mirror of https://github.com/CISOfy/lynis.git
Update of the files to reflect HTTPS version of website and 2015. Happy New Year!
This commit is contained in:
parent
c5f8a3fe62
commit
5caf4ddc4f
56
CHANGELOG
56
CHANGELOG
|
@ -7,16 +7,66 @@
|
|||
|
||||
Author: Michael Boelen (michael.boelen@cisofy.com)
|
||||
Description: Security and system auditing tool
|
||||
Website: http://cisofy.com/lynis/
|
||||
Website: https://cisofy.com/lynis/
|
||||
|
||||
Support policy: See section 'Support' (README file);
|
||||
Commercial support and plugins available via CISOfy
|
||||
http://cisofy.com
|
||||
https://cisofy.com
|
||||
|
||||
Documentation: See web site, README, FAQ and CHANGELOG file
|
||||
|
||||
================================================================================
|
||||
|
||||
* 1.6.5 (2015-01-xx)
|
||||
|
||||
New:
|
||||
- Added --report-file parameter for alternative report file location
|
||||
- Added --dump-options to quickly see all available options
|
||||
- Added --upload-url for Lynis Enterprise users
|
||||
- Added support for dpkg, initctl, launchctl and smtpctl binaries
|
||||
- Added support for pkg_admin binaries
|
||||
- Added initial support for nftables
|
||||
- Added systemd journal test [LOGG-2136]
|
||||
- Check for systemd rescue.service [BOOT-5260]
|
||||
- Detecting service manager like BSD's rc, upstart, systemd [BOOT-5104]
|
||||
|
||||
Changes:
|
||||
- Skip missing NTP daemon or client warning for virtual machines [TIME-3104]
|
||||
- Check pkgs-vulnerabilities file before performing audit [PKGS-7381]
|
||||
- Don't warn for missing klogd when using systemd-journal [LOGG-2138]
|
||||
- Test if OpenSMTPD runs on other platforms than OpenBSD [MAIL-8920]
|
||||
- Use suggestion instead of warning for expired warnings [CRYP-9702]
|
||||
- Use ntpdate check for systems based on FreeBSD as well [TIME-3104]
|
||||
- Show users starting at ID 1000 when using a Linux system [AUTH-9234]
|
||||
- Reboot test enhanced to work on Arch Linux and others [KRNL-5830]
|
||||
- Do not show suggestion for compiler hardening in this test [HRDN-7220]
|
||||
- Check if vulnerability database is present on the system [PKGS-7380]
|
||||
- Uptime support for DragonFly BSD, FreeBSD and NetBSD [TIME-5202]
|
||||
- GRUB2 password protection test added to test [BOOT-5122]
|
||||
- Check presence of /dev/pf before querying pf rules [FIRE-4518]
|
||||
- Show only unique files for deleted files [LOGG-2190]
|
||||
- Removed warning if no swap is found [FILE-6332]
|
||||
- Added php.ini location for NetBSD systems
|
||||
- Added --progress to Register function to show progress on screen
|
||||
- Added /srv/www to default certificate search path (default.prf)
|
||||
- Show if compliance tests have been performed in report output
|
||||
- Improved virtualization detection for different platforms
|
||||
- Enabled several new plugins for Lynis Enterprise users
|
||||
- Changed copyrights in files to author and company entity
|
||||
- Added /usr/pkg/bin and /usr/pkg/sbin to binary paths
|
||||
- Added Docker support in virtualization detection routine
|
||||
- Added sysctl key kernel.kptr_restrict to profile
|
||||
- Several minor adjustments to functions
|
||||
- Improved version detection on Gentoo systems
|
||||
- Enhanced screen output for DragonFly BSD
|
||||
- Updated default.prf template
|
||||
- Perform hostname check for some tests
|
||||
- Changed links to HTTPS version of website
|
||||
- Log system manager
|
||||
- Updated man page
|
||||
|
||||
--
|
||||
|
||||
* 1.6.4 (2014-11-04)
|
||||
|
||||
New:
|
||||
|
@ -1642,5 +1692,5 @@
|
|||
|
||||
|
||||
================================================================================
|
||||
Lynis - Copyright 2007-2014, CISOfy, Michael Boelen - The Netherlands
|
||||
Lynis - Copyright 2007-2015, Michael Boelen, CISOfy - https://cisofy.com
|
||||
|
||||
|
|
|
@ -26,5 +26,4 @@
|
|||
|
||||
|
||||
================================================================================
|
||||
Lynis - Copyright 2007-2014, Michael Boelen - The Netherlands
|
||||
http://cisofy.com
|
||||
Lynis - Copyright 2007-2015, Michael Boelen, CISOfy - https://cisofy.com
|
||||
|
|
2
FAQ
2
FAQ
|
@ -94,4 +94,4 @@
|
|||
|
||||
|
||||
================================================================================
|
||||
Lynis - Copyright 2007-2014, Michael Boelen, CISOfy - https://cisofy.com
|
||||
Lynis - Copyright 2007-2015, Michael Boelen, CISOfy - https://cisofy.com
|
||||
|
|
2
INSTALL
2
INSTALL
|
@ -45,4 +45,4 @@
|
|||
|
||||
|
||||
================================================================================
|
||||
Lynis - Copyright 2007-2014, Michael Boelen, CISOfy - https://cisofy.com
|
||||
Lynis - Copyright 2007-2015, Michael Boelen, CISOfy - https://cisofy.com
|
||||
|
|
2
README
2
README
|
@ -132,4 +132,4 @@
|
|||
|
||||
|
||||
================================================================================
|
||||
Lynis - Copyright 2007-2014, Michael Boelen, CISOfy - https://cisofy.com
|
||||
Lynis - Copyright 2007-2015, Michael Boelen, CISOfy - https://cisofy.com
|
||||
|
|
13
README.md
13
README.md
|
@ -4,10 +4,15 @@ lynis
|
|||
Lynis - Security auditing and hardening tool for Unix/Linux based systems
|
||||
|
||||
Lynis is an security auditing and hardening tool for Unix derivatives like Linux, BSD and Solaris. It performs
|
||||
an in-depth scan on the system to detect software and security issues. Besides information related to security,
|
||||
it will also scan for general system information, installed packages, and possible configuration mistakes. The
|
||||
software is aimed at assisting automated auditing, configuration management, software patch management,
|
||||
vulnerability detection, and malware scanning of Unix-based systems.
|
||||
an in-depth security scan on the system to detect software and security issues. Besides information related to
|
||||
security, it will also scan for general system information, installed packages, and possible configuration
|
||||
mistakes.
|
||||
|
||||
The software is aimed at assisting with automated auditing, configuration management, software patch management,
|
||||
penetration testing, vulnerability management, and malware scanning of Unix-based systems.
|
||||
|
||||
Lynis is a great addition to the toolkit of security officers, auditors, system administrators and security
|
||||
professionals.
