lynis/db/tests.db

387 lines
26 KiB
Plaintext
Raw Normal View History

#TestID:Type:Category:Group:Operating System:Description:
ACCT-2754:test:security:accounting:FreeBSD:Check for available FreeBSD accounting information:
ACCT-2760:test:security:accounting:OpenBSD:Check for available OpenBSD accounting information:
ACCT-9622:test:security:accounting:Linux:Check for available Linux accounting information:
ACCT-9626:test:security:accounting:Linux:Check for sysstat accounting data:
ACCT-9628:test:security:accounting:Linux:Check for auditd:
ACCT-9630:test:security:accounting:Linux:Check for auditd rules:
ACCT-9632:test:security:accounting:Linux:Check for auditd configuration file:
ACCT-9634:test:security:accounting:Linux:Check for auditd log file:
ACCT-9636:test:security:accounting:Linux:Check for Snoopy wrapper and logger:
ACCT-9650:test:security:accounting:Solaris:Check Solaris audit daemon:
ACCT-9652:test:security:accounting:Solaris:Check auditd SMF status:
ACCT-9654:test:security:accounting:Solaris:Check BSM auditing in /etc/system:
ACCT-9656:test:security:accounting:Solaris:Check BSM auditing in module list:
ACCT-9660:test:security:accounting:Solaris:Check location of audit events:
ACCT-9662:test:security:accounting:Solaris:Check Solaris auditing stats:
AUTH-9204:test:security:authentication::Check users with an UID of zero:
AUTH-9208:test:security:authentication::Check non-unique accounts in passwd file:
AUTH-9212:test:security:authentication::Test group file:
AUTH-9216:test:security:authentication::Check group and shadow group files:
AUTH-9218:test:security:authentication:FreeBSD:Check harmful login shells:
AUTH-9222:test:security:authentication::Check for non unique groups:
AUTH-9226:test:security:authentication::Check non unique group names:
AUTH-9228:test:security:authentication::Check password file consistency with pwck:
AUTH-9234:test:security:authentication::Query user accounts:
AUTH-9240:test:security:authentication::Query NIS+ authentication support:
AUTH-9242:test:security:authentication::Query NIS authentication support:
AUTH-9250:test:security:authentication::Checking sudoers file:
AUTH-9252:test:security:authentication::Check sudoers file:
AUTH-9254:test:security:authentication:Solaris:Solaris passwordless accounts:
AUTH-9262:test:security:authentication::Checking presence password strength testing tools (PAM):
AUTH-9264:test:security:authentication::Checking presence pam.conf:
AUTH-9266:test:security:authentication::Checking presence pam.d files:
AUTH-9268:test:security:authentication::Checking presence pam.d files:
AUTH-9278:test:security:authentication::Checking LDAP pam status:
AUTH-9282:test:security:authentication::Checking password protected account without expire date:
AUTH-9283:test:security:authentication::Checking accounts without password:
AUTH-9286:test:security:authentication::Checking user password aging:
AUTH-9288:test:security:authentication::Checking for expired passwords:
AUTH-9304:test:security:authentication:Solaris:Check single user login configuration:
AUTH-9306:test:security:authentication:HP-UX:Check single boot authentication:
AUTH-9308:test:security:authentication:Linux:Check single user login configuration:
AUTH-9328:test:security:authentication::Default umask values:
AUTH-9340:test:security:authentication:Solaris:Solaris account locking:
AUTH-9402:test:security:authentication::Query LDAP authentication support:
AUTH-9406:test:security:authentication::Query LDAP servers in client configuration:
AUTH-9408:test:security:authentication::Logging of failed login attempts via /etc/login.defs:
BANN-7113:test:security:banners:FreeBSD:Check COPYRIGHT banner file:
#BANN-7119:test:security:banners::Check MOTD banner file:
#BANN-7122:test:security:banners::Check /etc/motd banner file contents:
BANN-7124:test:security:banners::Check issue banner file:
BANN-7126:test:security:banners::Check issue banner file contents:
