tyler.durden/lynis
1
0
Fork 0
mirror of https://github.com/CISOfy/lynis.git synced 2025-07-28 16:24:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

[NETW-3014] Test whitelisted interface in enabled profiles

Browse Source
This commit is contained in:
mboelen 2016-04-13 17:08:58 +02:00
parent 9a0102384f
commit f4a1ee8ac2
1 changed files with 11 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
include/tests_networking
View File

@ -475,8 +475,17 @@
if [ ! "${FIND}" = "" ]; then if [ ! "${FIND}" = "" ]; then
LogText "Result: Promiscuous interfaces: ${FIND}" LogText "Result: Promiscuous interfaces: ${FIND}"
for I in ${FIND}; do for I in ${FIND}; do
ISWHITELISTED=`grep "^if_promisc:${I}:" ${PROFILE}` WHITELISTED=0
if [ "${ISWHITELISTED}" = "" ]; then for PROFILE in ${PROFILES}; do
Debug "Checking if interface ${I} is whitelisted in profile ${PROFILE}"
ISWHITELISTED=`grep "^if_promisc:${I}:" ${PROFILE}`
if [ ! "${ISWHITELISTED}" = "" ]; then
WHITELISTED=1
LogText "Result: this interface was whitelisted in profile (${PROFILE})"
fi
done
# Check if this interface was whitelisted
if [ ${WHITELISTED} -eq 0 ]; then
FOUNDPROMISC=1 FOUNDPROMISC=1
ReportWarning ${TEST_NO} "H" "Found promiscuous interface (${I})" ReportWarning ${TEST_NO} "H" "Found promiscuous interface (${I})"
LogText "Note: some tools put an interface into promiscuous mode, to capture/log network traffic" LogText "Note: some tools put an interface into promiscuous mode, to capture/log network traffic"