From 356124dfdbc6d5ce461b66cff11e2f0837cd54e3 Mon Sep 17 00:00:00 2001
From: Samson-W <sccxboy@gmail.com>
Date: Sun, 15 Aug 2021 17:12:07 +0800
Subject: [PATCH] Update the number of the check item .

---
 README-CN.md                                              | 4 ++--
 README.md                                                 | 2 +-
 bin/harbianaudit.sh                                       | 8 ++++----
 bin/hardening/8.1.18_record_Events_netfilter.sh           | 2 +-
 .../AMI/how_to_creating_and_making_an_AMI_public.mkd      | 6 +++---
 .../how_to_creating_and_making_a_QEMU_img_for_centos8.mkd | 8 ++++----
 .../how_to_creating_and_making_a_QEMU_img_for_debian9.mkd | 8 ++++----
 7 files changed, 19 insertions(+), 19 deletions(-)

diff --git a/README-CN.md b/README-CN.md
index 03165f0..2a71d6a 100644
--- a/README-CN.md
+++ b/README-CN.md
@@ -131,7 +131,7 @@ EXCEPTIONS=""
 
 ## 修复后必须进行的操作 (非常重要)
 当set-hardening-level配置为5（最高等级）且使用--apply运行了后，需要进行如下的操作：
-1) 当9.5项被修复后(Restrict Access to the su Command), 如果必须使用su的场景，例如如果使用ssh远程登录，当以普通用户登录后需要使用su命令时，可以使用如下命令进行解除限制：
+1) 当9.4项被修复后(Restrict Access to the su Command), 如果必须使用su的场景，例如如果使用ssh远程登录，当以普通用户登录后需要使用su命令时，可以使用如下命令进行解除限制：
 ```
 # sed -i '/^[^#].*pam_wheel.so.*/s/^/# &/' /etc/pam.d/su 
 ```
@@ -176,7 +176,7 @@ $ sed -i 's/^define int_if = ens33/define int_if = eth0/g' etc.nftables.conf
 ## 特别注意 
 
 ### 必须在第一次修复应用后进行修复的项  
-8.1.32  因为此项一旦设置，审计规则将不能够再进行添加。
+8.1.35  因为此项一旦设置，审计规则将不能够再进行添加。
 
 ### 必须在所有项都修复应用后进行修复的项  
 8.4.1  8.4.2 这都是与aide检测文件完整性相关的项，最好是在所有项都修复好后再进行修复，以修复好的系统中的文件进行完整性的数据库的初始化。
diff --git a/README.md b/README.md
index 3f5fd3f..f545704 100755
--- a/README.md
+++ b/README.md
@@ -157,7 +157,7 @@ If you apply docs/configurations/etc.iptables.rules.v4.sh to your firewall rules
 ## After remediation (Very important)
 When exec --apply and set-hardening-level are set to 5 (the highest level), you need to do the following:
 
-1) When applying 9.5(Restrict Access to the su Command), you must use the root account to log in to the OS because ordinary users cannot perform subsequent operations. 
+1) When applying 9.4(Restrict Access to the su Command), you must use the root account to log in to the OS because ordinary users cannot perform subsequent operations. 
