tyler.durden
/
lynis
mirror of https://github.com/CISOfy/lynis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #142 from kboratynski/features/sshd 

features/sshd
This commit is contained in:
Michael Boelen 2016-03-30 11:55:58 +02:00
parent f8a3c996e0 1f320f68c2
commit beb02e2c3d
2 changed files with 26 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
include/functions
View File

@ -49,6 +49,7 @@
# IsWorldExecutable Check if a file is world executable # IsWorldExecutable Check if a file is world executable
# IsWorldReadable Check if a file is world readable # IsWorldReadable Check if a file is world readable
# IsWorldWritable Check if a file is world writable # IsWorldWritable Check if a file is world writable
# IsTcpUdpListening Check if machine is listening on specified protocol and port
# LogText Log text strings to logfile, prefixed with date/time # LogText Log text strings to logfile, prefixed with date/time
# ParseNginx Parse nginx configuration lines # ParseNginx Parse nginx configuration lines
# Progress Show progress on screen # Progress Show progress on screen
@ -118,6 +119,29 @@
} }
################################################################################
# Name : IsTcpUdpListening()
# Description : Check if machine is listening on specified protocol and port
# Returns : LISTENING (0 or 1)
################################################################################
IsTcpUdpListening()
{
LISTENING=0
if [ $# -eq 2 ] && [ $1 = "TCP" -o $1 = "UDP" ]; then
LogText "Test: find service listening on $1:$2"
FIND=`lsof -i${1} -s${1}:LISTEN | grep "${2}" | wc -l`
if [ ! "${FIND}" = "" ]; then
LogText "Result: found service listening on $1:$2"
LISTENING=1
else
LogText "Result: did not find service listening on $1:$2"
fi
else
ReportException ${TEST_NO} "Error in function call to IsTcpUdpListening"
fi
}
################################################################################ ################################################################################
# Name : CheckItem() # Name : CheckItem()
# Description : Check if a specific item exists in the report # Description : Check if a specific item exists in the report

3
include/tests_ssh
View File

@ -39,7 +39,8 @@
if [ ${SKIPTEST} -eq 0 ]; then if [ ${SKIPTEST} -eq 0 ]; then
LogText "Test: Searching for a SSH daemon" LogText "Test: Searching for a SSH daemon"
IsRunning sshd IsRunning sshd
if [ ${RUNNING} -eq 1 ]; then IsTcpUdpListening "TCP" 22
if [ ${RUNNING} -eq 1 ] || [ ${LISTENING} -eq 1 ]; then
SSH_DAEMON_RUNNING=1 SSH_DAEMON_RUNNING=1
Display --indent 2 --text "- Checking running SSH daemon" --result FOUND --color GREEN Display --indent 2 --text "- Checking running SSH daemon" --result FOUND --color GREEN
else else