, perms, net, forward, promisc, cfg, startx. These should be in a text file in the working directory where lsat is called from, and can be comma, whitespace/tab or newline delimited. Any number of options can be specified on the command line. This may take some time on older systems as it (at some point in time) does an rpm -qa while checking installed packages. It also checks all SETUID and SETGID files on the system. (On my Sun sparc20 running Mandrake at 80mhz, it can take quite a while) The output is in the file in the directory where lsatmain was run and should be called lsat.out. If you have previously run lsatmain then the previous output will be moved to lsat.old. This is so that you may check your imcremental security improvements to the system. -------------------------------------------------------------------------------- Modules: Please see modules.html for info on modules or writing modules. Plain text version is README.modules -------------------------------------------------------------------------------- License: This software is licensed under the GNU/GPL, please see http://www.gnu.org for more detals. -------------------------------------------------------------------------------- Contact: I am number9. Sometimes known as Triode. My personal page is at http://www.dimlight.org/number9 You may reach me at triode@users.sourceforge.net or number9@dimlight.org if its up :) -------------------------------------------------------------------------------- lsat-0.9.7.1/README.checkrpm0000644000175000001440000000360211007333550014602 0ustar number9users LSAT should check for what distro it is running on and some modules will behave differently based on this (checkpkgs for instance), however, there is a package (checkrpm) which is redhat specific and is also enabled via a switch to LSAT (lsat -r). Some notes are given below... 1) lsat -r will run the module checkrpm, which performs a basic signature check on packages. NOTE: this is not the best way to check integrity of packages, since if rpm itself was hacked the output can be falsified. HOWEVER, if rpm is known good (say, by checking the md5sum) it can prove useful. 2) If lsat -r is run it will take some considerable time to perform this extra check. (on my 30Mhz system it increased LSAT run time by 5min) 3) Please note (IMPORTANT): don't freak if lsat -r reports all kinds of modifications to packages if your system is not a fresh install. You probably modified some stuff already, have you not? For instance, commenting out all lines in /etc/inetd.conf (and restarting it) is a "good thing" but doing so will make checkrpm report that this has been modified. It is a good idea to run this module, but please go through the output and think about what _you_ have changed to the system before concluding that you have been 0wn3d. This will also be printed in the output, but it is here for completeness also... this is what the output symbols mean from checkrpm: M Mode differs (includes permissions and file type) 5 MD5 sum differs D Device major/minor number mis-match L readLink(2) path mis-match U User ownership differs G Group ownership differs T mTime differs Please go through the output and check each one. Again, unless you _just_ did a fresh install, some files will be modified from package installations and modifications to the system that you performed in the past. Think about what you or a package has modified before concluding the machine has been hax0r3d. lsat-0.9.7.1/README.exclude0000644000175000001440000000363011007333550014440 0ustar number9users This is the readme file for the -x option. The -x option in lsat is there to exclude modules from being run while running lsat. The command line is: lsat -x somefilename.txt somefilename.txt should be a comma, tab, whitespace or newline delimited file which contains the name of the module(s) that you do NOT wish to run. See the sample_exclude.txt file for an example. A brief summary of the modules are below, as well as the correct name that should be used in the aforementioned exclusion list: pkgs - checks which pkgs are installed (rpm and pkg systems only) rpm - performs rpm integrity check (rpm systems only) inetd - checks for problems in inetd file inittab - checks for sane values in inittab logging - checks for correct logging (are we doing enough?) set - checks SUID/GUID of files write - checks for world read/writeable files dotfiles- finds and reports all dotfiles (.rhosts for instance) passwd - checks for baddies in passwd file files - performs file checks for insecurities on system umask - checks for a sensible umask on the system ftpusers- checks for valid /etc/ftpusers and who is in that file rc - checks rc scripts kbd - checks for proper perms etc on keyboard limits - chceks for good limits on files, etc systemwide ssh - checks version and security problems in ssh config open - checks open files issue - checks systemwide issue www - checks web server for common errors/SSIs md5 - perform md5sum on all files (note this is off by default) modules - check to see if loadable module support is enabled in kernel securetty - check for sensible values in tty settings perms - see if all perms on files/dirs are ok net - check local network connections forward - check to see if network forwarding is enabled promisc - check to see if any network interface is in promisc mode cfg - check all services in all runlevls and print them For more info on lsat options do lsat -a for advanced help. lsat-0.9.7.1/README.modules0000644000175000001440000002261211007333550014460 0ustar number9usersThis is the readme for modules. It contains a list of the modules in the lsat package and what they check for. It also has a premier at the end for creating modules. ---------------------------------------------------------------------------- Modules in the LSAT package: checkbp: - Checks for boot loader password. - Currently only for grub and lilo. checkcfg: - This module is performed last - RedHat specific. Just prints out /sbin/chkconfig --list so that the user can perform a visual inspection. checkdotfiles: - Looks for .forward, .exrc, .rhosts and .netrc files on the system. - Does not span "other" filesystems. checkfiles: - checks that /tmp and /var/tmp have sitcky bit set - checks utmp, wtmp, motd, mtab for chmod 644. - checks /usr, /var dirs/files for root ownership. checkftpusers: - checks that all accounts in /etc/passwd are in /etc/ftpusers. checkhostsfiles: - Reads /etc/hosts.allow and /etc/hosts.deny files - Checkes deny for ALL:ALL statement. - Checks allow for any ALL statements. checkinetd: - Checks either /etc/inetd.conf or /etc/xinetd.d/* - If inetd.conf, it checks for entries not hashed out. (All entries should be commented out :) - If xinetd.d it checks all files in that dir for disable = yes. checkinittab: - Checks to see if default runlevel is 5. If it is, give the user a warning. checkipv4: - Checks to see that common forwarding and ignoring are off/on in ipv4. checkissue: - checks to make sure that /etc/motd, /etc/issue and /etc/issue.net do not exist, or if they do, warn the user. checkkbd: - checks that ctrlaltdel function is disabled under linux. - checks for KEYBOARD_DISABLE to be enabled under Solaris. checklimits: - performs simple check of limits.conf file checklogging: - performs a simple check to see if auth and authpriv logging facilities are on. This is really for older linux versions/distros as I know that RedHat and others now have this on by default. checkmd5: - performs md5sum on all regular files on the system and saves in lsatmd5.out - Only runs when -m switch is used - if run more than once, old output is copied to lsatmd5.old checkmodule: - checks to see if loadable kernel modules are enabled checknet: - checks what ports the system is listening to. - (may not check _all_ ports. I have to RTFM on this one) checknetforward: - checks that ipv4 forwarding is disabled under linux - checks that ipforwarding & source routing are disabled under Solaris - checks that norouter & defaultrouter exist under Solaris checknetp: - checks to see if any interface is in promiscuous mode checkopenfiles: - checks all open files on the system using lsof (if installed) checkpasswd: - checks /etc/passwd for unneeded accounts. - checks that only root is SUID=0. checkpkgs: - Checks list of packages (rpms, debs) installed on the system. - Checks against a list of "should not have" rpms. - (this list quite possibly needs to be expanded) checkrc: - checks /etc/rcn.d or /etc/rc.d/init.d and reports unneeded scripts. checkrpm: (redhat specific) - check to see if we are on redhat, and if we are... - use the built in rpm -Va to verify rpms on the system. checksecuretty: - check to see if ttys other than tty[1-6] are in /etc/securetty checkset: - Checks system for all setuid/setgid files. - Also checks for block or char files in /dev/ that do not belong. checkssh: - check some security features of ssh for instance: root logins, X11 forwarding and the like. checkumask: - checks that the default umask on the system is sensible. checkwrite: - Checks system for world writable files. checkwww: - check to see if ExecCGIs are enabled. - check to see who is running httpd/apache. checkx: - checks for sommon security settings in the X window setup. checklistening: - checks for applications listening. This is an "extra" test used in conjunction with ifconfig / ip testing. ------------------------------------------------------------------------- Writing modules: All modules are (thus far) written in C. (hopefully ANSI C) Looking back on this, perhaps it should have been in Python... or perl or ADA or LISP or [insert your favorite prog language here]... All modules (execpt dostuff.c) are called from lsatmain.c A small description of the module is in lsatheader.h Parameters: A module (read function) can be passed (as of now) up to four parameters. They are: char release[]: basically the first field of "uname -a" output char kernel[]: basically the third field of "uname -a" output const char *const out_file: the file that lsat will output checks to int verbose: integer flag to indicate we should be verbose A module (in my mind :) should be an independant entity. If I were to take a module and stick it in a "main" c function and pass it whatever parameters listed above it needs it should function. Properly. In doing the above I am setting this up to where modules can be added or deleted without problems. Having a module depend on the output of another is not my goal or desire. It may run a little slower for some things like this, but one can customize it whenever and however they see fit with relative ease. Modules should return zero or greater on success and a negative number on failure. Modules should themselves output error msgs, not lsatmain.c. (although lsatmain.c will say "Module x failed, you should have seen errors.", upon receiving a negative number from a returning module) Modules should have a small description at the top and _should_ be able to cope with being on different systems (Linux vs Solaris for instance). Yes I still need to work on mine. :O The dostuff module is a module (written by nordi (nordi at addcom dot de)) that is used to run shellcode, write to tempfiles, and append headers and/or the tempfile to the output file. The description at the top of dostuff is given below... written by Nordi, I quote: "This is a function that does all the filehandling stuff for the lsat modules so that you don't have to reinvent the wheel every time you want to do something. Afterall we have to get rid of, eradicate and stamp out all kinds of redundancies. As arguments it takes four pointers to strings: tempfile, outfile, shellcode and header. Header can be NULL, then it simply will not be printed. One of the other pointers can be NULL as well. In this case refer to the following list: no NULL pointer default behaviour create tempfile run shellcode append header to outfile append tempfile to outfile delete tempfile outfile == NULL if you want to do keep working with tempfile create tempfile run shellcode tempfile == NULL if you already have a tempfile and want to keep it run shellcode shellcode == NULL if you already got a tempfile but now you're finished append header to outfile append tempfile to outfile delete tempfile Special Case: just print the header to the outfile tempfile==shellcode==NULL append header to outfile Will return 0 on success and negative value on failure." - End Nordi quote. This has (thus far) made it a lot easier to write modules. In general, using dostuff.c one can concentrate more on exactly what they want a module to do and not have to worry about opening files and writing temp files etal every time one writes a module. A basic template for a module (IMHO) would be: int module(release, kernel, distribution, filename, verbose) { /* above parameters are optional, depending on module */ /* some internal variable defs here */ /* these should be in all modules */ const char * tempfile =NULL; const char * shellcode=NULL; const char * header =NULL; if (verbose > 0) { printf("Starting module: module\n"); } /* do something you want to... */ /* we ALWAYS call the tempfiles lsatn.lsat, */ /* where n is an integer... this is for cleanup */ /* purposes... */ if (verbose > 0) { printf(" Generating list of badstuffs\n"); } tempfile = "/tmp/lsat1.lsat"; shellcode = "find / -name badstuff 2>/dev/null >/tmp/lsat1.lsat"; header = "I am finding the bad stuff man\n"; if ((dostuff(tempfile, filename, shellcode, header)) < 0) { /* "but Den, with the Loc-nar we could have returned to earth..." */ perror(" Could not generate list"); return(-1); } if (verbose > 0) { printf("Finished in module: module...\n"); } return(0); } Some things worth noting are this: - We always call tempfiles lsatn.lsat where n is an integer. - We always use verbose > 0, and the first and last verbose statements have no space before the output. The inner verbose statements have a space. This makes verbose output pertty. - We always check the return value of dostuff, and perror if problems. - We always return 0 on success and something less than 0 on failure. There are times when one needs to create a temp file for storage due to the fact tha the module may be looping through some data that the shellcode has generated. This can be done and is ok, but use the following example as a guide to (safely) create a temp file: int fileval; if ((fileval = open("/tmp/lsat4.lsat", O_RDWR | O_CREAT, 0600)) < 0) { perror("Could not make file w/perms 0600...\n"); perror("Possible link attack while creating/opening file!\n"); exit(-1); } One thing to point out is to be careful of open files when doing this two temp file procedure. If one calls dostuff and the file was already open, it will puke, hurl and pass out. I will put some more info in here when I get some time :) ../number9 lsat-0.9.7.1/sample_exclude.txt0000644000175000001440000000003111007333550015653 0ustar number9userswrite pkgs files md5 set lsat-0.9.7.1/securitylinks.txt0000644000175000001440000000374211007333550015605 0ustar number9usersSecurity checklist/howto: CERT UNIX security checklist: http://www.cert.org/tech_tips/usc20_full.html Linux security checklist: http://www.wfu.edu/~rbhm/linux.html SANS institute securing solaris paper: http://rr.sans.org/unix/sec_solaris.php Linux security: http://www.linuxsecurity.com Linux security HOWTO: http://www.tldp.org/HOWTO/Security-HOWTO.html Securing UNIX, part 1 with links to 2: http://www.boran.com/security/unix1.html Matt's UNIX security page (tons of links, not updated recently) http://www.deter.com/unix/ NewOrder. Goes without saying. http://neworder.box.sk/ Insecure. Why hasn't this been in here from the start? http://www.insecure.org Check for rootkits... http://www.chkrootkit.org General documentation: The Linux documentation project: http://www.tldp.org/ Routing and firewall docs: Linux advanced routing and traffic control HOWTO: http://lartc.org/HOWTO//cvs/2.4routing/2.4routing-howto.html Linux firewall and proxy HOWTO: http://www.tldp.org/HOWTO/Firewall-HOWTO.html Linux rootkit checker: http://www.chkrootkit.org/ www, CGI and scripting: Small faq on cgis: http://hoohoo.ncsa.uiuc.edu/cgi/security.html The WWW security faq: http://www.inet.co.th/security/www-security-faq.html#contents User and system accounts: See the first link at the top, section 5. Also, some of the sans links have nice explinations of accounts. Live checks: Tripwire: http://www.tripwire.org aide: http://www.cs.tut.fi/~rammer/aide.html afick: http://afick.sourceforge.net Hash functions: The MD5 specification, RFC 1321, is available at http://www.ietf.org/rfc/rfc1321.txt The SHA-1 specification, RFC 3174, is available at http://www.faqs.org/rfcs/rfc3174.html The SHA-256 specification, FIPS 180-2, is available at http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf The Tiger specification is available at http://www.cs.technion.ac.il/~biham/Reports/Tiger/ The Whirlpool specification is available at http://planeta.terra.com.br/informatica/paulobarreto/WhirlpoolPage.html lsat-0.9.7.1/lsat.out0000600000175000001440000035417211010400563013617 0ustar number9users **************************************** Entries below shall be services in xinetd.d that are not disabled. Please verify that you do not want these disabled. If nothing is listed below, all services in xinetd.d are disabled. **************************************** Lines found in hosts.allow Make sure you wish to allow the following: **************************************** Did not find ALL:ALL in hosts.deny. Lines found in hosts.deny: **************************************** default init level set to 5. Unless there is a reason to run a GUI full time on this system, consider setting to runlevel 3. **************************************** Consider placing: auth.* /var/log/secure in your /etc/syslog.conf file. **************************************** Consider placing: authpriv.