From ee6cb279465b5e2cacc6887e481c405a1a541aa8 Mon Sep 17 00:00:00 2001 From: Samson-w Date: Sat, 17 Jun 2023 11:36:10 +0800 Subject: [PATCH] Del some not Scored check items. --- bin/hardening/7.5.1_disable_dccp.sh | 47 ---------------- bin/hardening/7.5.2_disable_sctp.sh | 47 ---------------- bin/hardening/7.5.3_disable_rds.sh | 47 ---------------- bin/hardening/7.5.4_disable_tipc.sh | 47 ---------------- bin/hardening/8.3.5_remote_syslog-ng_acl.sh | 59 --------------------- 5 files changed, 247 deletions(-) delete mode 100755 bin/hardening/7.5.1_disable_dccp.sh delete mode 100755 bin/hardening/7.5.2_disable_sctp.sh delete mode 100755 bin/hardening/7.5.3_disable_rds.sh delete mode 100755 bin/hardening/7.5.4_disable_tipc.sh delete mode 100755 bin/hardening/8.3.5_remote_syslog-ng_acl.sh diff --git a/bin/hardening/7.5.1_disable_dccp.sh b/bin/hardening/7.5.1_disable_dccp.sh deleted file mode 100755 index ef43018..0000000 --- a/bin/hardening/7.5.1_disable_dccp.sh +++ /dev/null @@ -1,47 +0,0 @@ -#!/bin/bash - -# -# harbian-audit for Debian GNU/Linux 7/8/9 Hardening -# - -# -# 7.5.1 Disable DCCP (Not Scored) -# - -set -e # One error, it's over -set -u # One variable unset, it's over - -HARDENING_LEVEL=2 - -# This function will be called if the script status is on enabled / audit mode -audit () { - info "Not implemented yet" -} - -# This function will be called if the script status is on enabled mode -apply () { - info "Not implemented yet" -} - -# This function will check config parameters required -check_config() { - : -} - -# Source Root Dir Parameter -if [ -r /etc/default/cis-hardening ]; then - . /etc/default/cis-hardening -fi -if [ -z "$CIS_ROOT_DIR" ]; then - echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." - echo "Cannot source CIS_ROOT_DIR variable, aborting." - exit 128 -fi - -# Main function, will call the proper functions given the configuration (audit, enabled, disabled) -if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then - . $CIS_ROOT_DIR/lib/main.sh -else - echo "Cannot find main.sh, have you correctly defined your root directory? Current value is $CIS_ROOT_DIR in /etc/default/cis-hardening" - exit 128 -fi diff --git a/bin/hardening/7.5.2_disable_sctp.sh b/bin/hardening/7.5.2_disable_sctp.sh deleted file mode 100755 index 65fcb77..0000000 --- a/bin/hardening/7.5.2_disable_sctp.sh +++ /dev/null @@ -1,47 +0,0 @@ -#!/bin/bash - -# -# harbian-audit for Debian GNU/Linux 7/8/9 Hardening -# - -# -# 7.5.2 Disable SCTP (Not Scored) -# - -set -e # One error, it's over -set -u # One variable unset, it's over - -HARDENING_LEVEL=2 - -# This function will be called if the script status is on enabled / audit mode -audit () { - info "Not implemented yet" -} - -# This function will be called if the script status is on enabled mode -apply () { - info "Not implemented yet" -} - -# This function will check config parameters required -check_config() { - : -} - -# Source Root Dir Parameter -if [ -r /etc/default/cis-hardening ]; then - . /etc/default/cis-hardening -fi -if [ -z "$CIS_ROOT_DIR" ]; then - echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." - echo "Cannot source CIS_ROOT_DIR variable, aborting." - exit 128 -fi - -# Main function, will call the proper functions given the configuration (audit, enabled, disabled) -if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then - . $CIS_ROOT_DIR/lib/main.sh -else - echo "Cannot find main.sh, have you correctly defined your root directory? Current value is $CIS_ROOT_DIR in /etc/default/cis-hardening" - exit 128 -fi diff --git a/bin/hardening/7.5.3_disable_rds.sh b/bin/hardening/7.5.3_disable_rds.sh deleted file mode 100755 index b0ec6a0..0000000 --- a/bin/hardening/7.5.3_disable_rds.sh +++ /dev/null @@ -1,47 +0,0 @@ -#!