tyler.durden
/
harbian-audit
mirror of https://github.com/hardenedlinux/harbian-audit.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
704 Commits 4 Branches 11 Tags 10 MiB
Commit Graph

441 Commits

Author SHA1 Message Date
Samson-W 2d83a6a34e Fix #54: hardening.sh: line 275: [: missing ] 2023-10-21 15:00:37 +08:00
Samson-W e00770d5ff Optimize 9.2.14 audit items, and update README.md README-CN.md 2023-08-25 01:49:11 +08:00
Samson-W 436dea1f6b Update 9.2.14_pam_dictcheck_pwquality.sh 2023-08-24 21:45:09 +08:00
Samson-W c3744f83a0 Add 9.2.14_pam_dictcheck_pwquality.sh 2023-08-24 00:45:51 +08:00
Samson-W 9822545cc8 Update the description information of 8.7.2 2023-07-15 18:02:28 +08:00
Samson-W 612a90d844 Fix #50: Autofix improvement: Ensure journald is configured to write logfiles to persistent disk 2023-07-15 02:03:40 +08:00
Samson-W d995a65375 Fix #49: Autofix improvement: Ensure journald is configured to compress large log files 2023-07-15 02:02:58 +08:00
Samson-W eaa2339336 Fix #51 Autofix improvement: Ensure rsyslog default file permissions are configured. Add method for check FileCreateMode in /etc/rsyslog.d/ 2023-07-10 01:11:55 +08:00
Samson-W 8e97a31f98 Fix some bugs: When the find command has permission denied, it will exit due to an error, so remove set -e. 2023-07-05 00:11:51 +08:00
Samson-w 195ec744e0 Fix #40: Shadow utils checks are not possible to maintain with current requirements. 2023-06-17 13:57:38 +08:00
Samson-w ee6cb27946 Del some not Scored check items. 2023-06-17 11:36:10 +08:00
Samson-w eadba375b6 Fix some bugs about disable kernel module 2023-06-17 11:18:31 +08:00
Samson-w e109fe76c6 Update 2.2 2.3 2.4 7.6 for Debian12. 2023-06-17 10:21:46 +08:00
Samson-W ac5c810184 Fix a bug: Debian 12 errors : Current OS is not support! 2023-06-17 00:40:38 +08:00
Samson-W 1eecbc633f Fix some bugs for Debian12. 2023-06-17 00:14:38 +08:00
Samson-W 754ff95056 Fix #44: Debian 11 uses ntfables, not iptables. Update 7.7.2 7.7.3 7.7.4.1 7.7.4.3 7.7.4.4 7.7.5.1 7.7.5.2 7.7.5.3 7.7.5.4 for nftables. 2023-06-17 00:12:06 +08:00
Samson-W 1b4337464a Update 7.7.2 7.7.3 7.7.4.1~7.7.4.4 for nftables. 2023-06-16 02:43:44 +08:00
Samson-W f0d0f65467 Update 7.7.1 for nftables 2023-06-15 01:47:35 +08:00
Samson-W 14b396769a Fix #39: Need extra check on blacklisted Linux kernel modules. Update 2.18 2.19 2.20 2.21 2.22 2.23 2.24 14.1 2023-06-14 01:40:47 +08:00
Samson-W 4699911078 Fix #48: Debian 12 errors : Current OS is not support! 2023-06-13 01:23:56 +08:00
Samson-W 0ab75f8fa8 Update 9.2.14 for Debian12 2023-06-12 02:28:31 +08:00
Samson-W 2b6949548f Update 9.2.11 9.2.12 9.2.13 for Debian12 2023-06-12 02:18:30 +08:00
Samson-W 03f583ad94 Fix #43: Debian 11 uses pwquality, not cracklib. Update 9.2.4 9.2.5 9.2.6 9.2.7 9.2.8 9.2.9 9.2.10 for Debian11/Debian12 2023-06-12 01:59:10 +08:00