|
||||
|
||||
|
||||
|
||||
|
|
|
@ -5,8 +5,8 @@
|
|||
# Lynis
|
||||
# ------------------
|
||||
#
|
||||
# Copyright 2007-2014, Michael Boelen (michael.boelen@cisofy.com), The Netherlands
|
||||
# Web site: http://cisofy.com
|
||||
# Copyright 2007-2015, Michael Boelen, CISOfy (michael.boelen@cisofy.com)
|
||||
# Web site: https://cisofy.com
|
||||
#
|
||||
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
|
||||
# welcome to redistribute it under the terms of the GNU General Public License.
|
||||
|
@ -215,4 +215,4 @@ wait_for_keypress
|
|||
|
||||
#
|
||||
#================================================================================
|
||||
# Lynis - Copyright 2007-2014, Michael Boelen - http://cisofy.com - The Netherlands
|
||||
# Lynis - Copyright 2007-2015, Michael Boelen, CISOfy - https://cisofy.com
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
# Lynis
|
||||
# ------------------
|
||||
#
|
||||
# Copyright 2007-2014, Michael Boelen, CISOfy (michael.boelen@cisofy.com)
|
||||
# Copyright 2007-2015, Michael Boelen, CISOfy (michael.boelen@cisofy.com)
|
||||
# Web site: https://cisofy.com
|
||||
#
|
||||
# This software is licensed under GPL, version 3. See LICENSE file for
|
||||
|
@ -190,4 +190,4 @@ unset LANG
|
|||
#
|
||||
|
||||
#================================================================================
|
||||
# Lynis - Copyright 2007-2014, Michael Boelen, CISOfy - https://cisofy.com
|
||||
# Lynis - Copyright 2007-2015, Michael Boelen, CISOfy - https://cisofy.com
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
# Lynis
|
||||
# ------------------
|
||||
#
|
||||
# Copyright 2007-2014, Michael Boelen (michael@cisofy.com)
|
||||
# Copyright 2007-2015, Michael Boelen (michael@cisofy.com)
|
||||
# Web site: http://cisofy.com
|
||||
#
|
||||
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
|
||||
|
@ -120,4 +120,4 @@ output "Settings file: ${SETTINGS_FILE}"
|
|||
|
||||
#
|
||||
#================================================================================
|
||||
# Lynis - Copyright 2007-2014, Michael Boelen, CISOfy - https://cisofy.com
|
||||
# Lynis - Copyright 2007-2015, Michael Boelen, CISOfy - https://cisofy.com
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
# Lynis
|
||||
# ------------------
|
||||
#
|
||||
# Copyright 2007-2014 - Michael Boelen, CISOfy (michael.boelen@cisofy.com)
|
||||
# Copyright 2007-2015 - Michael Boelen, CISOfy (michael.boelen@cisofy.com)
|
||||
# https://cisofy.com
|
||||
#
|
||||
# This software is licensed under GPL, version 3. See LICENSE file for
|
||||
|
@ -1333,4 +1333,4 @@
|
|||
|
||||
#================================================================================
|
||||
# Lynis is part of Lynis Enterprise and released under GPLv3 license
|
||||
# Copyright 2007-2014 - Michael Boelen, CISOfy - https://cisofy.com
|
||||
# Copyright 2007-2015 - Michael Boelen, CISOfy - https://cisofy.com
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
# Lynis
|
||||
# ------------------
|
||||
#
|
||||
# Copyright 2007-2014, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Copyright 2007-2015, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Web site: http://www.rootkit.nl
|
||||
#
|
||||
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
|
||||
|
@ -206,4 +206,4 @@
|
|||
done
|
||||
|
||||
#================================================================================
|
||||
# Lynis - Copyright 2007-2014, Michael Boelen - www.rootkit.nl - The Netherlands
|
||||
# Lynis - Copyright 2007-2015, Michael Boelen - www.rootkit.nl - The Netherlands
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
# Lynis
|
||||
# ------------------
|
||||
#
|
||||
# Copyright 2007-2014, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Copyright 2007-2015, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Web site: http://www.rootkit.nl
|
||||
#
|
||||
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
|
||||
|
@ -167,4 +167,4 @@
|
|||
logtextbreak
|
||||
|
||||
#================================================================================
|
||||
# Lynis - Copyright 2007-2014, Michael Boelen - CISOfy, https://cisofy.com
|
||||
# Lynis - Copyright 2007-2015, Michael Boelen - CISOfy, https://cisofy.com
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
# Lynis
|
||||
# ------------------
|
||||
#
|
||||
# Copyright 2007-2014, Michael Boelen, CISOfy (michael.boelen@cisofy.com)
|
||||
# Copyright 2007-2015, Michael Boelen, CISOfy (michael.boelen@cisofy.com)
|
||||
# Web site: https://cisofy.com
|
||||
#
|
||||
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
|
||||
|
@ -234,4 +234,4 @@
|
|||
|
||||
#
|
||||
#================================================================================
|
||||
# Lynis - Copyright 2007-2014, Michael Boelen - cisofy.com - The Netherlands
|
||||
# Lynis - Copyright 2007-2015, Michael Boelen - cisofy.com - The Netherlands
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
# Lynis
|
||||
# ------------------
|
||||
#
|
||||
# Copyright 2007-2014, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Copyright 2007-2015, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Web site: http://www.rootkit.nl
|
||||
#
|
||||
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
|
||||
|
@ -427,4 +427,4 @@ wait_for_keypress
|
|||
|
||||
#
|
||||
#================================================================================
|
||||
# Lynis - Copyright 2007-2014, Michael Boelen - http://cisofy.com - The Netherlands
|
||||
# Lynis - Copyright 2007-2015, Michael Boelen - http://cisofy.com - The Netherlands
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
# Lynis
|
||||
# ------------------
|
||||
#
|
||||
# Copyright 2007-2014, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Copyright 2007-2015, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Web site: http://www.rootkit.nl
|
||||
#
|
||||
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
|
||||
|
@ -246,4 +246,4 @@ wait_for_keypress
|
|||
# HPUX: /etc/copyright
|
||||
#
|
||||
#================================================================================
|
||||
# Lynis - Copyright 2007-2014, Michael Boelen - www.rootkit.nl - The Netherlands
|
||||
# Lynis - Copyright 2007-2015, Michael Boelen - www.rootkit.nl - The Netherlands
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
# Lynis
|
||||
# ------------------
|
||||
#
|
||||
# Copyright 2007-2014, CISOfy & Michael Boelen, The Netherlands
|
||||
# Copyright 2007-2015, CISOfy & Michael Boelen, The Netherlands
|
||||
# Web site: https://cisofy.com
|
||||
#
|
||||
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
|
||||
|
@ -730,4 +730,4 @@ wait_for_keypress
|
|||
|
||||
#
|
||||
#================================================================================
|
||||
# Lynis - Copyright 2007-2014, Michael Boelen - www.rootkit.nl - The Netherlands
|
||||
# Lynis - Copyright 2007-2015, Michael Boelen - www.rootkit.nl - The Netherlands
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
# Lynis
|
||||
# ------------------
|
||||
#
|
||||
# Copyright 2007-2014, Michael Boelen (michael.boelen@cisofy.com), CISOfy
|
||||
# Copyright 2007-2015, Michael Boelen (michael.boelen@cisofy.com), CISOfy
|
||||
# Web site: https://cisofy.com
|
||||
#
|
||||
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
|
||||
|
@ -79,4 +79,4 @@ wait_for_keypress
|
|||
|
||||
#
|
||||
#================================================================================
|
||||
# Lynis - Copyright 2007-2014, Michael Boelen, CISOfy - https://cisofy.com
|
