tyler.durden/lynis
1
0
Fork 0
mirror of https://github.com/CISOfy/lynis.git synced 2025-07-25 23:05:01 +02:00
Code Issues Packages Projects Releases Wiki Activity

Check for OS name in Postfix banner

Browse Source
This commit is contained in:
Michael Boelen 2017-01-28 15:48:26 +01:00
parent 7475032f2d
commit bbe95bb0ff
1 changed files with 15 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
include/tests_mail_messaging
View File

@ -101,23 +101,27 @@
FIND1=$(${POSTCONFBINARY} 2> /dev/null | ${GREPBINARY} '^smtpd_banner' | ${GREPBINARY} 'postfix') FIND1=$(${POSTCONFBINARY} 2> /dev/null | ${GREPBINARY} '^smtpd_banner' | ${GREPBINARY} 'postfix')
FIND2=$(${POSTCONFBINARY} 2> /dev/null | ${GREPBINARY} '^smtpd_banner' | ${GREPBINARY} '$mail_name') FIND2=$(${POSTCONFBINARY} 2> /dev/null | ${GREPBINARY} '^smtpd_banner' | ${GREPBINARY} '$mail_name')
FIND3=$(${POSTCONFBINARY} 2> /dev/null | ${GREPBINARY} '^mail_name' | ${GREPBINARY} -i 'postfix') FIND3=$(${POSTCONFBINARY} 2> /dev/null | ${GREPBINARY} '^mail_name' | ${GREPBINARY} -i 'postfix')
#TODO Check if OS name shows up in banner FIND4=$(${POSTCONFBINARY} 2> /dev/null | ${GREPBINARY} '^smtpd_banner' | ${EGREPBINARY} -i "${OS}|${LINUX_VERSION}")
#FIND4=`${POSTCONFBINARY} 2> /dev/null | ${GREPBINARY} '^smtpd_banner' | ${EGREPBINARY} "${OS}|${LINUX_VERSION}`
SHOWWARNING=0 SHOWWARNING=0
if [ ! "${FIND1}" = "" ]; then
if [ ! -z "${FIND1}" ]; then
SHOWWARNING=1 SHOWWARNING=1
else Report "banner_software_disclosure[]=${FIND1}"
if [ ! "${FIND2}" = "" -a ! "${FIND3}" = "" ]; then elif [ ! -z "${FIND2}" -a ! -z "${FIND3}" ]; then
SHOWWARNING=1 SHOWWARNING=1
else Report "banner_software_disclosure[]=${FIND2}"
Display --indent 4 --text "- Postfix banner" --result "${STATUS_OK}" --color GREEN elif [ ! -z "${FIND4}" ]; then
fi SHOWWARNING=1
Report "banner_os_disclosure[]=${FIND4}"
fi fi
if [ ${SHOWWARNING} -eq 1 ]; then if [ ${SHOWWARNING} -eq 1 ]; then
Display --indent 4 --text "- Postfix banner" --result "${STATUS_WARNING}" --color RED Display --indent 4 --text "- Postfix banner" --result "${STATUS_WARNING}" --color RED
LogText "Result: found mail_name in SMTP banner, and/or mail_name contains 'Postfix'." LogText "Result: found OS, or mail_name in SMTP banner, and/or mail_name contains 'Postfix'."
ReportWarning ${TEST_NO} "Found mail_name in SMTP banner, and/or mail_name contains 'Postfix'" ReportWarning ${TEST_NO} "Found some information disclosure in SMTP banner (OS or software name)"
ReportSuggestion ${TEST_NO} "You are advised to hide the mail_name (option: smtpd_banner) from your postfix configuration. Use postconf -e or change your main.cf file (${POSTFIX_CONFIGFILE})" ReportSuggestion ${TEST_NO} "You are advised to hide the mail_name (option: smtpd_banner) from your postfix configuration. Use postconf -e or change your main.cf file (${POSTFIX_CONFIGFILE})"
else
if IsVerbose; then Display --indent 4 --text "- Postfix banner" --result "${STATUS_OK}" --color GREEN; fi
fi fi
fi fi
# #