tyler.durden
/
lynis
mirror of https://github.com/CISOfy/lynis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Updated log with latest changes

This commit is contained in:
mboelen 2015-10-14 10:30:04 +02:00
parent 6bea4e0334
commit 24a006da14
1 changed files with 22 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
CHANGELOG
View File

@ -17,7 +17,7 @@
================================================================================ ================================================================================
= Lynis 2.2.0 (release in development) = = Lynis 2.1.x (2.2.0 release in development) =
This is an major release, which includes both new features and enhancements to existing tests. This is an major release, which includes both new features and enhancements to existing tests.
@ -30,8 +30,21 @@
Depending on the operating system, Lynis now tries to determine if failed logins are properly logged. This includes Depending on the operating system, Lynis now tries to determine if failed logins are properly logged. This includes
checking for /etc/login.defs [AUTH-9408]. Merged password check on Solaris into AUTH-9228. checking for /etc/login.defs [AUTH-9408]. Merged password check on Solaris into AUTH-9228.
PAM settings are now analyzed, including:
- Two-factor authentication methods
- Minimum password length, password strength and protection status against brute force cracking
report option: auth_failed_logins_logged report option: auth_failed_logins_logged
* Compliance
------------
Added new compliance_standards option to default.prf, to define if compliance testing should be performed, and for which standards.
Right now these (partial) standards are included:
- HIPAA
- ISO27001/ISO27002
- PCI-DSS
* DNS and Name services * DNS and Name services
----------------------- -----------------------
Support added for Unbound DNS caching tool [NAME-4034] Support added for Unbound DNS caching tool [NAME-4034]
@ -45,7 +58,7 @@
* Malware * Malware
--------- ---------
LMD (Linux Malware Detect) is now recognized as a malware scanner ESET and LMD (Linux Malware Detect) is now recognized as a malware scanner. Discovered malware scanners are now also logged to the report.
* Mount points * Mount points
-------------- --------------
@ -76,15 +89,19 @@
[BOOT-5180] Only gets executed if runlevel 2 is found [BOOT-5180] Only gets executed if runlevel 2 is found
[CONT-8108] New test to test for Docker file permissions [CONT-8108] New test to test for Docker file permissions
[FILE-6410] Added /var/lib/locatedb as search path [FILE-6410] Added /var/lib/locatedb as search path
[HOME-9310] Use POSIX compatible flags to avoid errors on BusyBox
[MALW-3278] New test to detect LMD (Linux Malware Detect) [MALW-3278] New test to detect LMD (Linux Malware Detect)
[SHLL-6230] Test for umask values in shell configuration files (e.g. rc files) [SHLL-6230] Test for umask values in shell configuration files (e.g. rc files)
[TIME-3104] Show only suggestion on FreeBSD systems if ntpdate is configured, yet ntpd isn't running [TIME-3104] Show only suggestion on FreeBSD systems if ntpdate is configured, yet ntpd isn't running
* Functions * Functions
----------- -----------
[ExitCustom] New function to allow program to exit with a different exit code, depending on outcome. [DigitsOnly] New function to extract only numbers from a text string
[DisplayManual] New function to show text on screen without any markup
[ExitCustom] New function to allow program to exit with a different exit code, depending on outcome
[ReportSuggestion] Allows two additional parameters to store details (text and external reference to a solution) [ReportSuggestion] Allows two additional parameters to store details (text and external reference to a solution)
[ReportWarning] Like ReportSuggestion() has additional parameters [ReportWarning] Like ReportSuggestion() has additional parameters
[ShowComplianceFinding] Display compliance findings
* General improvements * General improvements
---------------------- ----------------------