harbian-audit/bin/hardening
Samson-W 42b057347c Add add_line_file_after_pattern_lastline function.
Add audit and apply methods for redhat/CentOS to 9.2.11.
2020-01-13 16:08:51 +08:00
..
1.1_install_updates.sh Add audit and apply methods for redhat/CentOS to 1.1. 2019-07-31 16:27:45 +08:00
1.2_enable_verify_sign_packages_from_repository.sh Fix a bug for 1.2 2019-08-01 03:59:30 +08:00
1.3_enable_verify_sign_of_local_packages.sh Fix some bugs for 1.3 2019-08-01 04:06:33 +08:00
1.4_set_no_allow_insecure_repository_by_apt.sh Add audit and apply methods for redhat/CentOS to 1.4 2019-08-01 04:30:16 +08:00
2.1_tmp_partition.sh Fix some bugs for 2.1 2.3 2019-09-06 04:55:26 +08:00
2.2_tmp_nodev.sh Optimize the code of 2.2~2.4 2019-09-06 15:57:49 +08:00
2.3_tmp_nosuid.sh Optimize the code of 2.2~2.4 2019-09-06 15:57:49 +08:00
2.4_tmp_noexec.sh Optimize the code of 2.2~2.4 2019-09-06 15:57:49 +08:00
2.5_var_partition.sh Modify the description. 2018-08-25 09:31:24 +08:00
2.6.1_var_tmp_partition.sh Modify the description. 2018-08-25 09:31:24 +08:00
2.6.2_var_tmp_nodev.sh Modify the description. 2018-08-25 09:31:24 +08:00
2.6.3_var_tmp_nosuid.sh Modify the description. 2018-08-25 09:31:24 +08:00
2.6.4_var_tmp_noexec.sh Modify the description. 2018-08-25 09:31:24 +08:00
2.7_var_log_partition.sh Fix some bug 2018-11-21 02:45:33 -05:00
2.8_var_log_audit_partition.sh Modify the description. 2018-08-25 09:31:24 +08:00
2.9_home_partition.sh Modify the description. 2018-08-25 09:31:24 +08:00
2.10_home_nodev.sh Fix bug of add_option_to_fstab function. 2018-11-21 04:32:59 -05:00
2.11_removable_device_nodev.sh Fix some bugs for mount options check of removable device 2018-12-06 02:41:44 +08:00
2.12_removable_device_noexec.sh Fix some bugs for mount options check of removable device 2018-12-06 02:41:44 +08:00
2.13_removable_device_nosuid.sh Fix some bugs for mount options check of removable device 2018-12-06 02:41:44 +08:00
2.14_run_shm_nodev.sh Modify the description. 2018-08-25 09:31:24 +08:00
2.15_run_shm_nosuid.sh Modify the description. 2018-08-25 09:31:24 +08:00
2.16_run_shm_noexec.sh Modify the description. 2018-08-25 09:31:24 +08:00
2.17_sticky_bit_world_writable_folder.sh Update audit and apply methods for 2.17 2019-08-01 17:55:32 +08:00
2.18_disable_cramfs.sh Modify the description. 2018-08-25 09:31:24 +08:00
2.19_disable_freevxfs.sh Modify the description. 2018-08-25 09:31:24 +08:00
2.20_disable_jffs2.sh Modify the description. 2018-08-25 09:31:24 +08:00
2.21_disable_hfs.sh Modify the description. 2018-08-25 09:31:24 +08:00
2.22_disable_hfsplus.sh Modify the description. 2018-08-25 09:31:24 +08:00
2.23_disable_squashfs.sh Modify the description. 2018-08-25 09:31:24 +08:00
2.24_disable_udf.sh Modify the description. 2018-08-25 09:31:24 +08:00
2.25_disable_automounting.sh Fix a bug for 2.25, and add uninstall_pkg methods. 2019-12-29 16:54:24 +08:00
2.26_home_nosuid.sh Implement audit and apply methods for 7.6 disable_wireless. 2019-04-12 04:07:44 -04:00
2.27_nfs_nosuid.sh Implement audit and apply methods for 7.6 disable_wireless. 2019-04-12 04:07:44 -04:00
2.28_nfs_noexec.sh Implement audit and apply methods for 7.6 disable_wireless. 2019-04-12 04:07:44 -04:00
