tyler.durden
/
lynis
mirror of https://github.com/CISOfy/lynis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1384 from xnoguer/issue-1322 

Adding test MALW-3291 in order to solve issue 1322
This commit is contained in:
Michael Boelen 2024-05-14 08:31:29 +02:00 committed by GitHub
parent 52139773f3 fd64aa24d6
commit 6cbea90a7d
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 20 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
db/tests.db
View File

@ -276,6 +276,7 @@ MALW-3284:test:security:malware::Check for clamd:
MALW-3286:test:security:malware::Check for freshclam: MALW-3286:test:security:malware::Check for freshclam:
MALW-3288:test:security:malware::Check for ClamXav: MALW-3288:test:security:malware::Check for ClamXav:
MALW-3290:test:security:malware::Presence of malware scanner: MALW-3290:test:security:malware::Presence of malware scanner:
MALW-3291:test:security:malware::Check for Microsoft Defender Antivirus:
NAME-4016:test:security:nameservices::Check /etc/resolv.conf default domain: NAME-4016:test:security:nameservices::Check /etc/resolv.conf default domain:
NAME-4018:test:security:nameservices::Check /etc/resolv.conf search domains: NAME-4018:test:security:nameservices::Check /etc/resolv.conf search domains:
NAME-4020:test:security:nameservices::Check non default options: NAME-4020:test:security:nameservices::Check non default options:

1
include/consts
View File

@ -169,6 +169,7 @@ ETC_PATHS="/etc /usr/local/etc"
MACHINEID="" MACHINEID=""
MACHINE_ROLE="" MACHINE_ROLE=""
MALWARE_SCANNER_INSTALLED=0 MALWARE_SCANNER_INSTALLED=0
MDATPBINARY=""
MIN_PASSWORD_LENGTH=-1 MIN_PASSWORD_LENGTH=-1
MONGODB_RUNNING=0 MONGODB_RUNNING=0
MOUNTBINARY="" MOUNTBINARY=""

18
include/tests_malware
View File

@ -369,6 +369,24 @@
fi fi
# #
################################################################################# #################################################################################
#
# Test : MALW-3291
# Description : Check if Microsoft Defender Antivirus is installed
Register --test-no MALW-3291 --weight L --network NO --category security --description "Check for mdatp"
if [ ${SKIPTEST} -eq 0 ]; then
LogText "Test: checking presence mdatp"
if [ ! "${MDATPBINARY}" = "" ]; then
Display --indent 2 --text "- Checking Microsoft Defender Antivirus" --result "${STATUS_FOUND}" --color GREEN
LogText "Result: Found ${MDATPBINARY}"
MALWARE_SCANNER_INSTALLED=1
AddHP 2 2
Report "malware_scanner[]=mdatp"
else
LogText "Result: mdatp couldn't be found"
fi
fi
#
#################################################################################
# #
# Test : MALW-3286 # Test : MALW-3286
# Description : Check running freshclam if clamd process is running # Description : Check running freshclam if clamd process is running