* /var/log/secure in your /etc/syslog.conf file. **************************************** The last 100 (or less) failed login attempts on the system **************************************** This is a list of .exrc files found **************************************** This is a list of .forward files found on the system: **************************************** This is a list of .rhosts files found on the system: **************************************** This is a list of .netrc files found on the system **************************************** This is a list of dotfiles found on the system **************************************** Please consider removing these system accounts. Check to see if you need them for your system applications before removing. Also, consult the securitylinks.txt file for more information. lp sync news uucp **************************************** The following accounts are SUID 0 in /etc/passwd. Remove if needed. **************************************** Remove the following entries (if any) from the respective passwd/group file(s) **************************************** The following accounts have no/empty passwords **************************************** Output of pwck, note non existent directories, etc **************************************** Output of grpck, note groups it think should be deleted. **************************************** Checking default umask on system: Default umask should be 022, 027 or 077. 002 is ok for RedHat. Here are the filenames, and the umask number found in each. Please read through the file and ensure that is what you want. /etc/bashrc: 002 /etc/bashrc: 022 /etc/csh.cshrc: 002 /etc/csh.cshrc: 022 **************************************** While checking ftpusers... /etc/ftpusers does not exist or is not readable. This is ok if you are not root, not running ftp or your ftp daemon does not use /etc/ftpusers. Please triple check your configuration and ensure you do not need /etc/ftpusers. ***************************************** **************************************** Checking rc startup scripts: These services were found in /etc/rc.d/init.d Consider removing or disabling unneeded services. **************************************** **************************************** Default limits hashed out in limits.conf. Check /etc/security/limits.conf for the default entry. Make sure to set hard and soft limits for default "*", or for individual users. **************************************** Output from ulimit, check to see if these are reasonable limits. Resource limits can help prevent DOS attacks, read up on them if you need to. core file size (blocks, -c) 0 data seg size (kbytes, -d) unlimited scheduling priority (-e) 0 file size (blocks, -f) unlimited pending signals (-i) 40960 max locked memory (kbytes, -l) 32 max memory size (kbytes, -m) unlimited open files (-n) 1024 pipe size (512 bytes, -p) 8 POSIX message queues (bytes, -q) 819200 real-time priority (-r) 0 stack size (kbytes, -s) 10240 cpu time (seconds, -t) unlimited max user processes (-u) 40960 virtual memory (kbytes, -v) unlimited file locks (-x) unlimited **************************************** sshd config file entries Make sure these are commented out. **************************************** Protcol 2 not found in sshd config, or you are doing 1,2. Change to protcol 2 only. **************************************** lsof is not installed on this system, or it is not in the path, or I just can not find it. checkopenfiles was not run. **************************************** /etc/issue exists. Make sure it does not have any system specific information in it. **************************************** /etc/issue.net exists. Make sure it does not have any system specific information in it. **************************************** /etc/motd exists. Make sure it does not have any system specific information in it. **************************************** /etc/banners dir not found. Check securitylinks.txt for more info. **************************************** No ExecCGIs found. Good. **************************************** These are the kernel modules that are loaded on the system as given by the output of modprobe -c -l Check to see if they are really needed. /lib/modules/2.6.24.3-50.fc8/kernel/arch/x86/kernel/cpu/cpufreq/acpi-cpufreq.ko /lib/modules/2.6.24.3-50.fc8/kernel/arch/x86/kernel/microcode.ko /lib/modules/2.6.24.3-50.fc8/kernel/arch/x86/crypto/aes-x86_64.ko /lib/modules/2.6.24.3-50.fc8/kernel/arch/x86/crypto/twofish-x86_64.ko /lib/modules/2.6.24.3-50.fc8/kernel/arch/x86/oprofile/oprofile.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ax25/ax25.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/xfrm4_mode_transport.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/xfrm4_mode_beet.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/tcp_yeah.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/ipcomp.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/tcp_illinois.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/tcp_scalable.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/inet_diag.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/tcp_vegas.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/tunnel4.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/xfrm4_tunnel.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/tcp_lp.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/esp4.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/tcp_htcp.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/tcp_veno.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/ah4.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/tcp_bic.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/tcp_highspeed.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/ipvs/ip_vs_lblc.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/ipvs/ip_vs_lc.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/ipvs/ip_vs_lblcr.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/ipvs/ip_vs_dh.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/ipvs/ip_vs_sh.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/ipvs/ip_vs.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/ipvs/ip_vs_rr.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/ipvs/ip_vs_sed.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/ipvs/ip_vs_ftp.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/ipvs/ip_vs_nq.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/ipvs/ip_vs_wrr.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/ipvs/ip_vs_wlc.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/tcp_diag.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/tcp_westwood.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/netfilter/nf_nat_h323.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/netfilter/ipt_ULOG.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/netfilter/ipt_ah.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/netfilter/nf_nat_irc.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/netfilter/ipt_owner.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/netfilter/nf_nat.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/netfilter/nf_conntrack_ipv4.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/netfilter/iptable_filter.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/netfilter/ipt_ecn.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/netfilter/nf_nat_sip.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/netfilter/ipt_LOG.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/netfilter/arpt_mangle.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/netfilter/arptable_filter.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/netfilter/ipt_REDIRECT.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/netfilter/ipt_ECN.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/netfilter/ip_queue.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/netfilter/ip_tables.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/netfilter/ipt_MASQUERADE.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/netfilter/ipt_TOS.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/netfilter/ipt_NETMAP.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/netfilter/nf_nat_tftp.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/netfilter/iptable_nat.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/netfilter/ipt_ttl.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/netfilter/nf_nat_proto_gre.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/netfilter/ipt_addrtype.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/netfilter/ipt_recent.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/netfilter/nf_nat_pptp.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/netfilter/ipt_iprange.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/netfilter/nf_nat_snmp_basic.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/netfilter/ipt_SAME.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/netfilter/iptable_mangle.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/netfilter/ipt_CLUSTERIP.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/netfilter/ipt_TTL.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/netfilter/ipt_tos.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/netfilter/arp_tables.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/netfilter/iptable_raw.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/netfilter/nf_nat_ftp.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/netfilter/nf_nat_amanda.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/netfilter/ipt_REJECT.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/ipip.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/ip_gre.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/tcp_hybla.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv4/xfrm4_mode_tunnel.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/rfkill/rfkill.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/rfkill/rfkill-input.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/core/pktgen.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/rose/rose.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/8021q/8021q.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/key/af_key.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/wireless/cfg80211.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/dccp/ccids/dccp_ccid3.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/dccp/ccids/dccp_ccid2.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/dccp/ccids/lib/dccp_tfrc_lib.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/dccp/dccp_ipv4.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/dccp/dccp_ipv6.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/dccp/dccp_probe.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/dccp/dccp_diag.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/dccp/dccp.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/802/p8023.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/sched/cls_fw.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/sched/cls_rsvp.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/sched/sch_red.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/sched/act_nat.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/sched/sch_tbf.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/sched/sch_teql.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/sched/cls_tcindex.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/sched/cls_rsvp6.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/sched/sch_dsmark.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/sched/sch_hfsc.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/sched/cls_basic.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/sched/sch_gred.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/sched/em_text.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/sched/act_ipt.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/sched/sch_netem.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/sched/cls_route.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/sched/em_meta.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/sched/act_pedit.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/sched/act_gact.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/sched/act_simple.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/sched/em_u32.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/sched/em_cmp.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/sched/cls_u32.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/sched/sch_sfq.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/sched/sch_cbq.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/sched/sch_atm.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/sched/act_mirred.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/sched/em_nbyte.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/sched/sch_prio.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/sched/sch_ingress.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/sched/sch_htb.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/decnet/decnet.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/bluetooth/bluetooth.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/bluetooth/hidp/hidp.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/bluetooth/rfcomm/rfcomm.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/bluetooth/cmtp/cmtp.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/bluetooth/sco.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/bluetooth/l2cap.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/bluetooth/bnep/bnep.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv6/xfrm6_mode_tunnel.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv6/tunnel6.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv6/mip6.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv6/xfrm6_mode_beet.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv6/esp6.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv6/ip6_tunnel.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv6/ipv6.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv6/xfrm6_tunnel.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv6/xfrm6_mode_ro.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv6/ah6.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv6/sit.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv6/xfrm6_mode_transport.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv6/netfilter/nf_conntrack_ipv6.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv6/netfilter/ip6_tables.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv6/netfilter/ip6t_REJECT.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv6/netfilter/ip6table_mangle.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv6/netfilter/ip6t_hbh.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv6/netfilter/ip6table_filter.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv6/netfilter/ip6t_HL.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv6/netfilter/ip6t_hl.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv6/netfilter/ip6t_mh.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv6/netfilter/ip6table_raw.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv6/netfilter/ip6t_LOG.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv6/netfilter/ip6t_ah.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv6/netfilter/ip6t_rt.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv6/netfilter/ip6t_ipv6header.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv6/netfilter/ip6_queue.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv6/netfilter/ip6t_eui64.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv6/netfilter/ip6t_frag.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv6/netfilter/ip6t_owner.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipv6/ipcomp6.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ipx/ipx.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ieee80211/ieee80211_crypt_wep.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ieee80211/ieee80211.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ieee80211/ieee80211_crypt.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ieee80211/ieee80211_crypt_tkip.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/ieee80211/ieee80211_crypt_ccmp.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/wanrouter/wanrouter.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/mac80211/mac80211.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/appletalk/appletalk.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/atm/pppoatm.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/atm/lec.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/atm/atm.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/atm/br2684.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/atm/clip.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/sunrpc/xprtrdma/xprtrdma.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/sunrpc/auth_gss/rpcsec_gss_spkm3.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/sunrpc/auth_gss/auth_rpcgss.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/sunrpc/auth_gss/rpcsec_gss_krb5.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/sunrpc/sunrpc.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/bridge/bridge.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/bridge/netfilter/ebt_ulog.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/bridge/netfilter/ebt_limit.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/bridge/netfilter/ebt_snat.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/bridge/netfilter/ebt_redirect.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/bridge/netfilter/ebt_arpreply.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/bridge/netfilter/ebt_stp.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/bridge/netfilter/ebt_802_3.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/bridge/netfilter/ebt_ip.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/bridge/netfilter/ebtable_nat.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/bridge/netfilter/ebtable_filter.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/bridge/netfilter/ebt_pkttype.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/bridge/netfilter/ebt_dnat.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/bridge/netfilter/ebt_arp.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/bridge/netfilter/ebtable_broute.