2.29_nfs_RPCSEC_GSS.sh Implement audit and apply methods for 7.6 disable_wireless. 2019-04-12 04:07:44 -04:00
3.1_bootloader_ownership.sh Modified 3.1 to be compatible with CentOS. 2019-08-02 17:17:43 +08:00
3.2_bootloader_permissions.sh Modified 3.2 to be compatible with CentOS. 2019-08-02 17:35:11 +08:00
3.3_bootloader_password.sh Modified 3.3 to be compatible with CentOS. 2019-08-02 17:47:17 +08:00
3.4_root_password.sh Modify the description. 2018-08-25 09:31:24 +08:00
4.1_restrict_core_dumps.sh Remove some obsolete check items. 2019-08-06 19:43:57 +08:00
4.2_enable_nx_support.sh Modify the description. 2018-08-25 09:31:24 +08:00
4.3_enable_randomized_vm_placement.sh Modify the description. 2018-08-25 09:31:24 +08:00
4.4_disable_prelink.sh Modified 4.4 to be compatible with CentOS. 2019-08-03 04:40:48 +08:00
4.5_enable_apparmor.sh Modified 4.5 to be compatible with CentOS. 2019-08-03 04:49:42 +08:00
4.6_disable_usb_devices.sh Modified 4.6 5.1.1~5.1.7 to be compatible with CentOS. 2019-08-06 06:03:15 +08:00
5.1.1_disable_nis.sh Modified 4.6 5.1.1~5.1.7 to be compatible with CentOS. 2019-08-06 06:03:15 +08:00
5.1.2_disable_rsh.sh Remove duplicate check items 5.1.7, and fix a bug for 5.1.2 2019-08-06 12:27:32 +08:00
5.1.3_disable_rsh_client.sh Modified 4.6 5.1.1~5.1.7 to be compatible with CentOS. 2019-08-06 06:03:15 +08:00
5.1.4_disable_talk.sh Modified 4.6 5.1.1~5.1.7 to be compatible with CentOS. 2019-08-06 06:03:15 +08:00
5.1.5_disable_talk_client.sh Modified 4.6 5.1.1~5.1.7 to be compatible with CentOS. 2019-08-06 06:03:15 +08:00
5.1.6_disable_telnet_server.sh Modified 4.6 5.1.1~5.1.7 to be compatible with CentOS. 2019-08-06 06:03:15 +08:00
5.1.7_disable_inetd.sh Modified 5.1.7 to be compatible with CentOS. 2019-08-06 17:09:17 +08:00
5.2_install_screen.sh Fix some bugs. 2019-08-07 03:40:30 +08:00
5.3_enable_openssh_server.sh Modify 5.3 for CentOS8. 2020-01-08 17:27:47 +08:00
5.4_disable_ctrl_alt_del_target.sh Fix some bugs. 2019-08-07 03:40:30 +08:00
5.5_ensure_installed_sudo.sh Rename 5.8 to 5.5 2019-12-18 14:56:33 +08:00
6.1_disable_xwindow_system.sh Rename 5.10 to 5.8 2019-08-07 04:15:06 +08:00
6.2_disable_avahi_server.sh Fix a bug for 6.2 2019-12-19 15:35:29 +08:00
6.3_disable_print_server.sh Modified 6.2~6.6 to be compatible with CentOS. 2019-08-07 23:56:20 +08:00
6.4_disable_dhcp.sh Modified 6.2~6.6 to be compatible with CentOS. 2019-08-07 23:56:20 +08:00
6.5_ensure_time_sync_server_is_installed.sh Modified 6.2~6.6 to be compatible with CentOS. 2019-08-07 23:56:20 +08:00
6.6_disable_ldap.sh Modified 6.2~6.6 to be compatible with CentOS. 2019-08-07 23:56:20 +08:00
6.7_disable_nfs_rpc.sh Modified 6.7~6.20 to be compatible with CentOS. 2019-08-08 05:13:55 +08:00
6.8_disable_dns_server.sh Fix 6.8 and 7.4.1, and add is_centos_8 method. 2019-12-23 02:13:49 +08:00
6.9_disable_ftp.sh Modified 6.7~6.20 to be compatible with CentOS. 2019-08-08 05:13:55 +08:00
6.10_disable_http_server.sh Modified 6.7~6.20 to be compatible with CentOS. 2019-08-08 05:13:55 +08:00
6.11_disable_imap_pop.sh Modified 6.7~6.20 to be compatible with CentOS. 2019-08-08 05:13:55 +08:00
6.12_disable_samba.sh Modified 6.7~6.20 to be compatible with CentOS. 2019-08-08 05:13:55 +08:00
6.13_disable_http_proxy.sh Modified 6.7~6.20 to be compatible with CentOS. 2019-08-08 05:13:55 +08:00
