diff --git a/db/tests.db b/db/tests.db index 68437f09..b12c96e1 100644 --- a/db/tests.db +++ b/db/tests.db @@ -1,376 +1,376 @@ -#TestID:Type:Category:Operating System:Description: -ACCT-2754:test:accounting:FreeBSD:Check for available FreeBSD accounting information: -ACCT-2760:test:accounting:OpenBSD:Check for available OpenBSD accounting information: -ACCT-9622:test:accounting:Linux:Check for available Linux accounting information: -ACCT-9626:test:accounting:Linux:Check for sysstat accounting data: -ACCT-9628:test:accounting:Linux:Check for auditd: -ACCT-9630:test:accounting:Linux:Check for auditd rules: -ACCT-9632:test:accounting:Linux:Check for auditd configuration file: -ACCT-9634:test:accounting:Linux:Check for auditd log file: -ACCT-9636:test:accounting:Linux:Check for Snoopy wrapper and logger: -ACCT-9650:test:accounting:Solaris:Check Solaris audit daemon: -ACCT-9652:test:accounting:Solaris:Check auditd SMF status: -ACCT-9654:test:accounting:Solaris:Check BSM auditing in /etc/system: -ACCT-9656:test:accounting:Solaris:Check BSM auditing in module list: -ACCT-9660:test:accounting:Solaris:Check location of audit events: -ACCT-9662:test:accounting:Solaris:Check Solaris auditing stats: -AUTH-9204:test:authentication::Check users with an UID of zero: -AUTH-9208:test:authentication::Check non-unique accounts in passwd file: -AUTH-9212:test:authentication::Test group file: -AUTH-9216:test:authentication::Check group and shadow group files: -AUTH-9218:test:authentication:FreeBSD:Check harmful login shells: -AUTH-9222:test:authentication::Check for non unique groups: -AUTH-9226:test:authentication::Check non unique group names: -AUTH-9228:test:authentication::Check password file consistency with pwck: -AUTH-9234:test:authentication::Query user accounts: -AUTH-9240:test:authentication::Query NIS+ authentication support: -AUTH-9242:test:authentication::Query NIS authentication support: -AUTH-9250:test:authentication::Checking sudoers file: -AUTH-9252:test:authentication::Check sudoers file: -AUTH-9254:test:authentication:Solaris:Solaris passwordless accounts: -AUTH-9262:test:authentication::Checking presence password strength testing tools (PAM): -AUTH-9264:test:authentication::Checking presence pam.conf: -AUTH-9266:test:authentication::Checking presence pam.d files: -AUTH-9268:test:authentication::Checking presence pam.d files: -AUTH-9278:test:authentication::Checking LDAP pam status: -AUTH-9282:test:authentication::Checking password protected account without expire date: -AUTH-9283:test:authentication::Checking accounts without password: -AUTH-9286:test:authentication::Checking user password aging: -AUTH-9288:test:authentication::Checking for expired passwords: -AUTH-9304:test:authentication:Solaris:Check single user login configuration: -AUTH-9306:test:authentication:HP-UX:Check single boot authentication: -AUTH-9308:test:authentication:Linux:Check single user login configuration: -AUTH-9328:test:authentication::Default umask values: -AUTH-9340:test:authentication:Solaris:Solaris account locking: -AUTH-9402:test:authentication::Query LDAP authentication support: -AUTH-9406:test:authentication::Query LDAP servers in client configuration: -AUTH-9408:test:authentication::Logging of failed login attempts via /etc/login.defs: -BANN-7113:test:banners:FreeBSD:Check COPYRIGHT banner file: -#BANN-7119:test:banners::Check MOTD banner file: -#BANN-7122:test:banners::Check /etc/motd banner file contents: -BANN-7124:test:banners::Check issue banner file: -BANN-7126:test:banners::Check issue banner file contents: -BANN-7128:test:banners::Check issue.net banner file: -BANN-7130:test:banners::Check issue.net banner file contents: -BOOT-5102:test:boot_services:AIX:Check for AIX boot device: -BOOT-5104:test:boot_services::Determine service manager: -BOOT-5106:test:boot_services:MacOS:Check EFI boot file on Mac OS X: -BOOT-5116:test:boot_services::Check if system is booted in UEFI mode: -BOOT-5121:test:boot_services::Check for GRUB boot loader presence: -BOOT-5122:test:boot_services::Check for GRUB boot password: -BOOT-5124:test:boot_services:FreeBSD:Check for FreeBSD boot loader presence: -BOOT-5126:test:boot_services:NetBSD:Check for NetBSD boot loader presence: -BOOT-5139:test:boot_services::Check for LILO boot loader presence: -BOOT-5142:test:boot_services::Check SPARC Improved boot loader (SILO): -#BOOT-5144:test:boot_services::Check SPARC Improved boot loader (SILO): -BOOT-5155:test:boot_services::Check for YABOOT boot loader configuration file: -BOOT-5159:test:boot_services:OpenBSD:Check for OpenBSD boot loader presence: -BOOT-5165:test:boot_services:FreeBSD:Check for FreeBSD boot services: -BOOT-5177:test:boot_services:Linux:Check for Linux boot and running services: -BOOT-5180:test:boot_services:Linux:Check for Linux boot services (Debian style): -BOOT-5184:test:boot_services:Linux:Check permissions for boot files/scripts: -BOOT-5202:test:boot_services::Check uptime of system: -BOOT-5260:test:boot_services::Check single user mode for systemd: -CONT-8004:test:containers:Solaris:Query running Solaris zones: -#CONT-1906:test:containers::Query Xen guests: -CONT-8102:test:containers::Checking Docker status and information: -CONT-8104:test:containers::Checking Docker info for any warnings: -CONT-8106:test:containers::Gather basic stats from Docker: -CONT-8108:test:containers::Check file permissions for Docker files: -CRYP-7902:test:crypto::Check expire date of SSL certificates: -DBS-1804:test:databases::Checking active MySQL process: -#DBS-1808:test:databases::Checking MySQL data directory: -#DBS-1812:test:databases::Checking MySQL data directory permissions: -DBS-1816:test:databases::Checking MySQL root password: -DBS-1826:test:databases::Checking active PostgreSQL processes: -DBS-1840:test:databases::Checking active Oracle processes: -#DBS-1842:test:databases::Checking Oracle home paths: -DBS-1860:test:databases::Checking active DB2 instances: -FINT-4310:test:file_integrity::AFICK availability: -FINT-4314:test:file_integrity::AIDE availability: -FINT-4315:test:file_integrity::Check AIDE configuration file: -FINT-4318:test:file_integrity::Osiris availability: -FINT-4322:test:file_integrity::Samhain availability: -FINT-4326:test:file_integrity::Tripwire availability: -FINT-4328:test:file_integrity::OSSEC syscheck daemon running: -FINT-4330:test:file_integrity::mtree availability: -FINT-4334:test:file_integrity::Check lfd daemon status: -FINT-4336:test:file_integrity::Check lfd configuration status: -FINT-4338:test:file_integrity::osqueryd