tyler.durden
/
lynis
mirror of https://github.com/CISOfy/lynis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Formatting and improved logging

This commit is contained in:
Michael Boelen 2019-07-16 19:06:31 +02:00
parent 2bd1b1b590
commit 9e56706aa6
No known key found for this signature in database
GPG Key ID: 26141F77A09D7F04
1 changed files with 16 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
include/tests_networking
View File

@ -374,7 +374,7 @@
FIND=""; FIND2="" FIND=""; FIND2=""
COUNT=0 COUNT=0
case ${OS} in case ${OS} in
DragonFly|FreeBSD) DragonFly | FreeBSD)
if [ -n "${SOCKSTATBINARY}" ]; then if [ -n "${SOCKSTATBINARY}" ]; then
FIND=$(${SOCKSTATBINARY} | ${AWKBINARY} '{ if ($7 ~ /\*:\*/) print $5"|"$6"|"$2"|" }' | ${SORTBINARY} -u) FIND=$(${SOCKSTATBINARY} | ${AWKBINARY} '{ if ($7 ~ /\*:\*/) print $5"|"$6"|"$2"|" }' | ${SORTBINARY} -u)
# To strip off IP's: ${SEDBINARY} 's/|.*:/|/' # To strip off IP's: ${SEDBINARY} 's/|.*:/|/'
@ -385,8 +385,10 @@
;; ;;
Linux) Linux)
if [ -n "${SSBINARY}" ]; then if [ -n "${SSBINARY}" ]; then
DATA=$(${SSBINARY} --query=udp,tcp -plnt | awk '{ if ($1!="Netid") { print "raw,ss,v1|"$1"|"$5"|"$7"|" }}' | sed 's/pid=[0-9]\{1,\},fd=[0-9]\{1,\}//g' | sed 's/users://' | sed 's/,)//g' | tr -d '()"') LogText "Test: Retrieving ss information to find listening ports"
DATA=$(${SSBINARY} --query=udp,tcp -plnt | ${AWKBINARY} '{ if ($1!="Netid") { print "raw,ss,v1|"$1"|"$5"|"$7"|" }}' | ${SEDBINARY} 's/pid=[0-9]\{1,\},fd=[0-9]\{1,\}//g' | ${SEDBINARY} 's/users://' | ${SEDBINARY} 's/,)//g' | ${TRBINARY} -d '()"')
elif [ -n "${NETSTATBINARY}" ]; then elif [ -n "${NETSTATBINARY}" ]; then
LogText "Test: Retrieving netstat information to find listening ports"
# UDP # UDP
FIND=$(${NETSTATBINARY} -nlp 2> /dev/null | ${GREPBINARY} "^udp" | ${AWKBINARY} '{ print $4"|"$1"|"$6"|" }' | ${SEDBINARY} 's:|[0-9]*/:|:') FIND=$(${NETSTATBINARY} -nlp 2> /dev/null | ${GREPBINARY} "^udp" | ${AWKBINARY} '{ print $4"|"$1"|"$6"|" }' | ${SEDBINARY} 's:|[0-9]*/:|:')
# TCP # TCP
@ -397,7 +399,8 @@
;; ;;
macOS) macOS)
if [ ! "${LSOFBINARY}" = "" ]; then if [ -n "${LSOFBINARY}" ]; then
LogText "Test: Retrieving lsof information to find listening ports"
# UDP and TCP combined # UDP and TCP combined
FIND=$(${LSOFBINARY} -i -P | ${AWKBINARY} '{ print $9"|"$8"|"$1"|" }' | ${SEDBINARY} 's/\(.*\)\-\>.*\(\|.*\)/\1\2/' | ${SEDBINARY} 's/\*/'$IP'/' | ${SORTBINARY} -u | ${GREPBINARY} -v "NAME") FIND=$(${LSOFBINARY} -i -P | ${AWKBINARY} '{ print $9"|"$8"|"$1"|" }' | ${SEDBINARY} 's/\(.*\)\-\>.*\(\|.*\)/\1\2/' | ${SEDBINARY} 's/\*/'$IP'/' | ${SORTBINARY} -u | ${GREPBINARY} -v "NAME")
else else
@ -407,7 +410,8 @@
FIND2="" FIND2=""
;; ;;
NetBSD) NetBSD)
if [ ! "${SOCKSTATBINARY}" = "" ]; then if [ -n "${SOCKSTATBINARY}" ]; then
LogText "Test: Retrieving sockstat information to find listening ports"
FIND=$(${SOCKSTATBINARY} 2> /dev/null | ${AWKBINARY} '{ if ($7 ~ /\*.\*/) print $5"|"$6"|"$2"|" }' | ${SORTBINARY} -u) FIND=$(${SOCKSTATBINARY} 2> /dev/null | ${AWKBINARY} '{ if ($7 ~ /\*.\*/) print $5"|"$6"|"$2"|" }' | ${SORTBINARY} -u)
else else
FIND="" FIND=""
@ -415,7 +419,8 @@
FIND2="" FIND2=""
;; ;;
OpenBSD) OpenBSD)
if [ ! "${NETSTATBINARY}" = "" ]; then if [ -n "${NETSTATBINARY}" ]; then
LogText "Test: Retrieving netstat information to find listening ports"
# UDP # UDP
FIND=$(${NETSTATBINARY} -an 2> /dev/null | ${GREPBINARY} "^udp" | ${AWKBINARY} '{ print $4"|"$1"||" }') FIND=$(${NETSTATBINARY} -an 2> /dev/null | ${GREPBINARY} "^udp" | ${AWKBINARY} '{ print $4"|"$1"||" }')
# TCP # TCP
@ -430,25 +435,23 @@
;; ;;
esac esac
if HasData "${DATA}"; then if [ -n "${DATA}" ]; then
for ITEM in ${DATA}; do for ITEM in "${DATA}"; do
COUNT=$((COUNT + 1)) COUNT=$((COUNT + 1))
Report "network_listen[]=${ITEM}" Report "network_listen[]=${ITEM}"
done done
fi fi
# Retrieve information from sockstat, when available if [ -n "${FIND}" ]; then
LogText "Test: Retrieving sockstat information to find listening ports" for ITEM in "${FIND}"; do
if HasData "${FIND}"; then
for ITEM in ${FIND}; do
COUNT=$((COUNT + 1)) COUNT=$((COUNT + 1))
LogText "Found listening info: ${ITEM}" LogText "Found listening info: ${ITEM}"
Report "network_listen_port[]=${ITEM}" Report "network_listen_port[]=${ITEM}"
done done
fi fi
if [ ! "${FIND2}" = "" ]; then if [ -n "${FIND2}" ]; then
for ITEM in ${FIND2}; do for ITEM in "${FIND2}"; do
COUNT=$((COUNT + 1)) COUNT=$((COUNT + 1))
LogText "Found listening info: ${ITEM}" LogText "Found listening info: ${ITEM}"
Report "network_listen_port[]=${ITEM}" Report "network_listen_port[]=${ITEM}"