BANN-7128:test:security:banners::Check issue.net banner file:
BANN-7130:test:security:banners::Check issue.net banner file contents:
BOOT-5102:test:security:boot_services:AIX:Check for AIX boot device:
BOOT-5104:test:security:boot_services::Determine service manager:
BOOT-5106:test:security:boot_services:MacOS:Check EFI boot file on Mac OS X:
2016-08-18 15:32:27 +02:00
BOOT-5108:test:security:boot_services:Linux:Test Syslinux boot loader:
BOOT-5116:test:security:boot_services::Check if system is booted in UEFI mode:
BOOT-5121:test:security:boot_services::Check for GRUB boot loader presence:
BOOT-5122:test:security:boot_services::Check for GRUB boot password:
BOOT-5124:test:security:boot_services:FreeBSD:Check for FreeBSD boot loader presence:
BOOT-5126:test:security:boot_services:NetBSD:Check for NetBSD boot loader presence:
BOOT-5139:test:security:boot_services::Check for LILO boot loader presence:
BOOT-5142:test:security:boot_services::Check SPARC Improved boot loader (SILO):
#BOOT-5144:test:security:boot_services::Check SPARC Improved boot loader (SILO):
BOOT-5155:test:security:boot_services::Check for YABOOT boot loader configuration file:
BOOT-5159:test:security:boot_services:OpenBSD:Check for OpenBSD boot loader presence:
BOOT-5165:test:security:boot_services:FreeBSD:Check for FreeBSD boot services:
BOOT-5177:test:security:boot_services:Linux:Check for Linux boot and running services:
BOOT-5180:test:security:boot_services:Linux:Check for Linux boot services (Debian style):
BOOT-5184:test:security:boot_services:Linux:Check permissions for boot files/scripts:
BOOT-5202:test:security:boot_services::Check uptime of system:
BOOT-5260:test:security:boot_services::Check single user mode for systemd:
CONT-8004:test:security:containers:Solaris:Query running Solaris zones:
#CONT-1906:test:security:containers::Query Xen guests:
CONT-8102:test:security:containers::Checking Docker status and information:
CONT-8104:test:security:containers::Checking Docker info for any warnings:
CONT-8106:test:security:containers::Gather basic stats from Docker:
2016-08-29 14:18:17 +02:00
CONT-8107:test:performance:containers::Check number of unused Docker containers:
CONT-8108:test:security:containers::Check file permissions for Docker files:
CRYP-7902:test:security:crypto::Check expire date of SSL certificates:
DBS-1804:test:security:databases::Checking active MySQL process:
#DBS-1808:test:security:databases::Checking MySQL data directory:
#DBS-1812:test:security:databases::Checking MySQL data directory permissions:
DBS-1816:test:security:databases::Checking MySQL root password:
DBS-1826:test:security:databases::Checking active PostgreSQL processes:
DBS-1840:test:security:databases::Checking active Oracle processes:
#DBS-1842:test:security:databases::Checking Oracle home paths:
DBS-1860:test:security:databases::Checking active DB2 instances:
2016-07-24 19:46:45 +02:00
DBS-1880:test:security:databases::Checking active Redis processes:
2016-08-11 19:54:59 +02:00
DBS-1882:test:security:databases::Redis configuration file:
2016-08-12 09:45:00 +02:00
DBS-1884:test:security:databases::Redis configuration (requirepass):
DBS-1886:test:security:databases::Redis configuration (CONFIG command renamed):
DBS-1888:test:security:databases::Redis configuration (bind on localhost):
FINT-4310:test:security:file_integrity::AFICK availability:
FINT-4314:test:security:file_integrity::AIDE availability:
FINT-4315:test:security:file_integrity::Check AIDE configuration file:
FINT-4318:test:security:file_integrity::Osiris availability:
FINT-4322:test:security:file_integrity::Samhain availability:
FINT-4326:test:security:file_integrity::Tripwire availability:
FINT-4328:test:security:file_integrity::OSSEC syscheck daemon running:
FINT-4330:test:security:file_integrity::mtree availability:
FINT-4334:test:security:file_integrity::Check lfd daemon status:
