lynis/include/tests_banners

#!/bin/sh

#################################################################################
#
#   Lynis
# ------------------
#
# Copyright 2007-2013, Michael Boelen
# Copyright 2007-2017, CISOfy
#
# Website  : https://cisofy.com
# Blog     : http://linux-audit.com
# GitHub   : https://github.com/CISOfy/lynis
#
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
# welcome to redistribute it under the terms of the GNU General Public License.
# See LICENSE file for usage of this software.
#
#################################################################################
#
# Banners and identification
#
#################################################################################
#
    InsertSection "Banners and identification"
#
#################################################################################
#
    BANNER_FILES="${ROOTDIR}etc/issue ${ROOTDIR}etc/issue.net ${ROOTDIR}etc/motd"
    LEGAL_BANNER_STRINGS="audit access authori connect enforce evidence intrusion law legal monitor owner policy policies private prohibited record restricted secure subject terms this unauthorized"
#
#################################################################################
#
    # Test        : BANN-7113
    # Description : Check FreeBSD COPYRIGHT banner file
    Register --test-no BANN-7113 --os FreeBSD --weight L --network NO --category security --description "Check COPYRIGHT banner file"
    if [ ${SKIPTEST} -eq 0 ]; then
        LogText "Test: Testing existence ${ROOTDIR}COPYRIGHT or ${ROOTDIR}etc/COPYRIGHT"
        if [ -f ${ROOTDIR}COPYRIGHT ]; then
            Display --indent 2 --text "- ${ROOTDIR}COPYRIGHT" --result "${STATUS_FOUND}" --color GREEN
            if [ -s ${ROOTDIR}COPYRIGHT ]; then
                LogText "Result: ${ROOTDIR}COPYRIGHT available and contains text"
            else
                LogText "Result: ${ROOTDIR}COPYRIGHT available, but empty"
            fi
        else
            Display --indent 2 --text "- ${ROOTDIR}COPYRIGHT" --result "${STATUS_NOT_FOUND}" --color WHITE
            LogText "Result: ${ROOTDIR}COPYRIGHT not found"
        fi

        if [ -f ${ROOTDIR}etc/COPYRIGHT ]; then
            Display --indent 2 --text "- ${ROOTDIR}etc/COPYRIGHT" --result "${STATUS_FOUND}" --color GREEN
            if [ -s ${ROOTDIR}etc/COPYRIGHT ]; then
                LogText "Result: ${ROOTDIR}etc/COPYRIGHT available and contains text"
            else
                LogText "Result: ${ROOTDIR}etc/COPYRIGHT available, but empty"
            fi
        else
            Display --indent 2 --text "- ${ROOTDIR}etc/COPYRIGHT" --result "${STATUS_NOT_FOUND}" --color WHITE
            LogText "Result: ${ROOTDIR}etc/COPYRIGHT not found"
        fi
    fi
#
#################################################################################
#
    # Test        : BANN-7124
    # Description : Check issue banner file
    Register --test-no BANN-7124 --weight L --network NO --category security --description "Check issue banner file"
    if [ ${SKIPTEST} -eq 0 ]; then
        LogText "Test: Checking file ${ROOTDIR}etc/issue"
        if [ -f ${ROOTDIR}etc/issue ]; then
            # Check for symlink
            if [ -L ${ROOTDIR}etc/issue ]; then
                LogText "Result: file ${ROOTDIR}etc/issue exists (symlink)"
                Display --indent 2 --text "- ${ROOTDIR}etc/issue" --result SYMLINK --color GREEN
            else
                Display --indent 2 --text "- ${ROOTDIR}etc/issue" --result "${STATUS_FOUND}" --color GREEN
            fi
        else
            LogText "Result: file ${ROOTDIR}etc/issue does not exist"
            Display --indent 2 --text "- ${ROOTDIR}etc/issue" --result "${STATUS_NOT_FOUND}" --color WHITE
        fi
    fi
#
#################################################################################
#
    # Test        : BANN-7126
    # Description : Check issue file to see if it contains some form of message
    #               to discourage unauthorized users to leave the system alone
    if [ -f ${ROOTDIR}etc/issue ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi
    Register --test-no BANN-7126 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Check issue banner file contents"
