Merge pull request #32 from Samson-W/master

Update the number of the check item .
2021-08-15 17:23:06 +08:00 · 2021-08-15 17:23:06 +08:00 · 0652ec431f
parent baccad9c3b 356124dfdb
commit 0652ec431f
7 changed files with 19 additions and 19 deletions
--- a/README-CN.md
+++ b/README-CN.md
@ -131,7 +131,7 @@ EXCEPTIONS=""

 ## 修复后必须进行的操作 (非常重要)
 当set-hardening-level配置为5（最高等级）且使用--apply运行了后，需要进行如下的操作：
-1) 当9.5项被修复后(Restrict Access to the su Command), 如果必须使用su的场景，例如如果使用ssh远程登录，当以普通用户登录后需要使用su命令时，可以使用如下命令进行解除限制：
+1) 当9.4项被修复后(Restrict Access to the su Command), 如果必须使用su的场景，例如如果使用ssh远程登录，当以普通用户登录后需要使用su命令时，可以使用如下命令进行解除限制：
 ```
 # sed -i '/^[^#].*pam_wheel.so.*/s/^/# &/' /etc/pam.d/su 
 ```
@ -176,7 +176,7 @@ $ sed -i 's/^define int_if = ens33/define int_if = eth0/g' etc.nftables.conf
 ## 特别注意 

 ### 必须在第一次修复应用后进行修复的项  
-8.1.32  因为此项一旦设置，审计规则将不能够再进行添加。
+8.1.35  因为此项一旦设置，审计规则将不能够再进行添加。

 ### 必须在所有项都修复应用后进行修复的项  
 8.4.1  8.4.2 这都是与aide检测文件完整性相关的项，最好是在所有项都修复好后再进行修复，以修复好的系统中的文件进行完整性的数据库的初始化。
--- a/README.md
+++ b/README.md
@ -157,7 +157,7 @@ If you apply docs/configurations/etc.iptables.rules.v4.sh to your firewall rules
 ## After remediation (Very important)
 When exec --apply and set-hardening-level are set to 5 (the highest level), you need to do the following:

