Source: checksecurity
Maintainer: Javier Fernández-Sanguino Peña <jfs@computer.org>
Section: admin
Priority: optional
Build-Depends: debhelper-compat (= 13)
Standards-Version: 4.7.0
Vcs-Browser: https://salsa.debian.org/debian/checksecurity
Vcs-Git: https://salsa.debian.org/debian/checksecurity.git
Rules-Requires-Root: no

Package: checksecurity
Architecture: all
Depends: cron | systemd-cron | anacron,
         ${perl:Depends},
         ${misc:Depends}
Recommends: logcheck
Suggests: apt-watch | cron-apt,
          lockfile-progs,
          tiger,
          tripwire | integrit | aide | samhain | fcheck,
          debsecan
Replaces: cron
Description: basic system security checks
 Checksecurity can periodically do some very basic system security checks:
 .
    * check-setuid  - scans for insecurely mounted remote file systems,
      and tracks changes in setuid programs;
    * check-sockets - tracks changes in open ports to detect rogue programs;
    * check-passwd  - scans for empty or duplicate system accounts;
    * check-disfree - scans for mounted filesystems nearing capacity;
    * check-iptables-logs -  scans logs generated by iptables and look
      for intrusion attempts.
 .
 Be aware that these minimal set of checks are no substitute for a full
 security auditing and integrity checking system.
 .
 In addition to these checks you are encourage to install additional packages
 (listed in "Recommends") to provide more information concerning the security
 or vulnerability of your system.
 .
 Installing the suggested package lockfile-progs can help to prevent
 the cron jobs running multiple times if something gets jammed.