syscheck daemon running: -FINT-4402:test:file_integrity::Checksums (SHA256 or SHA512): -FINT-4350:test:file_integrity::File integrity software installed: -FILE-7524:test:file_permissions::Perform file permissions check: -FILE-6310:test:filesystems::Checking /tmp, /home and /var directory: -FILE-6311:test:filesystems::Checking LVM volume groups: -FILE-6312:test:filesystems::Checking LVM volumes: -#FILE-6316:test:filesystems:Linux:Checking /etc/fstab: -FILE-6323:test:filesystems:Linux:Checking EXT file systems: -FILE-6329:test:filesystems::Checking FFS/UFS file systems: -FILE-6330:test:filesystems:FreeBSD:Checking ZFS file systems: -FILE-6332:test:filesystems::Checking swap partitions: -FILE-6336:test:filesystems::Checking swap mount options: -FILE-6344:test:filesystems:Linux:Checking proc mount options: -FILE-6354:test:filesystems::Searching for old files in /tmp: -FILE-6362:test:filesystems::Checking /tmp sticky bit: -FILE-6368:test:filesystems:Linux:Checking ACL support on root file system: -FILE-6372:test:filesystems:Linux:Checking / mount options: -FILE-6374:test:filesystems:Linux:Checking /boot mount options: -FILE-6376:test:filesystems:Linux:Determine if /var/tmp is bound to /tmp: -FILE-6410:test:filesystems::Checking Locate database: -FILE-6430:test:filesystems::Disable mounting of some filesystems: -FIRE-4502:test:firewalls:Linux:Check iptables kernel module: -FIRE-4508:test:firewalls::Check used policies of iptables chains: -FIRE-4512:test:firewalls::Check iptables for empty ruleset: -FIRE-4513:test:firewalls::Check iptables for unused rules: -FIRE-4518:test:firewalls::Check pf firewall components: -FIRE-4520:test:firewalls::Check pf configuration consistency: -FIRE-4524:test:firewalls::Check for CSF presence: -FIRE-4526:test:firewalls:Solaris:Check ipf status: -FIRE-4530:test:firewalls:FreeBSD:Check IPFW status: -FIRE-4532:test:firewalls::Check Mac OS X application firewall: -FIRE-4536:test:firewalls:Linux:Check nftables status: -FIRE-4538:test:firewalls:Linux:Check nftables basic configuration: -FIRE-4590:test:firewalls::Check firewall status: -HRDN-7220:test:hardening::Check if one or more compilers are installed: -HRDN-7222:test:hardening::Check compiler permissions: -HRDN-7230:test:hardening::Check for malware scanner: -HOME-9302:test:homedirs::Create list with home directories: -HOME-9310:test:homedirs::Checking for suspicious shell history files: -#HOME-9314:test:homedirs::Create list with home directories: -HOME-9350:test:homedirs::Collecting information from home directories: -INSE-8002:test:insecure_services::Check for enabled inet daemon: -INSE-8004:test:insecure_services::Check for enabled inet daemon: -INSE-8006:test:insecure_services::Check configuration of inetd when disabled: -INSE-8016:test:insecure_services::Check for telnet via inetd: -KRNL-5622:test:kernel:Linux:Determine Linux default run level: -KRNL-5677:test:kernel:Linux:Check CPU options and support: -KRNL-5695:test:kernel:Linux:Determine Linux kernel version and release number: -KRNL-5723:test:kernel:Linux:Determining if Linux kernel is monolithic: -KRNL-5726:test:kernel:Linux:Checking Linux loaded kernel modules: -KRNL-5728:test:kernel:Linux:Checking Linux kernel config: -KRNL-5730:test:kernel:Linux:Checking disk I/O kernel scheduler: -KRNL-5745:test:kernel:FreeBSD:Checking FreeBSD loaded kernel modules: -KRNL-5770:test:kernel:Solaris:Checking active kernel modules: -KRNL-5788:test:kernel:Linux:Checking availability new Linux kernel: -KRNL-5820:test:kernel:Linux:Checking core dumps configuration: -#KRNL-5826:test:kernel:Linux:Checking core dumps configuration: -KRNL-5830:test:kernel:Linux:Checking if system is running on the latest installed kernel: -KRNL-6000:test:kernel_hardening::Check sysctl key pairs in scan profile: -LDAP-2219:test:ldap::Check running OpenLDAP instance: -LDAP-2224:test:ldap::Check presence slapd.conf: -LOGG-2130:test:logging::Check for running syslog daemon: -LOGG-2132:test:logging::Check for running syslog-ng daemon: -LOGG-2134:test:logging::Checking Syslog-NG configuration file consistency: -LOGG-2136:test:logging::Check for running systemd journal daemon: -LOGG-2210:test:logging::Check for running metalog daemon: -LOGG-2230:test:logging::Check for running RSyslog daemon: -LOGG-2240:test:logging::Check for running RFC 3195 compliant daemon: -LOGG-2138:test:logging:Linux:Checking kernel logger daemon on Linux: -LOGG-2142:test:logging:Linux:Checking minilog daemon: -LOGG-2146:test:logging::Checking logrotate.conf and logrotate.d: -LOGG-2148:test:logging::Checking logrotated files: -LOGG-2150:test:logging::Checking directories in logrotate configuration: -LOGG-2152:test:logging::Checking loghost: -LOGG-2154:test:logging::Checking syslog configuration file: -LOGG-2160:test:logging::Checking /etc/newsyslog.conf: -LOGG-2162:test:logging::Checking directories in /etc/newsyslog.conf: -LOGG-2164:test:logging::Checking files specified /etc/newsyslog.conf: -LOGG-2170:test:logging::Checking log paths: -LOGG-2180:test:logging::Checking open log files: -LOGG-2190:test:logging::Checking for deleted files in use: -MACF-6204:test:mac_frameworks::Check AppArmor presence: -MACF-6208:test:mac_frameworks::Check if AppArmor is enabled: -MACF-6232:test:mac_frameworks::Check SELINUX presence: -MACF-6234:test:mac_frameworks::Check SELINUX status: -RBAC-6272:test:mac_frameworks::Check grsecurity presence: -MACF-6290:test:mac_frameworks::Check for implemented MAC framework: -MAIL-8802:test:mail_messaging::Check Exim status: -MAIL-8814:test:mail_messaging::Check postfix process status: -MAIL-8816:test:mail_messaging::Check Postfix configuration: -MAIL-8818:test:mail_messaging::banner: -MAIL-8838:test:mail_messaging::Check dovecot process: -MAIL-8860:test:mail_messaging::Check Qmail status: -MAIL-8880:test:mail_messaging::Check Sendmail status: -MAIL-8920:test:mail_messaging::Check OpenSMTPD status: -MALW-3275:test:malware::Check for chkrootkit: -MALW-3276:test:malware::Check for Rootkit Hunter: -MALW-3278:test:malware::Check for LMD: -MALW-3280:test:malware::Check if anti-virus tool is installed: -MALW-3282:test:malware::Check for clamscan: -MALW-3284:test:malware::Check for clamd: -MALW-3286:test:malware::Check for freshclam: -MALW-3288:test:malware::Check for ClamXav: -PROC-3602:test:memory_processes:Linux:Checking /proc/meminfo for memory details: -PROC-3604:test:memory_processes:Solaris:Query prtconf for memory details: -PROC-3612:test:memory_processes::Check dead or zombie processes: -PROC-3614:test:memory_processes::Check heavy IO waiting