/bin/bash - -# -# harbian-audit for Debian GNU/Linux 7/8/9 Hardening -# - -# -# 7.5.3 Disable RDS (Not Scored) -# - -set -e # One error, it's over -set -u # One variable unset, it's over - -HARDENING_LEVEL=2 - -# This function will be called if the script status is on enabled / audit mode -audit () { - info "Not implemented yet" -} - -# This function will be called if the script status is on enabled mode -apply () { - info "Not implemented yet" -} - -# This function will check config parameters required -check_config() { - : -} - -# Source Root Dir Parameter -if [ -r /etc/default/cis-hardening ]; then - . /etc/default/cis-hardening -fi -if [ -z "$CIS_ROOT_DIR" ]; then - echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." - echo "Cannot source CIS_ROOT_DIR variable, aborting." - exit 128 -fi - -# Main function, will call the proper functions given the configuration (audit, enabled, disabled) -if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then - . $CIS_ROOT_DIR/lib/main.sh -else - echo "Cannot find main.sh, have you correctly defined your root directory? Current value is $CIS_ROOT_DIR in /etc/default/cis-hardening" - exit 128 -fi diff --git a/bin/hardening/7.5.4_disable_tipc.sh b/bin/hardening/7.5.4_disable_tipc.sh deleted file mode 100755 index ed50e60..0000000 --- a/bin/hardening/7.5.4_disable_tipc.sh +++ /dev/null @@ -1,47 +0,0 @@ -#!/bin/bash - -# -# harbian-audit for Debian GNU/Linux 7/8/9 Hardening -# - -# -# 7.5.4 Disable TIPC (Not Scored) -# - -set -e # One error, it's over -set -u # One variable unset, it's over - -HARDENING_LEVEL=2 - -# This function will be called if the script status is on enabled / audit mode -audit () { - info "Not implemented yet" -} - -# This function will be called if the script status is on enabled mode -apply () { - info "Not implemented yet" -} - -# This function will check config parameters required -check_config() { - : -} - -# Source Root Dir Parameter -if [ -r /etc/default/cis-hardening ]; then - . /etc/default/cis-hardening -fi -if [ -z "$CIS_ROOT_DIR" ]; then - echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." - echo "Cannot source CIS_ROOT_DIR variable, aborting." - exit 128 -fi - -# Main function, will call the proper functions given the configuration (audit, enabled, disabled) -if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then - . $CIS_ROOT_DIR/lib/main.sh -else - echo "Cannot find main.sh, have you correctly defined your root directory? Current value is $CIS_ROOT_DIR in /etc/default/cis-hardening" - exit 128 -fi diff --git a/bin/hardening/8.3.5_remote_syslog-ng_acl.sh b/bin/hardening/8.3.5_remote_syslog-ng_acl.sh deleted file mode 100755 index 55f2b84..0000000 --- a/bin/hardening/8.3.5_remote_syslog-ng_acl.sh +++ /dev/null @@ -1,59 +0,0 @@ -#!/bin/bash - -# -# harbian-audit for Debian GNU/Linux 7/8/9 Hardening -# - -# -# 8.3.5 Accept Remote rsyslog Messages Only on Designated Log Hosts (Not Scored) -# - -set -e # One error, it's over -set -u # One variable unset, it's over - -HARDENING_LEVEL=3 -PACKAGE_R='rsyslog' - -# This function will be called if the script status is on enabled / audit mode -audit () { - is_pkg_installed $PACKAGE_R - if [ $FNRET = 0 ]; then - ok "$PACKAGE_R has installed, so pass." - FNRET=0 - else - info "Not implemented yet" - fi -} - -# This function will be called if the script status is on enabled mode -apply () { - is_pkg_installed $PACKAGE_R - if [ $FNRET = 0 ]; then - ok "$PACKAGE_R has installed, so pass." - else - info "Not implemented yet" - fi -} - -# This function will check config parameters required -check_config() { - : -} - -# Source Root Dir Parameter -if [ -r /etc/default/cis-hardening ]; then - . /etc/default/cis-hardening -fi -if [ -z "$CIS_ROOT_DIR" ]; then - echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." - echo "Cannot source CIS_ROOT_DIR variable, aborting." - exit 128 -fi - -# Main function, will call the proper functions given the configuration (audit, enabled, disabled) -if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then - . $CIS_ROOT_DIR/lib/main.sh -else - echo "Cannot find main.sh, have you correctly defined your root directory? Current value is $CIS_ROOT_DIR in /etc/default/cis-hardening" - exit 128 -fi