    if [ ${SKIPTEST} -eq 0 ]; then
        COUNT=0
        FILE="${ROOTDIR}etc/issue"
        LogText "Test: Checking file ${FILE} contents for legal key words"
        for ITEM in ${LEGAL_BANNER_STRINGS}; do
            FIND=$(${GREPBINARY} -i "${ITEM}" ${FILE})
            if HasData "${FIND}"; then
                LogText "Result: found string '${ITEM}'"
                COUNT=$((COUNT + 1))
            fi
        done
        # Check if we have 5 or more key words
        if [ ${COUNT} -gt 4 ]; then
            LogText "Result: Found ${COUNT} key words (5 or more suggested), to warn unauthorized users"
            Display --indent 4 --text "- ${FILE} contents" --result "${STATUS_OK}" --color GREEN
            AddHP 2 2
        else
            LogText "Result: Found only ${COUNT} key words (5 or more suggested), to warn unauthorized users and could be increased"
            Display --indent 4 --text "- ${FILE} contents" --result WEAK --color YELLOW
            ReportSuggestion ${TEST_NO} "Add a legal banner to ${FILE}, to warn unauthorized users"
            AddHP 0 1
            Report "weak_banner_file[]=${FILE}"
        fi
    fi
#
#################################################################################
#
    # Test        : BANN-7128
    # Description : Check issue.net banner file
    Register --test-no BANN-7128 --weight L --network NO --category security --description "Check issue.net banner file"
    if [ ${SKIPTEST} -eq 0 ]; then
        LogText "Test: Checking file ${ROOTDIR}etc/issue.net"
        if [ -f ${ROOTDIR}etc/issue.net ]; then
            # Check for symlink
            if [ -L ${ROOTDIR}etc/issue.net ]; then
                LogText "Result: file ${ROOTDIR}etc/issue.net exists (symlink)"
                Display --indent 2 --text "- ${ROOTDIR}etc/issue.net" --result SYMLINK --color GREEN
            else
                LogText "Result: file ${ROOTDIR}etc/issue.net exists"
                Display --indent 2 --text "- ${ROOTDIR}etc/issue.net" --result "${STATUS_FOUND}" --color GREEN
            fi
        else
            LogText "Result: file ${ROOTDIR}etc/issue.net does not exist"
            Display --indent 2 --text "- ${ROOTDIR}etc/issue.net" --result "${STATUS_NOT_FOUND}" --color WHITE
        fi
    fi
#
#################################################################################
#
    # Test        : BANN-7130
    # Description : Check issue.net file to see if it contains some form of message
    #               to discourage unauthorized users to leave the system alone
    if [ -f ${ROOTDIR}etc/issue.net ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi
    Register --test-no BANN-7130 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Check issue.net banner file contents"
    if [ ${SKIPTEST} -eq 0 ]; then
        COUNT=0
        LogText "Test: Checking file ${ROOTDIR}etc/issue.net contents for legal key words"
        for ITEM in ${LEGAL_BANNER_STRINGS}; do
            FIND=$(${GREPBINARY} -i "${ITEM}" ${ROOTDIR}etc/issue.net)
            if HasData "${FIND}"; then
                LogText "Result: found string '${ITEM}'"
                COUNT=$((COUNT + 1))
            fi
        done
        # Check if we have 5 or more key words
        if [ ${COUNT} -gt 4 ]; then
            LogText "Result: Found ${COUNT} key words, to warn unauthorized users"
            Display --indent 4 --text "- ${ROOTDIR}etc/issue.net contents" --result "${STATUS_OK}" --color GREEN
            AddHP 2 2
        else
            LogText "Result: Found only ${COUNT} key words, to warn unauthorized users and could be increased"
            Display --indent 4 --text "- ${ROOTDIR}etc/issue.net contents" --result WEAK --color YELLOW
            ReportSuggestion ${TEST_NO} "Add legal banner to /etc/issue.net, to warn unauthorized users"
            AddHP 0 1
        fi
    fi
#
#################################################################################
#

WaitForKeyPress

#
#================================================================================
# Lynis - Security Auditing and System Hardening for Linux and UNIX - https://cisofy.com
Initial import 2014-08-26 17:33:55 +02:00			`#!/bin/sh`

