tyler.durden
/
harbian-audit
mirror of https://github.com/hardenedlinux/harbian-audit.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
477 Commits 4 Branches 11 Tags 10 MiB
Commit Graph

290 Commits

Author SHA1 Message Date
Samson-W 1fa5bdd149 Modify 2.1 for compatibility. 2019-08-01 04:46:59 +08:00
Samson-W c5e9839e97 Add audit and apply methods for redhat/CentOS to 1.4 2019-08-01 04:30:16 +08:00
Samson-W 3fa6ecd82d Fix some bugs for 1.3 2019-08-01 04:06:33 +08:00
Samson-W 7435284d07 Add audit and apply methods for redhat/CentOS to 1.3 2019-08-01 04:01:28 +08:00
Samson-W c79b61c977 Fix a bug for 1.2 2019-08-01 03:59:30 +08:00
Samson-W 399a8a3721 Add audit and apply methods for redhat/CentOS to 1.2. 2019-07-31 18:02:53 +08:00
Samson-W 5ea65ad6de Add audit and apply methods for redhat/CentOS to 1.1. 2019-07-31 16:27:45 +08:00
Samson-W 58c32abfc6 Add method for set OS version to general config. 2019-07-30 19:45:12 +08:00
Samson-W 4047430b4b Add audit and apply methods for 8.1.32 2019-07-19 23:47:28 +08:00
Samson-W eea44e5124 Optimizational function for 8.3.3 8.3.6 2019-05-22 01:36:37 +08:00
Samson-W 25c083a731 Fix some bugs for 8.2.4 2019-05-21 17:45:51 +08:00
Samson-W 3717ab1550 Fix a bug for 8.3.1 2019-05-21 15:54:00 +08:00
Samson-W 70b95bd177 Fix some bugs. 2019-05-21 12:39:45 +08:00
Samson-W cfd14ce818 Fix some bugs. 2019-05-21 11:43:16 +08:00
Samson-W e3a7b267d5 Apply check_audit_is_immutable_mode method for auditd rules check item. 2019-05-18 04:53:05 +08:00
Samson-W 8856f64d16 Add check_audit_is_immutable_mode method in lib/utils.sh and apply the method for 8.1.4 2019-05-18 04:36:55 +08:00
Samson-W 0bd15205e9 Add auditd rules for 8.1.29 8.1.30 8.1.31 base stig-Ubuntu_16-04_LTS. 2019-05-18 04:00:18 +08:00
Samson-W 08a0db4561 Add audit and apply methods for 8.1.28. 2019-05-17 17:28:41 +08:00
Samson-W fa964bc586 Add auditd rules for 8.1.7 8.1.17 8.1.19 base stig-Ubuntu_16-04_LTS. 2019-05-17 17:10:58 +08:00
Samson-W 8d3737fa43 Add auditd rules for chfn in 8.1.22 base stig-Ubuntu_16-04_LTS. 2019-05-17 15:03:12 +08:00
Samson-W 9d886d7bf9 1, Add check rounds of pam_unix for 9.2.13 base stig-Ubuntu_16-04_LTS. 
2,Fix a bug: when the configured values have different lengths, the reassignment is incorrect.
 2019-05-16 17:40:40 +08:00
Samson-W c4b9847694 Fix a bug for 9.2.15 and delete the debug method in lib/utils.sh 2019-05-16 14:45:12 +08:00
Samson-W b762376882 Fix a bug for 8.2.5: when syslog-ng has installed, pass this check item. 2019-05-14 17:48:49 +08:00
Samson-W efb9efafdc Add audit and apply methods for 12.5 12.6 12.12 12.13 2019-05-14 14:24:15 +08:00
Samson-W 39da6d480a Add audit and apply methods for 12.4: Ensure permissions on /etc/gshadow are configured 2019-05-14 04:07:26 +08:00
Samson-W a29f621ea7 Combine the functions of 12.4 to 12.1, 12.5 to 12.2, 12.6 to 12.3. 2019-05-14 04:05:04 +08:00
Samson-W 22002609f4 Rename file name of 9.5 2019-05-14 03:46:07 +08:00
Samson-W b629896e82 Add check ownership method for 12.1 2019-05-14 03:40:20 +08:00