||||
# Lynis - Copyright 2007-2015, Michael Boelen, CISOfy - https://cisofy.com
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
# Lynis
|
||||
# ------------------
|
||||
#
|
||||
# Copyright 2007-2014, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Copyright 2007-2015, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Web site: http://www.rootkit.nl
|
||||
#
|
||||
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
|
||||
|
@ -56,4 +56,4 @@ wait_for_keypress
|
|||
|
||||
#
|
||||
#================================================================================
|
||||
# Lynis - Copyright 2007-2014, Michael Boelen - www.rootkit.nl - The Netherlands
|
||||
# Lynis - Copyright 2007-2015, Michael Boelen - www.rootkit.nl - The Netherlands
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
# Lynis
|
||||
# ------------------
|
||||
#
|
||||
# Copyright 2007-2014, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Copyright 2007-2015, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Web site: http://www.rootkit.nl
|
||||
#
|
||||
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
|
||||
|
@ -151,4 +151,4 @@ wait_for_keypress
|
|||
|
||||
#
|
||||
#================================================================================
|
||||
# Lynis - Copyright 2007-2014, Michael Boelen - www.rootkit.nl - The Netherlands
|
||||
# Lynis - Copyright 2007-2015, Michael Boelen - www.rootkit.nl - The Netherlands
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
# Lynis
|
||||
# ------------------
|
||||
#
|
||||
# Copyright 2007-2014, Michael Boelen (michael.boelen@cisofy.com)
|
||||
# Copyright 2007-2015, Michael Boelen (michael.boelen@cisofy.com)
|
||||
# Web site: https://cisofy.com
|
||||
#
|
||||
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
|
||||
|
@ -222,4 +222,4 @@ wait_for_keypress
|
|||
|
||||
#
|
||||
#================================================================================
|
||||
# Lynis - Copyright 2007-2014 Michael Boelen, CISOfy - https://cisofy.com
|
||||
# Lynis - Copyright 2007-2015 Michael Boelen, CISOfy - https://cisofy.com
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
# Lynis
|
||||
# ------------------
|
||||
#
|
||||
# Copyright 2007-2014, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Copyright 2007-2015, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Web site: http://www.rootkit.nl
|
||||
#
|
||||
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
|
||||
|
@ -56,4 +56,4 @@ wait_for_keypress
|
|||
|
||||
#
|
||||
#================================================================================
|
||||
# Lynis - Copyright 2007-2014, Michael Boelen - www.rootkit.nl - The Netherlands
|
||||
# Lynis - Copyright 2007-2015, Michael Boelen - www.rootkit.nl - The Netherlands
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
# Lynis
|
||||
# ------------------
|
||||
#
|
||||
# Copyright 2007-2014, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Copyright 2007-2015, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Web site: http://www.rootkit.nl
|
||||
#
|
||||
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
|
||||
|
@ -601,4 +601,4 @@ wait_for_keypress
|
|||
|
||||
#
|
||||
#================================================================================
|
||||
# Lynis - Copyright 2007-2014, Michael Boelen - www.rootkit.nl - The Netherlands
|
||||
# Lynis - Copyright 2007-2015, Michael Boelen - www.rootkit.nl - The Netherlands
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
# Lynis
|
||||
# ------------------
|
||||
#
|
||||
# Copyright 2007-2014, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Copyright 2007-2015, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Web site: http://www.rootkit.nl
|
||||
#
|
||||
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
|
||||
|
@ -146,7 +146,7 @@
|
|||
|
||||
# Check status with pfctl
|
||||
logtext "Test: checking pf status via pfctl"
|
||||
if [ ! "${PFCTLBINARY}" = "" ]; then
|
||||
if [ ! "${PFCTLBINARY}" = "" -a -f /dev/pf ]; then
|
||||
FIND=`${PFCTLBINARY} -sa 2>&1 | grep "^Status" | head -1 | awk '{ print $2 }'`
|
||||
if [ "${FIND}" = "Enabled" ]; then
|
||||
Display --indent 2 --text "- Checking pf status (pfctl)" --result ENABLED --color GREEN
|
||||
|
@ -295,4 +295,4 @@ wait_for_keypress
|
|||
|
||||
#
|
||||
#================================================================================
|
||||
# Lynis - Copyright 2007-2014, Michael Boelen - www.rootkit.nl - The Netherlands
|
||||
# Lynis - Copyright 2007-2015, Michael Boelen - www.rootkit.nl - The Netherlands
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
# Lynis
|
||||
# ------------------
|
||||
#
|
||||
# Copyright 2007-2014, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Copyright 2007-2015, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Web site: http://www.rootkit.nl
|
||||
#
|
||||
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
|
||||
|
@ -134,4 +134,4 @@ wait_for_keypress
|
|||
|
||||
#
|
||||
#================================================================================
|
||||
# Lynis - Copyright 2007-2014, Michael Boelen - www.rootkit.nl - The Netherlands
|
||||
# Lynis - Copyright 2007-2015, Michael Boelen - www.rootkit.nl - The Netherlands
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
# Lynis
|
||||
# ------------------
|
||||
#
|
||||
# Copyright 2007-2014, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Copyright 2007-2015, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Web site: http://www.rootkit.nl
|
||||
#
|
||||
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
|
||||
|
@ -49,4 +49,4 @@
|
|||
|
||||
#
|
||||
#================================================================================
|
||||
# Lynis - Copyright 2007-2014, Michael Boelen - www.rootkit.nl - The Netherlands
|
||||
# Lynis - Copyright 2007-2015, Michael Boelen - www.rootkit.nl - The Netherlands
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
# Lynis
|
||||
# ------------------
|
||||
#
|
||||
# Copyright 2007-2014, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Copyright 2007-2015, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Web site: http://www.rootkit.nl
|
||||
#
|
||||
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
|
||||
|
@ -121,4 +121,4 @@ wait_for_keypress
|
|||
|
||||
#
|
||||
#================================================================================
|
||||
# Lynis - Copyright 2007-2014, Michael Boelen - www.rootkit.nl - The Netherlands
|
||||
# Lynis - Copyright 2007-2015, Michael Boelen - www.rootkit.nl - The Netherlands
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
# Lynis
|
||||
# ------------------
|
||||
#
|
||||
# Copyright 2007-2014, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Copyright 2007-2015, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Web site: http://www.rootkit.nl
|
||||
#
|
||||
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
|
||||
|
@ -117,4 +117,4 @@ wait_for_keypress
|
|||
|
||||
#
|
||||
#================================================================================
|
||||
# Lynis - Copyright 2007-2014, Michael Boelen - www.rootkit.nl - The Netherlands
|
||||
# Lynis - Copyright 2007-2015, Michael Boelen - www.rootkit.nl - The Netherlands
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
# Lynis
|
||||
# ------------------
|
||||
#
|
||||
# Copyright 2007-2014, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Copyright 2007-2015, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Web site: http://www.rootkit.nl
|
