tyler.durden
/
lynis
mirror of https://github.com/CISOfy/lynis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
3,791 Commits 2 Branches 62 Tags 17 MiB
Commit Graph

155 Commits

Author SHA1 Message Date
Michael Boelen fdacc00b45
Security: test PATH and warn or exit on discovery of dangerous location 2019-06-30 19:21:07 +02:00
Michael Boelen 5e4e44bdf3
Added check to ensure that common system tools are defined as extra safety measure 2019-06-30 18:27:31 +02:00
Michael Boelen 94e0a4e40d
Added Suricata (IDS) 2019-06-24 15:38:34 +02:00
Michael Boelen 8d16a62bbd
Added Bro (IDS) 2019-06-24 15:37:40 +02:00
Michael Boelen e195e7c8e0
Corrected lsvg binary detection 2019-04-09 08:26:16 +02:00
Michael Boelen 2750e9b7b8
Detect equery binary 2019-04-07 15:50:46 +02:00
Michael Boelen de2ef2c3e7
Add apt and dpkg binaries 2019-03-29 12:23:45 +01:00
Michael Boelen 703a856e82
Corrected blkid detection 2019-03-14 13:15:07 +01:00
chr0mag 341612418f BOOT-5117 adds systemd-boot bootloader detection (#634) 
Adds a test to detect systemd-boot. The 'bootctl' binary is also
added as this is the utility used to inspect the systemd-boot
configuration.

This test is only executed if systemd is installed, the bootctl
utility exists and the system is booted in UEFI mode.
 2019-03-07 10:07:52 +01:00
jirib 0dafe4a02b better OpenBSD support (#641) 2019-03-05 19:03:44 +01:00
Michael Boelen 66066ae226
Changed year and preparing for new release 2019-01-31 14:47:35 +01:00
theycallhimpat 0f32d2725c Fix printed error when wget comes from busybox (#602) 
Busybox's wget does't provide the -V parameter to get the version, so
redirect stderr to /dev/null to hide the printed error message
 2018-12-17 09:53:27 +01:00
Deon Spengler 72796f5757 Added support for TOMOYO Linux Mandatory Access Control (#589) 
* Added binary for TOMOYO Linux

* Added support for TOMOYO Linux Mandatory Access Control
 2018-10-17 14:20:52 +02:00
Michael Boelen c53072e31e
Ensure a parent directory with binaries is scanned - issue #517 on GitHub 2018-02-06 10:45:41 +01:00
Michael Boelen 7b664a7560
Reverse PATH search 2018-01-25 19:43:51 +01:00
Michael Boelen 3a4bc4db9c
Use binary paths from both PATH and predefined list to improve detection on all platforms 2018-01-25 19:14:58 +01:00
Dave Vehrs 8f689d4723 Adding USBGuard to checks for USB Devices. (#499) 
* Added kernel.dmesg_restrict to sysctl checks.

* Initial addition of tests_usb_devices

* More updates for tests_usb_devices

* More updates

* Updated logging and other output.
 2018-01-24 19:29:50 +01:00
Michael Boelen 3957ca32cd
Minor code enhancements 2018-01-18 16:23:23 +01:00
Michael Boelen 173068b402
Added getcap and grpck back 2018-01-18 11:10:11 +01:00
Michael Boelen 4f751c9037
Remove service manager reference from systemctl, minor cleanup 2018-01-18 10:23:39 +01:00
Michael Boelen 182ce09bc1
Additional code enhancements 2018-01-18 09:19:06 +01:00
mslifcak 173843bdfd Pin svc mgr (#506) 
* systemctl does not mean systemd is used

* Check for systemd active

* determine service manager if not already set
 2018-01-17 15:56:19 +01:00
Michael Boelen 9ba5d200ad
Enhancements to reduce file access and removing unneeded variables 2018-01-17 14:46:29 +01:00
mslifcak 2c774b8795 sort BIN_PATHS before process (#510) 2018-01-17 13:49:07 +01:00
Michael Boelen b4758e0b23
Use PATH variable as first method to scan directories 2018-01-11 12:05:21 +01:00
Michael Boelen 66f8cb2441
Changed year 2018-01-11 09:50:26 +01:00
Michael Boelen 4042c45954
Changes for new plugin class 'hardware' 2017-12-08 09:37:55 +01:00
Michael Boelen 499f7d5015
Improve process detection 2017-09-16 14:08:26 +02:00
Brian Ginsbach 30c58dd1ed Don't assume sshd version is in first line (#452) 
There are some versions of OpenSSH where the version information
isn't in the first line (like NetBSD's with the HPN patches).
 2017-09-04 15:33:28 +02:00
Michael Boelen 00648a636c
Improve systemd detection 2017-08-17 20:28:32 +02:00
Michael Boelen 4ecb9d4d05
[bulk change] cleaning up, code enhancements, initialization of variables, and new tests 2017-04-30 17:59:35 +02:00
hlein b595cc0fb5 Various cleanups (#363) 
* Typo fix.

