diff --git a/db/control-links.db b/db/control-links.db index c2606e93..78752119 100644 --- a/db/control-links.db +++ b/db/control-links.db @@ -1,4 +1,34 @@ # Links for controls pointing to informational pages. Note: only links managed by the project are allowed (cisofy.com / linux-audit.com) # Format: Control;Text;Link; +ACCT-9628;blog;Linux audit framework 101: basic rules for configuration;https://linux-audit.com/linux-audit-framework-101-basic-rules-for-configuration/; +ACCT-9628;blog;Monitoring Linux file access, changes and data modifications;https://linux-audit.com/monitoring-linux-file-access-changes-and-modifications/; +AUTH-9228;blog;File integrity of password files;https://linux-audit.com/file-integrity-of-password-files/; +AUTH-9262;blog;Configure minimum password length for Linux systems;https://linux-audit.com/configure-the-minimum-password-length-on-linux-systems/; +AUTH-9286;blog;Configure minimum password length for Linux systems;https://linux-audit.com/configure-the-minimum-password-length-on-linux-systems/; +BANN-7126;blog;The real purpose of login banners;https://linux-audit.com/the-real-purpose-of-login-banners-on-linux/; +BANN-7130;blog;The real purpose of login banners;https://linux-audit.com/the-real-purpose-of-login-banners-on-linux/; BOOT-5264;blog;Systemd features to secure service files;https://linux-audit.com/systemd/systemd-features-to-secure-units-and-services/; +FINT-4350;blog;Monitoring Linux file access, changes and data modifications;https://linux-audit.com/monitoring-linux-file-access-changes-and-modifications/; +FINT-4350;blog;Monitor for file changes on Linux;https://linux-audit.com/monitor-for-file-system-changes-on-linux/; +HTTP-6704;blog;Nginx security hardening guide;https://linux-audit.com/web/nginx-security-configuration-hardening-guide/; +HTTP-6706;blog;Nginx security hardening guide;https://linux-audit.com/web/nginx-security-configuration-hardening-guide/; +HTTP-6708;blog;Nginx security hardening guide;https://linux-audit.com/web/nginx-security-configuration-hardening-guide/; +HTTP-6710;blog;Nginx security hardening guide;https://linux-audit.com/web/nginx-security-configuration-hardening-guide/; +HTTP-6712;blog;Nginx security hardening guide;https://linux-audit.com/web/nginx-security-configuration-hardening-guide/; +HTTP-6714;blog;Nginx security hardening guide;https://linux-audit.com/web/nginx-security-configuration-hardening-guide/; +HTTP-6716;blog;Nginx security hardening guide;https://linux-audit.com/web/nginx-security-configuration-hardening-guide/; +HTTP-6720;blog;Nginx security hardening guide;https://linux-audit.com/web/nginx-security-configuration-hardening-guide/; +INSE-8116;blgo;Find and Disable Insecure Services on Linux;https://linux-audit.com/find-disable-insecure-services-linux/; +MAIL-8816;blog;Postfix Hardening Guide for Security and Privacy;https://linux-audit.com/postfix-hardening-guide-for-security-and-privacy/; +MAIL-8817;blog;Postfix Hardening Guide for Security and Privacy;https://linux-audit.com/postfix-hardening-guide-for-security-and-privacy/; +MAIL-8818;blog;Postfix Hardening Guide for Security and Privacy;https://linux-audit.com/postfix-hardening-guide-for-security-and-privacy/; +MAIL-8820;blog;Postfix Hardening Guide for Security and Privacy;https://linux-audit.com/postfix-hardening-guide-for-security-and-privacy/; +NAME-4402;blog;Keeping your /etc/hosts file healthy;https://linux-audit.com/is-your-etc-hosts-file-healthy/; +NAME-4404;blog;Keeping your /etc/hosts file healthy;https://linux-audit.com/is-your-etc-hosts-file-healthy/; +NETW-2600;blog;Linux Security Guide for Hardening IPv6;https://linux-audit.com/linux-security-guide-for-hardening-ipv6/; +SSH-7402;blog;OpenSSH security and hardening;https://linux-audit.com/audit-and-harden-your-ssh-configuration/; +SSH-7404;blog;OpenSSH security and hardening;https://linux-audit.com/audit-and-harden-your-ssh-configuration/; +SSH-7406;blog;OpenSSH security and hardening;https://linux-audit.com/audit-and-harden-your-ssh-configuration/; +SSH-7408;blog;OpenSSH security and hardening;https://linux-audit.com/audit-and-harden-your-ssh-configuration/; +SSH-7440;blog;OpenSSH security and hardening;https://linux-audit.com/audit-and-harden-your-ssh-configuration/; # EOF diff --git a/include/report b/include/report index 55791039..9aa7f3c9 100644 --- a/include/report +++ b/include/report @@ -177,13 +177,21 @@ if [ ${SHOW_REPORT_SOLUTION} -eq 1 -a ! "${SOLUTION}" = "-" ]; then echo " - Solution : ${SOLUTION}"; fi # Show relevant articles if the database is available if [ -f ${DBDIR}/control-links.db ]; then - echo " - Related resources:" - $AWKBINARY -F \; -v control=${RELATED_CONTROL} '{if($1==control && $2=="blog"){print " * Article - "$3": "$4}}' "${DBDIR}/control-links.db" + echo " - Related resources" + ARTICLES=$($AWKBINARY -F \; -v control=${RELATED_CONTROL} '{if($1==control && $2=="blog"){print $2";"$3";"$4";"}}' "${DBDIR}/control-links.db" | sed 's/ /!space!/g') + if [ -n "${ARTICLES}" ]; then + for ITEM in ${ARTICLES}; do + ITEM=$(echo ${ITEM} | sed 's/!space!/ /g') + ARTICLE=$(echo ${ITEM} | awk -F\; '{print $2}') + ARTICLE_LINK=$(echo ${ITEM} | awk -F\; '{print $3}') + echo " * Article: ${CYAN}${ARTICLE}${NORMAL}: ${ARTICLE_LINK}" + done + fi fi if [ -z "${IS_CUSTOM}" ]; then - echo " * Website - ${GRAY}${CONTROL_URL_PROTOCOL}://${CONTROL_URL_PREPEND}${ADDLINK}${CONTROL_URL_APPEND}${NORMAL}" + echo " * Website: ${GRAY}${CONTROL_URL_PROTOCOL}://${CONTROL_URL_PREPEND}${ADDLINK}${CONTROL_URL_APPEND}${NORMAL}" else - echo " * Details - ${GRAY}${CUSTOM_URL_PROTOCOL}://${CUSTOM_URL_PREPEND}${ADDLINK}${CUSTOM_URL_APPEND}${NORMAL}" + echo " * Details: ${GRAY}${CUSTOM_URL_PROTOCOL}://${CUSTOM_URL_PREPEND}${ADDLINK}${CUSTOM_URL_APPEND}${NORMAL}" fi echo "" done