||||
#
|
||||
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
|
||||
|
@ -580,4 +580,4 @@ wait_for_keypress
|
|||
|
||||
#
|
||||
#================================================================================
|
||||
# Lynis - Copyright 2007-2014, Michael Boelen - http://cisofy.com - The Netherlands
|
||||
# Lynis - Copyright 2007-2015, Michael Boelen - http://cisofy.com - The Netherlands
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
# Lynis
|
||||
# ------------------
|
||||
#
|
||||
# Copyright 2007-2014, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Copyright 2007-2015, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Web site: http://www.rootkit.nl
|
||||
#
|
||||
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
|
||||
|
@ -66,4 +66,4 @@ wait_for_keypress
|
|||
|
||||
#
|
||||
#================================================================================
|
||||
# Lynis - Copyright 2007-2014, Michael Boelen - http://cisofy.com - The Netherlands
|
||||
# Lynis - Copyright 2007-2015, Michael Boelen - http://cisofy.com - The Netherlands
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
# Lynis
|
||||
# ------------------
|
||||
#
|
||||
# Copyright 2007-2014, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Copyright 2007-2015, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Web site: http://www.rootkit.nl
|
||||
#
|
||||
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
|
||||
|
@ -101,4 +101,4 @@ wait_for_keypress
|
|||
|
||||
#
|
||||
#================================================================================
|
||||
# Lynis - Copyright 2007-2014, Michael Boelen - www.rootkit.nl - The Netherlands
|
||||
# Lynis - Copyright 2007-2015, Michael Boelen - www.rootkit.nl - The Netherlands
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
# Lynis
|
||||
# ------------------
|
||||
#
|
||||
# Copyright 2007-2014, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Copyright 2007-2015, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Web site: http://www.rootkit.nl
|
||||
#
|
||||
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
|
||||
|
@ -491,4 +491,4 @@ wait_for_keypress
|
|||
|
||||
#
|
||||
#================================================================================
|
||||
# Lynis - Copyright 2007-2014, Michael Boelen - www.rootkit.nl - The Netherlands
|
||||
# Lynis - Copyright 2007-2015, Michael Boelen - www.rootkit.nl - The Netherlands
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
# Lynis
|
||||
# ------------------
|
||||
#
|
||||
# Copyright 2007-2014, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Copyright 2007-2015, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Web site: http://www.rootkit.nl
|
||||
#
|
||||
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
|
||||
|
@ -197,4 +197,4 @@ wait_for_keypress
|
|||
|
||||
#
|
||||
#================================================================================
|
||||
# Lynis - Copyright 2007-2014, Michael Boelen - www.rootkit.nl - The Netherlands
|
||||
# Lynis - Copyright 2007-2015, Michael Boelen - www.rootkit.nl - The Netherlands
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
# Lynis
|
||||
# ------------------
|
||||
#
|
||||
# Copyright 2007-2014, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Copyright 2007-2015, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Web site: http://www.rootkit.nl
|
||||
#
|
||||
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
|
||||
|
@ -226,7 +226,7 @@
|
|||
Register --test-no MAIL-8920 --preqs-met ${PREQS_MET} --weight L --network NO --description "Check OpenSMTPD status"
|
||||
if [ ${SKIPTEST} -eq 0 ]; then
|
||||
logtext "Test: check smtpd status"
|
||||
FIND=`${PSBINARY} ax | egrep "(/smtpd|smtpd: smtp)" | grep -v "grep"`
|
||||
FIND=`${PSBINARY} ax | egrep "(/smtpd|smtpd: \[priv\]|smtpd: smtp)" | grep -v "grep"`
|
||||
if [ ! "${FIND}" = "" ]; then
|
||||
logtext "Result: found running smtpd process"
|
||||
Display --indent 2 --text "- Checking OpenSMTPD status" --result RUNNING --color GREEN
|
||||
|
@ -267,4 +267,4 @@ wait_for_keypress
|
|||
|
||||
#
|
||||
#================================================================================
|
||||
# Lynis - Copyright 2007-2014, Michael Boelen - www.rootkit.nl - The Netherlands
|
||||
# Lynis - Copyright 2007-2015, Michael Boelen - www.rootkit.nl - The Netherlands
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
# Lynis
|
||||
# ------------------
|
||||
#
|
||||
# Copyright 2007-2014, Michael Boelen (michael.boelen@cisofy.com), The Netherlands
|
||||
# Copyright 2007-2015, Michael Boelen (michael.boelen@cisofy.com), The Netherlands
|
||||
# Web site: http://cisofy.com
|
||||
#
|
||||
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
|
||||
|
@ -207,4 +207,4 @@ wait_for_keypress
|
|||
|
||||
#
|
||||
#================================================================================
|
||||
# Lynis - Copyright 2007-2014, Michael Boelen - www.rootkit.nl - The Netherlands
|
||||
# Lynis - Copyright 2007-2015, Michael Boelen - www.rootkit.nl - The Netherlands
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
# Lynis
|
||||
# ------------------
|
||||
#
|
||||
# Copyright 2007-2014, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Copyright 2007-2015, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Web site: http://www.rootkit.nl
|
||||
#
|
||||
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
|
||||
|
@ -129,4 +129,4 @@ wait_for_keypress
|
|||
|
||||
#
|
||||
#================================================================================
|
||||
# Lynis - Copyright 2007-2014, Michael Boelen - www.rootkit.nl - The Netherlands
|
||||
# Lynis - Copyright 2007-2015, Michael Boelen - www.rootkit.nl - The Netherlands
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
# Lynis
|
||||
# ------------------
|
||||
#
|
||||
# Copyright 2007-2014, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Copyright 2007-2015, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Web site: http://www.rootkit.nl
|
||||
#
|
||||
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
|
||||
|
@ -18,7 +18,7 @@
|
|||
#
|
||||
#################################################################################
|
||||
#
|
||||
InsertSection "Software: name services"
|
||||
InsertSection "Name services"
|
||||
#
|
||||
#################################################################################
|
||||
#
|
||||
|
@ -606,4 +606,4 @@ wait_for_keypress
|
|||
|
||||
#
|
||||
#================================================================================
|
||||
# Lynis - Copyright 2007-2014 CISOfy, Michael Boelen - http://cisofy.com - The Netherlands
|
||||
# Lynis - Copyright 2007-2015 Michael Boelen, CISOfy - https://cisofy.com
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
# Lynis
|
||||
# ------------------
|
||||
#
|
||||
# Copyright 2007-2014, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Copyright 2007-2015, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Web site: http://www.rootkit.nl
|
||||
#
|
||||
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
|
||||
|
@ -502,4 +502,4 @@ wait_for_keypress
|
|||
|
||||
#
|
||||
#================================================================================
|
||||
# Lynis - Copyright 2007-2014, Michael Boelen - www.rootkit.nl - The Netherlands
|
||||
# Lynis - Copyright 2007-2015, Michael Boelen - www.rootkit.nl - The Netherlands
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
