tyler.durden
/
harbian-audit
mirror of https://github.com/hardenedlinux/harbian-audit.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' of github.com:hardenedlinux/harbian-audit

This commit is contained in:
Samson-W 2019-05-21 11:46:46 +08:00
parent cfd14ce818 4508b5b23e
commit c591c3f601
3 changed files with 1622 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
README.md
View File

@ -6,7 +6,8 @@ Hardened Debian GNU/Linux distro auditing.
The main test environment is in debian 9, and other versions are not fully tested. There are no implementations of desktop and SELinux related items in this release.
The code framework is based on the [OVH-debian-cis](https://github.com/ovh/debian-cis) project, Modified some of the original implementations according to the features of Debian 9, added and implemented check items for [STIG V1R4](https://iasecontent.disa.mil/stigs/zip/U_Red_Hat_Enterprise_Linux_7_V1R4_STIG.zip) and [cisecurity.org](https://www.cisecurity.org/) recommendations, and also added and implemented some check items by the HardenedLinux community. The audit and apply functions of the infrastructure are implemented, and the automatic fix function is implemented for the items that can be automatically fixed.
The code framework is based on the [OVH-debian-cis](https://github.com/ovh/debian-cis) project, Modified some of the original implementations according to the features of Debian 9, added and implemented check items for [STIG Redhat V1R4](https://iasecontent.disa.mil/stigs/zip/U_Red_Hat_Enterprise_Linux_7_V1R4_STIG.zip) [STIG Ubuntu V1R2](https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Canonical_Ubuntu_16-04_LTS_V1R2_STIG.zip) and [cisecurity.org](https://www.cisecurity.org/) recommendations, and also added and implemented some check items by the HardenedLinux community. The audit and apply functions of the infrastructure are implemented, and the automatic fix function is implemented for the items that can be automatically fixed.
```console
$ sudo bash bin/hardening.sh --audit-all
@ -20,12 +21,12 @@ hardening [INFO] Treating /home/test/harbian-audit/bin/hardening
[...]
################### SUMMARY ###################
Total Available Checks : 256
Total Runned Checks : 256
Total Passed Checks : [ 111/256 ]
Total Failed Checks : [ 144/256 ]
Total Available Checks : 278
Total Runned Checks : 278
Total Passed Checks : [ 239/278 ]
Total Failed Checks : [ 39/278 ]
Enabled Checks Percentage : 100.00 %
Conformity Percentage : 43.36 %
Conformity Percentage : 85.97 %
```
## Quickstart
@ -44,12 +45,12 @@ hardening [INFO] Treating /home/test/harbian-audit/bin/hardening
1.1_install_updates [ OK ] Check Passed
[...]
################### SUMMARY ###################
Total Available Checks : 256
Total Runned Checks : 256
Total Passed Checks : [ 109/256 ]
Total Failed Checks : [ 147/256 ]
Total Available Checks : 278
Total Runned Checks : 278
Total Passed Checks : [ 239/278 ]
Total Failed Checks : [ 39/278 ]
Enabled Checks Percentage : 100.00 %
Conformity Percentage : 42.58 %
Conformity Percentage : 85.97 %
$ sudo bin/hardening.sh --set-hardening-level 5
$ sudo bin/hardening.sh --apply
hardening [INFO] Treating /home/test/harbian-audit/bin/hardening/1.1_install_updates.sh

1610
docs/STIG-Benchmark/stig-Ubuntu_16-04_LTS.txt Normal file
View File

File diff suppressed because it is too large Load Diff

0
docs/stig-rhel-7-v1r4.txt → docs/STIG-Benchmark/stig-rhel-7-v1r4.txt
View File