Change of variables for IDS/IPS and layout changes

2016-04-15 20:07:20 +02:00 · 2016-04-15 20:07:20 +02:00 · 1205511c9d
parent e86f0522bf
commit 1205511c9d
3 changed files with 18 additions and 13 deletions
--- a/include/consts
+++ b/include/consts
@ -87,6 +87,7 @@ unset LANG
    HAS_SYSTEMD=0
    HELPER=""
    HOSTID=""
+    IDS_IPS_TOOL_FOUND=0
    IPTABLESBINARY=""
    LINUX_VERSION=""
    LINUXCONFIGFILE=""
--- a/include/report
+++ b/include/report
@ -169,11 +169,15 @@
            echo "  ${CYAN}Tests performed${NORMAL} : ${WHITE}${CTESTS_PERFORMED}${NORMAL}"
            echo "  ${CYAN}Plugins enabled${NORMAL} : ${WHITE}${N_PLUGIN_ENABLED}${NORMAL}"
            echo ""
-            echo "  ${WHITE}Quick overview${NORMAL}:"
+            echo "  ${WHITE}Components${NORMAL}:"
            if [ ${FIREWALL_ACTIVE} -eq 1 ]; then FIREWALL="${GREEN}V"; else FIREWALL="${RED}X"; fi
            if [ ${MALWARE_SCANNER_INSTALLED} -eq 1 ]; then MALWARE="${GREEN}V"; else MALWARE="${RED}X"; fi
+            if [ ${IDS_IPS_TOOL_FOUND} -eq 1 ]; then IDSIPS="${GREEN}V"; else IDSIPS="${RED}X"; fi

-            echo "  - Firewall [${FIREWALL}${NORMAL}] - Malware scanner [${MALWARE}${NORMAL}]"
+            echo "  - Firewall               [${FIREWALL}${NORMAL}]"
+            #echo "  - Integrity monitoring   [${IDSIPS}${NORMAL}]""
+            #echo "  - Intrusion software     [${IDSIPS}${NORMAL}]"
+            echo "  - Malware scanner        [${MALWARE}${NORMAL}]"

            echo ""
            echo "  ${SECTION}Lynis Modules${NORMAL}:"
--- a/include/tests_tooling
+++ b/include/tests_tooling
@ -161,13 +161,13 @@
        # Fail2ban presence
        if [ ! "${FAIL2BANBINARY}" = "" ]; then
            LogText "Result: Fail2ban is installed (${FAIL2BANBINARY})"
-            IPS_TOOL_FOUND=1
+            IDS_IPS_TOOL_FOUND=1
+            report "ids_ips_tooling[]=fail2ban"
            FAIL2BAN_FOUND=1
            Report "IPS_tool_running[]=fail2ban-server"
            Display --indent 2 --text "- Checking presence of Fail2ban" --result FOUND --color GREEN
          else
            LogText "Result: Fail2ban not present (fail2ban-server not found)"
-            Display --indent 2 --text "- Checking presence of Fail2ban" --result "NOT FOUND" --color WHITE
        fi

        # Fail2ban configuration
@ -268,16 +268,16 @@
 #################################################################################
 #
    # Test        : TOOL-5190
-    # Description : Check for an IPS tool
-    Register --test-no TOOL-5014 --weight L --network NO --description "Check presence of IPS tool"
+    # Description : Check for an IDS/IPS tool
+    Register --test-no TOOL-5014 --weight L --network NO --description "Check presence of IDS/IPS tool"
    if [ ${SKIPTEST} -eq 0 ]; then

-        if [ ${IPS_TOOL_FOUND} -eq 1 ]; then
-            Display --indent 2 --text "- Checking for implemented IPS" --result FOUND --color GREEN
+        if [ ${IDS_IPS_TOOL_FOUND} -eq 1 ]; then
+            Display --indent 2 --text "- Checking for intrusion detection/prevention system" --result FOUND --color GREEN
            AddHP 2 2
          else
-            Display --indent 2 --text "- Checking for implemented IPS" --result NONE --color YELLOW
-            #ReportSuggestion ${TEST_NO} "Ensure that automatic intrusion prevention tools are installed"
+            Display --indent 2 --text "- Checking for intrusion detection/prevention system" --result NONE --color YELLOW
+            #ReportSuggestion ${TEST_NO} "Ensure that automatic intrusion detection/prevention tools are installed"
            AddHP 0 2
        fi
    fi