 If you can only use ssh for remote login, you must use the su command when the normal user logs in. Then do the following:
 ```
 # sed -i '/^[^#].*pam_wheel.so.*/s/^/# &/' /etc/pam.d/su 
diff --git a/bin/harbianaudit.sh b/bin/harbianaudit.sh
index 04bad9f..8b0fba2 100755
--- a/bin/harbianaudit.sh
+++ b/bin/harbianaudit.sh
@@ -4,14 +4,14 @@
 /opt/harbianaudit/bin/hardening.sh --audit-all
 /opt/harbianaudit/bin/hardening.sh --set-hardening-level 5
 sed -i 's/^status=.*/status=disabled/' /opt/harbianaudit/etc/conf.d/7.4.4_hosts_deny.cfg
-sed -i 's/^status=.*/status=disabled/' /opt/harbianaudit/etc/conf.d/8.1.32_freeze_auditd_conf.cfg
+sed -i 's/^status=.*/status=disabled/' /opt/harbianaudit/etc/conf.d/8.1.35_freeze_auditd_conf.cfg
 sed -i 's/^status=.*/status=disabled/' /opt/harbianaudit/etc/conf.d/8.4.1_install_aide.cfg
 sed -i 's/^status=.*/status=disabled/' /opt/harbianaudit/etc/conf.d/8.4.2_aide_cron.cfg
-sed -i 's/^status=.*/status=disabled/' /opt/harbianaudit/etc/conf.d/9.5_pam_restrict_su.cfg
+sed -i 's/^status=.*/status=disabled/' /opt/harbianaudit/etc/conf.d/9.4_pam_restrict_su.cfg
 /opt/harbianaudit/bin/hardening.sh --apply
-sed -i 's/^status=.*/status=enabled/' /opt/harbianaudit/etc/conf.d/8.1.32_freeze_auditd_conf.cfg
+sed -i 's/^status=.*/status=enabled/' /opt/harbianaudit/etc/conf.d/8.1.35_freeze_auditd_conf.cfg
 sed -i 's/^status=.*/status=enabled/' /opt/harbianaudit/etc/conf.d/8.4.1_install_aide.cfg
 sed -i 's/^status=.*/status=enabled/' /opt/harbianaudit/etc/conf.d/8.4.2_aide_cron.cfg
 /opt/harbianaudit/bin/hardening.sh --apply --only 8.4.1
 /opt/harbianaudit/bin/hardening.sh --apply --only 8.4.2
-/opt/harbianaudit/bin/hardening.sh --apply --only 8.1.32
+/opt/harbianaudit/bin/hardening.sh --apply --only 8.1.35
diff --git a/bin/hardening/8.1.18_record_Events_netfilter.sh b/bin/hardening/8.1.18_record_Events_netfilter.sh
index 87baae6..82a1a5e 100755
--- a/bin/hardening/8.1.18_record_Events_netfilter.sh
+++ b/bin/hardening/8.1.18_record_Events_netfilter.sh
@@ -5,7 +5,7 @@
 #
 
 #
-# 8.1.32 Record netfilter related Events (Scored)
+# 8.1.18 Record netfilter related Events (Scored)
 # Author: Samson-W (samson@hardenedlinux.org) author add this 
 # todo test for centos
 
diff --git a/docs/complianced_image/AMI/how_to_creating_and_making_an_AMI_public.mkd b/docs/complianced_image/AMI/how_to_creating_and_making_an_AMI_public.mkd
index 8e737e0..8ed457b 100644
--- a/docs/complianced_image/AMI/how_to_creating_and_making_an_AMI_public.mkd
+++ b/docs/complianced_image/AMI/how_to_creating_and_making_an_AMI_public.mkd
@@ -53,7 +53,7 @@ admin@ip:/opt/harbian-audit-master# sed -i "s#CIS_ROOT_DIR=.*#CIS_ROOT_DIR='$(pw
 admin@ip:/opt/harbian-audit-master# ./bin/hardening.sh --init
 admin@ip:/opt/harbian-audit-master# ./bin/hardening.sh --audit-all 
 admin@ip:/opt/harbian-audit-master# ./bin/hardening.sh --set-hardening-level 5 
-admin@ip:/opt/harbian-audit-master# sed -i 's/^status=.*/status=disabled/' etc/conf.d/8.1.32_freeze_auditd_conf.cfg 
