tyler.durden
/
lynis
mirror of https://github.com/CISOfy/lynis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Added usage of ss to gather listening ports in NETW-3012

This commit is contained in:
mboelen 2014-09-19 16:18:09 +02:00
parent 4a1f52e81b
commit 475b6c3799
1 changed files with 9 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
include/tests_networking
View File

@ -207,7 +207,7 @@
# Version which works for multiple types of ifconfig (e.g. Slackware) # Version which works for multiple types of ifconfig (e.g. Slackware)
FIND2=`${IFCONFIGBINARY} -a | awk '{ if ($1=="inet6" && $2=="addr:") { print $3 } else { if ($1=="inet6" && $3=="prefixlen") { print $2 } } }'` FIND2=`${IFCONFIGBINARY} -a | awk '{ if ($1=="inet6" && $2=="addr:") { print $3 } else { if ($1=="inet6" && $3=="prefixlen") { print $2 } } }'`
else else
ReportException "${TEST_NO}:2" "Due to missing ifconfig no method to collect hardware address (MAC)" ReportException "${TEST_NO}:2" "Due to missing ifconfig no method to collect hardware address (ip address)"
fi fi
;; ;;
MacOS) MacOS)
@ -268,7 +268,14 @@
# TCP # TCP
FIND2=`${NETSTATBINARY} -nlp 2> /dev/null | grep "^tcp" | awk '{ if($6=="LISTEN") { print $4"|"$1"|"$7"|" }}' | sed 's:|[0-9]*/:|:'` FIND2=`${NETSTATBINARY} -nlp 2> /dev/null | grep "^tcp" | awk '{ if($6=="LISTEN") { print $4"|"$1"|"$7"|" }}' | sed 's:|[0-9]*/:|:'`
else else
ReportException "${TEST_NO}:1" "netstat binary is missing" if [ ! "${SSBINARY}" = "" ]; then
# UDP
FIND=`${SSBINARY} -u -a -n | awk '{ print $4 }' | grep -v Local`
# TCP
FIND2=`${SSBINARY} -t -a -n | awk '{ print $4 }' | grep -v Local`
else
ReportException "${TEST_NO}:1" "netstat and ss binary missing to gather listening ports"
fi
fi fi
;; ;;