Debianhelp.co.uk
 
Checksecurity Configuration
 
basic system security checks
 
Checksecurity does some very basic system security checks,such as looking for changes in which programs
 have setuid permissions, and that remote filesystems are not allowed to have  runnable setuid programs. 
 
Note that these are not to be considered in any way complete, and you should not rely on checksecurity
 to actually provide any useful information concerning the security or vulnerability of your system.
 
The lockfile-progs package is only a "Suggests" because of the poor way that dselect handles "Recommends",
 but I do strongly suggest that you install it; it prevents /etc/cron.daily/standard from running multiple times 
if something gets jammed. 

Checksecurity was previously part of the cron package.
 
Installing Checksecurity in debian
 
#apt-get install Checksecurity
 
If you want to check manully type the following in you shell
 
$checksecurity
 

By default Debian provides a cron job that runs daily in /etc/cron.daily/standard. This cron job will run the /usr/sbin/checksecurity script that will store information of this changes.

In order for this check to be made you must set CHECKSECURITY_DISABLE="FALSE" in /etc/checksecurity.conf. Note, this is the default, so unless you have changed something, this option will already be set to "FALSE".

The default behavior does not send this information to the superuser but, instead keeps daily copies of the changes in /var/log/setuid.changes. You should set the CHECKSECURITY_EMAIL (in /etc/checksecurity.conf) to 'root' to have this information mailed to him.