+admin@ip:/opt/harbian-audit-master# sed -i 's/^status=.*/status=disabled/' etc/conf.d/8.1.35_freeze_auditd_conf.cfg 
 admin@ip:/opt/harbian-audit-master# sed -i 's/^status=.*/status=disabled/' etc/conf.d/7.4.4_hosts_deny.cfg 
 admin@ip:/opt/harbian-audit-master# sed -i 's/^status=.*/status=disabled/' etc/conf.d/10.1.6_remove_nopasswd_sudoers.cfg
 admin@ip:/opt/harbian-audit-master# sed -i 's/^status=.*/status=disabled/' etc/conf.d/8.4.1_install_aide.cfg 
@@ -78,8 +78,8 @@ Apply need to apply twice items and that items of must apply after first apply:
 admin@ip:/opt/harbian-audit-master# ./bin/hardening.sh --apply --only 8.1.1.2
 admin@ip:/opt/harbian-audit-master# ./bin/hardening.sh --apply --only 8.1.1.3
 admin@ip:/opt/harbian-audit-master# ./bin/hardening.sh --apply --only 8.1.12
-admin@ip:/opt/harbian-audit-master# sed -i 's/^status=.*/status=enabled/' etc/conf.d/8.1.32_freeze_auditd_conf.cfg 
-admin@ip:/opt/harbian-audit-master# ./bin/hardening.sh --apply --only 8.1.32 
+admin@ip:/opt/harbian-audit-master# sed -i 's/^status=.*/status=enabled/' etc/conf.d/8.1.35_freeze_auditd_conf.cfg 
+admin@ip:/opt/harbian-audit-master# ./bin/hardening.sh --apply --only 8.1.35 
 admin@ip:/opt/harbian-audit-master# ./bin/hardening.sh --apply --only 4.5
 admin@ip:/opt/harbian-audit-master# reboot 
 ```
diff --git a/docs/complianced_image/QEMU/how_to_creating_and_making_a_QEMU_img_for_centos8.mkd b/docs/complianced_image/QEMU/how_to_creating_and_making_a_QEMU_img_for_centos8.mkd
index af597f8..7a27db8 100644
--- a/docs/complianced_image/QEMU/how_to_creating_and_making_a_QEMU_img_for_centos8.mkd
+++ b/docs/complianced_image/QEMU/how_to_creating_and_making_a_QEMU_img_for_centos8.mkd
@@ -67,7 +67,7 @@ root@harbian:/opt/harbian-audit-master#  bash bin/hardening.sh --init
 root@harbian:/opt/harbian-audit-master# ./bin/hardening.sh --audit-all  
 root@harbian:/opt/harbian-audit-master# ./bin/hardening.sh --set-hardening-level 5 
 root@harbian:/opt/harbian-audit-master# sed -i 's/^status=.*/status=disabled/' etc/conf.d/7.4.4_hosts_deny.cfg 
-root@harbian:/opt/harbian-audit-master# sed -i 's/^status=.*/status=disabled/' etc/conf.d/8.1.32_freeze_auditd_conf.cfg 
+root@harbian:/opt/harbian-audit-master# sed -i 's/^status=.*/status=disabled/' etc/conf.d/8.1.35_freeze_auditd_conf.cfg 
 root@harbian:/opt/harbian-audit-master# sed -i 's/^status=.*/status=disabled/' etc/conf.d/8.4.1_install_aide.cfg 
 root@harbian:/opt/harbian-audit-master# sed -i 's/^status=.*/status=disabled/' etc/conf.d/8.4.2_aide_cron.cfg 
 root@harbian:/opt/harbian-audit-master# ./bin/hardening.sh --apply 
@@ -119,16 +119,16 @@ If need adds a project on AMI, add the project on such as /opt, /usr/local/bin d
 # rm /opt/master.zip 
 # rm /opt/harbian-audit-master/tmp/backups/*
 $ cd /opt/harbian-audit-master/etc/conf.d
-# rm -f !(8.1.32_freeze_auditd_conf.cfg|8.4.1_install_aide.cfg|8.4.2_aide_cron.cfg) 