based processes: -NAME-4016:test:nameservices::Check /etc/resolv.conf default domain: -NAME-4018:test:nameservices::Check /etc/resolv.conf search domains: -NAME-4020:test:nameservices::Check non default options: -NAME-4024:test:nameservices:Solaris:Solaris uname -n output: -NAME-4026:test:nameservices:Solaris:Check /etc/nodename: -NAME-4028:test:nameservices::Check domain name: -NAME-4032:test:nameservices::Check nscd status: -NAME-4034:test:nameservices::Check Unbound status: -NAME-4036:test:nameservices::Check Unbound configuration file: -NAME-4202:test:nameservices::Check BIND status: -NAME-4204:test:nameservices::Search BIND configuration file: -NAME-4206:test:nameservices::Check BIND configuration consistency: -#NAME-4050:test:nameservices::Check nscd status: -NAME-4210:test:nameservices::Check DNS banner: -#NAME-4212:test:nameservices::Check version setting in configuration: -#NAME-4220:test:nameservices::Check zone transfer: -#NAME-4222:test:nameservices::Check zone transfer: -NAME-4230:test:nameservices::Check PowerDNS status: -NAME-4232:test:nameservices::Search PowerDNS configuration file: -#NAME-4234:test:nameservices::Check PowerDNS configuration consistency: -NAME-4236:test:nameservices::Check PowerDNS backends: -NAME-4238:test:nameservices::Check PowerDNS authoritive status: -NAME-4304:test:nameservices::Check NIS ypbind status: -NAME-4306:test:nameservices::Check NIS domain: -NAME-4402:test:nameservices::Check duplicate line in /etc/hosts: -NAME-4404:test:nameservices::Check /etc/hosts contains an entry for this server name: -NAME-4406:test:nameservices::Check server hostname mapping: -NETW-2600:test:networking:Linux:Checking IPv6 configuration: -NETW-2704:test:networking::Basic nameserver configuration tests: -NETW-2705:test:networking::Check availability two nameservers: -NETW-3001:test:networking::Find default gateway (route): -NETW-3004:test:networking::Search available network interfaces: -NETW-3006:test:networking::Get network MAC addresses: -NETW-3008:test:networking::Get network IP addresses: -NETW-3012:test:networking::Check listening ports: -NETW-3014:test:networking::Checking promiscuous interfaces (BSD): -NETW-3015:test:networking:Linux:Checking promiscuous interfaces (Linux): -NETW-3028:test:networking::Checking connections in WAIT state: -NETW-3030:test:networking::Checking DHCP client status: -NETW-3032:test:networking:Linux:Checking for ARP monitoring software: -PHP-2211:test:php::Check php.ini presence: -PHP-2320:test:php::Check PHP disabled functions: -PHP-2368:test:php::Check PHP register_globals option: -PHP-2372:test:php::Check PHP expose_php option: -PHP-2374:test:php::Check PHP enable_dl option: -PHP-2376:test:php::Check PHP allow_url_fopen option: -PHP-2378:test:php::Check PHP allow_url_include option: -PKGS-7301:test:ports_packages::Query NetBSD pkg: -PKGS-7302:test:ports_packages::Query FreeBSD/NetBSD pkg_info: -PKGS-7303:test:ports_packages::Query brew package manager: -PKGS-7304:test:ports_packages::Querying Gentoo packages: -PKGS-7306:test:ports_packages:Solaris:Querying Solaris packages: -PKGS-7308:test:ports_packages::Checking package list with RPM: -PKGS-7310:test:ports_packages::Checking package list with pacman: -PKGS-7312:test:ports_packages::Checking available updates for pacman based system: -PKGS-7314:test:ports_packages::Checking pacman configuration options: -PKGS-7328:test:ports_packages::Querying Zypper for installed packages: -PKGS-7330:test:ports_packages::Querying Zypper for vulnerable packages: -PKGS-7345:test:ports_packages::Querying dpkg: -PKGS-7346:test:ports_packages::Search unpurged packages on system: -PKGS-7348:test:ports_packages:FreeBSD:Check for old distfiles: -PKGS-7350:test:ports_packages::Checking for installed packages with DNF utility: -PKGS-7352:test:ports_packages::Checking for security updates with DNF utility: -PKGS-7354:test:ports_packages::Checking package database integrity: -PKGS-7366:test:ports_packages::Checking for debsecan utility: -PKGS-7370:test:ports_packages::Checking for debsums utility: -PKGS-7378:test:ports_packages::Query portmaster for port upgrades: -PKGS-7380:test:ports_packages:NetBSD:Check for vulnerable NetBSD packages: -PKGS-7381:test:ports_packages::Check for vulnerable FreeBSD packages with pkg: -PKGS-7382:test:ports_packages::Check for vulnerable FreeBSD packages with portaudit: -PKGS-7383:test:ports_packages::Check for YUM package Update management: -PKGS-7384:test:ports_packages::Check for YUM utils package: -PKGS-7386:test:ports_packages::Check for YUM security package: -PKGS-7387:test:ports_packages::Check for GPG signing in YUM security package: -PKGS-7388:test:ports_packages::Check security repository in Debian/ubuntu apt sources.list file: -PKGS-7390:test:ports_packages:Linux:Check Ubuntu database consistency: -PKGS-7392:test:ports_packages:Linux:Check for Debian/Ubuntu security updates: -PKGS-7393:test:ports_packages::Check for Gentoo vulnerable packages: -PKGS-7394:test:ports_packages:Linux:Check for Ubuntu updates: -PKGS-7398:test:ports_packages::Check for package audit tool: -PKGS-7410:test:ports_packages::Count installed kernel packages: -PRNT-2302:test:printers_spools:FreeBSD:Check for printcap consistency: -PRNT-2304:test:printers_spools::Check cupsd status: -PRNT-2306:test:printers_spools::Check CUPSd configuration file: -PRNT-2307:test:printers_spools::Check CUPSd configuration file permissions: -PRNT-2308:test:printers_spools::Check CUPSd network configuration: -PRNT-2314:test:printers_spools::Check lpd status: -#PRNT-23xx:test:printers_spools:Check cupsd address configuration: -PRNT-2316:test:printers_spools:AIX:Checking /etc/qconfig file: -PRNT-2418:test:printers_spools:AIX:Checking qdaemon printer spooler status: -PRNT-2420:test:printers_spools:AIX:Checking old print jobs: -SCHD-7702:test:scheduling::Check status of cron daemon: -SCHD-7704:test:scheduling::Check crontab/cronjobs: -SCHD-7718:test:scheduling::Check at users: -SCHD-7720:test:scheduling::Check at users: -SCHD-7724:test:scheduling::Check at jobs: -SHLL-6202:test:shells:FreeBSD:Check console TTYs: -SHLL-6211:test:shells::Checking available and valid shells: -SHLL-6220:test:shells::Checking available and valid shells: -SHLL-6230:test:shells::Perform umask check for shell configurations: -SHLL-6290:test:shells::Perform Shellshock vulnerability tests: -SNMP-3302:test:snmp::Check for running SNMP daemon: -SNMP-3304:test:snmp::Check SNMP daemon file location: -SNMP-3306:test:snmp::Check SNMP communities: -#SOL-xxxx:test:solaris::Check for running