Commit Graph

694 Commits

Author SHA1 Message Date
Samson-W 612a90d844 Fix #50: Autofix improvement: Ensure journald is configured to write logfiles to persistent disk 2023-07-15 02:03:40 +08:00
Samson-W d995a65375 Fix #49: Autofix improvement: Ensure journald is configured to compress large log files 2023-07-15 02:02:58 +08:00
Samson-W 8c0b9da8b3 Add clean: Cleanup of usage traces to ~/.ssh/known_hosts file. 2023-07-15 01:23:40 +08:00
Samson-W eaa2339336 Fix #51 Autofix improvement: Ensure rsyslog default file permissions are configured. Add method for check FileCreateMode in /etc/rsyslog.d/ 2023-07-10 01:11:55 +08:00
Samson-W 8e97a31f98 Fix some bugs: When the find command has permission denied, it will exit due to an error, so remove set -e. 2023-07-05 00:11:51 +08:00
Samson-w 76c9070615 update README-CN.md README.md for Debian12 2023-06-17 16:22:37 +08:00
Samson-w 195ec744e0 Fix #40: Shadow utils checks are not possible to maintain with current requirements. 2023-06-17 13:57:38 +08:00
Samson-w ee6cb27946 Del some not Scored check items. 2023-06-17 11:36:10 +08:00
Samson-w eadba375b6 Fix some bugs about disable kernel module 2023-06-17 11:18:31 +08:00
Samson-w e109fe76c6 Update 2.2 2.3 2.4 7.6 for Debian12. 2023-06-17 10:21:46 +08:00
Samson-W ac5c810184 Fix a bug: Debian 12 errors : Current OS is not support! 2023-06-17 00:40:38 +08:00
Samson-W 1eecbc633f Fix some bugs for Debian12. 2023-06-17 00:14:38 +08:00
Samson-W 754ff95056 Fix #44: Debian 11 uses ntfables, not iptables. Update 7.7.2 7.7.3 7.7.4.1 7.7.4.3 7.7.4.4 7.7.5.1 7.7.5.2 7.7.5.3 7.7.5.4 for nftables. 2023-06-17 00:12:06 +08:00
Samson-W 1b4337464a Update 7.7.2 7.7.3 7.7.4.1~7.7.4.4 for nftables. 2023-06-16 02:43:44 +08:00
Samson-W f0d0f65467 Update 7.7.1 for nftables 2023-06-15 01:47:35 +08:00
Samson-W 14b396769a Fix #39: Need extra check on blacklisted Linux kernel modules. Update 2.18 2.19 2.20 2.21 2.22 2.23 2.24 14.1 2023-06-14 01:40:47 +08:00
Samson-W 4699911078 Fix #48: Debian 12 errors : Current OS is not support! 2023-06-13 01:23:56 +08:00
Samson-W 0ab75f8fa8 Update 9.2.14 for Debian12 2023-06-12 02:28:31 +08:00
Samson-W 2b6949548f Update 9.2.11 9.2.12 9.2.13 for Debian12 2023-06-12 02:18:30 +08:00
Samson-W 03f583ad94 Fix #43: Debian 11 uses pwquality, not cracklib. Update 9.2.4 9.2.5 9.2.6 9.2.7 9.2.8 9.2.9 9.2.10 for Debian11/Debian12 2023-06-12 01:59:10 +08:00
Samson-W 13f75e093e Update 9.2.3 for Debian12 2023-06-12 01:27:48 +08:00
Samson-W ab55dd82ee Update 9.2.2 for Debian12 2023-06-12 01:23:48 +08:00
Samson-W 3308bd7aa4 Update 9.2.1 for Debian12 2023-06-12 00:59:29 +08:00
Samson-W 706cc65542 Adapt to the Debian 12 release version 2023-06-12 00:46:56 +08:00
Samson-W 881c51608e Fix #42: 14.1 grep returns line format that will never match the regex filter applied 2023-06-04 23:10:05 +08:00
Samson.W 07f7f86612
Merge pull request #47 from dominiquefournier/master
Add systemd-timesyncd to tests
2023-03-10 01:37:07 +08:00
root 1b7ee81794 Add systemd-timesyncd server 2023-03-07 13:55:24 +01:00