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/bridge/netfilter/ebt_among.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/bridge/netfilter/ebt_vlan.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/bridge/netfilter/ebt_log.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/bridge/netfilter/ebt_mark.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/bridge/netfilter/ebtables.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/bridge/netfilter/ebt_mark_m.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/tipc/tipc.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/irda/irnet/irnet.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/irda/ircomm/ircomm-tty.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/irda/ircomm/ircomm.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/irda/irda.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/irda/irlan/irlan.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/netfilter/xt_TRACE.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/netfilter/xt_length.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/netfilter/nf_conntrack_sane.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/netfilter/xt_quota.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/netfilter/xt_dscp.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/netfilter/xt_dccp.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/netfilter/xt_sctp.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/netfilter/x_tables.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/netfilter/xt_u32.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/netfilter/nf_conntrack_pptp.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/netfilter/xt_comment.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/netfilter/xt_TCPMSS.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/netfilter/nf_conntrack_netbios_ns.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/netfilter/xt_conntrack.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/netfilter/xt_state.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/netfilter/nf_conntrack_irc.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/netfilter/xt_CLASSIFY.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/netfilter/xt_NFQUEUE.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/netfilter/xt_CONNMARK.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/netfilter/xt_limit.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/netfilter/nfnetlink.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/netfilter/xt_connmark.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/netfilter/xt_multiport.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/netfilter/nf_conntrack_h323.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/netfilter/nf_conntrack_sip.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/netfilter/nfnetlink_queue.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/netfilter/nf_conntrack_proto_udplite.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/netfilter/xt_tcpudp.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/netfilter/xt_NOTRACK.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/netfilter/xt_DSCP.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/netfilter/xt_connbytes.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/netfilter/xt_pkttype.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/netfilter/xt_mac.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/netfilter/xt_esp.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/netfilter/nf_conntrack_ftp.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/netfilter/xt_realm.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/netfilter/xt_connlimit.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/netfilter/xt_tcpmss.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/netfilter/xt_MARK.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/netfilter/xt_NFLOG.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/netfilter/xt_time.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/netfilter/xt_SECMARK.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/netfilter/xt_mark.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/netfilter/nf_conntrack_amanda.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/netfilter/xt_statistic.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/netfilter/xt_string.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/netfilter/nfnetlink_log.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/netfilter/xt_helper.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/netfilter/xt_policy.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/netfilter/xt_hashlimit.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/netfilter/nf_conntrack_netlink.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/netfilter/xt_physdev.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/netfilter/nf_conntrack_proto_gre.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/netfilter/nf_conntrack_tftp.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/netfilter/nf_conntrack.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/netfilter/nf_conntrack_proto_sctp.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/netfilter/xt_CONNSECMARK.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/netrom/netrom.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/9p/9pnet.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/9p/9pnet_fd.ko /lib/modules/2.6.24.3-50.fc8/kernel/net/sctp/sctp.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/uio/uio_cif.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/uio/uio.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/scsi/dc395x.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/scsi/initio.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/scsi/ppa.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/scsi/scsi_transport_fc.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/scsi/scsi_transport_srp.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/scsi/qla4xxx/qla4xxx.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/scsi/aic7xxx/aic79xx.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/scsi/aic7xxx/aic7xxx.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/scsi/aic7xxx_old.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/scsi/scsi_transport_sas.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/scsi/atp870u.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/scsi/arcmsr/arcmsr.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/scsi/scsi_mod.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/scsi/ips.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/scsi/sg.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/scsi/sr_mod.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/scsi/megaraid/megaraid_mm.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/scsi/megaraid/megaraid_mbox.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/scsi/megaraid/megaraid_sas.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/scsi/qla2xxx/qla2xxx.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/scsi/raid_class.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/scsi/libsrp.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/scsi/lpfc/lpfc.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/scsi/scsi_transport_iscsi.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/scsi/aacraid/aacraid.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/scsi/3w-9xxx.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/scsi/iscsi_tcp.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/scsi/libiscsi.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/scsi/stex.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/scsi/qlogicfas408.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/scsi/scsi_tgt.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/scsi/sym53c8xx_2/sym53c8xx.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/scsi/a100u2w.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/scsi/scsi_wait_scan.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/scsi/osst.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/scsi/pcmcia/qlogic_cs.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/scsi/pcmcia/sym53c500_cs.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/scsi/megaraid.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/scsi/libsas/libsas.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/scsi/qla1280.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/scsi/ch.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/scsi/tmscsim.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/scsi/aic94xx/aic94xx.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/scsi/gdth.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/scsi/hptiop.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/scsi/scsi_transport_spi.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/scsi/3w-xxxx.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/scsi/BusLogic.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/scsi/imm.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/scsi/st.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/scsi/sd_mod.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/ssb/ssb.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/mfd/sm501.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/auxdisplay/ks0108.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/auxdisplay/cfag12864bfb.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/auxdisplay/cfag12864b.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/watchdog/w83877f_wdt.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/watchdog/w83977f_wdt.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/watchdog/softdog.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/watchdog/i6300esb.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/watchdog/iTCO_wdt.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/watchdog/wdt_pci.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/watchdog/machzwd.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/watchdog/it8712f_wdt.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/watchdog/ibmasr.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/watchdog/pcwd_pci.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/watchdog/w83627hf_wdt.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/watchdog/alim1535_wdt.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/watchdog/alim7101_wdt.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/watchdog/iTCO_vendor_support.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/watchdog/pcwd_usb.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/watchdog/w83697hf_wdt.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/message/i2o/i2o_proc.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/message/i2o/i2o_bus.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/message/i2o/i2o_config.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/message/i2o/i2o_block.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/message/i2o/i2o_scsi.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/message/i2o/i2o_core.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/message/fusion/mptfc.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/message/fusion/mptlan.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/message/fusion/mptctl.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/message/fusion/mptsas.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/message/fusion/mptscsih.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/message/fusion/mptspi.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/message/fusion/mptbase.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/hwmon/i5k_amb.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/hwmon/vt8231.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/hwmon/ad7418.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/hwmon/lm90.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/hwmon/gl520sm.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/hwmon/adm1029.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/hwmon/lm85.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/hwmon/lm92.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/hwmon/lm80.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/hwmon/ds1621.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/hwmon/thmc50.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/hwmon/lm63.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/hwmon/max1619.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/hwmon/sis5595.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/hwmon/abituguru3.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/hwmon/w83l785ts.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/hwmon/w83627ehf.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/hwmon/applesmc.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/hwmon/adm1026.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/hwmon/hwmon-vid.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/hwmon/f75375s.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/hwmon/lm77.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/hwmon/k8temp.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/hwmon/abituguru.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/hwmon/gl518sm.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/hwmon/vt1211.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/hwmon/coretemp.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/hwmon/lm83.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/hwmon/fscpos.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/hwmon/it87.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/hwmon/via686a.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/hwmon/adm9240.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/hwmon/w83793.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/hwmon/w83791d.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/hwmon/fscher.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/hwmon/lm87.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/hwmon/asb100.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/hwmon/pc87360.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/hwmon/ibmpex.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/hwmon/hwmon.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/hwmon/f71805f.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/hwmon/dme1737.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/hwmon/adt7470.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/hwmon/adm1031.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/hwmon/lm93.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/hwmon/adm1025.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/hwmon/w83792d.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/hwmon/w83627hf.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/hwmon/lm78.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/hwmon/atxp1.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/hwmon/smsc47m1.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/hwmon/smsc47m192.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/hwmon/w83781d.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/hwmon/lm75.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/hwmon/pc87427.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/hwmon/f71882fg.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/hwmon/hdaps.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/hwmon/max6650.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/hwmon/smsc47b397.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/hwmon/adm1021.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/hwmon/fschmd.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/e1000e/e1000e.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/sungem.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/tg3.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/sc92031.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/bnx2.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/atl1/atl1.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/ifb.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/amd8111e.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/ppp_synctty.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/netxen/netxen_nic.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/starfire.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/e100.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/sky2.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/pppol2tp.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/sis190.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/sunhme.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/typhoon.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/acenic.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/ixgb/ixgb.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/tun.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/ne2k-pci.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/qla3xxx.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/sungem_phy.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/phy/marvell.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/phy/smsc.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/phy/libphy.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/phy/cicada.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/phy/mdio-bitbang.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/phy/icplus.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/phy/fixed.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/phy/qsemi.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/phy/vitesse.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/phy/lxt.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/phy/davicom.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/phy/broadcom.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/fealnx.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/ixgbe/ixgbe.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/sundance.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/usb/pegasus.