Move state recording to report section

2019-05-16 15:23:23 +02:00 · 2019-05-16 15:23:23 +02:00 · 8e61275ff4
parent dc2962955e
commit 8e61275ff4
4 changed files with 69 additions and 60 deletions
--- a/include/report
+++ b/include/report
@ -22,8 +22,32 @@
 #
 #################################################################################
 #
+
+    # Add data fields to report file
+    Report "dhcp_client_running=${DHCP_CLIENT_RUNNING}"
+    Report "arpwatch_running=${ARPWATCH_RUNNING}"
+
+    # Report firewall installed for now, if we found one active. Next step would be determining binaries first and apply additional checks.
+    Report "firewall_active=${FIREWALL_ACTIVE}"
+    Report "firewall_empty_ruleset=${FIREWALL_EMPTY_RULESET}"
+    Report "firewall_installed=${FIREWALL_ACTIVE}"
+
+    if [ ! -z "${INSTALLED_PACKAGES}" ]; then Report "installed_packages_array=${INSTALLED_PACKAGES}"; fi
+
+    Report "package_audit_tool=${PACKAGE_AUDIT_TOOL}"
+    Report "package_audit_tool_found=${PACKAGE_AUDIT_TOOL_FOUND}"
+    Report "vulnerable_packages_found=${VULNERABLE_PACKAGES_FOUND}"
+
+
    # Hardening Index
-    # Define approximately how strong a machine has been hardened
+
+    # Goal:
+    # Provide a visual way to show how much the system is hardened
+    #
+    # Important:
+    # The index gives a simplified version of the measures taken on the system.
+    # It should be used to get a first impression about the state of the system or to compare similar systems.
+    # Getting the maximum score (100 or full bar) does not indicate that the system is fully secured.

    # If no hardening has been found, set value to 1
    if [ ${HPPOINTS} -eq 0 ]; then HPPOINTS=1; HPTOTAL=100; fi
--- a/include/tests_firewalls
+++ b/include/tests_firewalls
@ -596,11 +596,6 @@
 #################################################################################
 #

-# Report firewall installed for now, if we found one active. Next step would be determining binaries first and apply additional checks.
-Report "firewall_active=${FIREWALL_ACTIVE}"
-Report "firewall_empty_ruleset=${FIREWALL_EMPTY_RULESET}"
-Report "firewall_installed=${FIREWALL_ACTIVE}"
-
 WaitForKeyPress

 #
--- a/include/tests_networking
+++ b/include/tests_networking
@ -634,9 +634,6 @@
 #################################################################################
 #

-Report "dhcp_client_running=${DHCP_CLIENT_RUNNING}"
-Report "arpwatch_running=${ARPWATCH_RUNNING}"
-
 WaitForKeyPress

 #
--- a/include/tests_ports_packages
+++ b/include/tests_ports_packages
@ -1340,13 +1340,6 @@
 #################################################################################
 #

-
-if [ ! -z "${INSTALLED_PACKAGES}" ]; then Report "installed_packages_array=${INSTALLED_PACKAGES}"; fi
-
-Report "package_audit_tool=${PACKAGE_AUDIT_TOOL}"
-Report "package_audit_tool_found=${PACKAGE_AUDIT_TOOL_FOUND}"
-Report "vulnerable_packages_found=${VULNERABLE_PACKAGES_FOUND}"
-
 WaitForKeyPress

 #