SSH daemon: -#SOL-xxxx:test:solaris::Check for running SSH daemon: -SQD-3602:test:squid::Check for running Squid daemon: -SQD-3604:test:squid::Check Squid daemon file location: -SQD-3606:test:squid::Check Squid version: -SQD-3610:test:squid::Check Squid version: -SQD-3613:test:squid::Check Squid file permissions: -SQD-3614:test:squid::Check Squid authentication methods: -SQD-3616:test:squid::Check external Squid authentication: -SQD-3620:test:squid::Check Squid access control lists: -SQD-3624:test:squid::Check Squid safe ports: -SQD-3630:test:squid::Check Squid reply_body_max_size option: -SQD-3680:test:squid::Check Squid version suppresion: -SSH-7402:test:ssh::Check for running SSH daemon: -SSH-7404:test:ssh::Check SSH daemon file location: -SSH-7408:test:ssh::Check SSH specific defined options: -SSH-7440:test:ssh::AllowUsers and AllowGroups: -STRG-1840:test:storage:Linux:Check if USB storage is disabled: -STRG-1842:test:storage:Linux:Check USB authorizations: -STRG-1846:test:storage:Linux:Check if firewire storage is disabled: -STRG-1902:test:storage_nfs::Check rpcinfo registered programs: -STRG-1904:test:storage_nfs::Check nfs rpc: -STRG-1906:test:storage_nfs::Check nfs rpc: -STRG-1920:test:storage_nfs::Checking NFS daemon: -#STRG-1924:test:storage_nfs::Checking NFS daemon: -STRG-1926:test:storage_nfs::Checking NFS exports: -STRG-1928:test:storage_nfs::Checking empty /etc/exports: -STRG-1930:test:storage_nfs::Check client access to nfs share: -TIME-3104:test:time::Check for running NTP daemon or client: -TIME-3106:test:time::Check systemd NTP time synchronization status: -TIME-3112:test:time::Check active NTP associations ID's: -TIME-3116:test:time::Check peers with stratum value of 16: -TIME-3120:test:time::Check unreliable NTP peers: -TIME-3124:test:time::Check selected time source: -TIME-3128:test:time::Check preffered time source: -TIME-3132:test:time::Check NTP falsetickers: -TIME-3136:test:time:Linux:Check NTP protocol version: -#TIME-3146:test:time:Linux:Check /etc/default/ntpdate: -TIME-3160:test:time:Linux:Check empty NTP step-tickers: -TIME-3170:test:time::Check configuration files: -TOOL-5002:test:tooling::Checking for automation tools: -TOOL-5102:test:tooling::Check for presence of Fail2ban: -TOOL-5014:test:tooling::Check presence of IDS/IPS tool: -#VIRT-1920:test:virtualization:Checking VMware guest status: -HTTP-6622:test:webservers::Checking Apache presence: -HTTP-6624:test:webservers::Testing main Apache configuration file: -HTTP-6626:test:webservers::Testing other Apache configuration file: -#HTTP-6628:test:webservers::Testing other Apache configuration file: -#HTTP-6630:test:webservers::Determining all loaded Apache modules: -HTTP-6632:test:webservers::Determining all available Apache modules: -HTTP-6640:test:webservers::Determining existence of specific Apache modules: -HTTP-6641:test:webservers::Determining existence of specific Apache modules: -#HTTP-6642:test:webservers::Determining existence of specific Apache modules: -HTTP-6643:test:webservers::Determining existence of specific Apache modules: -HTTP-6702:test:webservers::Check nginx process: -HTTP-6704:test:webservers::Check nginx configuration file: -HTTP-6706:test:webservers::Check for additional nginx configuration files: -HTTP-6708:test:webservers::Check discovered nginx configuration settings: -HTTP-6710:test:webservers::Check nginx SSL configuration settings: -HTTP-6712:test:webservers::Check nginx access logging: -HTTP-6714:test:webservers::Check for missing error logs in nginx: -HTTP-6716:test:webservers::Check for debug mode on error log in nginx: -#HTTP-67xx:test:webservers::Check nginx virtual hosts: -#HTTP-67xx:test:webservers::Check nginx virtual hosts: -HTTP-6720:test:webservers::Check Nginx log files: -# EOF \ No newline at end of file +#TestID:Type:Category:Group:Operating System:Description: +ACCT-2754:test:security:accounting:FreeBSD:Check for available FreeBSD accounting information: +ACCT-2760:test:security:accounting:OpenBSD:Check for available OpenBSD accounting information: +ACCT-9622:test:security:accounting:Linux:Check for available Linux accounting information: +ACCT-9626:test:security:accounting:Linux:Check for sysstat accounting data: +ACCT-9628:test:security:accounting:Linux:Check for auditd: +ACCT-9630:test:security:accounting:Linux:Check for auditd rules: +ACCT-9632:test:security:accounting:Linux:Check for auditd configuration file: +ACCT-9634:test:security:accounting:Linux:Check for auditd log file: +ACCT-9636:test:security:accounting:Linux:Check for Snoopy wrapper and logger: +ACCT-9650:test:security:accounting:Solaris:Check Solaris audit daemon: +ACCT-9652:test:security:accounting:Solaris:Check auditd SMF status: +ACCT-9654:test:security:accounting:Solaris:Check BSM auditing in /etc/system: +ACCT-9656:test:security:accounting:Solaris:Check BSM auditing in module list: +ACCT-9660:test:security:accounting:Solaris:Check location of audit events: +ACCT-9662:test:security:accounting:Solaris:Check Solaris auditing stats: +AUTH-9204:test:security:authentication::Check users with an UID of zero: +AUTH-9208:test:security:authentication::Check non-unique accounts in passwd file: +AUTH-9212:test:security:authentication::Test group file: +AUTH-9216:test:security:authentication::Check group and shadow group files: +AUTH-9218:test:security:authentication:FreeBSD:Check harmful login shells: +AUTH-9222:test:security:authentication::Check for non unique groups: +AUTH-9226:test:security:authentication::Check non unique group names: +AUTH-9228:test:security:authentication::Check password file consistency with pwck: +AUTH-9234:test:security:authentication::Query user accounts: +AUTH-9240:test:security:authentication::Query NIS+ authentication support: +AUTH-9242:test:security:authentication::Query NIS authentication support: +AUTH-9250:test:security:authentication::Checking sudoers file: +AUTH-9252:test:security:authentication::Check sudoers file: +AUTH-9254:test:security:authentication:Solaris:Solaris passwordless accounts: +AUTH-9262:test:security:authentication::Checking presence password strength testing tools (PAM): +AUTH-9264:test:security:authentication::Checking presence pam.conf: +AUTH-9266:test:security:authentication::Checking presence pam.d files: +AUTH-9268:test:security:authentication::Checking presence pam.d files: +AUTH-9278:test:security:authentication::Checking LDAP pam status: +AUTH-9282:test:security:authentication::Checking password protected account without expire date: +AUTH-9283:test:security:authentication::Checking