The Linux Security Auditing Tool (LSAT) is a post install security auditor for Linux/Unix. It checks many system configurations and local network settings on the system for common security/config errors and for packages that are not needed.

Unhide is a forensic tool to find processes and TCP/UDP ports hidden by rootkits, Linux kernel modules or by other techniques. It includes two utilities: unhide and unhide-tcp.

unhide detects hidden processes using three techniques:

- comparing the output of /proc and /bin/ps
- comparing the information gathered from /bin/ps with the one gathered
   from system calls (syscall scanning)
- full scan of the process ID space (PIDs bruteforcing)

unhide-tcp identifies TCP/UDP ports that are listening but are not listed in /bin/netstat through brute forcing of all TCP/UDP ports available.

This package can be used by rkhunter in its daily scans.

debsecan is a tool to generate a list of vulnerabilities which affect a particular Debian installation. debsecan runs on the host which is to be checked, and downloads vulnerability information over the Internet. It can send mail to interested parties when new vulnerabilities are discovered or when security updates become available.

debsums can verify the integrity of installed package files against MD5 checksums installed by the package, or generated from a .deb archive.

This package will download and install security upgrades automatically
and unattended. It will take care to only install packages from the
configured origin and will check for conffile prompts.

This script is the backend for the APT::Periodic::Unattended-Upgrade
option.