Samson-W 13f75e093e Update 9.2.3 for Debian12 2023-06-12 01:27:48 +08:00
Samson-W ab55dd82ee Update 9.2.2 for Debian12 2023-06-12 01:23:48 +08:00
Samson-W 3308bd7aa4 Update 9.2.1 for Debian12 2023-06-12 00:59:29 +08:00
Samson-W 706cc65542 Adapt to the Debian 12 release version 2023-06-12 00:46:56 +08:00
root 1b7ee81794 Add systemd-timesyncd server 2023-03-07 13:55:24 +01:00
dominiquefournier b36087e840
Update 6.19_configure_ntp.sh 
Add systemd-timesyncd
 2023-03-07 11:43:02 +01:00
Samson-W 1835a45c0e Fix pam-tally2.so is missing in Ubuntu #38, Modify 8.1.26 for support to ubuntu. 2022-09-05 14:14:13 +00:00
Samson-W 297b4fa343 Fix pam-tally2.so is missing in Ubuntu #38 2022-09-05 13:45:01 +00:00
Samson-W d9b24e2e7e Modify 9.2.11 for support to ubuntu 22.04 2022-09-04 17:52:01 +00:00
Samson-W e5539baf5b Fix a bug in 8.1.27: when the system is Ubuntu, set the path of au-remote.conf to /etc/audit/plugins.d/au-remote.conf. 2022-08-25 18:40:14 +00:00
Samson-W 3bb4e50a7c Fix issues #37 need extra checks on audisp path on Ubuntu. 2022-08-25 18:11:23 +00:00
Samson-W d894963f71 Add 14.2: Check abuse 777 permissions 2022-04-01 01:12:42 +08:00
aptx4869 2a9a08bf9c
fix(log directory permissions) : Apply chmod only to logfiles instead of 'log/*' 
Many services like nginx, redis, postgresql put their logs into subdirectory of /var/log
chmod -R 0640 /var/log/* will forbid those from entering the directories
 2021-11-12 15:00:12 +08:00
Samson-W 79670bde38 Fix bug: Replaced pam_tally2 with pam_faillock in debian 11. 2021-08-16 02:14:00 +08:00
Samson-W f175cf4639 Update auditd rules of 8.1.26: replaced pam_tally2 with faillock in debian 11. 2021-08-16 00:57:51 +08:00
Samson-W 356124dfdb Update the number of the check item . 2021-08-15 17:12:07 +08:00
Samson-W cfb0a3c22f Modify 4.8: Re-implement the detection items of disabled USB devices. 2021-07-28 00:42:01 +08:00
Samson-W 9b7beb1588 Add some auditd rules for log server. 2021-07-17 22:47:39 +08:00
Samson-W e4743a7588 Fix a bug space_left of auditd.conf 2021-07-17 22:46:18 +08:00
Samson-W 0349040bb4 Modify for apply rsyslog. 2021-07-08 01:16:15 +08:00
Samson-W 7d0be2a21e Add dependance pkg info for 1.3 2021-07-04 04:28:24 +08:00
Samson-W 7419bdc333 Fix a bug of 1.2 2021-07-04 03:31:46 +08:00
Samson-W 0bc369003c Delete unimplemented items: 8.2.3 8.3.3 8.6 9.4 2021-06-23 01:43:21 +08:00
Samson-W e45da09761 Modify some checklists apply check_audit_path 2021-06-22 21:20:30 +08:00
Samson-W fad9b17d38 Rename 8.1.31 to 8.1.34, rename 8.1.34 to 8.1.31 2021-06-21 22:59:24 +08:00
Samson-W b84fb622b5 Modify 8.1.34 for apply --dont-auditd-by-uid, and add aide-common pkg for 8.4.1 2021-06-21 22:23:49 +08:00
Samson-W 20a266a774 Modify related auditd checklist for --dont-auditd-by-uid 2021-06-21 00:07:36 +08:00