6.14_disable_snmp_server.sh Modified 6.7~6.20 to be compatible with CentOS. 2019-08-08 05:13:55 +08:00
6.15_mta_localhost.sh Modify the description. 2018-08-25 09:31:24 +08:00
6.16_disable_rsync.sh Modified 6.7~6.20 to be compatible with CentOS. 2019-08-08 05:13:55 +08:00
6.17_ensure_virul_scan_server_is_enabled.sh Fix a bug for 6.17: install clamav in CentOS8. 2019-12-20 15:14:09 +08:00
6.18_ensure_virusscan_program_update_is_enabled.sh Fix a bug for 6.18 2019-10-18 03:23:30 +08:00
6.19_configure_ntp.sh Modified 6.7~6.20 to be compatible with CentOS. 2019-08-08 05:13:55 +08:00
6.20_configure_chrony.sh Modified 6.7~6.20 to be compatible with CentOS. 2019-08-08 05:13:55 +08:00
7.1.1_disable_ip_forwarding.sh Modified 7.1.1~7.2.3 to be compatible with CentOS. 2019-08-08 05:33:23 +08:00
7.1.2_disable_send_packet_redirects.sh Modified 7.1.1~7.2.3 to be compatible with CentOS. 2019-08-08 05:33:23 +08:00
7.1.3_disable_interface_promisc_mode.sh Modified 7.1.1~7.2.3 to be compatible with CentOS. 2019-08-08 05:33:23 +08:00
7.2.1_disable_source_routed_packets.sh Modified 7.1.1~7.2.3 to be compatible with CentOS. 2019-08-08 05:33:23 +08:00
7.2.2_disable_icmp_redirect.sh Modified 7.1.1~7.2.3 to be compatible with CentOS. 2019-08-08 05:33:23 +08:00
7.2.3_disable_secure_icmp_redirect.sh Modified 7.1.1~7.2.3 to be compatible with CentOS. 2019-08-08 05:33:23 +08:00
7.2.4_log_martian_packets.sh Update README doc. 2019-08-08 17:55:23 +08:00
7.2.5_ignore_broadcast_requests.sh Update README doc. 2019-08-08 17:55:23 +08:00
7.2.6_enable_bad_error_message_protection.sh Update README doc. 2019-08-08 17:55:23 +08:00
7.2.7_enable_source_route_validation.sh Update README doc. 2019-08-08 17:55:23 +08:00
7.2.8_enable_tcp_syn_cookies.sh Update README doc. 2019-08-08 17:55:23 +08:00
7.3.1_disable_ipv6_router_advertisement.sh Update README doc. 2019-08-08 17:55:23 +08:00
7.3.2_disable_ipv6_redirect.sh Update README doc. 2019-08-08 17:55:23 +08:00
7.4.1_install_tcp_wrapper.sh Fix some bugs: tcp wrapper not be avaliable in CentOS8. 2019-12-27 14:29:32 +08:00
7.4.2_hosts_allow.sh Add audit and apply methods for redhat/CentOS to 7.4.2 7.7.1 2019-12-27 18:05:10 +08:00
7.4.3_hosts_allow_permissions.sh Fix some bugs: tcp wrapper not be avaliable in CentOS8. 2019-12-27 14:29:32 +08:00
7.4.4_hosts_deny.sh Fix some bugs: tcp wrapper not be avaliable in CentOS8. 2019-12-27 14:29:32 +08:00
7.4.5_hosts_deny_permissions.sh Fix some bugs: tcp wrapper not be avaliable in CentOS8. 2019-12-27 14:29:32 +08:00
7.5.1_disable_dccp.sh Modify the description. 2018-08-25 09:31:24 +08:00
7.5.2_disable_sctp.sh Modify the description. 2018-08-25 09:31:24 +08:00
7.5.3_disable_rds.sh Modify the description. 2018-08-25 09:31:24 +08:00
7.5.4_disable_tipc.sh Modify the description. 2018-08-25 09:31:24 +08:00
7.6_disable_wireless.sh Update README doc. 2019-08-08 17:55:23 +08:00
7.7.1_enable_firewall.sh Fix a bug for 7.7.1 2019-12-28 00:43:53 +08:00
7.7.2_ensure_set_firewall_rules.sh Fix some bugs for CentOS8 2019-12-28 02:32:49 +08:00
7.7.3_ensure_firewall_set_protect_dos_attacks.sh 1. Add method for if ipv6 is disabled. 2019-04-17 03:48:49 +08:00