Samson-W a1f02aaabf Reorder check items. 2019-05-13 17:34:34 +08:00
Samson-W 0e9f690966 Delete unimplemented item 10.5, which is implemented by 10.1.5. 2019-05-13 17:23:30 +08:00
Samson-W 56b3db72b0 Add audit and apply methods for 10.1.5: Ensure inactive password lock is 30 days or less. 2019-05-13 17:14:37 +08:00
Samson-W 0de7b1d404 Remove 10.1.5 and add runtime check method to 10.1.2: for min password lifetime. 2019-05-12 05:13:07 +08:00
Samson-W cf7c0cae75 Remove 10.1.6 and add runtime check method to 10.1.1: for max password lifetime. 2019-05-10 17:32:39 +08:00
Samson-W 0c676832d1 Rename and reorder number for pam module check. 2019-05-10 15:49:17 +08:00
Samson-W e35e51602a Rename 9.3.27 check script name. 2019-05-09 18:34:16 +08:00
Samson-W 0dcaecc466 Add audit and apply methods for 9.3.27: Ensure SSH access is limited. 2019-05-09 18:32:27 +08:00
Samson-W 4893491e16 Add audit and apply methods for 9.3.26: Ensure SSH LoginGraceTime is set to one minute or less 2019-05-09 17:07:34 +08:00
Samson-W 175fae40d7 Modify ClientAliveInterval to 300 by new benchmark doc. 2019-05-09 15:34:20 +08:00
Samson-W 9c93e6955a Add check ownership methods for 9.3.23 2019-05-09 15:07:49 +08:00
Samson-W 977b32a801 Add audit and apply methods for 9.3.25: Ensure only strong Key Exchange algorithms are used. 2019-05-09 14:57:46 +08:00
Samson-W 1604707e56 Modify audit and apply methods for 9.3.24 2019-05-09 14:06:04 +08:00
Samson-W 9d8e8cf2e3 Modify the serial number of the inspection check item. 2019-05-09 11:57:58 +08:00
Samson-W 81da986be0 Fix bug for 9.1.1 , when debian version is 9.* 2019-05-09 11:28:14 +08:00
Samson-W e3245dce49 Fix a bug for 8.3.1 2019-05-08 10:57:50 +08:00
Samson-W a1446eecd7 Modify 8.3.2. 2019-05-08 10:46:09 +08:00
Samson-W f3981f9d18 Rename 8.5 to 8.6, 8.6 to 8.7, add 8.5. 2019-05-08 10:43:16 +08:00
Samson-W 11d2770fc6 Modify 8.3.2 2019-05-07 19:03:35 +08:00
Samson-W 69c45da7c0 Modify 8.3.1 8.3.2 and add 8.2.5 2019-05-06 23:43:12 +08:00
Samson-W f2f851c8ce Add audit and apply methods for 8.2.4, and remove 8.2.5 2019-04-30 23:42:49 +08:00
Samson-W 3ffe674af9 Add audit and apply methods for 8.2.5 2019-04-24 17:26:36 +08:00
Samson-W 6a302f13c4 Add 8.2.3 8.2.4 for rsyslog. 2019-04-23 04:41:54 +08:00
Samson-W 94bee135ba Add audit and apply methods for 8.2.2: enable rsyslog. 2019-04-23 03:36:23 +08:00
Samson-W 80ac5bfe5b Add 8.2.1 for rsyslog and Adjust the use case number. 2019-04-22 23:58:47 +08:00
Samson-W 6412559d7d Fix a bug for 8.1.16 2019-04-21 06:30:22 +08:00
Samson-W 6157ec0bfc Update methods for 8.1.16 2019-04-21 06:19:07 +08:00
Samson-W 647d94d11c Modify apply method of 8.1.1.6: Need manual opration set Kerberos related. 2019-04-19 15:20:41 +08:00
Samson-W ee9eac8550 Set MAC default to apparmor. 2019-04-18 23:10:53 +08:00
Samson-W e6040d5ee4 Modify audit method for apparmor or selinux. 8.1.7 2019-04-17 18:18:18 +08:00
Samson-W 8abbca05e5 Update about howto fix description. 2019-04-17 12:10:48 +08:00
Samson-W 97d921c2c6 1. Add method for if ipv6 is disabled. 