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/usb/net1080.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/usb/gl620a.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/usb/dm9601.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/usb/rndis_host.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/usb/zaurus.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/usb/usbnet.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/usb/catc.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/usb/plusb.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/usb/asix.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/usb/kaweth.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/usb/mcs7830.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/usb/cdc_ether.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/usb/cdc_subset.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/usb/rtl8150.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/pppoe.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/epic100.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/dummy.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/wireless/airo.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/wireless/rndis_wlan.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/wireless/airo_cs.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/wireless/ath5k/ath5k.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/wireless/hermes.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/wireless/atmel_cs.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/wireless/netwave_cs.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/wireless/b43/b43.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/wireless/orinoco_plx.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/wireless/p54pci.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/wireless/wavelan_cs.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/wireless/libertas/usb8xxx.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/wireless/libertas/libertas_sdio.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/wireless/libertas/libertas_cs.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/wireless/libertas/libertas.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/wireless/ipw2200.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/wireless/atmel_pci.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/wireless/zd1201.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/wireless/orinoco_pci.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/wireless/orinoco_cs.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/wireless/hostap/hostap_plx.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/wireless/hostap/hostap_pci.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/wireless/hostap/hostap_cs.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/wireless/hostap/hostap.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/wireless/zd1211rw/zd1211rw.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/wireless/ipw2100.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/wireless/rtl8187.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/wireless/iwlwifi/iwlcore.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/wireless/iwlwifi/iwl3945.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/wireless/iwlwifi/iwl4965.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/wireless/p54common.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/wireless/adm8211.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/wireless/rtl8180.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/wireless/b43legacy/b43legacy.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/wireless/p54usb.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/wireless/orinoco_tmd.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/wireless/spectrum_cs.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/wireless/rt2x00/rt2x00usb.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/wireless/rt2x00/rt2400pci.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/wireless/rt2x00/rt2x00lib.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/wireless/rt2x00/rt73usb.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/wireless/rt2x00/rt2x00pci.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/wireless/rt2x00/rt61pci.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/wireless/rt2x00/rt2500pci.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/wireless/rt2x00/rt2500usb.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/wireless/wl3501_cs.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/wireless/atmel.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/wireless/orinoco.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/wireless/at76_usb.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/wireless/prism54/prism54.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/wireless/orinoco_nortel.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/natsemi.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/chelsio/cxgb.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/bonding/bonding.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/sis900.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/niu.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/netconsole.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/veth.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/e1000/e1000.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/ns83820.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/mii.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/atp.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/tulip/tulip.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/tulip/de4x5.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/tulip/winbond-840.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/tulip/xircom_cb.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/tulip/uli526x.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/tulip/de2104x.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/tulip/dmfe.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/forcedeth.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/ppp_mppe.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/ipg.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/r8169.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/myri10ge/myri10ge.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/via-rhine.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/ppp_deflate.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/ppp_async.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/plip.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/slip.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/appletalk/ipddp.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/cxgb3/cxgb3.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/tokenring/olympic.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/tokenring/3c359.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/skge.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/hamachi.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/de620.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/slhc.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/sb1000.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/pcmcia/fmvj18x_cs.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/pcmcia/axnet_cs.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/pcmcia/3c589_cs.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/pcmcia/3c574_cs.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/pcmcia/nmclan_cs.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/pcmcia/smc91c92_cs.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/pcmcia/xirc2ps_cs.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/pcmcia/pcnet_cs.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/ppp_generic.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/dl2k.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/via-velocity.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/hamradio/baycom_par.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/hamradio/yam.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/hamradio/baycom_ser_fdx.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/hamradio/baycom_ser_hdx.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/hamradio/mkiss.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/hamradio/hdlcdrv.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/hamradio/bpqether.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/hamradio/6pack.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/8390.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/tehuti.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/pcnet32.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/irda/act200l-sir.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/irda/kingsun-sir.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/irda/toim3232-sir.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/irda/tekram-sir.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/irda/smsc-ircc2.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/irda/mcp2120-sir.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/irda/ali-ircc.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/irda/sir-dev.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/irda/irda-usb.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/irda/esi-sir.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/irda/vlsi_ir.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/irda/stir4200.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/irda/ks959-sir.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/irda/via-ircc.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/irda/ma600-sir.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/irda/w83977af_ir.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/irda/girbil-sir.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/irda/actisys-sir.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/irda/irtty-sir.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/irda/mcs7780.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/irda/nsc-ircc.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/irda/litelink-sir.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/irda/ksdazzle-sir.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/irda/old_belkin-sir.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/macvlan.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/8139too.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/pppox.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/b44.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/atl2/atl2.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/mlx4/mlx4_core.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/3c59x.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/cassini.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/skfp/skfp.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/8139cp.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/yellowfin.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/s2io.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/de600.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/net/eql.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/misc/tifm_core.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/misc/msi-laptop.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/misc/tifm_7xx1.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/misc/sony-laptop.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/misc/eeprom_93cx6.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/misc/ioc4.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/misc/eeepc.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/misc/fujitsu-laptop.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/misc/thinkpad_acpi.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/misc/asus-laptop.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/edac/edac_core.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/edac/e752x_edac.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/edac/i82975x_edac.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/edac/i5000_edac.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/misc/rio500.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/misc/emi62.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/misc/phidget.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/misc/trancevibrator.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/misc/usbled.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/misc/sisusbvga/sisusbvga.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/misc/legousbtower.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/misc/phidgetmotorcontrol.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/misc/auerswald.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/misc/iowarrior.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/misc/appledisplay.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/misc/uss720.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/misc/emi26.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/misc/berry_charge.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/misc/phidgetkit.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/misc/ftdi-elan.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/misc/adutux.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/misc/phidgetservo.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/misc/idmouse.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/misc/ldusb.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/misc/usblcd.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/host/ohci-hcd.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/host/ehci-hcd.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/host/u132-hcd.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/host/sl811-hcd.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/host/uhci-hcd.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/host/isp116x-hcd.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/class/usblp.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/class/cdc-acm.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/storage/usb-storage.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/atm/speedtch.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/atm/usbatm.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/atm/ueagle-atm.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/atm/cxacru.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/atm/xusbatm.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/serial/kl5kusb105.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/serial/oti6858.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/serial/navman.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/serial/cyberjack.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/serial/digi_acceleport.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/serial/pl2303.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/serial/option.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/serial/ark3116.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/serial/usb_debug.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/serial/keyspan.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/serial/funsoft.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/serial/belkin_sa.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/serial/aircable.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/serial/whiteheat.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/serial/keyspan_pda.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/serial/ir-usb.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/serial/ipw.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/serial/mct_u232.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/serial/airprime.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/serial/ftdi_sio.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/serial/usbserial.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/serial/hp4x.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/serial/io_ti.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/serial/kobil_sct.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/serial/safe_serial.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/serial/mos7840.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/serial/ipaq.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/serial/sierra.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/serial/omninet.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/serial/mos7720.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/serial/cp2101.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/serial/garmin_gps.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/serial/cypress_m8.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/serial/ch341.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/serial/io_edgeport.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/serial/visor.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/serial/ti_usb_3410_5052.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/serial/empeg.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/image/microtek.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/usb/image/mdc800.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/acpi/sbshc.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/acpi/sbs.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/acpi/toshiba_acpi.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/acpi/button.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/acpi/ac.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/acpi/bay.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/acpi/battery.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/acpi/video.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/kvm/kvm.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/kvm/kvm-intel.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/kvm/kvm-amd.