7.7.4.1_ensure_default_deny_firewall_policy.sh Add audit and apply methods for ipv6 firewall rules. 2019-04-16 18:09:05 +08:00
7.7.4.2_ensure_loopback_traffic_is_configured.sh Add audit and apply methods for ipv6 firewall rules. 2019-04-16 18:09:05 +08:00
7.7.4.3_ensure_firewall_rules_exist_for_all_open_ports.sh Add audit and apply methods for ipv6 firewall rules. 2019-04-16 18:09:05 +08:00
7.7.4.4_ensure_outbound_and_established_connections_are_configured.sh Add audit and apply methods for ipv6 firewall rules. 2019-04-16 18:09:05 +08:00
7.7.5.1_ensure_default_deny_firewall_policy_for_v6.sh Fix some bugs. 2019-05-21 12:39:45 +08:00
7.7.5.2_ensure_loopback_traffic_is_configured_for_v6.sh Fix some bugs. 2019-05-21 12:39:45 +08:00
7.7.5.3_ensure_firewall_rules_exist_for_all_open_ports_for_v6.sh Fix a bug: 7.7.5.3 for ip6tables. 2019-09-25 15:52:57 +08:00
7.7.5.4_ensure_outbound_and_established_connections_are_configured_for_v6.sh 1. Add method for if ipv6 is disabled. 2019-04-17 03:48:49 +08:00
8.0_enable_auditd_kernel.sh Fix a bug of 8.0 2019-08-09 15:44:50 +08:00
8.1.1.1_audit_log_storage.sh modify 8.1.1.1~8.1.9 to be compatible with CentOS. 2019-08-11 03:20:55 +08:00
8.1.1.2_halt_when_audit_log_full.sh modify 8.1.1.1~8.1.9 to be compatible with CentOS. 2019-08-11 03:20:55 +08:00
8.1.1.3_keep_all_audit_logs.sh modify 8.1.1.1~8.1.9 to be compatible with CentOS. 2019-08-11 03:20:55 +08:00
8.1.1.4_set_failure_mode.sh modify 8.1.1.1~8.1.9 to be compatible with CentOS. 2019-08-11 03:20:55 +08:00
8.1.1.5_ensure_set_remote_server.sh Fix some bugs for CentOS8 2019-12-28 02:32:49 +08:00
8.1.1.6_ensure_set_encrypt_for_audit_remote.sh Fix some bugs for CentOS8 2019-12-28 02:32:49 +08:00
8.1.1.7_ensure_set_action_for_audit_storage_full.sh Fix some bugs for CentOS8 2019-12-28 02:32:49 +08:00
8.1.1.8_ensure_set_action_for_net_fail.sh Fix some bugs for CentOS8 2019-12-28 02:32:49 +08:00
8.1.1.9_set_space_left_audit.sh modify 8.1.1.1~8.1.9 to be compatible with CentOS. 2019-08-11 03:20:55 +08:00
8.1.2_enable_auditd.sh Fix a bug for 8.1.2 2019-08-11 03:23:01 +08:00
8.1.3_audit_bootloader.sh Fix a bug for 8.1.3 2020-01-07 13:39:10 +08:00
8.1.4_record_date_time_edit.sh modify 8.1.1.1~8.1.9 to be compatible with CentOS. 2019-08-11 03:20:55 +08:00
8.1.5_record_user_group_edit.sh modify 8.1.1.1~8.1.9 to be compatible with CentOS. 2019-08-11 03:20:55 +08:00
8.1.6_record_network_edit.sh modify 8.1.1.1~8.1.9 to be compatible with CentOS. 2019-08-11 03:20:55 +08:00
8.1.7_record_mac_edit.sh Fix some bug for audit rules set. 2019-09-10 17:14:59 +08:00
8.1.8_record_login_logout.sh modify 8.1.1.1~8.1.9 to be compatible with CentOS. 2019-08-11 03:20:55 +08:00
8.1.9_record_session_init.sh modify 8.1.1.1~8.1.9 to be compatible with CentOS. 2019-08-11 03:20:55 +08:00
8.1.10_record_dac_edit.sh modify 8.1.10~8.1.16 to be compatible with CentOS, and add new feature to 5.8. 2019-08-12 18:56:21 +08:00
8.1.11_record_failed_access_file.sh modify 8.1.1.1~8.1.9 to be compatible with CentOS. 2019-08-11 03:20:55 +08:00
8.1.12_record_privileged_commands.sh modify 8.1.10~8.1.16 to be compatible with CentOS, and add new feature to 5.8. 2019-08-12 18:56:21 +08:00
8.1.13_record_successful_mount.sh modify 8.1.10~8.1.16 to be compatible with CentOS, and add new feature to 5.8. 2019-08-12 18:56:21 +08:00