			`#################################################################################`
			`#`
			`# Lynis`
			`# ------------------`
			`#`
Added link to website, blog, github 2016-03-13 16:00:39 +01:00			`# Copyright 2007-2013, Michael Boelen`
Changed date and preparing for release 2017-02-09 13:35:40 +01:00			`# Copyright 2007-2017, CISOfy`
Added link to website, blog, github 2016-03-13 16:00:39 +01:00			`#`
			`# Website : https://cisofy.com`
			`# Blog : http://linux-audit.com`
			`# GitHub : https://github.com/CISOfy/lynis`
Initial import 2014-08-26 17:33:55 +02:00			`#`
			`# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are`
			`# welcome to redistribute it under the terms of the GNU General Public License.`
			`# See LICENSE file for usage of this software.`
			`#`
			`#################################################################################`
			`#`
			`# Banners and identification`
			`#`
			`#################################################################################`
			`#`
			`InsertSection "Banners and identification"`
			`#`
			`#################################################################################`
			`#`
[bulk change] cleaning up, code enhancements, initialization of variables, and new tests 2017-04-30 17:59:35 +02:00			`BANNER_FILES="${ROOTDIR}etc/issue ${ROOTDIR}etc/issue.net ${ROOTDIR}etc/motd"`
Added more banner words 2017-03-17 10:37:14 +01:00			`LEGAL_BANNER_STRINGS="audit access authori connect enforce evidence intrusion law legal monitor owner policy policies private prohibited record restricted secure subject terms this unauthorized"`
Initial import 2014-08-26 17:33:55 +02:00			`#`
			`#################################################################################`
			`#`
			`# Test : BANN-7113`
			`# Description : Check FreeBSD COPYRIGHT banner file`
Rename of categories, introduction of groups 2016-07-24 17:22:00 +02:00			`Register --test-no BANN-7113 --os FreeBSD --weight L --network NO --category security --description "Check COPYRIGHT banner file"`
Initial import 2014-08-26 17:33:55 +02:00			`if [ ${SKIPTEST} -eq 0 ]; then`
[bulk change] cleaning up, code enhancements, initialization of variables, and new tests 2017-04-30 17:59:35 +02:00			`LogText "Test: Testing existence ${ROOTDIR}COPYRIGHT or ${ROOTDIR}etc/COPYRIGHT"`
			`if [ -f ${ROOTDIR}COPYRIGHT ]; then`
			`Display --indent 2 --text "- ${ROOTDIR}COPYRIGHT" --result "${STATUS_FOUND}" --color GREEN`
			`if [ -s ${ROOTDIR}COPYRIGHT ]; then`
			`LogText "Result: ${ROOTDIR}COPYRIGHT available and contains text"`
			`else`
			`LogText "Result: ${ROOTDIR}COPYRIGHT available, but empty"`
Initial import 2014-08-26 17:33:55 +02:00			`fi`
[bulk change] cleaning up, code enhancements, initialization of variables, and new tests 2017-04-30 17:59:35 +02:00			`else`
			`Display --indent 2 --text "- ${ROOTDIR}COPYRIGHT" --result "${STATUS_NOT_FOUND}" --color WHITE`
			`LogText "Result: ${ROOTDIR}COPYRIGHT not found"`
Initial import 2014-08-26 17:33:55 +02:00			`fi`

[bulk change] cleaning up, code enhancements, initialization of variables, and new tests 2017-04-30 17:59:35 +02:00			`if [ -f ${ROOTDIR}etc/COPYRIGHT ]; then`
			`Display --indent 2 --text "- ${ROOTDIR}etc/COPYRIGHT" --result "${STATUS_FOUND}" --color GREEN`
			`if [ -s ${ROOTDIR}etc/COPYRIGHT ]; then`
			`LogText "Result: ${ROOTDIR}etc/COPYRIGHT available and contains text"`
			`else`
			`LogText "Result: ${ROOTDIR}etc/COPYRIGHT available, but empty"`
Initial import 2014-08-26 17:33:55 +02:00			`fi`
[bulk change] cleaning up, code enhancements, initialization of variables, and new tests 2017-04-30 17:59:35 +02:00			`else`
			`Display --indent 2 --text "- ${ROOTDIR}etc/COPYRIGHT" --result "${STATUS_NOT_FOUND}" --color WHITE`
			`LogText "Result: ${ROOTDIR}etc/COPYRIGHT not found"`
Initial import 2014-08-26 17:33:55 +02:00			`fi`
			`fi`
			`#`
			`#################################################################################`
			`#`
			`# Test : BANN-7124`
			`# Description : Check issue banner file`
Rename of categories, introduction of groups 2016-07-24 17:22:00 +02:00			`Register --test-no BANN-7124 --weight L --network NO --category security --description "Check issue banner file"`