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/mmc/core/mmc_core.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/mmc/host/ricoh_mmc.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/mmc/host/sdhci.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/mmc/host/tifm_sd.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/mmc/host/wbsd.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/mmc/card/mmc_block.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/mmc/card/sdio_uart.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/mtd/chips/cfi_cmdset_0020.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/mtd/chips/gen_probe.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/mtd/chips/map_ram.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/mtd/chips/map_rom.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/mtd/chips/map_absent.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/mtd/chips/cfi_util.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/mtd/chips/cfi_cmdset_0001.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/mtd/chips/jedec_probe.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/mtd/chips/cfi_probe.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/mtd/chips/cfi_cmdset_0002.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/mtd/chips/chipreg.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/mtd/mtdchar.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/mtd/redboot.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/mtd/nftl.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/mtd/mtdoops.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/mtd/nand/diskonchip.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/mtd/nand/nand.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/mtd/nand/alauda.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/mtd/nand/nand_ecc.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/mtd/nand/nandsim.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/mtd/nand/nand_ids.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/mtd/ssfdc.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/mtd/ftl.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/mtd/rfd_ftl.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/mtd/mtdblock.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/mtd/mtd.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/mtd/ubi/ubi.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/mtd/devices/block2mtd.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/mtd/devices/mtdram.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/mtd/devices/pmc551.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/mtd/mtdblock_ro.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/mtd/mtd_blkdevs.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/mtd/maps/scb2_flash.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/mtd/maps/ck804xrom.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/mtd/maps/pci.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/mtd/maps/map_funcs.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/mtd/maps/esb2rom.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/mtd/maps/ts5500_flash.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/mtd/maps/netsc520.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/mtd/maps/sc520cdp.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/mtd/mtdconcat.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/mtd/inftl.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/cdrom/cdrom.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/bluetooth/dtl1_cs.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/bluetooth/hci_usb.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/bluetooth/bt3c_cs.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/bluetooth/bcm203x.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/bluetooth/btsdio.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/bluetooth/btuart_cs.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/bluetooth/bpa10x.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/bluetooth/bluecard_cs.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/bluetooth/bfusb.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/bluetooth/hci_uart.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/bluetooth/hci_vhci.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/mouse/vsxxxaa.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/mouse/appletouch.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/mouse/sermouse.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/lirc/lirc_igorplugusb.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/lirc/lirc_sir.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/lirc/lirc_pvr150.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/lirc/lirc_ttusbir.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/lirc/lirc_cmdir.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/lirc/lirc_imon.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/lirc/lirc_atiusb.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/lirc/lirc_bt829.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/lirc/lirc_i2c.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/lirc/lirc_it87.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/lirc/lirc_serial.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/lirc/lirc_streamzap.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/lirc/lirc_dev.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/lirc/lirc_mceusb.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/lirc/lirc_mceusb2.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/lirc/commandir.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/misc/ati_remote2.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/misc/keyspan_remote.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/misc/pcspkr.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/misc/uinput.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/misc/atlas_btns.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/misc/ati_remote.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/misc/yealink.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/misc/powermate.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/joydev.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/joystick/gamecon.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/joystick/xpad.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/joystick/analog.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/joystick/magellan.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/joystick/joydump.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/joystick/spaceorb.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/joystick/interact.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/joystick/stinger.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/joystick/grip.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/joystick/spaceball.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/joystick/tmdc.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/joystick/sidewinder.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/joystick/iforce/iforce.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/joystick/gf2k.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/joystick/adi.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/joystick/turbografx.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/joystick/cobra.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/joystick/db9.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/joystick/guillemot.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/joystick/warrior.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/joystick/a3d.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/joystick/twidjoy.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/joystick/grip_mp.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/tablet/aiptek.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/tablet/gtco.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/tablet/acecad.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/tablet/kbtab.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/tablet/wacom.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/gameport/fm801-gp.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/gameport/gameport.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/gameport/emu10k1-gp.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/gameport/ns558.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/gameport/lightning.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/touchscreen/ucb1400_ts.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/touchscreen/elo.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/touchscreen/penmount.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/touchscreen/touchright.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/touchscreen/usbtouchscreen.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/touchscreen/fujitsu_ts.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/touchscreen/mtouch.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/touchscreen/touchwin.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/touchscreen/gunze.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/touchscreen/mk712.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/serio/serio_raw.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/input/input-polldev.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/dma/ioatdma.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/md/dm-hp-sw.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/md/dm-snapshot.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/md/dm-multipath.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/md/dm-emc.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/md/dm-mirror.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/md/linear.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/md/raid10.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/md/multipath.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/md/dm-mod.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/md/dm-zero.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/md/raid0.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/md/raid1.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/md/raid456.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/md/faulty.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/md/dm-round-robin.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/md/dm-rdac.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/md/dm-crypt.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/infiniband/core/ib_uverbs.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/infiniband/core/iw_cm.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/infiniband/core/rdma_cm.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/infiniband/core/ib_ucm.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/infiniband/core/ib_core.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/infiniband/core/ib_mad.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/infiniband/core/ib_cm.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/infiniband/core/ib_addr.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/infiniband/core/ib_sa.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/infiniband/core/rdma_ucm.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/infiniband/core/ib_umad.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/infiniband/hw/mthca/ib_mthca.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/infiniband/hw/ipath/ib_ipath.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/infiniband/hw/cxgb3/iw_cxgb3.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/infiniband/hw/amso1100/iw_c2.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/infiniband/hw/mlx4/mlx4_ib.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/infiniband/ulp/iser/ib_iser.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/infiniband/ulp/srp/ib_srp.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/infiniband/ulp/ipoib/ib_ipoib.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/i2c/chips/max6875.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/i2c/chips/eeprom.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/i2c/chips/pca9539.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/i2c/chips/ds1337.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/i2c/chips/ds1374.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/i2c/chips/pcf8591.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/i2c/chips/pcf8574.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/i2c/chips/tsl2550.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/i2c/i2c-dev.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/i2c/i2c-core.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/i2c/algos/i2c-algo-pcf.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/i2c/algos/i2c-algo-pca.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/i2c/algos/i2c-algo-bit.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/i2c/busses/i2c-nforce2.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/i2c/busses/i2c-via.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/i2c/busses/i2c-sis96x.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/i2c/busses/i2c-parport-light.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/i2c/busses/i2c-voodoo3.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/i2c/busses/i2c-prosavage.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/i2c/busses/i2c-amd756.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/i2c/busses/i2c-i801.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/i2c/busses/i2c-parport.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/i2c/busses/i2c-amd756-s4882.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/i2c/busses/i2c-viapro.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/i2c/busses/i2c-amd8111.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/i2c/busses/i2c-simtec.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/i2c/busses/i2c-savage4.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/i2c/busses/i2c-stub.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/video/output.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/video/cirrusfb.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/video/svgalib.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/video/fb_ddc.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/video/sstfb.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/video/kyro/kyrofb.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/video/fb_sys_fops.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/video/sysimgblt.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/video/syscopyarea.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/video/sm501fb.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/video/matrox/matroxfb_Ti3026.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/video/matrox/matroxfb_base.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/video/matrox/matroxfb_maven.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/video/matrox/i2c-matroxfb.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/video/matrox/matroxfb_DAC1064.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/video/matrox/matroxfb_accel.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/video/matrox/matroxfb_misc.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/video/matrox/matroxfb_crtc2.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/video/matrox/g450_pll.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/video/matrox/matroxfb_g450.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/video/display/display.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/video/backlight/progear_bl.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/video/backlight/lcd.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/video/neofb.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/video/vga16fb.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/video/intelfb/intelfb.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/video/macmodes.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/video/aty/aty128fb.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/video/aty/atyfb.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/video/aty/radeonfb.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/video/s3fb.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/video/tdfxfb.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/video/sysfillrect.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/video/savage/savagefb.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/video/riva/rivafb.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/video/tridentfb.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/video/vgastate.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/video/nvidia/nvidiafb.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/parport/parport.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/parport/parport_pc.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/parport/parport_cs.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/parport/parport_serial.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/atm/eni.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/atm/he.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/atm/suni.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/atm/ambassador.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/atm/atmtcp.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/atm/idt77252.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/atm/firestream.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/atm/lanai.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/atm/horizon.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/leds/ledtrig-timer.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/leds/ledtrig-heartbeat.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/serial/jsm/jsm.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/serial/serial_cs.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/pcmcia/pd6729.