8.1.14_record_file_deletions.sh modify 8.1.10~8.1.16 to be compatible with CentOS, and add new feature to 5.8. 2019-08-12 18:56:21 +08:00
8.1.15_record_sudoers_edit.sh modify 8.1.10~8.1.16 to be compatible with CentOS, and add new feature to 5.8. 2019-08-12 18:56:21 +08:00
8.1.16_record_sudo_usage.sh Update how_to_creating_and_making_an_AMI_public.mkd and remove duplicate check for /var/log/sudo.log 2019-09-04 02:03:53 +08:00
8.1.17_record_kernel_modules.sh remove trailing space from '-w /sbin/insmod -p x -k modules' line which causes check from 8.1.17_record_kernel_modules.sh to fail unless audit rule also contains trailing space 2019-10-04 09:49:23 -06:00
8.1.18_record_Events_netfilter.sh Update README.md and README-CN.md 2019-09-09 19:57:49 +08:00
8.1.19_record_sshkeysign_usage.sh Fix some bugs for auditd record 2019-09-10 18:15:18 +08:00
8.1.20_record_open_by_handle_at_syscall.sh modify 8.1.17~8.1.22 to be compatible with CentOS 2019-08-13 17:55:55 +08:00
8.1.21_record_Events_that_privileged_passwd_cmd_usage.sh Fix some bugs for auditd record 2019-09-10 18:15:18 +08:00
8.1.22_record_Events_that_privileged_priv_change_cmd_usage.sh Fix some bugs for auditd record 2019-09-10 18:15:18 +08:00
8.1.23_record_Events_that_privileged_postfix_cmd_usage.sh Fix some bugs for auditd record 2019-09-10 18:15:18 +08:00
8.1.24_record_crontab_cmd_usage.sh Fix some bugs for auditd record 2019-09-10 18:15:18 +08:00
8.1.25_record_pam_timestamp_check_cmd_usage.sh Fix some bugs for auditd record 2019-09-10 18:15:18 +08:00
8.1.26_record_pam_tally_cmd_usage.sh Fix some bug for audit rules set. 2019-09-10 17:14:59 +08:00
8.1.27_record_Events_that_modify_conf_files.sh Modify 8.1.27 for CentOS. 2020-01-06 17:20:52 +08:00
8.1.28_record_acl_cmd_usage.sh Fix some bug for audit rules set. 2019-09-10 17:14:59 +08:00
8.1.29_record_usermod_cmd_usage.sh Fix some bugs for auditd record 2019-09-10 18:15:18 +08:00
8.1.30_record_unix_update_cmd_usage.sh Fix some bug for audit rules set. 2019-09-10 17:14:59 +08:00
8.1.31_record_syscall_execve.sh modify 8.1.23~8.1.32 to be compatible with CentOS. 2019-08-13 20:04:33 +08:00
8.1.32_freeze_auditd_conf.sh Update README.md and README-CN.md 2019-09-09 19:57:49 +08:00
8.2.1_install_rsyslog.sh Add 8.2.1 for rsyslog and Adjust the use case number. 2019-04-22 23:58:47 +08:00
8.2.2_enable_rsyslog.sh Add audit and apply methods for 8.2.2: enable rsyslog. 2019-04-23 03:36:23 +08:00
8.2.3_configure_rsyslog.sh Add 8.2.3 8.2.4 for rsyslog. 2019-04-23 04:41:54 +08:00
8.2.4_set_logfile_perm_cfg_rsyslog.sh Fix some bugs for 8.2.4 2019-05-21 17:45:51 +08:00
8.2.5_rsyslog_remote_host.sh Fix a bug for 8.2.5: when syslog-ng has installed, pass this check item. 2019-05-14 17:48:49 +08:00
8.3.1_install_syslog-ng.sh Fix a bug for 8.3.1 2019-05-21 15:54:00 +08:00
8.3.2_enable_syslog-ng.sh Modify 8.3.2. 2019-05-08 10:46:09 +08:00
8.3.3_configure_syslog-ng.sh Optimizational function for 8.3.3 8.3.6 2019-05-22 01:36:37 +08:00
8.3.4_set_logfile_perm.sh Fix some bugs. 2019-05-21 11:43:16 +08:00
8.3.5_syslog-ng_remote_host.sh Fix some bugs. 2019-05-21 11:43:16 +08:00
8.3.6_remote_syslog-ng_acl.sh Optimizational function for 8.3.3 8.3.6 2019-05-22 01:36:37 +08:00
