diff --git a/default.prf b/default.prf index 1bf67b60..50e0726f 100644 --- a/default.prf +++ b/default.prf @@ -5,7 +5,7 @@ # This is the default profile and is used as a baseline when testing systems and # applications. Since there are generally no "best" options, Lynis will assume # some default values. -# +# # All empty lines or with the # prefix will be skipped # # This is the default profile and contains default values. You are encouraged to @@ -31,9 +31,12 @@ config:show_tool_tips:1: # ################################################################################# -# ** Scan type (how deep test has to be, light, normal or full) ** +# ** Scan type ** # -# config:test_scan_mode:light|normal|full: +# Description: How deep the audit should be +# Values: light, normal or full (default) +# +# config:test_scan_mode:full: # ** Skip one or more specific tests ** @@ -42,8 +45,10 @@ config:show_tool_tips:1: # config:test_skip_always:AAAA-1234 BBBB-5678 CCCC-9012: -# ** Define the role(s) of a machine ** -# Values: desktop|server (default: server) +# ** Define machine role ** +# +# Description: defines the role of the system +# Values: desktop, server (default) # #config:machine_role:server: @@ -69,9 +74,12 @@ plugin=dns plugin=docker plugin=file-integrity plugin=file-systems -plugin=files plugin=firewalls +plugin=forensics +plugin=intrusion-detection +plugin=intrusion-prevention plugin=kernel +plugin=malware plugin=memory plugin=nginx plugin=processes @@ -84,9 +92,9 @@ plugin=users ################################################################################# # -# Sysctl options +# Kernel options # --------------- -# sysctl::::: +# sysctl::::: # # Sysctl key = name # Expected value = value of sysctl key