-1) When applying 9.5(Restrict Access to the su Command), you must use the root account to log in to the OS because ordinary users cannot perform subsequent operations. 
+1) When applying 9.4(Restrict Access to the su Command), you must use the root account to log in to the OS because ordinary users cannot perform subsequent operations. 
 If you can only use ssh for remote login, you must use the su command when the normal user logs in. Then do the following:
 ```
 # sed -i '/^[^#].*pam_wheel.so.*/s/^/# &/' /etc/pam.d/su 
--- a/bin/harbianaudit.sh
+++ b/bin/harbianaudit.sh
@ -4,14 +4,14 @@
 /opt/harbianaudit/bin/hardening.sh --audit-all
 /opt/harbianaudit/bin/hardening.sh --set-hardening-level 5
 sed -i 's/^status=.*/status=disabled/' /opt/harbianaudit/etc/conf.d/7.4.4_hosts_deny.cfg
-sed -i 's/^status=.*/status=disabled/' /opt/harbianaudit/etc/conf.d/8.1.32_freeze_auditd_conf.cfg
+sed -i 's/^status=.*/status=disabled/' /opt/harbianaudit/etc/conf.d/8.1.35_freeze_auditd_conf.cfg
 sed -i 's/^status=.*/status=disabled/' /opt/harbianaudit/etc/conf.d/8.4.1_install_aide.cfg
 sed -i 's/^status=.*/status=disabled/' /opt/harbianaudit/etc/conf.d/8.4.2_aide_cron.cfg
-sed -i 's/^status=.*/status=disabled/' /opt/harbianaudit/etc/conf.d/9.5_pam_restrict_su.cfg
+sed -i 's/^status=.*/status=disabled/' /opt/harbianaudit/etc/conf.d/9.4_pam_restrict_su.cfg
 /opt/harbianaudit/bin/hardening.sh --apply
-sed -i 's/^status=.*/status=enabled/' /opt/harbianaudit/etc/conf.d/8.1.32_freeze_auditd_conf.cfg
+sed -i 's/^status=.*/status=enabled/' /opt/harbianaudit/etc/conf.d/8.1.35_freeze_auditd_conf.cfg
 sed -i 's/^status=.*/status=enabled/' /opt/harbianaudit/etc/conf.d/8.4.1_install_aide.cfg
 sed -i 's/^status=.*/status=enabled/' /opt/harbianaudit/etc/conf.d/8.4.2_aide_cron.cfg
 /opt/harbianaudit/bin/hardening.sh --apply --only 8.4.1
 /opt/harbianaudit/bin/hardening.sh --apply --only 8.4.2
-/opt/harbianaudit/bin/hardening.sh --apply --only 8.1.32
+/opt/harbianaudit/bin/hardening.sh --apply --only 8.1.35
--- a/bin/hardening/8.1.18_record_Events_netfilter.sh
+++ b/bin/hardening/8.1.18_record_Events_netfilter.sh
@ -5,7 +5,7 @@
 #

 #
-# 8.1.32 Record netfilter related Events (Scored)
+# 8.1.18 Record netfilter related Events (Scored)
 # Author: Samson-W (samson@hardenedlinux.org) author add this 
 # todo test for centos

--- a/docs/complianced_image/AMI/how_to_creating_and_making_an_AMI_public.mkd
+++ b/docs/complianced_image/AMI/how_to_creating_and_making_an_AMI_public.mkd
@ -53,7 +53,7 @@ admin@ip:/opt/harbian-audit-master# sed -i "s#CIS_ROOT_DIR=.*#CIS_ROOT_DIR='$(pw
 admin@ip:/opt/harbian-audit-master# ./bin/hardening.sh --init
 admin@ip:/opt/harbian-audit-master# ./bin/hardening.sh --audit-all 
 admin@ip:/opt/harbian-audit-master# ./bin/hardening.sh --set-hardening-level 5 
-admin@ip:/opt/harbian-audit-master# sed -i 's/^status=.*/status=disabled/' etc/conf.d/8.1.32_freeze_auditd_conf.cfg 
+admin@ip:/opt/harbian-audit-master# sed -i 's/^status=.*/status=disabled/' etc/conf.d/8.1.35_freeze_auditd_conf.cfg 
 admin@ip:/opt/harbian-audit-master# sed -i 's/^status=.*/status=disabled/' etc/conf.d/7.4.4_hosts_deny.cfg 
 admin@ip:/opt/harbian-audit-master# sed -i 's/^status=.*/status=disabled/' etc/conf.d/10.1.6_remove_nopasswd_sudoers.cfg
 admin@ip:/opt/harbian-audit-master# sed -i 's/^status=.*/status=disabled/' etc/conf.d/8.4.1_install_aide.cfg 
@ -78,8 +78,8 @@ Apply need to apply twice items and that items of must apply after first apply:
 admin@ip:/opt/harbian-audit-master# ./bin/hardening.sh --apply --only 8.1.1.2
 admin@ip:/opt/harbian-audit-master# ./bin/hardening.sh --apply --only 8.1.1.3
 admin@ip:/opt/harbian-audit-master# ./bin/hardening.sh --apply --only 8.1.12
-admin@ip:/opt/harbian-audit-master# sed -i 's/^status=.*/status=enabled/' etc/conf.d/8.1.32_freeze_auditd_conf.cfg 
-admin@ip:/opt/harbian-audit-master# ./bin/hardening.sh --apply --only 8.1.32 
+admin@ip:/opt/harbian-audit-master# sed -i 's/^status=.*/status=enabled/' etc/conf.d/8.1.35_freeze_auditd_conf.cfg 
+admin@ip:/opt/harbian-audit-master# ./bin/hardening.sh --apply --only 8.1.35 
 admin@ip:/opt/harbian-audit-master# ./bin/hardening.sh --apply --only 4.5