Initial import 2014-08-26 17:33:55 +02:00			`if [ ${SKIPTEST} -eq 0 ]; then`
[bulk change] cleaning up, code enhancements, initialization of variables, and new tests 2017-04-30 17:59:35 +02:00			`LogText "Test: Checking file ${ROOTDIR}etc/issue"`
			`if [ -f ${ROOTDIR}etc/issue ]; then`
Code cleanup and small enhancements 2014-09-15 12:01:09 +02:00			`# Check for symlink`
[bulk change] cleaning up, code enhancements, initialization of variables, and new tests 2017-04-30 17:59:35 +02:00			`if [ -L ${ROOTDIR}etc/issue ]; then`
			`LogText "Result: file ${ROOTDIR}etc/issue exists (symlink)"`
			`Display --indent 2 --text "- ${ROOTDIR}etc/issue" --result SYMLINK --color GREEN`
			`else`
			`Display --indent 2 --text "- ${ROOTDIR}etc/issue" --result "${STATUS_FOUND}" --color GREEN`
Code cleanup and small enhancements 2014-09-15 12:01:09 +02:00			`fi`
[bulk change] cleaning up, code enhancements, initialization of variables, and new tests 2017-04-30 17:59:35 +02:00			`else`
			`LogText "Result: file ${ROOTDIR}etc/issue does not exist"`
			`Display --indent 2 --text "- ${ROOTDIR}etc/issue" --result "${STATUS_NOT_FOUND}" --color WHITE`
			`fi`
Initial import 2014-08-26 17:33:55 +02:00			`fi`
			`#`
			`#################################################################################`
			`#`
			`# Test : BANN-7126`
			`# Description : Check issue file to see if it contains some form of message`
			`# to discourage unauthorized users to leave the system alone`
[bulk change] cleaning up, code enhancements, initialization of variables, and new tests 2017-04-30 17:59:35 +02:00			`if [ -f ${ROOTDIR}etc/issue ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi`
Rename of categories, introduction of groups 2016-07-24 17:22:00 +02:00			`Register --test-no BANN-7126 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Check issue banner file contents"`
Initial import 2014-08-26 17:33:55 +02:00			`if [ ${SKIPTEST} -eq 0 ]; then`
[bulk change] cleaning up, code enhancements, initialization of variables, and new tests 2017-04-30 17:59:35 +02:00			`COUNT=0`
Log weak banner and code enhancements 2017-01-28 15:47:47 +01:00			`FILE="${ROOTDIR}etc/issue"`
			`LogText "Test: Checking file ${FILE} contents for legal key words"`
[bulk change] cleaning up, code enhancements, initialization of variables, and new tests 2017-04-30 17:59:35 +02:00			`for ITEM in ${LEGAL_BANNER_STRINGS}; do`
			`FIND=$(${GREPBINARY} -i "${ITEM}" ${FILE})`
			`if HasData "${FIND}"; then`
			`LogText "Result: found string '${ITEM}'"`
			`COUNT=$((COUNT + 1))`
Initial import 2014-08-26 17:33:55 +02:00			`fi`
			`done`
			`# Check if we have 5 or more key words`
[bulk change] cleaning up, code enhancements, initialization of variables, and new tests 2017-04-30 17:59:35 +02:00			`if [ ${COUNT} -gt 4 ]; then`
			`LogText "Result: Found ${COUNT} key words (5 or more suggested), to warn unauthorized users"`
Log weak banner and code enhancements 2017-01-28 15:47:47 +01:00			`Display --indent 4 --text "- ${FILE} contents" --result "${STATUS_OK}" --color GREEN`
Initial import 2014-08-26 17:33:55 +02:00			`AddHP 2 2`
[bulk change] cleaning up, code enhancements, initialization of variables, and new tests 2017-04-30 17:59:35 +02:00			`else`
			`LogText "Result: Found only ${COUNT} key words (5 or more suggested), to warn unauthorized users and could be increased"`
Log weak banner and code enhancements 2017-01-28 15:47:47 +01:00			`Display --indent 4 --text "- ${FILE} contents" --result WEAK --color YELLOW`
			`ReportSuggestion ${TEST_NO} "Add a legal banner to ${FILE}, to warn unauthorized users"`
Initial import 2014-08-26 17:33:55 +02:00			`AddHP 0 1`
Log weak banner and code enhancements 2017-01-28 15:47:47 +01:00			`Report "weak_banner_file[]=${FILE}"`
Initial import 2014-08-26 17:33:55 +02:00			`fi`
			`fi`
			`#`
			`#################################################################################`
			`#`
			`# Test : BANN-7128`
			`# Description : Check issue.net banner file`
Rename of categories, introduction of groups 2016-07-24 17:22:00 +02:00			`Register --test-no BANN-7128 --weight L --network NO --category security --description "Check issue.net banner file"`
