tyler.durden
/
lynis
mirror of https://github.com/CISOfy/lynis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Added ClamXav test

This commit is contained in:
mboelen 2014-09-25 19:08:47 +02:00
parent ab71616900
commit c5ce09af9f
1 changed files with 28 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
include/tests_malware
View File

@ -5,8 +5,8 @@
# Lynis # Lynis
# ------------------ # ------------------
# #
# Copyright 2007-2014, Michael Boelen (michael@rootkit.nl), The Netherlands # Copyright 2007-2014, Michael Boelen (michael.boelen@cisofy.com), The Netherlands
# Web site: http://www.rootkit.nl # Web site: http://cisofy.com
# #
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are # Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
# welcome to redistribute it under the terms of the GNU General Public License. # welcome to redistribute it under the terms of the GNU General Public License.
@ -38,7 +38,6 @@
MALWARE_SCANNER_INSTALLED=1 MALWARE_SCANNER_INSTALLED=1
AddHP 2 2 AddHP 2 2
else else
Display --indent 2 --text "- Checking chkrootkit" --result "NOT FOUND" --color WHITE
logtext "Result: chkrootkit not found" logtext "Result: chkrootkit not found"
fi fi
fi fi
@ -56,7 +55,6 @@
MALWARE_SCANNER_INSTALLED=1 MALWARE_SCANNER_INSTALLED=1
AddHP 2 2 AddHP 2 2
else else
Display --indent 2 --text "- Checking Rootkit Hunter" --result "NOT FOUND" --color WHITE
logtext "Result: Rootkit Hunter not found" logtext "Result: Rootkit Hunter not found"
fi fi
fi fi
@ -87,7 +85,6 @@
AddHP 2 2 AddHP 2 2
fi fi
if [ ${FOUND} -eq 0 ]; then if [ ${FOUND} -eq 0 ]; then
Display --indent 2 --text "- Checking commercial anti-virus scanners" --result "NONE FOUND" --color WHITE
logtext "Result: no commercial anti-virus tool found" logtext "Result: no commercial anti-virus tool found"
AddHP 0 3 AddHP 0 3
fi fi
@ -106,7 +103,6 @@
MALWARE_SCANNER_INSTALLED=1 MALWARE_SCANNER_INSTALLED=1
AddHP 2 2 AddHP 2 2
else else
Display --indent 2 --text "- Checking ClamAV scanner" --result "NOT FOUND" --color WHITE
logtext "Result: clamscan couldn't be found" logtext "Result: clamscan couldn't be found"
fi fi
fi fi
@ -126,7 +122,6 @@
MALWARE_SCANNER_INSTALLED=1 MALWARE_SCANNER_INSTALLED=1
CLAMD_RUNNING=1 CLAMD_RUNNING=1
else else
Display --indent 2 --text "- Checking ClamAV daemon" --result "NOT FOUND" --color WHITE
logtext "Result: clamd not running" logtext "Result: clamd not running"
fi fi
fi fi
@ -153,7 +148,32 @@
# #
################################################################################# #################################################################################
# #
# Test : MALW-3288 # Test : MALW-3288
# Description : Check for ClamXav (Mac OS X)
#
#################################################################################
#
Register --test-no MALW-3288 --weight L --network NO --description "Check for ClamXav"
if [ ${SKIPTEST} -eq 0 ]; then
if [ -d /Applications/ClamXav.app/Contents/Resources/ScanningEngine/bin/ ]; then
CLAMSCANBINARY=`ls /Applications/ClamXav.app/Contents/Resources/ScanningEngine/bin/ 2> /dev/null | grep 'clamscan'`
if [ ! "${CLAMSCANBINARY}" = "" ]; then
logtext "Result: Found ClamXav clamscan installed"
Display --indent 2 --text "- Checking presence of ClamXav AV scanner" --result "FOUND" --color GREEN
MALWARE_SCANNER_INSTALLED=1
AddHP 3 3
else
logtext "Result: ClamXav malware scanner not found"
AddHP 0 3
fi
else
logtext "Result: could not find ClamXav location"
fi
fi
#
#################################################################################
#
# Test : MALW-3204
# Description : Check for LMD # Description : Check for LMD
# #
################################################################################# #################################################################################