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/pcmcia/i82092.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/cinergyT2/cinergyT2.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/pluto2/pluto2.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/dvb-core/dvb-core.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/dvb-usb/dvb-usb-af9005.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/dvb-usb/dvb-usb-ttusb2.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/dvb-usb/dvb-usb-dibusb-common.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/dvb-usb/dvb-usb-vp702x.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/dvb-usb/dvb-usb-a800.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/dvb-usb/dvb-usb-vp7045.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/dvb-usb/dvb-usb-m920x.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/dvb-usb/dvb-usb-gp8psk.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/dvb-usb/dvb-usb-dtt200u.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/dvb-usb/dvb-usb-af9005-remote.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/dvb-usb/dvb-usb-dibusb-mc.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/dvb-usb/dvb-usb-cxusb.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/dvb-usb/dvb-usb-digitv.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/dvb-usb/dvb-usb-umt-010.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/dvb-usb/dvb-usb-dibusb-mb.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/dvb-usb/dvb-usb-au6610.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/dvb-usb/dvb-usb-gl861.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/dvb-usb/dvb-usb-opera.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/dvb-usb/dvb-usb-dib0700.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/dvb-usb/dvb-usb-nova-t-usb2.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/dvb-usb/dvb-usb.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/ttusb-budget/dvb-ttusb-budget.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/ttpci/dvb-ttpci.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/ttpci/budget-patch.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/ttpci/budget.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/ttpci/budget-av.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/ttpci/budget-core.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/ttpci/budget-ci.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/ttpci/ttpci-eeprom.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/ttusb-dec/ttusbdecfe.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/ttusb-dec/ttusb_dec.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/b2c2/b2c2-flexcop-pci.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/b2c2/b2c2-flexcop.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/b2c2/b2c2-flexcop-usb.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/bt8xx/dst.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/bt8xx/dvb-bt8xx.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/bt8xx/dst_ca.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/bt8xx/bt878.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/frontends/sp8870.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/frontends/cx22700.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/frontends/tda8083.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/frontends/ves1820.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/frontends/dib0070.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/frontends/lgdt330x.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/frontends/mt2131.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/frontends/stv0297.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/frontends/nxt200x.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/frontends/l64781.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/frontends/nxt6000.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/frontends/zl10353.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/frontends/tda1004x.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/frontends/qt1010.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/frontends/dibx000_common.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/frontends/bcm3510.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/frontends/dvb-pll.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/frontends/isl6421.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/frontends/sp887x.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/frontends/cx24123.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/frontends/tda827x.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/frontends/ves1x93.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/frontends/tda10023.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/frontends/dib3000mb.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/frontends/tda10086.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/frontends/mt312.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/frontends/s5h1409.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/frontends/tua6100.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/frontends/dib3000mc.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/frontends/mt2060.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/frontends/or51211.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/frontends/tda826x.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/frontends/cx22702.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/frontends/s5h1420.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/frontends/mt2266.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/frontends/cx24110.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/frontends/tda10021.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/frontends/stv0299.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/frontends/lnbp21.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/frontends/dib7000m.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/frontends/dib7000p.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/frontends/mt352.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/dvb/frontends/or51132.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/radio/radio-maxiradio.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/radio/dsbr100.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/radio/radio-maestro.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/radio/radio-gemtek-pci.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/tvaudio.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/ovcamchip/ovcamchip.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/zr36050.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/videobuf-dma-sg.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/wm8775.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/saa6588.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/dabusb.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/pvrusb2/pvrusb2.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/saa5246a.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/mxb.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/saa7185.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/saa7114.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/saa7191.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/tcm825x.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/w9968cf.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/se401.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/tuner-simple.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/saa7111.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/vp27smpx.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/adv7175.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/saa7134/saa7134.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/saa7134/saa7134-dvb.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/saa7134/saa7134-alsa.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/saa7134/saa6752hs.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/saa7134/saa7134-empress.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/tvp5150.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/tuner.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/bt819.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/hexium_orion.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/meye.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/cx88/cx88-alsa.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/cx88/cx8800.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/cx88/cx88-dvb.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/cx88/cx88xx.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/cx88/cx88-vp3054-i2c.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/cx88/cx88-blackbird.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/cx88/cx8802.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/saa7115.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/ir-kbd-i2c.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/v4l2-common.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/ivtv/ivtv.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/ivtv/ivtvfb.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/w9966.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/ov511.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/adv7170.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/usbvision/usbvision.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/tea6420.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/usbvideo/konicawc.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/usbvideo/ibmcam.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/usbvideo/ultracam.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/usbvideo/usbvideo.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/usbvideo/vicam.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/usbvideo/quickcam_messenger.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/stradis.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/cx25840/cx25840.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/ov7670.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/tea5761.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/videocodec.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/tea6415c.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/v4l1-compat.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/tda9840.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/hexium_gemini.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/c-qcam.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/upd64083.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/tda7432.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/zr36067.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/vpx3220.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/wm8739.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/em28xx/em28xx.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/saa7110.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/compat_ioctl32.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/sn9c102/sn9c102.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/uvcvideo/uvcvideo.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/tda9875.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/stv680.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/v4l2-int-device.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/bt866.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/tuner-3036.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/saa7127.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/saa5249.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/tveeprom.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/cpia_pp.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/cx2341x.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/videodev.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/msp3400.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/videobuf-dvb.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/mt20xx.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/tda8290.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/cpia_usb.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/tea5767.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/bw-qcam.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/zr36016.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/et61x251/et61x251.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/cx23885/cx23885.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/zc0301/zc0301.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/videobuf-core.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/bt856.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/ks0127.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/zr364xx.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/dpc7146.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/cpia2/cpia2.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/btcx-risc.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/upd64031a.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/pwc/pwc.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/cpia.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/bt8xx/bttv.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/tlv320aic23b.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/cs53l32a.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/video/zr36060.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/common/saa7146_vv.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/common/ir-common.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/media/common/saa7146.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/char/tpm/tpm_atmel.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/char/tpm/tpm_infineon.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/char/tpm/tpm.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/char/tpm/tpm_bios.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/char/tpm/tpm_nsc.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/char/tpm/tpm_tis.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/char/crash.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/char/synclink_gt.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/char/synclink.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/char/mwave/mwave.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/char/rocket.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/char/n_r3964.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/char/n_hdlc.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/char/ppdev.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/char/synclinkmp.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/char/tlclk.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/char/cyclades.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/char/hw_random/amd-rng.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/char/hw_random/intel-rng.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/char/pcmcia/cm4000_cs.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/char/pcmcia/cm4040_cs.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/char/drm/i810.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/char/drm/via.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/char/drm/i830.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/char/drm/savage.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/char/drm/tdfx.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/char/drm/drm.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/char/drm/mga.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/char/drm/i915.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/char/drm/sis.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/char/drm/r128.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/char/drm/radeon.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/char/drm/nouveau.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/char/lp.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/char/ipmi/ipmi_devintf.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/char/ipmi/ipmi_poweroff.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/char/ipmi/ipmi_msghandler.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/char/ipmi/ipmi_watchdog.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/char/ipmi/ipmi_si.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/char/hangcheck-timer.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/block/paride/comm.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/block/paride/epia.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/block/paride/on26.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/block/paride/pt.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/block/paride/epat.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/block/paride/pd.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/block/paride/pcd.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/block/paride/ktti.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/block/paride/friq.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/block/paride/frpw.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/block/paride/bpck.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/block/paride/kbic.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/block/paride/pg.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/block/paride/fit3.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/block/paride/paride.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/block/paride/dstr.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/block/paride/fit2.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/block/paride/on20.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/block/paride/aten.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/block/paride/pf.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/block/aoe/aoe.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/block/cciss.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/block/sx8.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/block/floppy.