Initial import 2014-08-26 17:33:55 +02:00			`if [ ${SKIPTEST} -eq 0 ]; then`
[bulk change] cleaning up, code enhancements, initialization of variables, and new tests 2017-04-30 17:59:35 +02:00			`LogText "Test: Checking file ${ROOTDIR}etc/issue.net"`
			`if [ -f ${ROOTDIR}etc/issue.net ]; then`
Code cleanup and small enhancements 2014-09-15 12:01:09 +02:00			`# Check for symlink`
[bulk change] cleaning up, code enhancements, initialization of variables, and new tests 2017-04-30 17:59:35 +02:00			`if [ -L ${ROOTDIR}etc/issue.net ]; then`
			`LogText "Result: file ${ROOTDIR}etc/issue.net exists (symlink)"`
			`Display --indent 2 --text "- ${ROOTDIR}etc/issue.net" --result SYMLINK --color GREEN`
			`else`
			`LogText "Result: file ${ROOTDIR}etc/issue.net exists"`
			`Display --indent 2 --text "- ${ROOTDIR}etc/issue.net" --result "${STATUS_FOUND}" --color GREEN`
Code cleanup and small enhancements 2014-09-15 12:01:09 +02:00			`fi`
[bulk change] cleaning up, code enhancements, initialization of variables, and new tests 2017-04-30 17:59:35 +02:00			`else`
			`LogText "Result: file ${ROOTDIR}etc/issue.net does not exist"`
			`Display --indent 2 --text "- ${ROOTDIR}etc/issue.net" --result "${STATUS_NOT_FOUND}" --color WHITE`
Code cleanup and small enhancements 2014-09-15 12:01:09 +02:00			`fi`
Initial import 2014-08-26 17:33:55 +02:00			`fi`
			`#`
			`#################################################################################`
			`#`
			`# Test : BANN-7130`
			`# Description : Check issue.net file to see if it contains some form of message`
			`# to discourage unauthorized users to leave the system alone`
[bulk change] cleaning up, code enhancements, initialization of variables, and new tests 2017-04-30 17:59:35 +02:00			`if [ -f ${ROOTDIR}etc/issue.net ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi`
Rename of categories, introduction of groups 2016-07-24 17:22:00 +02:00			`Register --test-no BANN-7130 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Check issue.net banner file contents"`
Initial import 2014-08-26 17:33:55 +02:00			`if [ ${SKIPTEST} -eq 0 ]; then`
[bulk change] cleaning up, code enhancements, initialization of variables, and new tests 2017-04-30 17:59:35 +02:00			`COUNT=0`
			`LogText "Test: Checking file ${ROOTDIR}etc/issue.net contents for legal key words"`
			`for ITEM in ${LEGAL_BANNER_STRINGS}; do`
			`FIND=$(${GREPBINARY} -i "${ITEM}" ${ROOTDIR}etc/issue.net)`
			`if HasData "${FIND}"; then`
			`LogText "Result: found string '${ITEM}'"`
			`COUNT=$((COUNT + 1))`
Code cleanup and small enhancements 2014-09-15 12:01:09 +02:00			`fi`
			`done`
			`# Check if we have 5 or more key words`
[bulk change] cleaning up, code enhancements, initialization of variables, and new tests 2017-04-30 17:59:35 +02:00			`if [ ${COUNT} -gt 4 ]; then`
			`LogText "Result: Found ${COUNT} key words, to warn unauthorized users"`
			`Display --indent 4 --text "- ${ROOTDIR}etc/issue.net contents" --result "${STATUS_OK}" --color GREEN`
Code cleanup and small enhancements 2014-09-15 12:01:09 +02:00			`AddHP 2 2`
[bulk change] cleaning up, code enhancements, initialization of variables, and new tests 2017-04-30 17:59:35 +02:00			`else`
			`LogText "Result: Found only ${COUNT} key words, to warn unauthorized users and could be increased"`
			`Display --indent 4 --text "- ${ROOTDIR}etc/issue.net contents" --result WEAK --color YELLOW`
Code cleanup and small enhancements 2014-09-15 12:01:09 +02:00			`ReportSuggestion ${TEST_NO} "Add legal banner to /etc/issue.net, to warn unauthorized users"`
			`AddHP 0 1`
			`fi`
Initial import 2014-08-26 17:33:55 +02:00			`fi`
			`#`
			`#################################################################################`
			`#`

Replaced old function names with new ones 2016-04-28 12:31:57 +02:00			`WaitForKeyPress`
Initial import 2014-08-26 17:33:55 +02:00
			`#`
			`#================================================================================`
Removed copyright line, added description 2016-03-13 16:03:46 +01:00			`# Lynis - Security Auditing and System Hardening for Linux and UNIX - https://cisofy.com`