# Lynis
|
||||
# ------------------
|
||||
#
|
||||
# Copyright 2007-2014, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Copyright 2007-2015, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Web site: http://www.rootkit.nl
|
||||
#
|
||||
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
|
||||
|
@ -279,4 +279,4 @@ wait_for_keypress
|
|||
|
||||
#
|
||||
#================================================================================
|
||||
# Lynis - Copyright 2007-2014, Michael Boelen - www.rootkit.nl - The Netherlands
|
||||
# Lynis - Copyright 2007-2015, Michael Boelen - www.rootkit.nl - The Netherlands
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
# Lynis
|
||||
# ------------------
|
||||
#
|
||||
# Copyright 2007-2014, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Copyright 2007-2015, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Web site: http://www.rootkit.nl
|
||||
#
|
||||
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
|
||||
|
@ -21,6 +21,7 @@
|
|||
InsertSection "Ports and packages"
|
||||
PACKAGE_MGR_PKG=0
|
||||
PKG_AUDIT_TOOL_FOUND=0
|
||||
INSTALLED_PACKAGES=""
|
||||
#
|
||||
#################################################################################
|
||||
#
|
||||
|
@ -36,19 +37,17 @@
|
|||
Display --indent 4 --text "- Searching packages with pkg" --result FOUND --color GREEN
|
||||
report "package_manager[]=pkg"
|
||||
PACKAGE_MGR_PKG=1
|
||||
#logtext "Result: Found pkg"
|
||||
#logtext "Test: Querying pkg to get package list"
|
||||
#Display --indent 6 --text "- Querying pkg for installed packages"
|
||||
#logtext "Output:"; logtext "-----"
|
||||
#SPACKAGES=`/usr/sbin/pkg_info 2>&1 | sort | tr -s ' ' | cut -d ' ' -f1 | sed -e 's/^\(.*\)-\([0-9].*\)$/\1,\2/g'`
|
||||
#for J in ${SPACKAGES}; do
|
||||
# sPKG_NAME=`echo ${J} | cut -d ',' -f1`
|
||||
# sPKG_VERSION=`echo ${J} | cut -d ',' -f2`
|
||||
# logtext "Installed package: ${sPKG_NAME} (version: ${sPKG_VERSION})"
|
||||
# report "installed_package[]=${sPKG_NAME}|${sPKG_VERSION}|"
|
||||
#done
|
||||
else
|
||||
Display --indent 4 --text "- Searching pkg" --result "NOT INSTALLED" --color YELLOW
|
||||
logtext "Result: Found pkg"
|
||||
logtext "Test: Querying pkg to get package list"
|
||||
Display --indent 6 --text "- Querying pkg for installed packages"
|
||||
logtext "Output:"; logtext "-----"
|
||||
SPACKAGES=`/usr/sbin/pkg query %n,%v`
|
||||
for J in ${SPACKAGES}; do
|
||||
sPKG_NAME=`echo ${J} | cut -d ',' -f1`
|
||||
sPKG_VERSION=`echo ${J} | cut -d ',' -f2`
|
||||
logtext "Installed package: ${sPKG_NAME} (version: ${sPKG_VERSION})"
|
||||
INSTALLED_PACKAGES="${INSTALLED_PACKAGES}|${J}"
|
||||
done
|
||||
fi
|
||||
fi
|
||||
#
|
||||
|
@ -72,7 +71,7 @@
|
|||
sPKG_NAME=`echo ${J} | cut -d ',' -f1`
|
||||
sPKG_VERSION=`echo ${J} | cut -d ',' -f2`
|
||||
logtext "Installed package: ${sPKG_NAME} (version: ${sPKG_VERSION})"
|
||||
report "installed_package[]=${sPKG_NAME}|${sPKG_VERSION}|"
|
||||
INSTALLED_PACKAGES="${INSTALLED_PACKAGES}|${J}"
|
||||
done
|
||||
report "installed_packages=${N}"
|
||||
fi
|
||||
|
@ -122,7 +121,7 @@
|
|||
GPACKAGES=`equery l '*' | sed -e 's/[.*]//g'`
|
||||
for J in ${GPACKAGES}; do
|
||||
logtext "Found package ${J}"
|
||||
report "installed_package[]=${J}||"
|
||||
INSTALLED_PACKAGES="${INSTALLED_PACKAGES}|${J},0,"
|
||||
done
|
||||
else
|
||||
logtext "Result: emerge can NOT be found on this system"
|
||||
|
@ -146,7 +145,7 @@
|
|||
SPACKAGES=`/usr/bin/pkginfo -i | tr -s ' ' | cut -d ' ' -f2 | sed "s#^SUNW##"`
|
||||
for J in ${SPACKAGES}; do
|
||||
logtext "Found package ${J}"
|
||||
report "installed_package[]=${J}||"
|
||||
INSTALLED_PACKAGES="${INSTALLED_PACKAGES}|${J},0,"
|
||||
done
|
||||
else
|
||||
logtext "Result: pkginfo can NOT be found on this system"
|
||||
|
@ -176,7 +175,7 @@
|
|||
for J in ${SPACKAGES}; do
|
||||
N=`expr ${N} + 1`
|
||||
logtext "Found package: ${J}"
|
||||
report "installed_package[]=${J}||"
|
||||
INSTALLED_PACKAGES="${INSTALLED_PACKAGES}|${J},0,"
|
||||
done
|
||||
report "installed_packages=${N}"
|
||||
fi
|
||||
|
@ -209,7 +208,7 @@
|
|||
PACKAGE_NAME=`echo ${J} | awk -F, '{ print $1 }'`
|
||||
PACKAGE_VERSION=`echo ${J} | awk -F, '{ print $2 }'`
|
||||
logtext "Found package: ${PACKAGE_NAME} (version: ${PACKAGE_VERSION})"
|
||||
report "installed_package[]=${PACKAGE_NAME}|${PACKAGE_VERSION}|"
|
||||
INSTALLED_PACKAGES="${INSTALLED_PACKAGES}|${J}"
|
||||
done
|
||||
report "installed_packages=${N}"
|
||||
fi
|
||||
|
@ -286,7 +285,7 @@
|
|||
for I in ${FIND}; do
|
||||
N=`expr ${N} + 1`
|
||||
logtext "Installed package: ${I}"
|
||||
report "installed_package[]=${I}|-|"
|
||||
INSTALLED_PACKAGES="${INSTALLED_PACKAGES}|${J},0,"
|
||||
done
|
||||
report "installed_packages=${N}"
|
||||
else
|
||||
|
@ -334,13 +333,13 @@
|
|||
logtext "Test: Querying dpkg -l to get package list"
|
||||
Display --indent 6 --text "- Querying package manager"
|
||||
logtext "Output:"
|
||||
SPACKAGES=`dpkg -l 2>/dev/null | grep "^ii" | tr -s ' ' | tr ' ' '#' | sort`
|
||||
SPACKAGES=`dpkg -l 2>/dev/null | grep "^ii" | tr -s ' ' | tr ' ' ',' | sort`
|
||||
for J in ${SPACKAGES}; do
|
||||
N=`expr ${N} + 1`
|
||||
PACKAGE_NAME=`echo ${J} | cut -d '#' -f2`
|
||||
PACKAGE_VERSION=`echo ${J} | cut -d '#' -f3`
|
||||
PACKAGE_NAME=`echo ${J} | cut -d ',' -f2`
|
||||
PACKAGE_VERSION=`echo ${J} | cut -d ',' -f3`
|
||||
logtext "Found package: ${PACKAGE_NAME} (version: ${PACKAGE_VERSION})"
|
||||
report "installed_package[]=${PACKAGE_NAME}|${PACKAGE_VERSION}|"
|
||||
INSTALLED_PACKAGES="${INSTALLED_PACKAGES}|${PACKAGE_NAME},${PACKAGE_VERSION}"
|
||||
done
|
||||
report "installed_packages=${N}"
|
||||
else
|
||||
|
@ -468,7 +467,8 @@
|
|||
#
|
||||
# Test : PKGS-7381
|
||||
# Description : Check for vulnerable FreeBSD packages (with pkg)
|
||||
Register --test-no PKGS-7381 --os FreeBSD --weight L --network NO --description "Check for vulnerable FreeBSD packages"
|
||||
if [ -x /usr/sbin/pkg -a /var/db/pkg/vuln.xml ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi
|
||||
Register --test-no PKGS-7381 --preqs-met ${PREQS_MET} --weight L --network NO --description "Check for vulnerable FreeBSD packages"
|
||||
if [ ${SKIPTEST} -eq 0 ]; then
|
||||
if [ -x /usr/sbin/pkg ]; then
|
||||
FIND=`/usr/sbin/pkg audit | grep 'problem(s) in your installed packages found' | grep -v '0 problem(s) in your installed packages found'`
|
||||
|
@ -502,9 +502,10 @@
|
|||
#
|
||||
# Test : PKGS-7382
|
||||
# Description : Check for vulnerable FreeBSD packages
|
||||
Register --test-no PKGS-7382 --os FreeBSD --weight L --network NO --description "Check for vulnerable FreeBSD packages"
|
||||
# Notes : Newer machines should use pkg audit instead of portaudit
|
||||
if [ -x /usr/local/sbin/portaudit ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi
|
||||
Register --test-no PKGS-7382 --preqs-met ${PREQS_MET} --weight L --network NO --description "Check for vulnerable FreeBSD packages"
|
||||
if [ ${SKIPTEST} -eq 0 ]; then
|
||||
if [ -x /usr/local/sbin/portaudit ]; then
|
||||
PKG_AUDIT_TOOL_FOUND=1
|
||||
FIND=`/usr/local/sbin/portaudit | grep 'problem(s) in your installed packages found' | grep -v '0 problem(s) in your installed packages found'`
|
||||
if [ "${FIND}" = "" ]; then
|
||||
|
@ -523,10 +524,6 @@
|
|||
AddHP 1 2
|
||||
done
|
||||
fi
|
||||
else
|
||||
# Don't advice portaudit anymore, as pkg audit is the replacement (pkgng)
|
||||
logtext "Result: Portaudit not installed, can't perform vulnerability test."