8.4.1_install_aide.sh Update how_to_creating_and_making_an_AMI_public.mkd 2019-09-26 04:52:08 +08:00
8.4.2_aide_cron.sh Modify 8.4.1 8.4.2 to be compatible with CentOS. 2019-08-16 18:27:33 +08:00
8.5_ensure_permissions_on_all_logfiles.sh Fix some bug for audit rules set. 2019-09-10 17:14:59 +08:00
8.6_configure_logrotate.sh Modify 8.5 8.6 to be compatible with CentOS. 2019-08-17 23:31:47 +08:00
8.7_verify_integrity_packages.sh Modified utils.sh and 8.7 to be compatible with CentOS. 2019-08-02 15:44:39 +08:00
9.1.1_enable_cron.sh Modify 9.1.1~9.1.8 to be compatible with CentOS. 2019-08-18 20:33:51 +08:00
9.1.2_crontab_perm_ownership.sh Modify 9.1.1~9.1.8 to be compatible with CentOS. 2019-08-18 20:33:51 +08:00
9.1.3_cron_hourly_perm_ownership.sh Modify 9.1.1~9.1.8 to be compatible with CentOS. 2019-08-18 20:33:51 +08:00
9.1.4_cron_daily_perm_ownership.sh Modify 9.1.1~9.1.8 to be compatible with CentOS. 2019-08-18 20:33:51 +08:00
9.1.5_cron_weekly_perm_ownership.sh Modify 9.1.1~9.1.8 to be compatible with CentOS. 2019-08-18 20:33:51 +08:00
9.1.6_cron_monthly_perm_ownership.sh Modify 9.1.1~9.1.8 to be compatible with CentOS. 2019-08-18 20:33:51 +08:00
9.1.7_cron_d_perm_ownership.sh Modify 9.1.1~9.1.8 to be compatible with CentOS. 2019-08-18 20:33:51 +08:00
9.1.8_cron_users.sh Modify 9.1.1~9.1.8 to be compatible with CentOS. 2019-08-18 20:33:51 +08:00
9.2.1_pam_retry_cracklib.sh Optimization tips for 9.2.1~9.2.10 2019-08-26 19:14:39 +08:00
9.2.2_pam_minlen_cracklib.sh Optimization tips for 9.2.1~9.2.10 2019-08-26 19:14:39 +08:00
9.2.3_pam_dcredit_cracklib.sh Optimization tips for 9.2.1~9.2.10 2019-08-26 19:14:39 +08:00
9.2.4_pam_ucredit_cracklib.sh Optimization tips for 9.2.1~9.2.10 2019-08-26 19:14:39 +08:00
9.2.5_pam_ocredit_cracklib.sh Optimization tips for 9.2.1~9.2.10 2019-08-26 19:14:39 +08:00
9.2.6_pam_lcredit_cracklib.sh Optimization tips for 9.2.1~9.2.10 2019-08-26 19:14:39 +08:00
9.2.7_pam_difok_cracklib.sh Optimization tips for 9.2.1~9.2.10 2019-08-26 19:14:39 +08:00
9.2.8_pam_minclass_cracklib.sh Optimization tips for 9.2.1~9.2.10 2019-08-26 19:14:39 +08:00
9.2.9_pam_maxrepeat_cracklib.sh Optimization tips for 9.2.1~9.2.10 2019-08-26 19:14:39 +08:00
9.2.10_pam_maxclassrepeat_cracklib.sh Optimization tips for 9.2.1~9.2.10 2019-08-26 19:14:39 +08:00
9.2.11_pam_deny_times_tally2.sh Add add_line_file_after_pattern_lastline function. 2020-01-13 16:08:51 +08:00
9.2.12_pam_lockout_failed_tally2.sh Fix some bugs for CentOS8. 2019-12-28 03:51:09 +08:00
9.2.13_pam_password_sha512_unix.sh Fix a bug of 9.2.13 2019-08-28 16:36:32 +08:00
9.2.14_pam_auth_without_nullpwd_unix.sh Fix some bugs for CentOS8. 2019-12-28 03:51:09 +08:00
9.2.15_pam_printlastlog_to_showfailed_lastlog.sh Fix some bugs for CentOS8. 2019-12-28 03:51:09 +08:00
9.2.16_pam_limit_password_reuse.sh Fix some bugs for CentOS8. 2019-12-28 03:51:09 +08:00
9.2.17_pam_even_deny_root_tally2.sh Fix some bugs for CentOS8. 2019-12-28 03:51:09 +08:00
9.3.1_sshd_protocol.sh Modify the description. 2018-08-25 09:31:24 +08:00
9.3.2_sshd_loglevel.sh Modify the description. 2018-08-25 09:31:24 +08:00
9.3.3_sshd_conf_perm_ownership.sh Modify the description. 2018-08-25 09:31:24 +08:00
9.3.4_disable_x11_forwarding.sh Modify the description. 2018-08-25 09:31:24 +08:00