FINT-4336:test:security:file_integrity::Check lfd configuration status:
FINT-4338:test:security:file_integrity::osqueryd syscheck daemon running:
FINT-4402:test:security:file_integrity::Checksums (SHA256 or SHA512):
FINT-4350:test:security:file_integrity::File integrity software installed:
FILE-7524:test:security:file_permissions::Perform file permissions check:
FILE-6310:test:security:filesystems::Checking /tmp, /home and /var directory:
FILE-6311:test:security:filesystems::Checking LVM volume groups:
FILE-6312:test:security:filesystems::Checking LVM volumes:
#FILE-6316:test:security:filesystems:Linux:Checking /etc/fstab:
FILE-6323:test:security:filesystems:Linux:Checking EXT file systems:
FILE-6329:test:security:filesystems::Checking FFS/UFS file systems:
FILE-6330:test:security:filesystems:FreeBSD:Checking ZFS file systems:
FILE-6332:test:security:filesystems::Checking swap partitions:
FILE-6336:test:security:filesystems::Checking swap mount options:
FILE-6344:test:security:filesystems:Linux:Checking proc mount options:
FILE-6354:test:security:filesystems::Searching for old files in /tmp:
FILE-6362:test:security:filesystems::Checking /tmp sticky bit:
FILE-6368:test:security:filesystems:Linux:Checking ACL support on root file system:
FILE-6372:test:security:filesystems:Linux:Checking / mount options:
FILE-6374:test:security:filesystems:Linux:Checking /boot mount options:
FILE-6376:test:security:filesystems:Linux:Determine if /var/tmp is bound to /tmp:
FILE-6410:test:security:filesystems::Checking Locate database:
FILE-6430:test:security:filesystems::Disable mounting of some filesystems:
FIRE-4502:test:security:firewalls:Linux:Check iptables kernel module:
FIRE-4508:test:security:firewalls::Check used policies of iptables chains:
FIRE-4512:test:security:firewalls::Check iptables for empty ruleset:
FIRE-4513:test:security:firewalls::Check iptables for unused rules:
FIRE-4518:test:security:firewalls::Check pf firewall components:
FIRE-4520:test:security:firewalls::Check pf configuration consistency:
FIRE-4524:test:security:firewalls::Check for CSF presence:
FIRE-4526:test:security:firewalls:Solaris:Check ipf status:
FIRE-4530:test:security:firewalls:FreeBSD:Check IPFW status:
FIRE-4532:test:security:firewalls::Check Mac OS X application firewall:
FIRE-4536:test:security:firewalls:Linux:Check nftables status:
FIRE-4538:test:security:firewalls:Linux:Check nftables basic configuration:
2016-09-05 19:28:16 +02:00
FIRE-4540:test:security:firewalls:Linux:Test for empty nftables configuration:
FIRE-4590:test:security:firewalls::Check firewall status:
HRDN-7220:test:security:hardening::Check if one or more compilers are installed:
HRDN-7222:test:security:hardening::Check compiler permissions:
HRDN-7230:test:security:hardening::Check for malware scanner:
HOME-9302:test:security:homedirs::Create list with home directories:
HOME-9310:test:security:homedirs::Checking for suspicious shell history files:
#HOME-9314:test:security:homedirs::Create list with home directories:
HOME-9350:test:security:homedirs::Collecting information from home directories:
INSE-8002:test:security:insecure_services::Check for enabled inet daemon:
INSE-8004:test:security:insecure_services::Check for enabled inet daemon:
INSE-8006:test:security:insecure_services::Check configuration of inetd when disabled:
INSE-8016:test:security:insecure_services::Check for telnet via inetd:
KRNL-5622:test:security:kernel:Linux:Determine Linux default run level:
KRNL-5677:test:security:kernel:Linux:Check CPU options and support:
KRNL-5695:test:security:kernel:Linux:Determine Linux kernel version and release number:
KRNL-5723:test:security:kernel:Linux:Determining if Linux kernel is monolithic:
KRNL-5726:test:security:kernel:Linux:Checking Linux loaded kernel modules:
KRNL-5728:test:security:kernel:Linux:Checking Linux kernel config:
KRNL-5730:test:security:kernel:Linux:Checking disk I/O kernel scheduler:
KRNL-5745:test:security:kernel:FreeBSD:Checking FreeBSD loaded kernel modules:
KRNL-5770:test:security:kernel:Solaris:Checking active kernel modules:
KRNL-5788:test:security:kernel:Linux:Checking availability new Linux kernel:
KRNL-5820:test:security:kernel:Linux:Checking core dumps configuration:
#KRNL-5826:test:security:kernel:Linux:Checking core dumps configuration:
KRNL-5830:test:security:kernel:Linux:Checking if system is running on the latest installed kernel:
KRNL-6000:test:security:kernel_hardening::Check sysctl key pairs in scan profile:
LDAP-2219:test:security:ldap::Check running OpenLDAP instance:
LDAP-2224:test:security:ldap::Check presence slapd.conf:
LOGG-2130:test:security:logging::Check for running syslog daemon:
LOGG-2132:test:security:logging::Check for running syslog-ng daemon:
LOGG-2134:test:security:logging::Checking Syslog-NG configuration file consistency:
LOGG-2136:test:security:logging::Check for running systemd journal daemon:
LOGG-2210:test:security:logging::Check for running metalog daemon:
LOGG-2230:test:security:logging::Check for running RSyslog daemon:
LOGG-2240:test:security:logging::Check for running RFC 3195 compliant daemon:
LOGG-2138:test:security:logging:Linux:Checking kernel logger daemon on Linux:
LOGG-2142:test:security:logging:Linux:Checking minilog daemon:
LOGG-2146:test:security:logging::Checking logrotate.conf and logrotate.d:
LOGG-2148:test:security:logging::Checking logrotated files:
LOGG-2150:test:security:logging::Checking directories in logrotate configuration:
LOGG-2152:test:security:logging::Checking loghost:
LOGG-2154:test:security:logging::Checking syslog configuration file:
LOGG-2160:test:security:logging::Checking /etc/newsyslog.conf:
LOGG-2162:test:security:logging::Checking directories in /etc/newsyslog.conf:
LOGG-2164:test:security:logging::Checking files specified /etc/newsyslog.conf:
LOGG-2170:test:security:logging::Checking log paths:
LOGG-2180:test:security:logging::Checking open log files:
LOGG-2190:test:security:logging::Checking for deleted files in use:
2016-08-22 12:21:48 +02:00
LOGG-2192:test:security:logging::Checking for opened log files that are empty:
MACF-6204:test:security:mac_frameworks::Check AppArmor presence:
MACF-6208:test:security:mac_frameworks::Check if AppArmor is enabled:
MACF-6232:test:security:mac_frameworks::Check SELINUX presence:
MACF-6234:test:security:mac_frameworks::Check SELINUX status:
RBAC-6272:test:security:mac_frameworks::Check grsecurity presence:
MACF-6290:test:security:mac_frameworks::Check for implemented MAC framework:
MAIL-8802:test:security:mail_messaging::Check Exim status:
MAIL-8814:test:security:mail_messaging::Check postfix process status:
MAIL-8816:test:security:mail_messaging::Check Postfix configuration:
MAIL-8818:test:security:mail_messaging::banner:
MAIL-8838:test:security:mail_messaging::Check dovecot process:
MAIL-8860:test:security:mail_messaging::Check Qmail status:
MAIL-8880:test:security:mail_messaging::Check Sendmail status:
MAIL-8920:test:security:mail_messaging::Check OpenSMTPD status:
MALW-3275:test:security:malware::Check for chkrootkit:
MALW-3276:test:security:malware::Check for Rootkit Hunter:
MALW-3278:test:security:malware::Check for LMD:
MALW-3280:test:security:malware::Check if anti-virus tool is installed:
MALW-3282:test:security:malware::Check for clamscan:
MALW-3284:test:security:malware::Check for clamd:
MALW-3286:test:security:malware::Check for freshclam:
MALW-3288:test:security:malware::Check for ClamXav:
PROC-3602:test:security:memory_processes:Linux:Checking /proc/meminfo for memory details:
PROC-3604:test:security:memory_processes:Solaris:Query prtconf for memory details:
PROC-3612:test:security:memory_processes::Check dead or zombie processes:
PROC-3614:test:security:memory_processes::Check heavy IO waiting based processes:
NAME-4016:test:security:nameservices::Check /etc/resolv.conf default domain:
NAME-4018:test:security:nameservices::Check /etc/resolv.conf search domains:
NAME-4020:test:security:nameservices::Check non default options:
NAME-4024:test:security:nameservices:Solaris:Solaris uname -n output:
NAME-4026:test:security:nameservices:Solaris:Check /etc/nodename:
NAME-4028:test:security:nameservices::Check domain name:
NAME-4032:test:security:nameservices::Check nscd status:
NAME-4034:test:security:nameservices::Check Unbound status:
NAME-4036:test:security:nameservices::Check Unbound configuration file:
NAME-4202:test:security:nameservices::Check BIND status:
NAME-4204:test:security:nameservices::Search BIND configuration file:
NAME-4206:test:security:nameservices::Check BIND configuration consistency:
#NAME-4050:test:security:nameservices::Check nscd status:
NAME-4210:test:security:nameservices::Check DNS banner:
#NAME-4212:test:security:nameservices::Check version setting in configuration:
#NAME-4220:test:security:nameservices::Check zone transfer:
#NAME-4222:test:security:nameservices::Check zone transfer:
NAME-4230:test:security:nameservices::Check PowerDNS status:
NAME-4232:test:security:nameservices::Search PowerDNS configuration file:
#NAME-4234:test:security:nameservices::Check PowerDNS configuration consistency:
NAME-4236:test:security:nameservices::Check PowerDNS backends:
NAME-4238:test:security:nameservices::Check PowerDNS authoritive status:
NAME-4304:test:security:nameservices::Check NIS ypbind status:
NAME-4306:test:security:nameservices::Check NIS domain:
NAME-4402:test:security:nameservices::Check duplicate line in /etc/hosts:
NAME-4404:test:security:nameservices::Check /etc/hosts contains an entry for this server name:
NAME-4406:test:security:nameservices::Check server hostname mapping:
NETW-2600:test:security:networking:Linux:Checking IPv6 configuration:
NETW-2704:test:security:networking::Basic nameserver configuration tests:
NETW-2705:test:security:networking::Check availability two nameservers:
NETW-3001:test:security:networking::Find default gateway (route):
NETW-3004:test:security:networking::Search available network interfaces:
NETW-3006:test:security:networking::Get network MAC addresses:
NETW-3008:test:security:networking::Get network IP addresses:
NETW-3012:test:security:networking::Check listening ports:
NETW-3014:test:security:networking::Checking promiscuous interfaces (BSD):
NETW-3015:test:security:networking:Linux:Checking promiscuous interfaces (Linux):
NETW-3028:test:security:networking::Checking connections in WAIT state:
NETW-3030:test:security:networking::Checking DHCP client status:
NETW-3032:test:security:networking:Linux:Checking for ARP monitoring software:
PHP-2211:test:security:php::Check php.ini presence:
PHP-2320:test:security:php::Check PHP disabled functions:
PHP-2368:test:security:php::Check PHP register_globals option:
PHP-2372:test:security:php::Check PHP expose_php option:
PHP-2374:test:security:php::Check PHP enable_dl option:
PHP-2376:test:security:php::Check PHP allow_url_fopen option:
PHP-2378:test:security:php::Check PHP allow_url_include option:
PKGS-7301:test:security:ports_packages::Query NetBSD pkg:
PKGS-7302:test:security:ports_packages::Query FreeBSD/NetBSD pkg_info:
PKGS-7303:test:security:ports_packages::Query brew package manager:
PKGS-7304:test:security:ports_packages::Querying Gentoo packages:
PKGS-7306:test:security:ports_packages:Solaris:Querying Solaris packages:
PKGS-7308:test:security:ports_packages::Checking package list with RPM:
PKGS-7310:test:security:ports_packages::Checking package list with pacman:
PKGS-7312:test:security:ports_packages::Checking available updates for pacman based system:
PKGS-7314:test:security:ports_packages::Checking pacman configuration options:
PKGS-7328:test:security:ports_packages::Querying Zypper for installed packages:
PKGS-7330:test:security:ports_packages::Querying Zypper for vulnerable packages:
PKGS-7345:test:security:ports_packages::Querying dpkg:
PKGS-7346:test:security:ports_packages::Search unpurged packages on system:
PKGS-7348:test:security:ports_packages:FreeBSD:Check for old distfiles:
PKGS-7350:test:security:ports_packages::Checking for installed packages with DNF utility:
PKGS-7352:test:security:ports_packages::Checking for security updates with DNF utility:
PKGS-7354:test:security:ports_packages::Checking package database integrity:
PKGS-7366:test:security:ports_packages::Checking for debsecan utility:
PKGS-7370:test:security:ports_packages::Checking for debsums utility:
PKGS-7378:test:security:ports_packages::Query portmaster for port upgrades:
PKGS-7380:test:security:ports_packages:NetBSD:Check for vulnerable NetBSD packages:
PKGS-7381:test:security:ports_packages::Check for vulnerable FreeBSD packages with pkg:
PKGS-7382:test:security:ports_packages::Check for vulnerable FreeBSD packages with portaudit:
PKGS-7383:test:security:ports_packages::Check for YUM package Update management:
PKGS-7384:test:security:ports_packages::Check for YUM utils package:
PKGS-7386:test:security:ports_packages::Check for YUM security package:
PKGS-7387:test:security:ports_packages::Check for GPG signing in YUM security package:
PKGS-7388:test:security:ports_packages::Check security repository in Debian/ubuntu apt sources.list file:
PKGS-7390:test:security:ports_packages:Linux:Check Ubuntu database consistency:
PKGS-7392:test:security:ports_packages:Linux:Check for Debian/Ubuntu security updates:
PKGS-7393:test:security:ports_packages::Check for Gentoo vulnerable packages:
PKGS-7394:test:security:ports_packages:Linux:Check for Ubuntu updates:
PKGS-7398:test:security:ports_packages::Check for package audit tool:
PKGS-7410:test:security:ports_packages::Count installed kernel packages:
PRNT-2302:test:security:printers_spools:FreeBSD:Check for printcap consistency:
PRNT-2304:test:security:printers_spools::Check cupsd status:
PRNT-2306:test:security:printers_spools::Check CUPSd configuration file:
PRNT-2307:test:security:printers_spools::Check CUPSd configuration file permissions:
PRNT-2308:test:security:printers_spools::Check CUPSd network configuration:
PRNT-2314:test:security:printers_spools::Check lpd status:
#PRNT-23xx:test::printers_spools:Check cupsd address configuration:security:
PRNT-2316:test:security:printers_spools:AIX:Checking /etc/qconfig file:
PRNT-2418:test:security:printers_spools:AIX:Checking qdaemon printer spooler status:
PRNT-2420:test:security:printers_spools:AIX:Checking old print jobs:
SCHD-7702:test:security:scheduling::Check status of cron daemon:
SCHD-7704:test:security:scheduling::Check crontab/cronjobs:
SCHD-7718:test:security:scheduling::Check at users:
SCHD-7720:test:security:scheduling::Check at users:
SCHD-7724:test:security:scheduling::Check at jobs:
SHLL-6202:test:security:shells:FreeBSD:Check console TTYs:
SHLL-6211:test:security:shells::Checking available and valid shells:
SHLL-6220:test:security:shells::Checking available and valid shells:
SHLL-6230:test:security:shells::Perform umask check for shell configurations:
SHLL-6290:test:security:shells::Perform Shellshock vulnerability tests:
SNMP-3302:test:security:snmp::Check for running SNMP daemon:
SNMP-3304:test:security:snmp::Check SNMP daemon file location:
SNMP-3306:test:security:snmp::Check SNMP communities:
#SOL-xxxx:test:security:solaris::Check for running SSH daemon:
#SOL-xxxx:test:security:solaris::Check for running SSH daemon:
SQD-3602:test:security:squid::Check for running Squid daemon:
SQD-3604:test:security:squid::Check Squid daemon file location:
SQD-3606:test:security:squid::Check Squid version:
SQD-3610:test:security:squid::Check Squid version:
SQD-3613:test:security:squid::Check Squid file permissions:
SQD-3614:test:security:squid::Check Squid authentication methods:
SQD-3616:test:security:squid::Check external Squid authentication:
SQD-3620:test:security:squid::Check Squid access control lists:
SQD-3624:test:security:squid::Check Squid safe ports:
SQD-3630:test:security:squid::Check Squid reply_body_max_size option:
SQD-3680:test:security:squid::Check Squid version suppresion:
SSH-7402:test:security:ssh::Check for running SSH daemon:
SSH-7404:test:security:ssh::Check SSH daemon file location:
SSH-7408:test:security:ssh::Check SSH specific defined options:
SSH-7440:test:security:ssh::AllowUsers and AllowGroups:
STRG-1840:test:security:storage:Linux:Check if USB storage is disabled:
STRG-1842:test:security:storage:Linux:Check USB authorizations:
STRG-1846:test:security:storage:Linux:Check if firewire storage is disabled:
STRG-1902:test:security:storage_nfs::Check rpcinfo registered programs:
STRG-1904:test:security:storage_nfs::Check nfs rpc:
STRG-1906:test:security:storage_nfs::Check nfs rpc:
STRG-1920:test:security:storage_nfs::Checking NFS daemon:
#STRG-1924:test:security:storage_nfs::Checking NFS daemon:
STRG-1926:test:security:storage_nfs::Checking NFS exports:
STRG-1928:test:security:storage_nfs::Checking empty /etc/exports:
STRG-1930:test:security:storage_nfs::Check client access to nfs share:
TIME-3104:test:security:time::Check for running NTP daemon or client:
TIME-3106:test:security:time::Check systemd NTP time synchronization status:
TIME-3112:test:security:time::Check active NTP associations ID's:
TIME-3116:test:security:time::Check peers with stratum value of 16:
TIME-3120:test:security:time::Check unreliable NTP peers:
TIME-3124:test:security:time::Check selected time source:
TIME-3128:test:security:time::Check preffered time source:
TIME-3132:test:security:time::Check NTP falsetickers:
TIME-3136:test:security:time:Linux:Check NTP protocol version:
#TIME-3146:test:security:time:Linux:Check /etc/default/ntpdate:
TIME-3160:test:security:time:Linux:Check empty NTP step-tickers:
TIME-3170:test:security:time::Check configuration files:
TOOL-5002:test:security:tooling::Checking for automation tools:
TOOL-5102:test:security:tooling::Check for presence of Fail2ban:
2016-07-30 12:05:55 +02:00
TOOL-5104:test:security:tooling::Enabled tests for Fail2ban:
TOOL-5190:test:security:tooling::Check presence of available IDS/IPS tooling:
#VIRT-1920:test::virtualization:Checking VMware guest status:security:
HTTP-6622:test:security:webservers::Checking Apache presence:
HTTP-6624:test:security:webservers::Testing main Apache configuration file:
HTTP-6626:test:security:webservers::Testing other Apache configuration file:
#HTTP-6628:test:security:webservers::Testing other Apache configuration file:
#HTTP-6630:test:security:webservers::Determining all loaded Apache modules:
HTTP-6632:test:security:webservers::Determining all available Apache modules:
HTTP-6640:test:security:webservers::Determining existence of specific Apache modules:
HTTP-6641:test:security:webservers::Determining existence of specific Apache modules:
#HTTP-6642:test:security:webservers::Determining existence of specific Apache modules:
HTTP-6643:test:security:webservers::Determining existence of specific Apache modules:
HTTP-6702:test:security:webservers::Check nginx process:
HTTP-6704:test:security:webservers::Check nginx configuration file:
HTTP-6706:test:security:webservers::Check for additional nginx configuration files:
HTTP-6708:test:security:webservers::Check discovered nginx configuration settings:
HTTP-6710:test:security:webservers::Check nginx SSL configuration settings:
HTTP-6712:test:security:webservers::Check nginx access logging:
HTTP-6714:test:security:webservers::Check for missing error logs in nginx:
HTTP-6716:test:security:webservers::Check for debug mode on error log in nginx:
#HTTP-67xx:test:security:webservers::Check nginx virtual hosts:
#HTTP-67xx:test:security:webservers::Check nginx virtual hosts:
HTTP-6720:test:security:webservers::Check Nginx log files:
# EOF