|
||||
fi
|
||||
fi
|
||||
#
|
||||
#################################################################################
|
||||
|
@ -935,6 +932,10 @@
|
|||
# check for yum-changelog
|
||||
|
||||
|
||||
if [ ! "${INSTALLED_PACKAGES}" = "" ]; then
|
||||
report "installed_packages_array=${INSTALLED_PACKAGES}"
|
||||
fi
|
||||
|
||||
report "pkg_audit_tool=${PKG_AUDIT_TOOL}"
|
||||
report "pkg_audit_tool_found=${PKG_AUDIT_TOOL_FOUND}"
|
||||
|
||||
|
@ -943,4 +944,4 @@ wait_for_keypress
|
|||
|
||||
#
|
||||
#================================================================================
|
||||
# Lynis - Copyright 2007-2014, Michael Boelen - www.rootkit.nl - The Netherlands
|
||||
# Lynis - Copyright 2007-2015 Michael Boelen, CISOfy - https://cisofy.com
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
# Lynis
|
||||
# ------------------
|
||||
#
|
||||
# Copyright 2007-2014, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Copyright 2007-2015, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Web site: http://www.rootkit.nl
|
||||
#
|
||||
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
|
||||
|
@ -293,4 +293,4 @@ wait_for_keypress
|
|||
|
||||
#
|
||||
#================================================================================
|
||||
# Lynis - Copyright 2007-2014, Michael Boelen - www.rootkit.nl - The Netherlands
|
||||
# Lynis - Copyright 2007-2015, Michael Boelen - www.rootkit.nl - The Netherlands
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
# Lynis
|
||||
# ------------------
|
||||
#
|
||||
# Copyright 2007-2014, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Copyright 2007-2015, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Web site: http://www.rootkit.nl
|
||||
#
|
||||
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
|
||||
|
@ -247,4 +247,4 @@ wait_for_keypress
|
|||
|
||||
#
|
||||
#================================================================================
|
||||
# Lynis - Copyright 2007-2014, Michael Boelen - www.rootkit.nl - The Netherlands
|
||||
# Lynis - Copyright 2007-2015, Michael Boelen - www.rootkit.nl - The Netherlands
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
# Lynis
|
||||
# ------------------
|
||||
#
|
||||
# Copyright 2007-2014, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Copyright 2007-2015, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Web site: http://www.rootkit.nl
|
||||
#
|
||||
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
|
||||
|
@ -229,105 +229,105 @@
|
|||
logtext "Result: found ${FIND} as a valid shell"
|
||||
SHELLSHOCK_TMP=`mktemp /tmp/lynis-shellshock-test.XXXXXXXXXX` || exit 1
|
||||
|
||||
# CVE-2014-6271
|
||||
logtext "Test: Check for first exploit (CVE-2014-6271)"
|
||||
# CVE-2015-6271
|
||||
logtext "Test: Check for first exploit (CVE-2015-6271)"
|
||||
echo "env 'x=() { :;}; echo vulnerable' 'BASH_FUNC_x()=() { :;}; echo vulnerable' bash -c \"echo test\" 2>&1 | grep 'vulnerable'" > ${SHELLSHOCK_TMP}
|
||||
VULNERABLE=`${FIND} ${SHELLSHOCK_TMP} 2> /dev/null`
|
||||
rm -f ${SHELLSHOCK_TMP}
|
||||
if [ ! "${VULNERABLE}" = "" ]; then
|
||||
logtext "Output: ${VULNERABLE}"
|
||||
logtext "Result: Vulnerable to original shellshock (CVE-2014-6271)"
|
||||
Display --indent 2 --text "- Shellshock: CVE-2014-6271 (original shellshocker)" --result "WARNING" --color RED
|
||||
logtext "Result: Vulnerable to original shellshock (CVE-2015-6271)"
|
||||
Display --indent 2 --text "- Shellshock: CVE-2015-6271 (original shellshocker)" --result "WARNING" --color RED
|
||||
FOUND=1
|
||||
else
|
||||
logtext "Result: Not vulnerable to original shellshock (CVE-2014-6271)"
|
||||
#Display --indent 4 --text "- CVE-2014-6271 (original shellshocker)" --result "OK" --color GREEN
|
||||
logtext "Result: Not vulnerable to original shellshock (CVE-2015-6271)"
|
||||
#Display --indent 4 --text "- CVE-2015-6271 (original shellshocker)" --result "OK" --color GREEN
|
||||
fi
|
||||
|
||||
# CVE-2014-6277
|
||||
logtext "Test: Check for first exploit (CVE-2014-6277)"
|
||||
# CVE-2015-6277
|
||||
logtext "Test: Check for first exploit (CVE-2015-6277)"
|
||||
echo "(bash -c \"f() { x() { _;}; x() { _;} <<a; }\" 2>/dev/null || echo vulnerable) | grep 'vulnerable'" > ${SHELLSHOCK_TMP}
|
||||
VULNERABLE=`${FIND} ${SHELLSHOCK_TMP} 2> /dev/null`
|
||||
rm -f ${SHELLSHOCK_TMP}
|
||||
if [ ! "${VULNERABLE}" = "" ]; then
|
||||
logtext "Output: ${VULNERABLE}"
|
||||
logtext "Result: Vulnerable to original shellshock (CVE-2014-6277). This may not be a security risk, as distributions patched it. Still it shows your bash is vulnerable for crashing."
|
||||
Display --indent 2 --text "- Shellshock: CVE-2014-6277 (segfault, lcamtuf bug #1)" --result "WARNING" --color RED
|
||||
logtext "Result: Vulnerable to original shellshock (CVE-2015-6277). This may not be a security risk, as distributions patched it. Still it shows your bash is vulnerable for crashing."
|
||||
Display --indent 2 --text "- Shellshock: CVE-2015-6277 (segfault, lcamtuf bug #1)" --result "WARNING" --color RED
|
||||
# Do not trigger the warning for this particular test. Most distributions did actually patch it to reduce the security risks, while allowing it still to segfault.
|
||||
#FOUND=1
|
||||
else
|
||||
logtext "Result: Not vulnerable to original shellshock (CVE-2014-6277)"
|
||||
#Display --indent 4 --text "- CVE-2014-6277 (segfault, lcamtuf bug #1)" --result "OK" --color GREEN
|
||||
logtext "Result: Not vulnerable to original shellshock (CVE-2015-6277)"
|
||||
#Display --indent 4 --text "- CVE-2015-6277 (segfault, lcamtuf bug #1)" --result "OK" --color GREEN
|
||||
fi
|
||||
|
||||
# CVE-2014-6278
|