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/block/cpqarray.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/block/loop.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/block/umem.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/block/nbd.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/block/pktcdvd.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/block/cryptoloop.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/block/DAC960.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/ata/pata_cmd640.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/ata/pata_mpiix.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/ata/sata_sis.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/ata/pata_cs5520.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/ata/pata_jmicron.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/ata/pata_optidma.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/ata/pata_sl82c105.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/ata/sata_vsc.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/ata/pata_via.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/ata/pata_netcell.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/ata/pata_cs5530.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/ata/sata_svw.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/ata/pata_efar.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/ata/pdc_adma.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/ata/sata_nv.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/ata/sata_sil24.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/ata/pata_opti.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/ata/pata_artop.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/ata/pata_cypress.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/ata/pata_serverworks.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/ata/pata_ns87415.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/ata/pata_acpi.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/ata/pata_sil680.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/ata/sata_mv.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/ata/pata_it8213.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/ata/sata_uli.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/ata/sata_inic162x.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/ata/pata_ali.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/ata/pata_triflex.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/ata/pata_hpt3x3.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/ata/pata_hpt3x2n.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/ata/pata_pcmcia.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/ata/pata_amd.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/ata/pata_oldpiix.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/ata/pata_hpt366.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/ata/pata_ns87410.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/ata/pata_sis.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/ata/ata_piix.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/ata/sata_sil.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/ata/sata_via.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/ata/sata_qstor.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/ata/ahci.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/ata/pata_marvell.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/ata/sata_sx4.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/ata/pata_cmd64x.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/ata/ata_generic.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/ata/pata_hpt37x.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/ata/pata_it821x.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/ata/pata_pdc2027x.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/ata/libata.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/ata/pata_atiixp.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/ata/sata_promise.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/ata/pata_pdc202xx_old.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/pci/hotplug/pciehp.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/pci/hotplug/acpiphp.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/pci/hotplug/acpiphp_ibm.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/pci/hotplug/shpchp.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/pci/hotplug/fakephp.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/firmware/dcdbas.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/firmware/dell_rbu.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/firmware/edd.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/dca/dca.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/isdn/i4l/isdn.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/isdn/hardware/avm/t1pci.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/isdn/hardware/avm/c4.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/isdn/hardware/avm/b1pci.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/isdn/hardware/avm/b1.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/isdn/hardware/avm/b1pcmcia.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/isdn/hardware/avm/b1dma.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/isdn/hardware/avm/avm_cs.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/isdn/hisax/avma1_cs.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/isdn/hisax/hisax.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/isdn/hisax/teles_cs.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/isdn/hisax/hfc4s8s_l1.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/isdn/hisax/hisax_isac.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/isdn/hisax/isdnhdlc.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/isdn/hisax/elsa_cs.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/isdn/hisax/hisax_fcpcipnp.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/isdn/hisax/hisax_st5481.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/isdn/hisax/sedlbauer_cs.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/isdn/capi/kernelcapi.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/isdn/capi/capidrv.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/isdn/capi/capi.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/isdn/capi/capifs.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/isdn/gigaset/usb_gigaset.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/isdn/gigaset/ser_gigaset.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/isdn/gigaset/gigaset.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/isdn/gigaset/bas_gigaset.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/isdn/divert/dss1_divert.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/cpufreq/cpufreq_ondemand.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/cpufreq/cpufreq_stats.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/cpufreq/cpufreq_powersave.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/cpufreq/cpufreq_conservative.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/firewire/firewire-core.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/firewire/firewire-ohci.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/firewire/firewire-sbp2.ko /lib/modules/2.6.24.3-50.fc8/kernel/drivers/power/power_supply.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/soundcore.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/synth/snd-util-mem.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/synth/emux/snd-emux-synth.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/core/oss/snd-pcm-oss.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/core/oss/snd-mixer-oss.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/core/snd-page-alloc.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/core/snd-rtctimer.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/core/snd-timer.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/core/snd-rawmidi.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/core/snd-pcm.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/core/snd.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/core/snd-hwdep.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/core/seq/snd-seq-instr.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/core/seq/oss/snd-seq-oss.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/core/seq/snd-seq-midi.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/core/seq/snd-seq-virmidi.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/core/seq/snd-seq.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/core/seq/snd-seq-midi-event.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/core/seq/snd-seq-midi-emul.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/core/seq/snd-seq-dummy.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/core/seq/snd-seq-device.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/core/seq/instr/snd-ainstr-fm.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/core/seq/instr/snd-ainstr-simple.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/drivers/vx/snd-vx-lib.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/drivers/snd-dummy.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/drivers/opl3/snd-opl3-synth.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/drivers/opl3/snd-opl3-lib.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/drivers/snd-mts64.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/drivers/mpu401/snd-mpu401-uart.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/drivers/mpu401/snd-mpu401.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/drivers/snd-portman2x4.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/drivers/snd-virmidi.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/drivers/snd-mtpav.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/usb/snd-usb-audio.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/usb/snd-usb-lib.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/usb/usx2y/snd-usb-usx2y.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/usb/caiaq/snd-usb-caiaq.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/isa/sb/snd-sb-common.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/isa/sb/snd-sb16-dsp.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/ac97_bus.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/i2c/snd-i2c.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/i2c/other/snd-ak4114.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/i2c/other/snd-ak4xxx-adda.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/i2c/other/snd-pt2258.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/i2c/other/snd-tea575x-tuner.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/i2c/snd-cs8427.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/pci/ca0106/snd-ca0106.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/pci/snd-sonicvibes.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/pci/snd-cs5530.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/pci/snd-als300.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/pci/snd-es1938.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/pci/snd-cs4281.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/pci/snd-intel8x0.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/pci/ice1712/snd-ice1724.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/pci/ice1712/snd-ice1712.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/pci/ice1712/snd-ice17xx-ak4xxx.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/pci/snd-ad1889.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/pci/snd-sis7019.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/pci/snd-als4000.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/pci/trident/snd-trident.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/pci/trident/snd-trident-synth.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/pci/snd-fm801.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/pci/emu10k1/snd-emu10k1.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/pci/emu10k1/snd-emu10k1x.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/pci/emu10k1/snd-emu10k1-synth.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/pci/snd-bt87x.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/pci/ymfpci/snd-ymfpci.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/pci/echoaudio/snd-indigo.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/pci/echoaudio/snd-darla24.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/pci/echoaudio/snd-layla20.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/pci/echoaudio/snd-gina20.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/pci/echoaudio/snd-echo3g.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/pci/echoaudio/snd-indigodj.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/pci/echoaudio/snd-darla20.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/pci/echoaudio/snd-mia.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/pci/echoaudio/snd-gina24.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/pci/echoaudio/snd-mona.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/pci/echoaudio/snd-layla24.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/pci/echoaudio/snd-indigoio.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/pci/mixart/snd-mixart.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/pci/cs46xx/snd-cs46xx.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/pci/snd-cmipci.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/pci/snd-es1968.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/pci/snd-rme32.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/pci/snd-via82xx.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/pci/snd-maestro3.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/pci/snd-atiixp-modem.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/pci/nm256/snd-nm256.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/pci/ali5451/snd-ali5451.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/pci/vx222/snd-vx222.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/pci/korg1212/snd-korg1212.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/pci/snd-intel8x0m.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/pci/riptide/snd-riptide.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/pci/snd-ens1370.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/pci/snd-atiixp.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/pci/snd-rme96.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/pci/snd-ens1371.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/pci/rme9652/snd-hdspm.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/pci/rme9652/snd-hdsp.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/pci/rme9652/snd-rme9652.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/pci/snd-azt3328.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/pci/hda/snd-hda-intel.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/pci/snd-via82xx-modem.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/pci/au88x0/snd-au8820.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/pci/au88x0/snd-au8830.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/pci/au88x0/snd-au8810.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/pci/pcxhr/snd-pcxhr.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/pci/ac97/snd-ac97-codec.ko /lib/modules/2.6.24.3-50.fc8/kernel/sound/pci/ac97/snd-ak4531-codec.ko /lib/modules/2.6.24.3-50.fc8/kernel/crypto/lrw.ko /lib/modules/2.6.24.3-50.fc8/kernel/crypto/arc4.ko /lib/modules/2.6.24.3-50.fc8/kernel/crypto/authenc.ko /lib/modules/2.6.24.3-50.fc8/kernel/crypto/anubis.ko /lib/modules/2.6.24.3-50.fc8/kernel/crypto/async_tx/async_memcpy.ko /lib/modules/2.6.24.3-50.fc8/kernel/crypto/async_tx/async_tx.ko /lib/modules/2.6.24.3-50.fc8/kernel/crypto/async_tx/async_xor.ko /lib/modules/2.6.24.3-50.fc8/kernel/crypto/twofish_common.ko /lib/modules/2.6.24.3-50.fc8/kernel/crypto/ecb.ko /lib/modules/2.6.24.3-50.fc8/kernel/crypto/pcbc.ko /lib/modules/2.6.24.3-50.fc8/kernel/crypto/md4.ko /lib/modules/2.6.24.3-50.fc8/kernel/crypto/gf128mul.ko /lib/modules/2.6.24.3-50.fc8/kernel/crypto/des_generic.ko /lib/modules/2.6.24.3-50.fc8/kernel/crypto/seed.ko /lib/modules/2.6.24.3-50.fc8/kernel/crypto/crypto_null.ko /lib/modules/2.6.24.3-50.fc8/kernel/crypto/sha256_generic.ko /lib/modules/2.6.24.3-50.fc8/kernel/crypto/xor.ko /lib/modules/2.6.24.3-50.fc8/kernel/crypto/tcrypt.ko /lib/modules/2.6.24.3-50.fc8/kernel/crypto/sha512.ko /lib/modules/2.6.24.3-50.fc8/kernel/crypto/deflate.ko /lib/modules/2.6.24.3-50.fc8/kernel/crypto/cast5.ko /lib/modules/2.6.24.3-50.fc8/kernel/crypto/blkcipher.ko /lib/modules/2.6.24.3-50.fc8/kernel/crypto/michael_mic.ko /lib/modules/2.6.24.3-50.fc8/kernel/crypto/cast6.ko /lib/modules/2.6.24.3-50.fc8/kernel/crypto/twofish.ko /lib/modules/2.6.24.3-50.fc8/kernel/crypto/aes_generic.ko /lib/modules/2.6.24.3-50.fc8/kernel/crypto/wp512.ko /lib/modules/2.6.24.3-50.fc8/kernel/crypto/camellia.ko /lib/modules/2.6.24.3-50.fc8/kernel/crypto/khazad.ko /lib/modules/2.6.24.3-50.fc8/kernel/crypto/fcrypt.ko /lib/modules/2.6.24.3-50.fc8/kernel/crypto/xcbc.ko /lib/modules/2.6.24.3-50.fc8/kernel/crypto/serpent.ko /lib/modules/2.6.24.3-50.fc8/kernel/crypto/blowfish.ko /lib/modules/2.6.24.3-50.fc8/kernel/crypto/aead.ko /lib/modules/2.6.24.3-50.fc8/kernel/crypto/tea.ko /lib/modules/2.6.24.3-50.fc8/kernel/crypto/cbc.ko /lib/modules/2.6.24.3-50.fc8/kernel/crypto/tgr192.ko /lib/modules/2.6.24.3-50.fc8/kernel/crypto/xts.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/romfs/romfs.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/cifs/cifs.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/mbcache.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/nfs/nfs.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/hfsplus/hfsplus.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/udf/udf.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/configfs/configfs.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/ecryptfs/ecryptfs.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/reiserfs/reiserfs.