dominiquefournier 235c85c3d8
Merge pull request #1 from dominiquefournier/dominiquefournier-patch-3
Add Systemd-TimeSyncd to time syncronization packages
2023-03-07 11:46:40 +01:00
dominiquefournier b36087e840
Update 6.19_configure_ntp.sh
Add systemd-timesyncd
2023-03-07 11:43:02 +01:00
Samson-W 1835a45c0e Fix pam-tally2.so is missing in Ubuntu #38, Modify 8.1.26 for support to ubuntu. 2022-09-05 14:14:13 +00:00
Samson-W 297b4fa343 Fix pam-tally2.so is missing in Ubuntu #38 2022-09-05 13:45:01 +00:00
Samson-W d9b24e2e7e Modify 9.2.11 for support to ubuntu 22.04 2022-09-04 17:52:01 +00:00
Samson-W e5539baf5b Fix a bug in 8.1.27: when the system is Ubuntu, set the path of au-remote.conf to /etc/audit/plugins.d/au-remote.conf. 2022-08-25 18:40:14 +00:00
Samson-W 3bb4e50a7c Fix issues #37 need extra checks on audisp path on Ubuntu. 2022-08-25 18:11:23 +00:00
Samson.W dbbec7cc98
Merge pull request #36 from Samson-W/master
Add 14.2: Check abuse 777 permissions
2022-04-01 01:14:30 +08:00
Samson-W d894963f71 Add 14.2: Check abuse 777 permissions 2022-04-01 01:12:42 +08:00
Samson.W 666f071399
Merge pull request #35 from aptx4869/fix_log_permission
fix(log directory permissions) : Apply chmod only to logfiles
2021-11-15 03:14:31 +08:00
aptx4869 2a9a08bf9c
fix(log directory permissions) : Apply chmod only to logfiles instead of 'log/*'
Many services like nginx, redis, postgresql put their logs into subdirectory of /var/log
chmod -R 0640 /var/log/* will forbid those from entering the directories
2021-11-12 15:00:12 +08:00
Samson.W aced6e66ac
Merge pull request #34 from Samson-W/master
Fix a bug: Replaced pam_tally2 with pam_faillock in debian 11.
2021-08-16 02:16:35 +08:00
Samson-W 79670bde38 Fix bug: Replaced pam_tally2 with pam_faillock in debian 11. 2021-08-16 02:14:00 +08:00
Samson-W f175cf4639 Update auditd rules of 8.1.26: replaced pam_tally2 with faillock in debian 11. 2021-08-16 00:57:51 +08:00
Samson.W 0d8593986f
Merge pull request #33 from Samson-W/master
Update Readme.md: support debian11
2021-08-15 17:30:51 +08:00
Samson-W 6b89d4cb24 Update Readme.md: support debian11 2021-08-15 17:29:46 +08:00
Samson.W 0652ec431f
Merge pull request #32 from Samson-W/master
Update the number of the check item .
2021-08-15 17:23:06 +08:00
Samson-W 356124dfdb Update the number of the check item . 2021-08-15 17:12:07 +08:00
Samson.W baccad9c3b
Merge pull request #31 from Samson-W/master
Modify 4.8: Re-implement the detection items of disabled USB devices.
2021-07-28 00:45:26 +08:00
Samson-W cfb0a3c22f Modify 4.8: Re-implement the detection items of disabled USB devices. 2021-07-28 00:42:01 +08:00
Samson.W 7e2bf1c5b5
Merge pull request #30 from Samson-W/master
Fix some bugs and apply rsyslog server
2021-07-18 21:55:40 +08:00
Samson-W b3857a06da Modify the log prefix of iptables for the log classification collection of rsyslog. 2021-07-18 21:52:39 +08:00
Samson-W 9b7beb1588 Add some auditd rules for log server. 2021-07-17 22:47:39 +08:00