+# rm -f !(8.1.35_freeze_auditd_conf.cfg|8.4.1_install_aide.cfg|8.4.2_aide_cron.cfg) 
 ```
 
 #### Final fix  
 ```
 $ cd /opt/harbian-audit-master 
-# sed -i 's/^status=.*/status=enabled/' etc/conf.d/8.1.32_freeze_auditd_conf.cfg
+# sed -i 's/^status=.*/status=enabled/' etc/conf.d/8.1.35_freeze_auditd_conf.cfg
 # sed -i 's/^status=.*/status=enabled/' etc/conf.d/8.4.1_install_aide.cfg 
 # sed -i 's/^status=.*/status=enabled/' etc/conf.d/8.4.2_aide_cron.cfg 
-# bash bin/hardening.sh --apply --only 8.1.32
+# bash bin/hardening.sh --apply --only 8.1.35
 # bash bin/hardening.sh --apply --only 8.4.1
 # bash bin/hardening.sh --apply --only 8.4.2
 # rm /opt/harbian-audit-master/tmp/backups/*
diff --git a/docs/complianced_image/QEMU/how_to_creating_and_making_a_QEMU_img_for_debian9.mkd b/docs/complianced_image/QEMU/how_to_creating_and_making_a_QEMU_img_for_debian9.mkd
index e578e66..974c91d 100644
--- a/docs/complianced_image/QEMU/how_to_creating_and_making_a_QEMU_img_for_debian9.mkd
+++ b/docs/complianced_image/QEMU/how_to_creating_and_making_a_QEMU_img_for_debian9.mkd
@@ -67,7 +67,7 @@ root@harbian:/opt/harbian-audit-master#  bash bin/hardening.sh --init
 root@harbian:/opt/harbian-audit-master# ./bin/hardening.sh --audit-all  
 root@harbian:/opt/harbian-audit-master# ./bin/hardening.sh --set-hardening-level 5 
 root@harbian:/opt/harbian-audit-master# sed -i 's/^status=.*/status=disabled/' etc/conf.d/7.4.4_hosts_deny.cfg 
-root@harbian:/opt/harbian-audit-master# sed -i 's/^status=.*/status=disabled/' etc/conf.d/8.1.32_freeze_auditd_conf.cfg 
+root@harbian:/opt/harbian-audit-master# sed -i 's/^status=.*/status=disabled/' etc/conf.d/8.1.35_freeze_auditd_conf.cfg 
 root@harbian:/opt/harbian-audit-master# sed -i 's/^status=.*/status=disabled/' etc/conf.d/8.4.1_install_aide.cfg 
 root@harbian:/opt/harbian-audit-master# sed -i 's/^status=.*/status=disabled/' etc/conf.d/8.4.2_aide_cron.cfg 
 root@harbian:/opt/harbian-audit-master# ./bin/hardening.sh --apply 
@@ -118,16 +118,16 @@ If need adds a project on AMI, add the project on such as /opt, /usr/local/bin d
 # rm /opt/master.zip 
 # rm /opt/harbian-audit-master/tmp/backups/*
 $ cd /opt/harbian-audit-master/etc/conf.d
-# rm -f !(8.1.32_freeze_auditd_conf.cfg|8.4.1_install_aide.cfg|8.4.2_aide_cron.cfg) 
+# rm -f !(8.1.35_freeze_auditd_conf.cfg|8.4.1_install_aide.cfg|8.4.2_aide_cron.cfg) 
 ```
 
 #### Final fix  
 ```
 $ cd /opt/harbian-audit-master 
-# sed -i 's/^status=.*/status=enabled/' etc/conf.d/8.1.32_freeze_auditd_conf.cfg
+# sed -i 's/^status=.*/status=enabled/' etc/conf.d/8.1.35_freeze_auditd_conf.cfg
 # sed -i 's/^status=.*/status=enabled/' etc/conf.d/8.4.1_install_aide.cfg 
 # sed -i 's/^status=.*/status=enabled/' etc/conf.d/8.4.2_aide_cron.cfg 
-# bash bin/hardening.sh --apply --only 8.1.32
+# bash bin/hardening.sh --apply --only 8.1.35
 # bash bin/hardening.sh --apply --only 8.4.1
 # bash bin/hardening.sh --apply --only 8.4.2
 # rm /opt/harbian-audit-master/tmp/backups/*