AZScan Heat Map - Unix - Solaris 2.x

Low results
Med results
High results
Low risk
13
2
22
Med risk
6
8
15
High risk
0
1
4

The overall score is now 259

The table below shows each of the tests.

Each test has been assigned an Implication Score (Imp Score) and a Results Score (Res Score).

The implication score determines how serious a problem is when it occurs and cannot be changed. The results score shows how much this problem exists on your system, ranging from green, through amber to red.

 

Tests
Imp Score
Res Score
1 User Passwords
1.1 Duplicate names in password file
3
8
1.2 Users without passwords
9
7
1.3 Disabled accounts
2
4
1.4 Incorrect number of fields
4
5
1.5 Unmatched password file entries
6
9
1.6 Password lifetimes
6
9
1.7 Account information
1
1
2 User UIDs
2.1 UID=0
4
5
2.2 No UID
7
9
2.3 Invalid UIDs
7
7
2.4 Duplicate UIDs in the password file
4
9
3 User GIDs
3.1 Users with GID=0
3
8
3.2 Users with no GID
4
9
3.3 Users with an invalid GID
5
7
3.4 Duplicate GIDs in the password file
1
9
3.5 Non-existent GIDs
3
9
4 User Home dirs.
4.1 No home directory
3
9
4.2 Invalid home directory
5
9
4.3 Shared home directory
3
9
4.4 Home directory NOT sticky
3
1
4.5 Writeable home directory
4
1
4.6 Home directory contains suspicious files
7
9
5 User Shells
5.1 No shell shown
2
9
5.2 Invalid shells
3
8
5.3 Shared shells
3
5
5.4 Shells which are SUID/SGID
4
9
5.5 Shells which are writeable
4
9
6 Groups
6.1 Duplicate group names
3
7
6.2 ''Password protected''
1
2
6.3 Improper number of fields
2
8
6.4 No users
2
9
6.5 Non-existent users
2
9
6.6 Duplicate users
2
9
6.7 Users in each group
1
1
7 Group GIDs
7.1 GID=0
3
8
7.4 No GID
2
8
7.5 Invalid GIDs
3
8
7.6 Duplicate GIDs
2
9
8 Files
8.1 Files - Unknown owners
2
7
8.2 Files - Unknown groups
2
9
8.3 Files - WORLD writeable
6
7
8.4 Files - WORLD executable
5
1
8.5 Files - GROUP writeable
3
9
8.6 Files - GROUP executable
3
1
8.7 Files - Uneven privileges
5
7
8.8 Files - SUID
3
1
8.9 Files - SGID
2
1
8.10 Files - Sticky
2
1
8.11 Files - SUID/SGID and WORLD executable/writeable
5
5
8.12 Files likely to contain host information
5
5
8.13 Startup files which are world writeable
7
5
9 Directories
9.1 Dir - Unknown owners
4
5
9.2 Dir - Unknown groups
3
8
9.3 Dir - WORLD writeable
5
8
9.4 Dir - WORLD executable
5
9
9.5 Dir - GROUP writeable
4
9
9.6 Dir - GROUP executable
4
5
9.7 Dir - Uneven privileges
4
7
15.14 SGID
2
1
9.8 Dir - SGID
3
9
15.16 Sticky
3
1
9.9 Dir - Sticky
3
2
10 FTP
10.1 Anonymous FTP bin directory has wrong owner
3
3
10.2 Anonymous FTP etc directory has wrong owner
5
3
10.3 Anonymous FTP home directory has wrong owner
4
3
11 /etc
11.1 Directories under /etc has world write access
4
1
11.2 File /etc/default/passwd has insecure permissions
5
7
11.3 File /etc/profile has insecure permissions
4
1
12 Log files
12.1 The login log file does not exist
4
5
12.2 Login log not correctly owned
5
5
14 AIX
15 NIS
15.1 Is NIS being used.
1
1