accounts without password: +AUTH-9286:test:security:authentication::Checking user password aging: +AUTH-9288:test:security:authentication::Checking for expired passwords: +AUTH-9304:test:security:authentication:Solaris:Check single user login configuration: +AUTH-9306:test:security:authentication:HP-UX:Check single boot authentication: +AUTH-9308:test:security:authentication:Linux:Check single user login configuration: +AUTH-9328:test:security:authentication::Default umask values: +AUTH-9340:test:security:authentication:Solaris:Solaris account locking: +AUTH-9402:test:security:authentication::Query LDAP authentication support: +AUTH-9406:test:security:authentication::Query LDAP servers in client configuration: +AUTH-9408:test:security:authentication::Logging of failed login attempts via /etc/login.defs: +BANN-7113:test:security:banners:FreeBSD:Check COPYRIGHT banner file: +#BANN-7119:test:security:banners::Check MOTD banner file: +#BANN-7122:test:security:banners::Check /etc/motd banner file contents: +BANN-7124:test:security:banners::Check issue banner file: +BANN-7126:test:security:banners::Check issue banner file contents: +BANN-7128:test:security:banners::Check issue.net banner file: +BANN-7130:test:security:banners::Check issue.net banner file contents: +BOOT-5102:test:security:boot_services:AIX:Check for AIX boot device: +BOOT-5104:test:security:boot_services::Determine service manager: +BOOT-5106:test:security:boot_services:MacOS:Check EFI boot file on Mac OS X: +BOOT-5116:test:security:boot_services::Check if system is booted in UEFI mode: +BOOT-5121:test:security:boot_services::Check for GRUB boot loader presence: +BOOT-5122:test:security:boot_services::Check for GRUB boot password: +BOOT-5124:test:security:boot_services:FreeBSD:Check for FreeBSD boot loader presence: +BOOT-5126:test:security:boot_services:NetBSD:Check for NetBSD boot loader presence: +BOOT-5139:test:security:boot_services::Check for LILO boot loader presence: +BOOT-5142:test:security:boot_services::Check SPARC Improved boot loader (SILO): +#BOOT-5144:test:security:boot_services::Check SPARC Improved boot loader (SILO): +BOOT-5155:test:security:boot_services::Check for YABOOT boot loader configuration file: +BOOT-5159:test:security:boot_services:OpenBSD:Check for OpenBSD boot loader presence: +BOOT-5165:test:security:boot_services:FreeBSD:Check for FreeBSD boot services: +BOOT-5177:test:security:boot_services:Linux:Check for Linux boot and running services: +BOOT-5180:test:security:boot_services:Linux:Check for Linux boot services (Debian style): +BOOT-5184:test:security:boot_services:Linux:Check permissions for boot files/scripts: +BOOT-5202:test:security:boot_services::Check uptime of system: +BOOT-5260:test:security:boot_services::Check single user mode for systemd: +CONT-8004:test:security:containers:Solaris:Query running Solaris zones: +#CONT-1906:test:security:containers::Query Xen guests: +CONT-8102:test:security:containers::Checking Docker status and information: +CONT-8104:test:security:containers::Checking Docker info for any warnings: +CONT-8106:test:security:containers::Gather basic stats from Docker: +CONT-8108:test:security:containers::Check file permissions for Docker files: +CRYP-7902:test:security:crypto::Check expire date of SSL certificates: +DBS-1804:test:security:databases::Checking active MySQL process: +#DBS-1808:test:security:databases::Checking MySQL data directory: +#DBS-1812:test:security:databases::Checking MySQL data directory permissions: +DBS-1816:test:security:databases::Checking MySQL root password: +DBS-1826:test:security:databases::Checking active PostgreSQL processes: +DBS-1840:test:security:databases::Checking active Oracle processes: +#DBS-1842:test:security:databases::Checking Oracle home paths: +DBS-1860:test:security:databases::Checking active DB2 instances: +FINT-4310:test:security:file_integrity::AFICK availability: +FINT-4314:test:security:file_integrity::AIDE availability: +FINT-4315:test:security:file_integrity::Check AIDE configuration file: +FINT-4318:test:security:file_integrity::Osiris availability: +FINT-4322:test:security:file_integrity::Samhain availability: +FINT-4326:test:security:file_integrity::Tripwire availability: +FINT-4328:test:security:file_integrity::OSSEC syscheck daemon running: +FINT-4330:test:security:file_integrity::mtree availability: +FINT-4334:test:security:file_integrity::Check lfd daemon status: +FINT-4336:test:security:file_integrity::Check lfd configuration status: +FINT-4338:test:security:file_integrity::osqueryd syscheck daemon running: +FINT-4402:test:security:file_integrity::Checksums (SHA256 or SHA512): +FINT-4350:test:security:file_integrity::File integrity software installed: +FILE-7524:test:security:file_permissions::Perform file permissions check: +FILE-6310:test:security:filesystems::Checking /tmp, /home and /var directory: +FILE-6311:test:security:filesystems::Checking LVM volume groups: +FILE-6312:test:security:filesystems::Checking LVM volumes: +#FILE-6316:test:security:filesystems:Linux:Checking /etc/fstab: +FILE-6323:test:security:filesystems:Linux:Checking EXT file systems: +FILE-6329:test:security:filesystems::Checking FFS/UFS file systems: +FILE-6330:test:security:filesystems:FreeBSD:Checking ZFS file systems: +FILE-6332:test:security:filesystems::Checking swap partitions: +FILE-6336:test:security:filesystems::Checking swap mount options: +FILE-6344:test:security:filesystems:Linux:Checking proc mount options: +FILE-6354:test:security:filesystems::Searching for old files in /tmp: +FILE-6362:test:security:filesystems::Checking /tmp sticky bit: +FILE-6368:test:security:filesystems:Linux:Checking ACL support on root file system: +FILE-6372:test:security:filesystems:Linux:Checking / mount options: +FILE-6374:test:security:filesystems:Linux:Checking /boot mount options: +FILE-6376:test:security:filesystems:Linux:Determine if /var/tmp is bound to /tmp: +FILE-6410:test:security:filesystems::Checking Locate database: +FILE-6430:test:security:filesystems::Disable mounting of some filesystems: +FIRE-4502:test:security:firewalls:Linux:Check iptables kernel module: +FIRE-4508:test:security:firewalls::Check used policies of iptables chains: +FIRE-4512:test:security:firewalls::Check iptables for empty ruleset: +FIRE-4513:test:security:firewalls::Check iptables for unused rules: +FIRE-4518:test:security:firewalls::Check pf firewall components: +FIRE-4520:test:security:firewalls::Check pf configuration consistency: +FIRE-4524:test:security:firewalls::Check for