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/nfsd/nfsd.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/nfs_common/nfs_acl.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/dlm/dlm.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/freevxfs/freevxfs.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/coda/coda.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/qnx4/qnx4.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/ext2/ext2.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/fuse/fuse.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/ext3/ext3.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/ocfs2/dlm/ocfs2_dlm.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/ocfs2/dlm/ocfs2_dlmfs.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/ocfs2/ocfs2.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/ocfs2/cluster/ocfs2_nodemanager.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/xfs/xfs.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/efs/efs.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/vfat/vfat.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/ufs/ufs.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/hfs/hfs.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/ncpfs/ncpfs.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/befs/befs.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/gfs2/locking/dlm/lock_dlm.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/gfs2/locking/nolock/lock_nolock.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/gfs2/gfs2.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/squashfs/squashfs.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/autofs/autofs.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/nls/nls_iso8859-6.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/nls/nls_cp855.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/nls/nls_cp863.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/nls/nls_cp737.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/nls/nls_cp860.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/nls/nls_cp932.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/nls/nls_iso8859-7.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/nls/nls_utf8.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/nls/nls_cp1251.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/nls/nls_iso8859-15.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/nls/nls_iso8859-4.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/nls/nls_cp936.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/nls/nls_cp865.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/nls/nls_cp861.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/nls/nls_cp949.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/nls/nls_iso8859-5.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/nls/nls_iso8859-3.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/nls/nls_iso8859-2.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/nls/nls_iso8859-14.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/nls/nls_cp1250.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/nls/nls_koi8-r.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/nls/nls_cp852.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/nls/nls_iso8859-13.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/nls/nls_koi8-u.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/nls/nls_cp857.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/nls/nls_cp874.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/nls/nls_cp862.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/nls/nls_koi8-ru.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/nls/nls_cp850.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/nls/nls_cp950.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/nls/nls_cp866.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/nls/nls_euc-jp.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/nls/nls_iso8859-9.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/nls/nls_cp775.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/nls/nls_cp1255.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/nls/nls_cp869.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/nls/nls_iso8859-1.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/nls/nls_cp864.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/fat/fat.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/affs/affs.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/cramfs/cramfs.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/lockd/lockd.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/autofs4/autofs4.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/bfs/bfs.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/msdos/msdos.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/exportfs/exportfs.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/sysv/sysv.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/jffs2/jffs2.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/minix/minix.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/9p/9p.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/jbd/jbd.ko /lib/modules/2.6.24.3-50.fc8/kernel/fs/jfs/jfs.ko /lib/modules/2.6.24.3-50.fc8/kernel/lib/reed_solomon/reed_solomon.ko /lib/modules/2.6.24.3-50.fc8/kernel/lib/crc16.ko /lib/modules/2.6.24.3-50.fc8/kernel/lib/crc-itu-t.ko /lib/modules/2.6.24.3-50.fc8/kernel/lib/crc-ccitt.ko /lib/modules/2.6.24.3-50.fc8/kernel/lib/ts_fsm.ko /lib/modules/2.6.24.3-50.fc8/kernel/lib/zlib_deflate/zlib_deflate.ko /lib/modules/2.6.24.3-50.fc8/kernel/lib/ts_kmp.ko /lib/modules/2.6.24.3-50.fc8/kernel/lib/ts_bm.ko /lib/modules/2.6.24.3-50.fc8/extra/nvidia/nvidia.ko **************************************** This is a list of files in /etc/rc.d/init.d without permission 700 We recommend that you change the permission of this files to 700 /etc/rc.d/init.d/iptables /etc/rc.d/init.d/rsyslog /etc/rc.d/init.d/rpcsvcgssd /etc/rc.d/init.d/nvidia /etc/rc.d/init.d/rdisc /etc/rc.d/init.d/lisa /etc/rc.d/init.d/rpcidmapd /etc/rc.d/init.d/wpa_supplicant /etc/rc.d/init.d/irqbalance /etc/rc.d/init.d/irda /etc/rc.d/init.d/backuppc /etc/rc.d/init.d/yum-updatesd /etc/rc.d/init.d/ntpd /etc/rc.d/init.d/winbind /etc/rc.d/init.d/httpd /etc/rc.d/init.d/killall /etc/rc.d/init.d/nfslock /etc/rc.d/init.d/rpcgssd /etc/rc.d/init.d/crond /etc/rc.d/init.d/ip6tables /etc/rc.d/init.d/autofs /etc/rc.d/init.d/ConsoleKit /etc/rc.d/init.d/setroubleshoot /etc/rc.d/init.d/anacron /etc/rc.d/init.d/rpcbind /etc/rc.d/init.d/NetworkManager /etc/rc.d/init.d/kudzu /etc/rc.d/init.d/netfs /etc/rc.d/init.d/single /etc/rc.d/init.d/smartd /etc/rc.d/init.d/openvpn /etc/rc.d/init.d/functions /etc/rc.d/init.d/psacct /etc/rc.d/init.d/avahi-daemon /etc/rc.d/init.d/racoon /etc/rc.d/init.d/halt /etc/rc.d/init.d/messagebus /etc/rc.d/init.d/saslauthd /etc/rc.d/init.d/fuse /etc/rc.d/init.d/acpid /etc/rc.d/init.d/jetty /etc/rc.d/init.d/netplugd /etc/rc.d/init.d/dund /etc/rc.d/init.d/microcode_ctl /etc/rc.d/init.d/nasd /etc/rc.d/init.d/haldaemon /etc/rc.d/init.d/mdmonitor /etc/rc.d/init.d/hsqldb /etc/rc.d/init.d/bluetooth /etc/rc.d/init.d/pand /etc/rc.d/init.d/netconsole /etc/rc.d/init.d/restorecond /etc/rc.d/init.d/smolt /etc/rc.d/init.d/lm_sensors /etc/rc.d/init.d/multipathd /etc/rc.d/init.d/auditd /etc/rc.d/init.d/tomcat5 /etc/rc.d/init.d/ypbind /etc/rc.d/init.d/cups-config-daemon /etc/rc.d/init.d/udev-post /etc/rc.d/init.d/NetworkManagerDispatcher /etc/rc.d/init.d/pcscd /etc/rc.d/init.d/gpm /etc/rc.d/init.d/firstboot /etc/rc.d/init.d/network /etc/rc.d/init.d/sendmail /etc/rc.d/init.d/nfs /etc/rc.d/init.d/cups /etc/rc.d/init.d/sshd /etc/rc.d/init.d/cpuspeed /etc/rc.d/init.d/nscd **************************************** Check these ports in /etc/services to see what they are. Close all ports you do not need. Ports listening on this system: Protocol Port tcp 111 tcp 631 tcp 25 tcp 34747 **************************************** Output from nmap run on local IP(s) Check these services to see if they are critical. Disable services you do not need. Starting Nmap 4.20 ( http://insecure.org ) at 2008-05-07 14:18 CDT Initiating Connect() Scan at 14:18 Scanning kometa (172.20.8.78) [1697 ports] Discovered open port 22/tcp on 172.20.8.78 Discovered open port 111/tcp on 172.20.8.78 Completed Connect() Scan at 14:18, 0.04s elapsed (1697 total ports) Host kometa (172.20.8.78) appears to be up ... good. Interesting ports on kometa (172.20.8.78): Not shown: 1695 closed ports PORT STATE SERVICE 22/tcp open ssh 111/tcp open rpcbind Nmap finished: 1 IP address (1 host up) scanned in 0.102 seconds **************************************** Output from netstat -i showing Kernel interface statistics Kernel Interface table Iface MTU Met RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg eth0 1500 0 12784245 0 0 0 6204929 0 0 0 BMRU lo 16436 0 25994 0 0 0 25994 0 0 0 LRU **************************************** Output from netstat -rn showing current routing Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 172.20.8.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0 0.0.0.0 172.20.8.1 0.0.0.0 UG 0 0 0 eth0 **************************************** Hrm, do not see FORWARD_IPV4=FALSE in network. Make sure that /etc/sysconfig/network contains the line FORWARD_IPV4=FALSE **************************************** These network interfaces found to be in promisc mode using /sbin/ip. **************************************** These network interfaces found to be in promisc mode using /sbin/ip. **************************************** This is a list of all services in all runlevels on the system. ConsoleKit 0:off 1:off 2:on 3:on 4:on 5:on 6:off NetworkManager 0:off 1:off 2:off 3:off 4:off 5:off 6:off NetworkManagerDispatcher 0:off 1:off 2:off 3:off 4:off 5:off 6:off acpid 0:off 1:off 2:on 3:on 4:on 5:on 6:off anacron 0:off 1:off 2:on 3:on 4:on 5:on 6:off auditd 0:off 1:off 2:on 3:on 4:on 5:on 6:off autofs 0:off 1:off 2:off 3:on 4:on 5:on 6:off avahi-daemon 0:off 1:off 2:off 3:on 4:on 5:on 6:off backuppc 0:off 1:off 2:off 3:off 4:off 5:off 6:off bluetooth 0:off 1:off 2:on 3:on 4:on 5:on 6:off cpuspeed 0:off 1:on 2:on 3:on 4:on 5:on 6:off crond 0:off 1:off 2:on 3:on 4:on 5:on 6:off cups 0:off 1:off 2:on 3:on 4:on 5:on 6:off dund 0:off 1:off 2:off 3:off 4:off 5:off 6:off firstboot 0:off 1:off 2:off 3:on 4:off 5:on 6:off gpm 0:off 1:off 2:on 3:on 4:on 5:off 6:off haldaemon 0:off 1:off 2:off 3:on 4:on 5:on 6:off httpd 0:off 1:off 2:off 3:off 4:off 5:off 6:off ip6tables 0:off 1:off 2:on 3:on 4:on 5:on 6:off iptables 0:off 1:off 2:on 3:on 4:on 5:on 6:off irda 0:off 1:off 2:off 3:off 4:off 5:off 6:off irqbalance 0:off 1:off 2:off 3:on 4:on 5:on 6:off jetty 0:off 1:off 2:off 3:off 4:off 5:off 6:off kudzu 0:off 1:off 2:off 3:on 4:on 5:on 6:off lisa 0:off 1:off 2:off 3:off 4:off 5:off 6:off lm_sensors 0:off 1:off 2:off 3:off 4:off 5:off 6:off mdmonitor 0:off 1:off 2:on 3:on 4:on 5:on 6:off messagebus 0:off 1:off 2:on 3:on 4:on 5:on 6:off microcode_ctl 0:off 1:off 2:on 3:on 4:on 5:on 6:off multipathd 0:off 1:off 2:off 3:off 4:off 5:off 6:off nasd 0:off 1:off 2:off 3:off 4:off 5:on 6:off netconsole 0:off 1:off 2:off 3:off 4:off 5:off 6:off netfs 0:off 1:off 2:off 3:on 4:on 5:on 6:off netplugd 0:off 1:off 2:off 3:off 4:off 5:off 6:off network 0:off 1:off 2:on 3:on 4:on 5:on 6:off nfs 0:off 1:off 2:off 3:off 4:off 5:off 6:off nfslock 0:off 1:off 2:off 3:on 4:on 5:on 6:off nscd 0:off 1:off 2:off 3:off 4:off 5:off 6:off ntpd 0:off 1:off 2:off 3:off 4:off 5:off 6:off nvidia 0:off 1:off 2:on 3:on 4:on 5:on 6:off openvpn 0:off 1:off 2:off 3:off 4:off 5:off 6:off pand 0:off 1:off 2:off 3:off 4:off 5:off 6:off pcscd 0:off 1:off 2:on 3:on 4:on 5:on 6:off psacct 0:off 1:off 2:off 3:off 4:off 5:off 6:off racoon 0:off 1:off 2:off 3:off 4:off 5:off 6:off rdisc 0:off 1:off 2:off 3:off 4:off 5:off 6:off restorecond 0:off 1:off 2:on 3:on 4:on 5:on 6:off rpcbind 0:off 1:off 2:on 3:on 4:on 5:on 6:off rpcgssd 0:off 1:off 2:off 3:on 4:on 5:on 6:off rpcidmapd 0:off 1:off 2:off 3:on 4:on 5:on 6:off rpcsvcgssd 0:off 1:off 2:off 3:off 4:off 5:off 6:off rsyslog 0:off 1:off 2:on 3:on 4:on 5:on 6:off saslauthd 0:off 1:off 2:off 3:off 4:off 5:off 6:off sendmail 0:off 1:off 2:on 3:on 4:on 5:on 6:off setroubleshoot 0:off 1:off 2:off 3:on 4:on 5:on 6:off smartd 0:off 1:off 2:off 3:off 4:off 5:off 6:off smolt 0:off 1:off 2:off 3:off 4:off 5:off 6:off sshd 0:off 1:off 2:on 3:on 4:on 5:on 6:off tomcat5 0:off 1:off 2:off 3:off 4:off 5:off 6:off udev-post 0:off 1:off 2:off 3:on 4:on 5:on 6:off winbind 0:off 1:off 2:off 3:off 4:off 5:off 6:off wpa_supplicant 0:off 1:off 2:off 3:off 4:off 5:off 6:off ypbind 0:off 1:off 2:off 3:off 4:off 5:off 6:off yum-updatesd 0:off 1:off 2:on 3:on 4:on 5:on 6:off **************************************** This is a list of all services which are on right now, taken from chkconfig output. ConsoleKit 0:off 1:off 2:on 3:on 4:on 5:on 6:off acpid 0:off 1:off 2:on 3:on 4:on 5:on 6:off anacron 0:off 1:off 2:on 3:on 4:on 5:on 6:off auditd 0:off 1:off 2:on 3:on 4:on 5:on 6:off autofs 0:off 1:off 2:off 3:on 4:on 5:on 6:off avahi-daemon 0:off 1:off 2:off 3:on 4:on 5:on 6:off bluetooth 0:off 1:off 2:on 3:on 4:on 5:on 6:off cpuspeed 0:off 1:on 2:on 3:on 4:on 5:on 6:off crond 0:off 1:off 2:on 3:on 4:on 5:on 6:off cups 0:off 1:off 2:on 3:on 4:on 5:on 6:off firstboot 0:off 1:off 2:off 3:on 4:off 5:on 6:off gpm 0:off 1:off 2:on 3:on 4:on 5:off 6:off haldaemon 0:off 1:off 2:off 3:on 4:on 5:on 6:off ip6tables 0:off 1:off 2:on 3:on 4:on 5:on 6:off iptables 0:off 1:off 2:on 3:on 4:on 5:on 6:off irqbalance 0:off 1:off 2:off 3:on 4:on 5:on 6:off kudzu 0:off 1:off 2:off 3:on 4:on 5:on 6:off mdmonitor 0:off 1:off 2:on 3:on 4:on 5:on 6:off messagebus 0:off 1:off 2:on 3:on 4:on 5:on 6:off microcode_ctl 0:off 1:off 2:on 3:on 4:on 5:on 6:off nasd 0:off 1:off 2:off 3:off 4:off 5:on 6:off netconsole 0:off 1:off 2:off 3:off 4:off 5:off 6:off netfs 0:off 1:off 2:off 3:on 4:on 5:on 6:off network 0:off 1:off 2:on 3:on 4:on 5:on 6:off nfslock 0:off 1:off 2:off 3:on 4:on 5:on 6:off nvidia 0:off 1:off 2:on 3:on 4:on 5:on 6:off pcscd 0:off 1:off 2:on 3:on 4:on 5:on 6:off racoon 0:off 1:off 2:off 3:off 4:off 5:off 6:off restorecond 0:off 1:off 2:on 3:on 4:on 5:on 6:off rpcbind 0:off 1:off 2:on 3:on 4:on 5:on 6:off rpcgssd 0:off 1:off 2:off 3:on 4:on 5:on 6:off rpcidmapd 0:off 1:off 2:off 3:on 4:on 5:on 6:off rsyslog 0:off 1:off 2:on 3:on 4:on 5:on 6:off sendmail 0:off 1:off 2:on 3:on 4:on 5:on 6:off setroubleshoot 0:off 1:off 2:off 3:on 4:on 5:on 6:off sshd 0:off 1:off 2:on 3:on 4:on 5:on 6:off udev-post 0:off 1:off 2:off 3:on 4:on 5:on 6:off yum-updatesd 0:off 1:off 2:on 3:on 4:on 5:on 6:off **************************************** Can not locate grub or lilo conf files. Please check that the password keyword is being used in them. **************************************** /proc/sys/net/ipv4/icmp_echo_ignore_all exists, but is off. Consider placing a one in it to turn on. **************************************** You ignore all ICMP Echo broadcasts, good. **************************************** You are denying source routed packets. Good. **************************************** /proc/sys/net/ipv4/conf/all/accept_redirects exists, but its off. **************************************** You are ignoring bad err msgs in ipv4. Good. **************************************** Logging of spoofed, etc packets is off. Consider turning on. **************************************** X seems to be listening for tcp connections. Consider turning this off with -nolisten tcp in your X startup file. **************************************** readlink is not installed on this system, or it is not in the path, or I just can not find it. checklistening was not run. **************************************** This is a list of mount points currently mounted. Make sure the permissions are reasonable (rw, ro, etc). /dev/sda1 on / type ext3 (rw) proc on /proc type proc (rw) sysfs on /sys type sysfs (rw) devpts on /dev/pts type devpts (rw,gid=5,mode=620) tmpfs on /dev/shm type tmpfs (rw) none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw) sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw) origin2:/store on /store type nfs (rw,udp,addr=172.20.26.205) origin1:/research on /research type nfs (rw,udp,addr=172.20.26.204) **************************************** This is a list of disk utilizations on the system, in kilobytes. Chcek to see that filesystems are not near capacity, etc. Filesystem 1K-blocks Used Available Use% Mounted on /dev/sda1 473086160 6581008 442085952 2% / tmpfs 2031292 36 2031256 1% /dev/shm origin2:/store 6856646656 5637073600 1219573056 83% /store origin1:/research 16376720640 8752292352 7624428288 54% /research **************************************** lsat-0.9.7.1/checkcfg.c0000644000175000001440000000314111010374106014022 0ustar number9users/****************************************/ /* This is the checcfg.c module for */ /* lsat program. This module checks */ /* all services in all runlevels on the */ /* system and just prints them out... */ /* this is redhat specific... */ /* */ /* See lsatmain.c for more details. */ /****************************************/ #include "lsatheader.h" #include #include #include int checkcfg(filename, verbose, html) const char *const filename; int verbose; int html; { const char * tempfile =NULL; const char * shellcode=NULL; const char * header =NULL; if (verbose >= 0) { printf(" Running checkcfg module...\n"); } if (verbose > 0) { printf(" Creating list of daemons in all runlevels...\n"); } tempfile = "/tmp/lsat1.lsat"; shellcode= "/sbin/chkconfig --list 2>/dev/null | tee >/tmp/lsat1.lsat"; header = "This is a list of all services in\n all runlevels on the system.\n"; if ((dostuff(tempfile, filename, shellcode, header, html)) < 0) { /* something went wrong */ perror(" Creation of list failed."); return (-1); } tempfile = "/tmp/lsat1.lsat"; shellcode = "/sbin/chkconfig --list 2>/dev/null |grep on >/tmp/lsat1.lsat"; header = "This is a list of all services which are \non right now, taken from chkconfig output.\n"; if ((dostuff(tempfile, filename, shellcode, header, html)) < 0) { /* something went wrong */ perror( "Creation of list failed."); return(-1); } if (verbose > 0) { printf(" Finished in checkcfg module.\n"); } return(0); }