 admin@ip:/opt/harbian-audit-master# reboot 
 ```
--- a/docs/complianced_image/QEMU/how_to_creating_and_making_a_QEMU_img_for_centos8.mkd
+++ b/docs/complianced_image/QEMU/how_to_creating_and_making_a_QEMU_img_for_centos8.mkd
@ -67,7 +67,7 @@ root@harbian:/opt/harbian-audit-master#  bash bin/hardening.sh --init
 root@harbian:/opt/harbian-audit-master# ./bin/hardening.sh --audit-all  
 root@harbian:/opt/harbian-audit-master# ./bin/hardening.sh --set-hardening-level 5 
 root@harbian:/opt/harbian-audit-master# sed -i 's/^status=.*/status=disabled/' etc/conf.d/7.4.4_hosts_deny.cfg 
-root@harbian:/opt/harbian-audit-master# sed -i 's/^status=.*/status=disabled/' etc/conf.d/8.1.32_freeze_auditd_conf.cfg 
+root@harbian:/opt/harbian-audit-master# sed -i 's/^status=.*/status=disabled/' etc/conf.d/8.1.35_freeze_auditd_conf.cfg 
 root@harbian:/opt/harbian-audit-master# sed -i 's/^status=.*/status=disabled/' etc/conf.d/8.4.1_install_aide.cfg 
 root@harbian:/opt/harbian-audit-master# sed -i 's/^status=.*/status=disabled/' etc/conf.d/8.4.2_aide_cron.cfg 
 root@harbian:/opt/harbian-audit-master# ./bin/hardening.sh --apply 
@ -119,16 +119,16 @@ If need adds a project on AMI, add the project on such as /opt, /usr/local/bin d
 # rm /opt/master.zip 
 # rm /opt/harbian-audit-master/tmp/backups/*
 $ cd /opt/harbian-audit-master/etc/conf.d
-# rm -f !(8.1.32_freeze_auditd_conf.cfg|8.4.1_install_aide.cfg|8.4.2_aide_cron.cfg) 
+# rm -f !(8.1.35_freeze_auditd_conf.cfg|8.4.1_install_aide.cfg|8.4.2_aide_cron.cfg) 
 ```

 #### Final fix  
 ```
 $ cd /opt/harbian-audit-master 
-# sed -i 's/^status=.*/status=enabled/' etc/conf.d/8.1.32_freeze_auditd_conf.cfg
+# sed -i 's/^status=.*/status=enabled/' etc/conf.d/8.1.35_freeze_auditd_conf.cfg
 # sed -i 's/^status=.*/status=enabled/' etc/conf.d/8.4.1_install_aide.cfg 
 # sed -i 's/^status=.*/status=enabled/' etc/conf.d/8.4.2_aide_cron.cfg 
-# bash bin/hardening.sh --apply --only 8.1.32
+# bash bin/hardening.sh --apply --only 8.1.35
 # bash bin/hardening.sh --apply --only 8.4.1
 # bash bin/hardening.sh --apply --only 8.4.2
 # rm /opt/harbian-audit-master/tmp/backups/*
--- a/docs/complianced_image/QEMU/how_to_creating_and_making_a_QEMU_img_for_debian9.mkd
+++ b/docs/complianced_image/QEMU/how_to_creating_and_making_a_QEMU_img_for_debian9.mkd
@ -67,7 +67,7 @@ root@harbian:/opt/harbian-audit-master#  bash bin/hardening.sh --init
 root@harbian:/opt/harbian-audit-master# ./bin/hardening.sh --audit-all  
 root@harbian:/opt/harbian-audit-master# ./bin/hardening.sh --set-hardening-level 5 
 root@harbian:/opt/harbian-audit-master# sed -i 's/^status=.*/status=disabled/' etc/conf.d/7.4.4_hosts_deny.cfg 
-root@harbian:/opt/harbian-audit-master# sed -i 's/^status=.*/status=disabled/' etc/conf.d/8.1.32_freeze_auditd_conf.cfg 
+root@harbian:/opt/harbian-audit-master# sed -i 's/^status=.*/status=disabled/' etc/conf.d/8.1.35_freeze_auditd_conf.cfg 
 root@harbian:/opt/harbian-audit-master# sed -i 's/^status=.*/status=disabled/' etc/conf.d/8.4.1_install_aide.cfg 
 root@harbian:/opt/harbian-audit-master# sed -i 's/^status=.*/status=disabled/' etc/conf.d/8.4.2_aide_cron.cfg 
 root@harbian:/opt/harbian-audit-master# ./bin/hardening.sh --apply 
@ -118,16 +118,16 @@ If need adds a project on AMI, add the project on such as /opt, /usr/local/bin d
 # rm /opt/master.zip 
 # rm /opt/harbian-audit-master/tmp/backups/*
 $ cd /opt/harbian-audit-master/etc/conf.d
-# rm -f !(8.1.32_freeze_auditd_conf.cfg|8.4.1_install_aide.cfg|8.4.2_aide_cron.cfg) 
+# rm -f !(8.1.35_freeze_auditd_conf.cfg|8.4.1_install_aide.cfg|8.4.2_aide_cron.cfg) 
 ```

 #### Final fix  
 ```
 $ cd /opt/harbian-audit-master 
-# sed -i 's/^status=.*/status=enabled/' etc/conf.d/8.1.32_freeze_auditd_conf.cfg
+# sed -i 's/^status=.*/status=enabled/' etc/conf.d/8.1.35_freeze_auditd_conf.cfg
 # sed -i 's/^status=.*/status=enabled/' etc/conf.d/8.4.1_install_aide.cfg 
 # sed -i 's/^status=.*/status=enabled/' etc/conf.d/8.4.2_aide_cron.cfg 
-# bash bin/hardening.sh --apply --only 8.1.32
+# bash bin/hardening.sh --apply --only 8.1.35
 # bash bin/hardening.sh --apply --only 8.4.1
 # bash bin/hardening.sh --apply --only 8.4.2
 # rm /opt/harbian-audit-master/tmp/backups/*