CSF presence: +FIRE-4526:test:security:firewalls:Solaris:Check ipf status: +FIRE-4530:test:security:firewalls:FreeBSD:Check IPFW status: +FIRE-4532:test:security:firewalls::Check Mac OS X application firewall: +FIRE-4536:test:security:firewalls:Linux:Check nftables status: +FIRE-4538:test:security:firewalls:Linux:Check nftables basic configuration: +FIRE-4590:test:security:firewalls::Check firewall status: +HRDN-7220:test:security:hardening::Check if one or more compilers are installed: +HRDN-7222:test:security:hardening::Check compiler permissions: +HRDN-7230:test:security:hardening::Check for malware scanner: +HOME-9302:test:security:homedirs::Create list with home directories: +HOME-9310:test:security:homedirs::Checking for suspicious shell history files: +#HOME-9314:test:security:homedirs::Create list with home directories: +HOME-9350:test:security:homedirs::Collecting information from home directories: +INSE-8002:test:security:insecure_services::Check for enabled inet daemon: +INSE-8004:test:security:insecure_services::Check for enabled inet daemon: +INSE-8006:test:security:insecure_services::Check configuration of inetd when disabled: +INSE-8016:test:security:insecure_services::Check for telnet via inetd: +KRNL-5622:test:security:kernel:Linux:Determine Linux default run level: +KRNL-5677:test:security:kernel:Linux:Check CPU options and support: +KRNL-5695:test:security:kernel:Linux:Determine Linux kernel version and release number: +KRNL-5723:test:security:kernel:Linux:Determining if Linux kernel is monolithic: +KRNL-5726:test:security:kernel:Linux:Checking Linux loaded kernel modules: +KRNL-5728:test:security:kernel:Linux:Checking Linux kernel config: +KRNL-5730:test:security:kernel:Linux:Checking disk I/O kernel scheduler: +KRNL-5745:test:security:kernel:FreeBSD:Checking FreeBSD loaded kernel modules: +KRNL-5770:test:security:kernel:Solaris:Checking active kernel modules: +KRNL-5788:test:security:kernel:Linux:Checking availability new Linux kernel: +KRNL-5820:test:security:kernel:Linux:Checking core dumps configuration: +#KRNL-5826:test:security:kernel:Linux:Checking core dumps configuration: +KRNL-5830:test:security:kernel:Linux:Checking if system is running on the latest installed kernel: +KRNL-6000:test:security:kernel_hardening::Check sysctl key pairs in scan profile: +LDAP-2219:test:security:ldap::Check running OpenLDAP instance: +LDAP-2224:test:security:ldap::Check presence slapd.conf: +LOGG-2130:test:security:logging::Check for running syslog daemon: +LOGG-2132:test:security:logging::Check for running syslog-ng daemon: +LOGG-2134:test:security:logging::Checking Syslog-NG configuration file consistency: +LOGG-2136:test:security:logging::Check for running systemd journal daemon: +LOGG-2210:test:security:logging::Check for running metalog daemon: +LOGG-2230:test:security:logging::Check for running RSyslog daemon: +LOGG-2240:test:security:logging::Check for running RFC 3195 compliant daemon: +LOGG-2138:test:security:logging:Linux:Checking kernel logger daemon on Linux: +LOGG-2142:test:security:logging:Linux:Checking minilog daemon: +LOGG-2146:test:security:logging::Checking logrotate.conf and logrotate.d: +LOGG-2148:test:security:logging::Checking logrotated files: +LOGG-2150:test:security:logging::Checking directories in logrotate configuration: +LOGG-2152:test:security:logging::Checking loghost: +LOGG-2154:test:security:logging::Checking syslog configuration file: +LOGG-2160:test:security:logging::Checking /etc/newsyslog.conf: +LOGG-2162:test:security:logging::Checking directories in /etc/newsyslog.conf: +LOGG-2164:test:security:logging::Checking files specified /etc/newsyslog.conf: +LOGG-2170:test:security:logging::Checking log paths: +LOGG-2180:test:security:logging::Checking open log files: +LOGG-2190:test:security:logging::Checking for deleted files in use: +MACF-6204:test:security:mac_frameworks::Check AppArmor presence: +MACF-6208:test:security:mac_frameworks::Check if AppArmor is enabled: +MACF-6232:test:security:mac_frameworks::Check SELINUX presence: +MACF-6234:test:security:mac_frameworks::Check SELINUX status: +RBAC-6272:test:security:mac_frameworks::Check grsecurity presence: +MACF-6290:test:security:mac_frameworks::Check for implemented MAC framework: +MAIL-8802:test:security:mail_messaging::Check Exim status: +MAIL-8814:test:security:mail_messaging::Check postfix process status: +MAIL-8816:test:security:mail_messaging::Check Postfix configuration: +MAIL-8818:test:security:mail_messaging::banner: +MAIL-8838:test:security:mail_messaging::Check dovecot process: +MAIL-8860:test:security:mail_messaging::Check Qmail status: +MAIL-8880:test:security:mail_messaging::Check Sendmail status: +MAIL-8920:test:security:mail_messaging::Check OpenSMTPD status: +MALW-3275:test:security:malware::Check for chkrootkit: +MALW-3276:test:security:malware::Check for Rootkit Hunter: +MALW-3278:test:security:malware::Check for LMD: +MALW-3280:test:security:malware::Check if anti-virus tool is installed: +MALW-3282:test:security:malware::Check for clamscan: +MALW-3284:test:security:malware::Check for clamd: +MALW-3286:test:security:malware::Check for freshclam: +MALW-3288:test:security:malware::Check for ClamXav: +PROC-3602:test:security:memory_processes:Linux:Checking /proc/meminfo for memory details: +PROC-3604:test:security:memory_processes:Solaris:Query prtconf for memory details: +PROC-3612:test:security:memory_processes::Check dead or zombie processes: +PROC-3614:test:security:memory_processes::Check heavy IO waiting based processes: +NAME-4016:test:security:nameservices::Check /etc/resolv.conf default domain: +NAME-4018:test:security:nameservices::Check /etc/resolv.conf search domains: +NAME-4020:test:security:nameservices::Check non default options: +NAME-4024:test:security:nameservices:Solaris:Solaris uname -n output: +NAME-4026:test:security:nameservices:Solaris:Check /etc/nodename: +NAME-4028:test:security:nameservices::Check domain name: +NAME-4032:test:security:nameservices::Check nscd status: +NAME-4034:test:security:nameservices::Check Unbound status: +NAME-4036:test:security:nameservices::Check Unbound configuration file: +NAME-4202:test:security:nameservices::Check BIND status: +NAME-4204:test:security:nameservices::Search BIND configuration file: +NAME-4206:test:security:nameservices::Check BIND configuration consistency: +#NAME-4050:test:security:nameservices::Check nscd status: +NAME-4210:test:security:nameservices::Check DNS banner: +#NAME-4212:test:security:nameservices::Check version setting in configuration: +#NAME-4220:test:security:nameservices::Check zone transfer: +#NAME-4222:test:security:nameservices::Check zone transfer: +NAME-4230:test:security:nameservices::Check PowerDNS status: +NAME-4232:test:security:nameservices::Search PowerDNS configuration file: +#NAME-4234:test:security:nameservices::Check PowerDNS configuration consistency: +NAME-4236:test:security:nameservices::Check PowerDNS backends: +NAME-4238:test:security:nameservices::Check PowerDNS authoritive status: +NAME-4304:test:security:nameservices::Check NIS ypbind status: +NAME-4306:test:security:nameservices::Check NIS domain: +NAME-4402:test:security:nameservices::Check duplicate line in /etc/hosts: +NAME-4404:test:security:nameservices::Check /etc/hosts contains an entry for this server name: +NAME-4406:test:security:nameservices::Check server hostname mapping: +NETW-2600:test:security:networking:Linux:Checking IPv6 configuration: +NETW-2704:test:security:networking::Basic nameserver configuration tests: +NETW-2705:test:security:networking::Check availability two nameservers: +NETW-3001:test:security:networking::Find default gateway (route): +NETW-3004:test:security:networking::Search available network interfaces: +NETW-3006:test:security:networking::Get network MAC addresses: +NETW-3008:test:security:networking::Get network IP addresses: +NETW-3012:test:security:networking::Check listening ports: +NETW-3014:test:security:networking::Checking promiscuous interfaces (BSD): +NETW-3015:test:security:networking:Linux:Checking promiscuous interfaces (Linux): +NETW-3028:test:security:networking::Checking connections in WAIT state: +NETW-3030:test:security:networking::Checking DHCP client status: +NETW-3032:test:security:networking:Linux:Checking for ARP monitoring software: +PHP-2211:test:security:php::Check php.ini presence: +PHP-2320:test:security:php::Check PHP disabled functions: +PHP-2368:test:security:php::Check PHP register_globals option: +PHP-2372:test:security:php::Check PHP expose_php option: +PHP-2374:test:security:php::Check PHP enable_dl option: +PHP-2376:test:security:php::Check PHP allow_url_fopen option: +PHP-2378:test:security:php::Check PHP allow_url_include option: +PKGS-7301:test:security:ports_packages::Query NetBSD pkg: +PKGS-7302:test:security:ports_packages::Query FreeBSD/NetBSD pkg_info: +PKGS-7303:test:security:ports_packages::Query brew package manager: +PKGS-7304:test:security:ports_packages::Querying Gentoo packages: +PKGS-7306:test:security:ports_packages:Solaris:Querying Solaris packages: +PKGS-7308:test:security:ports_packages::Checking package list with RPM: +PKGS-7310:test:security:ports_packages::Checking package list with pacman: +PKGS-7312:test:security:ports_packages::Checking available updates for pacman based system: +PKGS-7314:test:security:ports_packages::Checking pacman configuration options: +PKGS-7328:test:security:ports_packages::Querying Zypper for installed packages: +PKGS-7330:test:security:ports_packages::Querying Zypper for vulnerable packages: +PKGS-7345:test:security:ports_packages::Querying dpkg: +PKGS-7346:test:security:ports_packages::Search unpurged packages on system: +PKGS-7348:test:security:ports_packages:FreeBSD:Check for old distfiles: +PKGS-7350:test:security:ports_packages::Checking for installed packages with DNF utility: +PKGS-7352:test:security:ports_packages::Checking for security updates with DNF utility: +PKGS-7354:test:security:ports_packages::Checking package database integrity: +PKGS-7366:test:security:ports_packages::Checking for debsecan utility: +PKGS-7370:test:security:ports_packages::Checking for debsums utility: +PKGS-7378:test:security:ports_packages::Query portmaster for port upgrades: +PKGS-7380:test:security:ports_packages:NetBSD:Check for vulnerable NetBSD packages: +PKGS-7381:test:security:ports_packages::Check for vulnerable FreeBSD packages with pkg: +PKGS-7382:test:security:ports_packages::Check for vulnerable FreeBSD packages with portaudit: +PKGS-7383:test:security:ports_packages::Check for YUM package Update management: +PKGS-7384:test:security:ports_packages::Check for YUM utils package: +PKGS-7386:test:security:ports_packages::Check for YUM security package: +PKGS-7387:test:security:ports_packages::Check for GPG signing in YUM security package: +PKGS-7388:test:security:ports_packages::Check security repository in Debian/ubuntu apt sources.list file: +PKGS-7390:test:security:ports_packages:Linux:Check Ubuntu database consistency: +PKGS-7392:test:security:ports_packages:Linux:Check for Debian/Ubuntu security updates: +PKGS-7393:test:security:ports_packages::Check for Gentoo vulnerable packages: +PKGS-7394:test:security:ports_packages:Linux:Check for Ubuntu updates: +PKGS-7398:test:security:ports_packages::Check for package audit tool: +PKGS-7410:test:security:ports_packages::Count installed kernel packages: +PRNT-2302:test:security:printers_spools:FreeBSD:Check for printcap consistency: +PRNT-2304:test:security:printers_spools::Check cupsd status: +PRNT-2306:test:security:printers_spools::Check CUPSd configuration file: +PRNT-2307:test:security:printers_spools::Check CUPSd configuration file permissions: +PRNT-2308:test:security:printers_spools::Check CUPSd network configuration: +PRNT-2314:test:security:printers_spools::Check lpd status: +#PRNT-23xx:test::printers_spools:Check cupsd address configuration:security: +PRNT-2316:test:security:printers_spools:AIX:Checking /etc/qconfig file: +PRNT-2418:test:security:printers_spools:AIX:Checking qdaemon printer spooler status: +PRNT-2420:test:security:printers_spools:AIX:Checking old print jobs: +SCHD-7702:test:security:scheduling::Check status of cron daemon: +SCHD-7704:test:security:scheduling::Check crontab/cronjobs: +SCHD-7718:test:security:scheduling::Check at users: +SCHD-7720:test:security:scheduling::Check at users: +SCHD-7724:test:security:scheduling::Check at jobs: +SHLL-6202:test:security:shells:FreeBSD:Check console TTYs: +SHLL-6211:test:security:shells::Checking available and valid shells: +SHLL-6220:test:security:shells::Checking available and valid shells: +SHLL-6230:test:security:shells::Perform umask check for shell configurations: +SHLL-6290:test:security:shells::Perform Shellshock vulnerability tests: +SNMP-3302:test:security:snmp::Check for running SNMP daemon: +SNMP-3304:test:security:snmp::Check SNMP daemon file location: +SNMP-3306:test:security:snmp::Check SNMP communities: +#SOL-xxxx:test:security:solaris::Check for running SSH daemon: +#SOL-xxxx:test:security:solaris::Check for running SSH daemon: +SQD-3602:test:security:squid::Check for running Squid daemon: +SQD-3604:test:security:squid::Check Squid daemon file location: +SQD-3606:test:security:squid::Check Squid version: +SQD-3610:test:security:squid::Check Squid version: +SQD-3613:test:security:squid::Check Squid file permissions: +SQD-3614:test:security:squid::Check Squid authentication methods: +SQD-3616:test:security:squid::Check external Squid authentication: +SQD-3620:test:security:squid::Check Squid access control lists: +SQD-3624:test:security:squid::Check Squid safe ports: +SQD-3630:test:security:squid::Check Squid reply_body_max_size option: +SQD-3680:test:security:squid::Check Squid version suppresion: +SSH-7402:test:security:ssh::Check for running SSH daemon: +SSH-7404:test:security:ssh::Check SSH daemon file location: +SSH-7408:test:security:ssh::Check SSH specific defined options: +SSH-7440:test:security:ssh::AllowUsers and AllowGroups: +STRG-1840:test:security:storage:Linux:Check if USB storage is disabled: +STRG-1842:test:security:storage:Linux:Check USB authorizations: +STRG-1846:test:security:storage:Linux:Check if firewire storage is disabled: +STRG-1902:test:security:storage_nfs::Check rpcinfo registered programs: +STRG-1904:test:security:storage_nfs::Check nfs rpc: +STRG-1906:test:security:storage_nfs::Check nfs rpc: +STRG-1920:test:security:storage_nfs::Checking NFS daemon: +#STRG-1924:test:security:storage_nfs::Checking NFS daemon: +STRG-1926:test:security:storage_nfs::Checking NFS exports: +STRG-1928:test:security:storage_nfs::Checking empty /etc/exports: +STRG-1930:test:security:storage_nfs::Check client access to nfs share: +TIME-3104:test:security:time::Check for running NTP daemon or client: +TIME-3106:test:security:time::Check systemd NTP time synchronization status: +TIME-3112:test:security:time::Check active NTP associations ID's: +TIME-3116:test:security:time::Check peers with stratum value of 16: +TIME-3120:test:security:time::Check unreliable NTP peers: +TIME-3124:test:security:time::Check selected time source: +TIME-3128:test:security:time::Check preffered time source: +TIME-3132:test:security:time::Check NTP falsetickers: +TIME-3136:test:security:time:Linux:Check NTP protocol version: +#TIME-3146:test:security:time:Linux:Check /etc/default/ntpdate: +TIME-3160:test:security:time:Linux:Check empty NTP step-tickers: +TIME-3170:test:security:time::Check configuration files: +TOOL-5002:test:security:tooling::Checking for automation tools: +TOOL-5102:test:security:tooling::Check for presence of Fail2ban: +TOOL-5014:test:security:tooling::Check presence of IDS/IPS tool: +#VIRT-1920:test::virtualization:Checking VMware guest status:security: +HTTP-6622:test:security:webservers::Checking Apache presence: +HTTP-6624:test:security:webservers::Testing main Apache configuration file: +HTTP-6626:test:security:webservers::Testing other Apache configuration file: +#HTTP-6628:test:security:webservers::Testing other Apache configuration file: +#HTTP-6630:test:security:webservers::Determining all loaded Apache modules: +HTTP-6632:test:security:webservers::Determining all available Apache modules: +HTTP-6640:test:security:webservers::Determining existence of specific Apache modules: +HTTP-6641:test:security:webservers::Determining existence of specific Apache modules: +#HTTP-6642:test:security:webservers::Determining existence of specific Apache modules: +HTTP-6643:test:security:webservers::Determining existence of specific Apache modules: +HTTP-6702:test:security:webservers::Check nginx process: +HTTP-6704:test:security:webservers::Check nginx configuration file: +HTTP-6706:test:security:webservers::Check for additional nginx configuration files: +HTTP-6708:test:security:webservers::Check discovered nginx configuration settings: +HTTP-6710:test:security:webservers::Check nginx SSL configuration settings: +HTTP-6712:test:security:webservers::Check nginx access logging: +HTTP-6714:test:security:webservers::Check for missing error logs in nginx: +HTTP-6716:test:security:webservers::Check for debug mode on error log in nginx: +#HTTP-67xx:test:security:webservers::Check nginx virtual hosts: +#HTTP-67xx:test:security:webservers::Check nginx virtual hosts: +HTTP-6720:test:security:webservers::Check Nginx log files: +# EOF diff --git a/include/helper_show b/include/helper_show index 9338a4ed..2d916ab2 100644 --- a/include/helper_show +++ b/include/helper_show @@ -251,24 +251,28 @@ if [ $# -gt 0 ]; then SEARCH="$1" FIND=$(grep "^${SEARCH}" ${DBDIR}/tests.db | sed "s/ /:space:/g") if [ -z "${FIND}" ]; then - ${ECHOCMD} "Error: Invalid argument provided to 'lynis show tests'\n\n" - ${ECHOCMD} "Suggestions:" - for I in ${SHOW_TESTS_ARGS}; do ${ECHOCMD} "lynis show tests ${I}"; done + ${ECHOCMD} "${WARNING}Error${NORMAL}: ${BOLD}Could not find this test in the database${NORMAL}\n\n" ExitFatal else for ITEM in ${FIND}; do - TEST_DESCRIPTION=$(echo ${ITEM} | sed "s/:space:/ /g" | awk -F: '{print $5}') + TEST_DESCRIPTION=$(echo ${ITEM} | sed "s/:space:/ /g" | awk -F: '{print $6}') TEST=$(echo ${ITEM} | awk -F: '{print $1}') TEST_TYPE=$(echo ${ITEM} | awk -F: '{print $2}') - TEST_OS=$(echo ${ITEM} | awk -F: '{print $4}') + TEST_CATEGORY=$(echo ${ITEM} | awk -F: '{print $3}') + TEST_GROUP=$(echo ${ITEM} | awk -F: '{print $4}') + TEST_OS=$(echo ${ITEM} | awk -F: '{print $5}') TEST_SKIPPED=0 - ${ECHOCMD} "${CYAN}${TEST}${NORMAL} [type=${TEST_TYPE}]" + ${ECHOCMD} "${CYAN}${TEST}${NORMAL}" ${ECHOCMD} "===================================" ${ECHOCMD} "" - ${ECHOCMD} "Description:" - ${ECHOCMD} "${WHITE}${TEST_DESCRIPTION}${NORMAL}" + ${ECHOCMD} "${WHITE}Type:${NORMAL} ${TEST_TYPE}" ${ECHOCMD} "" - ${ECHOCMD} "Perform test:" + ${ECHOCMD} "${WHITE}Description:${NORMAL}" + ${ECHOCMD} "${TEST_DESCRIPTION}" + ${ECHOCMD} "" + ${ECHOCMD} "${WHITE}Category:${NORMAL} ${TEST_CATEGORY}, ${WHITE}Group:${NORMAL} ${TEST_GROUP}" + ${ECHOCMD} "" + ${ECHOCMD} "${WHITE}Test Execution:${NORMAL}" if [ "${TEST_OS}" = "" ]; then ${ECHOCMD} " Operating System: ${GREEN}Yes${NORMAL} (all systems)" elif [ "${TEST_OS}" = "${OS}" ]; then @@ -305,7 +309,7 @@ if [ $# -gt 0 ]; then if [ -f ${DBDIR}/tests.db ]; then ${ECHOCMD} "# Test OS Description" ${ECHOCMD} "# ======================================================================================" - awk -F: '{ if ($1 !~ /^#/) printf("%-12s %-10s %s\n",$1,$4,$5)}' ${DBDIR}/tests.db + awk -F: '{ if ($1 !~ /^#/) printf("%-10s %-10s %s (%s)\n",$1,$5,$6,$3)}' ${DBDIR}/tests.db else ${ECHOCMD} "${RED}ERROR:${NORMAL} Can not find tests database" ExitFatal