* Style change: always use $(), never ``.

The Lynis code already mostly used $(), but backticks were sprinkled
around.  Converted all of them.

* Lots of minor spelling/typo fixes.

FWIW these were found with:

  find . -type f -print0 | xargs -0 cat | aspell list | sort -u | egrep '^[a-z]+$' | less

And then reviewing the list to pick out things that looked like
misspelled words as opposed to variables, etc., and then manual
inspection of context to determine the intention.
 2017-03-06 07:41:21 +00:00
Michael Boelen 38af9121ea Properly detect SSH version 2017-02-14 20:10:42 +01:00
Michael Boelen ea16e798ee Grammar fix 2017-02-14 20:05:45 +01:00
Michael Boelen 9c71f6061d Check for pgrep binary 2017-02-10 12:58:59 +01:00
Michael Boelen 34ba1ba184 Changed date and preparing for release 2017-02-09 13:35:40 +01:00
Michael Boelen 57dd96f6c6 Added support for iptables-save 2017-01-28 15:46:56 +01:00
pyllyukko d25dcd09ef Set MAC_FRAMEWORK_ACTIVE=1 if grsecurity's RBAC is enabled (#348) 
* Look for gradm utility

* Set MAC_FRAMEWORK_ACTIVE=1 if grsec's RBAC is enabled
 2017-01-16 11:02:03 +00:00
Justin P 50b06efd30 macOS Refactoring (#311) 
* Default all macOS `OS` names as macOS. Added comments to specify `uname` outputs for better understanding.

* Refactored all `Mac` instances referring to macOS over to `macOS` formatting.

Tested on my own machine, unable to find any errors outside of normal parameters.
 2016-11-05 11:53:22 +01:00
Michael Boelen 1cb1fc40ca Added more definitions for tools 2016-10-28 11:48:20 +02:00
Michael Boelen 22d27434c9 Enhance pkg support on FreeBSD 2016-10-15 16:38:33 +02:00
Michael Boelen 622d15321b Added clamconf binary 2016-10-06 11:15:28 +02:00
Michael Boelen 0cc27b956e New test INSE-8050 2016-10-05 09:50:06 +02:00
Michael Boelen db419495bf Added support for arch-audit tooling 2016-09-24 14:49:14 +02:00
Michael Boelen 2534fb99a9 Added file, head, mount, uname, uniq, wc, and xargs 2016-09-10 16:12:15 +02:00
Michael Boelen 2b005afd04 Add cut and sed to binary list 2016-09-08 21:04:35 +02:00
BlueC0re a596bdc349 added TRBINARY + fix nftables check (#276) 
fixes #273
 2016-09-06 20:58:30 +02:00
Michael Boelen facb68bc32 Added base64 binary 2016-08-29 10:06:41 +02:00
Michael Boelen a6b04a3ace Added sort to list of binaries 2016-08-25 15:30:25 +02:00
Michael Boelen 220476d955 Test for blkid binary 2016-07-30 14:09:44 +02:00
Yann ILAS bc313949c8 Add of MODPROBE variable (#202) 
Test for presence of modprobe utility
 2016-05-19 17:23:54 +02:00
Michael Boelen 9f14495d70 Added sha256 and sha256sum utilities 2016-05-05 17:49:04 +02:00
Michael Boelen eded02cfde Rewritten counters and dealing with values 2016-05-03 14:57:53 +02:00
mboelen 9e312f5a5f Replaced functions and minor cleanups 2016-04-28 09:15:54 +02:00
mboelen 098a2e3760 Added istat binary 2016-04-26 21:20:17 +02:00
mboelen a2514f20e1 Improve logging to state what directory will be scanned 2016-04-19 17:25:25 +02:00
mboelen a3ae0a450a No breaks betweens directories 2016-04-19 17:24:08 +02:00
mboelen 2d7ef97605 Consider binaries check as a core test 2016-04-19 17:23:12 +02:00
Eric Light 3b3a852122 Added tooling tests for Fail2Ban (#162) 
* Added binary for Fail2Ban

* Added test for Fail2Ban (presence and configuration)

* Added test to check for enabled Fail2Ban jails

* Added test to confirm at least one enabled jail. Fixed regex.