9.3.5_sshd_maxauthtries.sh Fix some bugs for CentOS8. 2019-12-28 03:51:09 +08:00
9.3.6_enable_sshd_ignorerhosts.sh Fix some bugs for CentOS8. 2019-12-28 03:51:09 +08:00
9.3.7_disable_sshd_hostbasedauthentication.sh Fix some bugs for CentOS8. 2019-12-28 03:51:09 +08:00
9.3.8_disable_root_login.sh Fix some bugs for CentOS8. 2019-12-28 03:51:09 +08:00
9.3.9_disable_sshd_permitemptypasswords.sh Fix some bugs for CentOS8. 2019-12-28 03:51:09 +08:00
9.3.10_disable_sshd_setenv.sh Fix some bugs for CentOS8. 2019-12-28 03:51:09 +08:00
9.3.11_sshd_ciphers.sh Fix some bugs for CentOS8. 2019-12-28 03:51:09 +08:00
9.3.12_sshd_idle_timeout.sh Fix some bugs for CentOS8. 2019-12-28 03:51:09 +08:00
9.3.13_sshd_limit_access.sh Fix some bugs for CentOS8. 2019-12-28 03:51:09 +08:00
9.3.14_ssh_banner.sh Fix some bugs for CentOS8. 2019-12-28 03:51:09 +08:00
9.3.15_sshd_printlastlog.sh Fix some bugs for CentOS8. 2019-12-28 03:51:09 +08:00
9.3.16_sshd_IgnoreUserKnownHosts.sh Fix some bugs for CentOS8. 2019-12-28 03:51:09 +08:00
9.3.17_sshd_GSSAPIAuthentication.sh Fix some bugs for CentOS8. 2019-12-28 03:51:09 +08:00
9.3.18_sshd_KerberosAuthentication.sh Fix some bugs for CentOS8. 2019-12-28 03:51:09 +08:00
9.3.19_sshd_StrictModes.sh Fix some bugs for CentOS8. 2019-12-28 03:51:09 +08:00
9.3.20_sshd_compression.sh Fix some bugs for CentOS8. 2019-12-28 03:51:09 +08:00
9.3.21_sshd_MACs.sh Fix some bugs for CentOS8. 2019-12-28 03:51:09 +08:00
9.3.22_ssh_check_pub_hostkey_permission.sh Fix some bugs for CentOS8. 2019-12-28 03:51:09 +08:00
9.3.23_ssh_check_priv_hostkey_permission.sh Fix some bugs for CentOS8. 2019-12-28 03:51:09 +08:00
9.3.24_sshd_kexalgorithms.sh Fix some bugs for CentOS8. 2019-12-28 03:51:09 +08:00
9.3.25_sshd_logingracetime.sh Fix some bugs for CentOS8. 2019-12-28 03:51:09 +08:00
9.3.26_sshd_access_limit.sh Fix some bugs for CentOS8. 2019-12-28 03:51:09 +08:00
9.4_secure_tty.sh Modify the description. 2018-08-25 09:31:24 +08:00
9.5_pam_restrict_su.sh Fix a bug for 9.5 2019-12-28 16:53:15 +08:00
10.1.1_set_password_exp_days.sh Fix some bugs for CentOS8. 2019-12-28 03:51:09 +08:00
10.1.2_set_password_min_days_change.sh Fix some bugs for CentOS8. 2019-12-28 03:51:09 +08:00
10.1.3_set_password_exp_warning_days.sh Fix some bugs for CentOS8. 2019-12-28 03:51:09 +08:00
10.1.4_set_password_encrypt_method.sh Fix some bugs for CentOS8. 2019-12-28 03:51:09 +08:00
10.1.5_set_password_lock_inactive_user.sh Add audit and apply methods for 10.1.5: Ensure inactive password lock is 30 days or less. 2019-05-13 17:14:37 +08:00
10.1.6_remove_nopasswd_sudoers.sh Fix a bug for 10.1.6 2019-12-29 15:12:23 +08:00
10.1.7_remove_noauthenticate_sudoers.sh Fix a bug: when audit-all in CentOS, 10.1.7 have a error. 2019-12-17 15:29:49 +08:00
10.1.8_set_fail_delay_seconds.sh Fix some bugs for CentOS8. 2019-12-28 03:51:09 +08:00
10.1.9_set_create_home_bool.sh Fix some bugs for CentOS8. 2019-12-28 03:51:09 +08:00
10.1.10_set_maxlogins_for_all_accounts.sh Fix some bugs for CentOS8. 2019-12-28 03:51:09 +08:00
10.1.11_ensure_no_shosts_cfg_on_system.sh Fix some bugs. 2019-08-31 17:49:03 +08:00
10.2_disable_system_accounts.sh Fix some bugs for CentOS8. 2019-12-28 04:28:09 +08:00