||||
logtext "Test: Check for CVE-2014-6278"
|
||||
# CVE-2015-6278
|
||||
logtext "Test: Check for CVE-2015-6278"
|
||||
echo "shellshocker='() { echo vulnerable; }' bash -c shellshocker 2>/dev/null | grep 'vulnerable'" > ${SHELLSHOCK_TMP}
|
||||
VULNERABLE=`${FIND} ${SHELLSHOCK_TMP} 2> /dev/null`
|
||||
rm -f ${SHELLSHOCK_TMP}
|
||||
if [ ! "${VULNERABLE}" = "" ]; then
|
||||
logtext "Output: ${VULNERABLE}"
|
||||
logtext "Result: Vulnerable to CVE-2014-6278"
|
||||
Display --indent 2 --text "- Shellshock: CVE-2014-6278 (Florian's patch, lcamtuf bug #2)" --result "WARNING" --color RED
|
||||
logtext "Result: Vulnerable to CVE-2015-6278"
|
||||
Display --indent 2 --text "- Shellshock: CVE-2015-6278 (Florian's patch, lcamtuf bug #2)" --result "WARNING" --color RED
|
||||
FOUND=1
|
||||
else
|
||||
logtext "Result: Not vulnerable to CVE-2014-6278"
|
||||
#Display --indent 4 --text "- CVE-2014-6278 (Florian's patch, lcamtuf bug #2)" --result "OK" --color GREEN
|
||||
logtext "Result: Not vulnerable to CVE-2015-6278"
|
||||
#Display --indent 4 --text "- CVE-2015-6278 (Florian's patch, lcamtuf bug #2)" --result "OK" --color GREEN
|
||||
fi
|
||||
|
||||
# CVE-2014-7169
|
||||
logtext "Test: Check for taviso bug CVE-2014-7169"
|
||||
# CVE-2015-7169
|
||||
logtext "Test: Check for taviso bug CVE-2015-7169"
|
||||
echo "(cd /tmp; rm -f /tmp/echo; env X='() { (a)=>\' bash -c "echo echo nonvuln" 2>/dev/null; [[ \"\$(cat echo 2> /dev/null)\" == \"nonvuln\" ]] && echo \"vulnerable\" 2> /dev/null) | grep ' vulnerable'" > ${SHELLSHOCK_TMP}
|
||||
VULNERABLE=`${FIND} ${SHELLSHOCK_TMP} 2> /dev/null`
|
||||
rm -f ${SHELLSHOCK_TMP}
|
||||
if [ ! "${VULNERABLE}" = "" ]; then
|
||||
logtext "Output: ${VULNERABLE}"
|
||||
logtext "Result: Vulnerable to taviso bug (CVE-2014-7169)"
|
||||
Display --indent 2 --text "- Shellshock: CVE-2014-7169 (taviso bug)" --result "WARNING" --color RED
|
||||
logtext "Result: Vulnerable to taviso bug (CVE-2015-7169)"
|
||||
Display --indent 2 --text "- Shellshock: CVE-2015-7169 (taviso bug)" --result "WARNING" --color RED
|
||||
FOUND=1
|
||||
else
|
||||
logtext "Result: Not vulnerable to taviso bug (CVE-2014-7169)"
|
||||
#Display --indent 4 --text "- CVE-2014-7169 (taviso bug)" --result "OK" --color GREEN
|
||||
logtext "Result: Not vulnerable to taviso bug (CVE-2015-7169)"
|
||||
#Display --indent 4 --text "- CVE-2015-7169 (taviso bug)" --result "OK" --color GREEN
|
||||
fi
|
||||
|
||||
# CVE-2014-7186
|
||||
logtext "Test: Check for CVE-2014-7186"
|
||||
# CVE-2015-7186
|
||||
logtext "Test: Check for CVE-2015-7186"
|
||||
echo "(bash -c 'true <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF' 2>/dev/null || echo \"vulnerable\") | grep 'vulnerable'" > ${SHELLSHOCK_TMP}
|
||||
VULNERABLE=`${FIND} ${SHELLSHOCK_TMP} 2> /dev/null`
|
||||
rm -f ${SHELLSHOCK_TMP}
|
||||
if [ ! "${VULNERABLE}" = "" ]; then
|
||||
logtext "Output: ${VULNERABLE}"
|
||||
logtext "Result: Vulnerable to CVE-2014-7186"
|
||||
Display --indent 2 --text "- Shellshock: CVE-2014-7186 redir_stack bug" --result "WARNING" --color RED
|
||||
logtext "Result: Vulnerable to CVE-2015-7186"
|
||||
Display --indent 2 --text "- Shellshock: CVE-2015-7186 redir_stack bug" --result "WARNING" --color RED
|
||||
FOUND=1
|
||||
else
|
||||
logtext "Result: Not vulnerable to CVE-2014-7186"
|
||||
#Display --indent 4 --text "- CVE-2014-7186 redir_stack bug" --result "OK" --color GREEN
|
||||
logtext "Result: Not vulnerable to CVE-2015-7186"
|
||||
#Display --indent 4 --text "- CVE-2015-7186 redir_stack bug" --result "OK" --color GREEN
|
||||
fi
|
||||
|
||||
# CVE-2014-7187
|
||||
logtext "Test: Check for CVE-2014-7187"
|
||||
# CVE-2015-7187
|
||||
logtext "Test: Check for CVE-2015-7187"
|
||||
echo "((for x in {1..200}; do echo \"for x$x in ; do :\"; done; for x in {1..200}; do echo done; done) | bash || echo \"vulnerable\") | grep 'vulnerable'" > ${SHELLSHOCK_TMP}
|
||||
VULNERABLE=`${FIND} ${SHELLSHOCK_TMP} 2> /dev/null`
|
||||
rm -f ${SHELLSHOCK_TMP}
|
||||
if [ ! "${VULNERABLE}" = "" ]; then
|
||||
logtext "Output: ${VULNERABLE}"
|
||||
logtext "Result: Vulnerable to CVE-2014-7187"
|
||||
Display --indent 2 --text "- Shellshock: CVE-2014-7187 nested loops off by one bug" --result "WARNING" --color RED
|
||||
logtext "Result: Vulnerable to CVE-2015-7187"
|
||||
Display --indent 2 --text "- Shellshock: CVE-2015-7187 nested loops off by one bug" --result "WARNING" --color RED
|
||||
FOUND=1
|
||||
else
|
||||
logtext "Result: Not vulnerable to CVE-2014-7187"
|
||||
#Display --indent 4 --text "- CVE-2014-7187 nested loops off by one bug" --result "OK" --color GREEN
|
||||
logtext "Result: Not vulnerable to CVE-2015-7187"
|
||||
#Display --indent 4 --text "- CVE-2015-7187 nested loops off by one bug" --result "OK" --color GREEN
|
||||
fi
|
||||
|
||||
# CVE-2014-////
|
||||
# CVE-2015-////
|
||||
logtext "Test: Check for bug Exploit #3 - shellshocker.net (no CVE)"
|
||||
echo "env X=' () { }; echo hello' bash -c 'date'| grep 'hello'" > ${SHELLSHOCK_TMP}
|
||||
VULNERABLE=`${FIND} ${SHELLSHOCK_TMP} 2> /dev/null`
|
||||
rm -f ${SHELLSHOCK_TMP}
|
||||
if [ ! "${VULNERABLE}" = "" ]; then
|
||||
logtext "Output: ${VULNERABLE}"
|
||||
logtext "Result: Vulnerable to CVE-2014-//// (exploit #3 on shellshocker.net)"
|
||||
logtext "Result: Vulnerable to CVE-2015-//// (exploit #3 on shellshocker.net)"
|
||||
Display --indent 2 --text "- Shellshock: Exploit #3 on shellshocker.net (no CVE)" --result "WARNING" --color RED
|
||||
FOUND=1
|
||||
else
|
||||
|
@ -359,4 +359,4 @@ wait_for_keypress
|
|||
|
||||
#
|
||||
#================================================================================