* Added check to confirm iptables has a fail2ban chain
 2016-04-13 08:12:26 +02:00
mboelen 8cc47819b4 Removed copyright line, added description 2016-03-13 16:03:46 +01:00
mboelen 6197ac08e7 Added link to website, blog, github 2016-03-13 16:00:39 +01:00
mboelen 1e12852b12 Initial support for DNF package manager 2016-01-25 13:18:59 +01:00
mboelen 95832c61d1 Update to reflect renamed functions logtext and report 2015-12-22 16:02:32 +01:00
mboelen ddfd21b696 Added test for gzip to allow compression of report file 2015-12-21 19:13:50 +01:00
mboelen 526c519300 Retrieve cURL version number 2015-12-21 11:25:38 +01:00
Jason Novinger e5cc018ad1 Add python2/3 detection and report version 
Add support for checking generic Python, Python 2.x, and Python 3.x with
version reporting.
 2015-11-07 18:16:23 -06:00
mboelen 1b9b084c03 Changed lmd to maldet, as LMD detection 2015-09-24 17:45:11 +02:00
mboelen 4f5eedabfc Added the detection of LMD, or Linux Malware Detect tooling 2015-09-24 16:45:03 +02:00
Roland Smith f11783dbdf Merge branch 'master' into freebsd-services 2015-09-16 20:29:51 +02:00
mboelen 28d9a49a5f Renamed BINPATHS to BIN_PATHS 2015-09-10 19:45:12 +02:00
mboelen f4c2bd52fb Ensure that docker is a file, not directory in /usr/libexec 2015-09-03 15:43:33 +02:00
mboelen e06d706c83 Optimizing code, cleaning up 2015-07-22 12:20:03 +02:00
mboelen 30b9b1edd9 Added support for Docker binary 2015-05-27 11:25:07 +02:00
mboelen 6a0417da8b Added Python and updated PHP description 2015-04-29 14:20:46 +02:00
mboelen aa8410477e Performance tuning by removing full listing of binaries from log 2015-04-29 11:57:30 +02:00
Roland Smith 4d94227a08 Find FreeBSD service binary. 2015-04-27 19:33:11 +02:00
mboelen e1a3d59f8d Added csum binary detection for AIX systems 2015-03-18 15:35:11 +01:00
mboelen b41d12d077 Decrease screen output when scanning for binaries 2015-01-30 19:57:18 +01:00
mboelen 5caf4ddc4f Update of the files to reflect HTTPS version of website and 2015. Happy New Year! 2015-01-03 12:45:22 +01:00
mboelen 841c99cc30 Added comm (file comparing) 2014-12-05 12:28:13 +01:00
mboelen f16c4f1d80 Added journalctl (systemd) 2014-12-05 12:06:05 +01:00
mboelen a5a702a1da Added pkg_admin binary 2014-12-03 14:50:55 +01:00
mboelen f60b00e6f0 Added dpkg binary 2014-12-02 21:38:51 +01:00
mboelen 9beee9a514 Added smtpctl for OpenSMTPD 2014-11-29 16:21:49 +01:00
mboelen 36c9f435f7 Added initctl, launchctl, nft binaries and textual improvements 2014-11-28 23:51:16 +01:00
mboelen 16eab10590 Check for rootsh binary 2014-11-04 14:17:18 +01:00
mboelen e176c0028a Added getcap binary check 2014-10-27 23:11:37 +01:00
mboelen ca6c6d14fb Small changes in naming, added binary paths to report file 2014-10-27 23:10:28 +01:00
mboelen 16b25ceda3 Added lsvg detection 2014-10-26 23:32:51 +01:00
mboelen 34b177547f Added better text for discovered directories which have symlink 2014-10-13 20:35:14 +02:00
mboelen 5ac6812ba5 Skip directory if it has already been found, or its symlink 2014-10-13 20:07:19 +02:00
mboelen 3b7e1a63ae Mark when binary scan is complete 2014-10-13 19:55:49 +02:00
mboelen 6f893ea3b4 Improved symlink detection and reporting 2014-10-13 19:45:14 +02:00
mboelen ebdee5b0d2 Altered symlink function, message display, small cleanups 2014-10-13 19:36:36 +02:00
mboelen f0292d3653 Missing binary in variable 2014-09-25 17:47:05 +02:00
mboelen 6f321b6a08 Added grub2-install 2014-09-25 17:42:57 +02:00
mboelen e209b1046b Changed addresses 2014-09-25 17:32:50 +02:00
mboelen 1b881ec957 Added ss binary 2014-09-19 16:20:24 +02:00
mboelen 1267f89e5b Added zgrep detection 2014-09-19 02:14:16 +02:00
mboelen 28fc31fdaf Remove carriage return of SSH version output 2014-09-18 23:42:35 +02:00