2. Modify ipv6 iptables rules check with check_ipv6_is_enable.
 2019-04-17 03:48:49 +08:00
Samson-W 5867efd5d6 Add audit and apply methods for ipv6 firewall rules. 2019-04-16 18:09:05 +08:00
Samson-W 1c9ebf578f Fix a bug for 7.7.6 2019-04-16 15:03:13 +08:00
Samson-W 9a238af3e8 Modify some description for 7.7.6 2019-04-16 14:39:31 +08:00
Samson-W f23c662b7c Fix bug for 8.2.4: when create file if dir is not, create file is fail. 2019-04-16 03:57:53 +08:00
Samson-W 40246ee3b7 Add a method when the system architecture is 32-bit for some audit check. 2019-04-15 01:45:32 +08:00
Samson-W 8b59848f42 Add a method when the system architecture is 32-bit for 8.1.10. 2019-04-14 08:24:03 -04:00
Samson-W 568d82253b Add method for check machine architecture and modify 8.1.4 2019-04-14 08:09:04 -04:00
Samson-W 822159dce1 Modify for lib and 8.1.2 2019-04-14 05:56:05 -04:00
Samson-W e2313bd1ff Implement audit and apply methods for 7.6 disable_wireless. 2019-04-12 04:07:44 -04:00
Samson-W b2fd0dd674 1.Add audit and apply methods for 7.7.7: Ensure outbound and established connections are configured. 
2.Fix some bug for lib and 7.7.6
 2019-04-12 00:27:50 -04:00
Samson-W ee9f4dfff4 Add audit and apply methods for 7.7.6 Ensure firewall rules exist for all open ports 2019-04-10 02:40:57 +08:00
Samson-W 8a873e2652 Fix bug for 7.7.4. 2019-04-09 17:18:17 +08:00
Samson-W f9c5a21dff Fix some bug for 7.7.4 and 7.7.5 2019-04-09 04:59:31 -04:00
Samson-W 86ca90d417 Fix some bugs for 7.7.5 2019-04-09 16:31:57 +08:00
Samson-W 582476f7e8 Fix bug for 7.7.5. 2019-04-09 12:28:45 +08:00
Samson-W ea03f5f7e5 Add audit and apply methods for 7.7.5: Ensure IPv6 loopback traffic is configured. (Include ipv4 and ip6) 2019-04-09 04:29:36 +08:00
Samson-W 3be3101d13 Add 7.7.5 2019-04-09 04:03:38 +08:00
Samson-W d5152a656f Add audit and apply methods for ip6tables check: 7.7.2 7.7.3 2019-03-08 23:52:52 +08:00
Samson-W ba1e7b4195 Add audit and apply methods for 7.7.4: Ensure default deny firewall policy. (Include ipv4 and ip6) 2019-04-09 03:01:17 +08:00
samson c8713c4fba Adjust the order of detection cases. 2019-04-04 17:52:01 +08:00
samson 4ed4b90321 Modify for 11.2 and delete not implemented 11.3 2019-04-04 17:07:20 +08:00
samson c641faef11 Add methods of audit and apply for 6.20: configure chrony 2019-04-03 06:13:44 +08:00
samson aac2b3bf9e Add link of new use case doc to Readme and add comment for guide. 2019-04-02 03:44:15 +08:00
samson 24a7dd810e Add comment for 6.5. 2019-04-02 03:33:59 +08:00
samson e17aab2467 Add method of analogons pakeage check for 6.5: Configure Network Time Protocol. 2019-04-02 03:29:00 +08:00
samson 2ac2c2538b Add audit and apply methods for 6.19: ensure time sync server(ntp or chrony) is installed. 2019-04-02 02:59:52 +08:00
samson 5caa36d5af Modify is_service_enabled method for debian 9, and apply to 2.25. 2019-04-01 04:15:09 +08:00
samson ebed556653 Implement the exception handling feature for the specified service. 2019-03-29 17:02:58 +08:00
samson 0985aedee2 Modify comment. 2019-03-28 11:56:23 +08:00
samson 372b6627ed Add new feature: Implement the exception handling feature for the specified service. Just implement http for 6.10 2019-03-28 03:39:16 +08:00
samson 4f01ec6289 Modify hardening.sh 2018-12-17 16:49:25 +08:00
samson e0f97af8a7 Fix a bug for 4.5 2018-12-11 17:31:49 +08:00
samson b7f4300e59 Modify 3.2 2018-12-11 16:55:05 +08:00
samson 5eed5789f9 Fix a bug for 12.10, and remove the unwanted exceptions. 2018-12-11 04:44:01 +08:00
samson 9d4dc5f1c4 Fix bugs for 10.1.7 and 10.1.8 2018-12-09 15:58:06 +08:00
samson ded285c533 Fix bug for 2.1 2018-12-07 23:52:00 +08:00
samson 8798f43866 Fix bugs: Exec some script return error when use grep -c, and clamav daily file extension maybe changed. 2018-12-06 16:01:22 +08:00
samson 00ab71cc2e Fix some bugs for mount options of tmp partition 2018-12-06 14:45:31 +08:00
samson 5185fff59a Fix bug 2018-12-06 14:03:05 +08:00
samson 5c52acf20a Fix some bugs for mount option of tmp partition 2018-12-06 13:44:55 +08:00