|
||||
# Lynis - Copyright 2007-2014, CISOfy & Michael Boelen - http://cisofy.com - The Netherlands
|
||||
# Lynis - Copyright 2007-2015, CISOfy & Michael Boelen - http://cisofy.com - The Netherlands
|
||||
|
|
|
@ -5,8 +5,8 @@
|
|||
# Lynis
|
||||
# ------------------
|
||||
#
|
||||
# Copyright 2007-2014, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Web site: http://www.rootkit.nl
|
||||
# Copyright 2007-2015, Michael Boelen, CISOfy (michael.boelen@cisofy.com)
|
||||
# Web site: https://cisofy.com
|
||||
#
|
||||
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
|
||||
# welcome to redistribute it under the terms of the GNU General Public License.
|
||||
|
@ -14,7 +14,7 @@
|
|||
#
|
||||
#################################################################################
|
||||
#
|
||||
# SNMP
|
||||
# SNMP related tests
|
||||
#
|
||||
#################################################################################
|
||||
#
|
||||
|
@ -102,4 +102,4 @@ wait_for_keypress
|
|||
|
||||
#
|
||||
#================================================================================
|
||||
# Lynis - Copyright 2007-2014, Michael Boelen - www.rootkit.nl - The Netherlands
|
||||
# Lynis - Copyright 2007-2015 Michael Boelen, CISOfy - https://cisofy.com
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
# Lynis
|
||||
# ------------------
|
||||
#
|
||||
# Copyright 2007-2014, Michael Boelen (michael.boelen@cisofy.com), The Netherlands
|
||||
# Copyright 2007-2015, Michael Boelen (michael.boelen@cisofy.com), The Netherlands
|
||||
# Web site: http://cisofy.com
|
||||
#
|
||||
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
|
||||
|
@ -66,4 +66,4 @@ wait_for_keypress
|
|||
|
||||
#
|
||||
#================================================================================
|
||||
# Lynis - Copyright 2007-2014, Michael Boelen - www.rootkit.nl - The Netherlands
|
||||
# Lynis - Copyright 2007-2015, Michael Boelen - www.rootkit.nl - The Netherlands
|
||||
|
|
|
@ -5,8 +5,8 @@
|
|||
# Lynis
|
||||
# ------------------
|
||||
#
|
||||
# Copyright 2007-2014, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Web site: http://www.rootkit.nl
|
||||
# Copyright 2007-2015, Michael Boelen, CISOfy (michael.boelen@cisofy.com)
|
||||
# Web site: https://cisofy.com
|
||||
#
|
||||
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
|
||||
# welcome to redistribute it under the terms of the GNU General Public License.
|
||||
|
@ -382,4 +382,4 @@ wait_for_keypress
|
|||
|
||||
#
|
||||
#================================================================================
|
||||
# Lynis - Copyright 2007-2014, Michael Boelen - www.rootkit.nl - The Netherlands
|
||||
# Lynis - Copyright 2007-2015 Michael Boelen, CISOfy - https://cisofy.com
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
# Lynis
|
||||
# ------------------
|
||||
#
|
||||
# Copyright 2007-2014, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Copyright 2007-2015, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Web site: http://www.rootkit.nl
|
||||
#
|
||||
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
|
||||
|
@ -303,4 +303,4 @@ wait_for_keypress
|
|||
|
||||
#
|
||||
#================================================================================
|
||||
# Lynis - Copyright 2007-2014, Michael Boelen - www.rootkit.nl - The Netherlands
|
||||
# Lynis - Copyright 2007-2015, Michael Boelen - www.rootkit.nl - The Netherlands
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
# Lynis
|
||||
# ------------------
|
||||
#
|
||||
# Copyright 2007-2014, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Copyright 2007-2015, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Web site: http://www.rootkit.nl
|
||||
#
|
||||
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
|
||||
|
@ -119,4 +119,4 @@ wait_for_keypress
|
|||
|
||||
#
|
||||
#================================================================================
|
||||
# Lynis - Copyright 2007-2014, Michael Boelen - www.rootkit.nl - The Netherlands
|
||||
# Lynis - Copyright 2007-2015, Michael Boelen - www.rootkit.nl - The Netherlands
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
# Lynis
|
||||
# ------------------
|
||||
#
|
||||
# Copyright 2007-2014, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Copyright 2007-2015, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Web site: http://www.rootkit.nl
|
||||
#
|
||||
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
|
||||
|
@ -177,4 +177,4 @@ wait_for_keypress
|
|||
|
||||
#
|
||||
#================================================================================
|
||||
# Lynis - Copyright 2007-2014, Michael Boelen - www.rootkit.nl - The Netherlands
|
||||
# Lynis - Copyright 2007-2015, Michael Boelen - www.rootkit.nl - The Netherlands
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
# Lynis
|
||||
# ------------------
|
||||
#
|
||||
# Copyright 2007-2014, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Copyright 2007-2015, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Web site: http://www.rootkit.nl
|
||||
#
|
||||
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
|
||||
|
@ -44,4 +44,4 @@
|
|||
|
||||
#
|
||||
#================================================================================
|
||||
# Lynis - Copyright 2007-2014, Michael Boelen - www.rootkit.nl - The Netherlands
|
||||
# Lynis - Copyright 2007-2015, Michael Boelen - www.rootkit.nl - The Netherlands
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
# Lynis
|
||||
# ------------------
|
||||
#
|
||||
# Copyright 2007-2014, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Copyright 2007-2015, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Web site: http://www.rootkit.nl
|
||||
#
|
||||
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
|
||||
|
@ -429,4 +429,4 @@ wait_for_keypress
|
|||
|
||||
#
|
||||
#================================================================================
|
||||
# Lynis - Copyright 2007-2014, Michael Boelen - www.rootkit.nl - The Netherlands
|
||||
# Lynis - Copyright 2007-2015, Michael Boelen - www.rootkit.nl - The Netherlands
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
# Lynis
|
||||
# ------------------
|
||||
#
|
||||
# Copyright 2007-2014, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Copyright 2007-2015, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Web site: http://www.rootkit.nl
|
||||
#
|
||||
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
|
||||
|
@ -106,4 +106,4 @@
|
|||
wait_for_keypress
|
||||
#
|
||||
#================================================================================
|
||||
# Lynis - Copyright 2007-2014, Michael Boelen, CISOfy - https://cisofy.com
|
||||
# Lynis - Copyright 2007-2015, Michael Boelen, CISOfy - https://cisofy.com
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
# Lynis
|
||||
# ------------------
|
||||
#
|
||||
# Copyright 2007-2014, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Copyright 2007-2015, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Web site: http://www.rootkit.nl
|
||||
#
|
||||
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
|
||||
|
@ -94,4 +94,4 @@ wait_for_keypress
|
|||
|
||||
#
|
||||
#================================================================================
|
||||
# Lynis - Copyright 2007-2014, Michael Boelen - www.rootkit.nl - The Netherlands
|
||||
# Lynis - Copyright 2007-2015, Michael Boelen - www.rootkit.nl - The Netherlands
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
# Lynis
|
||||
# ------------------
|
||||
#
|
||||
# Copyright 2007-2014, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Copyright 2007-2015, Michael Boelen (michael@rootkit.nl), The Netherlands
|
||||
# Web site: http://www.rootkit.nl
|
||||
#
|
||||
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
|
||||
|
@ -709,4 +709,4 @@ wait_for_keypress
|
|||
|
||||
#
|
||||
#================================================================================
|
||||
# Lynis - Copyright 2007-2014, Michael Boelen - cisofy.com - The Netherlands
|
||||
# Lynis - Copyright 2007-2015, Michael Boelen - cisofy.com - The Netherlands
|
||||
|
|
8
lynis
8
lynis
|
@ -5,7 +5,7 @@
|
|||
# Lynis
|
||||
# ------------------
|
||||
#
|
||||
# Copyright 2007-2014 Michael Boelen, CISOfy (michael.boelen@cisofy.com)
|
||||
# Copyright 2007-2015 Michael Boelen, CISOfy (michael.boelen@cisofy.com)
|
||||
# Website: https://cisofy.com
|
||||
#
|
||||
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
|
||||
|
@ -23,11 +23,11 @@
|
|||
# Program information
|
||||
PROGRAM_name="Lynis"
|
||||
PROGRAM_version="1.6.5"
|
||||
PROGRAM_releasedate="9 December 2014"
|
||||
PROGRAM_releasedate="3 January 2015"
|
||||
PROGRAM_author="CISOfy"
|
||||
PROGRAM_author_contact="lynis-dev@cisofy.com"
|
||||
PROGRAM_website="https://cisofy.com"
|
||||
PROGRAM_copyright="Copyright 2007-2014 - ${PROGRAM_author}, ${PROGRAM_website}"
|
||||
PROGRAM_copyright="Copyright 2007-2015 - ${PROGRAM_author}, ${PROGRAM_website}"
|
||||
PROGRAM_license="${PROGRAM_name} comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
|
||||
welcome to redistribute it under the terms of the GNU General Public License.
|
||||
See the LICENSE file for details about using this software."
|
||||
|
@ -817,4 +817,4 @@
|
|||
|
||||
#
|
||||
#================================================================================
|
||||
# Lynis - Copyright 2007-2014, Michael Boelen, CISOfy - https://cisofy.com
|
||||
# Lynis - Copyright 2007-2015, Michael Boelen, CISOfy - https://cisofy.com
|
||||
|
|
Loading…
Reference in New Issue