El mié, 04-01-2012 a las 10:56 +0100, corentin.labbe escribió: > Le 03/01/2012 21:21, Francisco Manuel Garcia Claramonte a écrit : > > Hi Corentin, > > > > According to website, YASAT doesn't look to provide any new feature > > than lynis or tiger. > > What are the advantages or differences with Lynis?. > > Hello
Hi Corentin, First of all thank you for your fast answer. > > Tiger is old and unmaintened. For example, it warn me that my sha512 shadow > password for root "is not using an acceptable password hash". > And said the same for user without password. > > Lynis is not really actively developed (2 years without release), Recently It was released the new upstream version 3.0.0. Now I am working on packaging it. > YASAT is actively developed. > It is Ok. > One of the advantages of YASAT over lynis/tiger is the number of test done: > - 277 for lynis (grepped register in include directory) I count 307, grep "Register --test-no" /usr/share/lynis/include/* | wc -l (I'll review it). > - 600 for YASAT (grepped display and relevant data files) > > One other advantages of YASAT is that it doesn't just said what is bad or > good, it tried to said why and give external links to informations about the > report. > Example, YASAT wont just said that file_uploads must be turned off it give > also the following link > http://phpsec.org/projects/phpsecinfo/tests/file_uploads.html. > Ok, it is not like this for all tests, but it is one of the goal. > > I also think YASAT is better architectured (at least for some test) > example: for adding an option in php.ini to be tested, you must copy all test > block in lynis and changes some values in it. > In YASAT you have just to add a line in php_conf.data. > > One recent advantages is the creation of a shell script for automatic > correction of reported problems. (But for the moment this feature is not used > by all YASAT parts) > > But I am probably one-sided, so for conclude, just test it both and made your > opinion. > It looks a good audit tool. I am going to try with it. Thank you. Regards, > Regards, > > > -- Francisco M. García Claramonte Debian GNU/Linux Developer <franci...@debian.org> GPG: public key ID 556ABA51 http://people.debian.org/~francisco/
signature.asc
Description: This is a digitally signed message part