10.3_default_root_group.sh Modify the description. 2018-08-25 09:31:24 +08:00
10.4_default_umask.sh Modify the description. 2018-08-25 09:31:24 +08:00
10.5_set_timeout_tty.sh Rename file name of 9.5 2019-05-14 03:46:07 +08:00
11.1_warning_banners.sh Modify the description. 2018-08-25 09:31:24 +08:00
11.2_remove_os_info_warning_banners.sh Fix some bugs for CentOS8. 2019-12-28 04:28:09 +08:00
12.1_etc_passwd_permissions.sh Combine the functions of 12.4 to 12.1, 12.5 to 12.2, 12.6 to 12.3. 2019-05-14 04:05:04 +08:00
12.2_etc_shadow_permissions.sh Fix some bugs for CentOS8. 2019-12-28 04:28:09 +08:00
12.3_etc_group_permissions.sh Combine the functions of 12.4 to 12.1, 12.5 to 12.2, 12.6 to 12.3. 2019-05-14 04:05:04 +08:00
12.4_etc_gshadow_permissions.sh Fix some bugs for CentOS8. 2019-12-28 04:28:09 +08:00
12.5_etc_passwd_backup_permissions.sh Fix some bugs. 2019-05-21 11:43:16 +08:00
12.6_etc_shadow_backup_permissions.sh Fix some bugs for CentOS8. 2019-12-28 04:28:09 +08:00
12.7_find_world_writable_file.sh Modify the description. 2018-08-25 09:31:24 +08:00
12.8_find_unowned_files.sh Modify the description. 2018-08-25 09:31:24 +08:00
12.9_find_ungrouped_files.sh Modify the description. 2018-08-25 09:31:24 +08:00
12.10_find_suid_files.sh Fix some bugs for CentOS8. 2019-12-28 04:28:09 +08:00
12.11_find_sgid_files.sh Fix some bugs for CentOS8. 2019-12-28 04:28:09 +08:00
12.12_etc_group_backup_permissions.sh Fix some bugs. 2019-05-21 11:43:16 +08:00
12.13_etc_gshadow_backup_permissions.sh Fix some bugs for CentOS8. 2019-12-28 04:28:09 +08:00
13.1_remove_empty_password_field.sh Modify the description. 2018-08-25 09:31:24 +08:00
13.2_remove_legacy_passwd_entries.sh Modify the description. 2018-08-25 09:31:24 +08:00
13.3_remove_legacy_shadow_entries.sh Modify the description. 2018-08-25 09:31:24 +08:00
13.4_remove_legacy_group_entries.sh Modify the description. 2018-08-25 09:31:24 +08:00
13.5_find_0_uid_non_root_account.sh Modify the description. 2018-08-25 09:31:24 +08:00
13.6_sanitize_root_path.sh Fix some bugs for CentOS8. 2019-12-28 04:28:09 +08:00
13.7_check_user_dir_perm.sh Fix a bug for 13.7 2019-12-28 17:02:19 +08:00
13.8_check_user_dot_file_perm.sh Modify the description. 2018-08-25 09:31:24 +08:00
13.9_set_perm_on_user_netrc.sh Modify the description. 2018-08-25 09:31:24 +08:00
13.10_find_user_rhosts_files.sh Modify the description. 2018-08-25 09:31:24 +08:00
13.11_find_passwd_group_inconsistencies.sh Modify the description. 2018-08-25 09:31:24 +08:00
13.12_users_valid_homedir.sh Modify the description. 2018-08-25 09:31:24 +08:00
13.13_check_user_homedir_ownership.sh Fix some bugs for CentOS8. 2019-12-28 16:38:34 +08:00
13.14_check_duplicate_uid.sh Modify the description. 2018-08-25 09:31:24 +08:00
13.15_check_duplicate_gid.sh Modify the description. 2018-08-25 09:31:24 +08:00
13.16_check_duplicate_username.sh Modify the description. 2018-08-25 09:31:24 +08:00
13.17_check_duplicate_groupname.sh Modify the description. 2018-08-25 09:31:24 +08:00
13.18_find_user_netrc_files.sh Modify the description. 2018-08-25 09:31:24 +08:00
13.19_find_user_forward_files.sh Modify the description. 2018-08-25 09:31:24 +08:00
13.20_shadow_group_empty.sh Fix some bugs for CentOS8. 2019-12-28 16:38:34 +08:00