Commit Graph

2443 Commits

Author SHA1 Message Date
ferorge 623eaa76fe
Fix issue #1497
Added kernel name for Hardkernel odroid XU4.
2024-07-23 19:22:07 -03:00
ferorge bc88602e41
Fix issue #1496
Added package and service name used in ubuntu 24.04.
2024-07-23 19:19:55 -03:00
Stefan Baumgartner 9eafa7913c
Update tests_filesystems
More elegant regex to accommodate for tabs and spaces.
2024-05-24 08:18:16 +02:00
Stefan Baumgartner a6da9336af
Update tests_networking
More elegant regex to accommodate for tabs and spaces.
2024-05-24 08:15:50 +02:00
Stefan Baumgartner 04794c3bcb
Merge branch 'CISOfy:master' into master 2024-05-24 08:12:22 +02:00
Roeland Jansen 2d03e1821d tumbleweed: added /usr/etc/ssh to SSH_DAEMON_CONFIG_LOCS var 2024-05-20 12:36:00 +02:00
Stefan Baumgartner 0515094a33
Fix REGEX in FILE-6430 2024-05-19 12:34:57 +02:00
Stefan Baumgartner ab17f170a5
Fix regex for NETW-3200 2024-05-19 12:23:56 +02:00
Michael Boelen c745a6c0a6
Merge branch 'archarm' 2024-05-17 12:36:31 +00:00
Michael Boelen f8e2da3087
PKGS-7392: filter only lines starting with a number when checking apt-check 2024-05-16 11:13:25 +00:00
Michael Boelen 672d1fce23
Merge pull request #1364 from pyllyukko/ulimit-fix
KRNL-5820: Accept ulimit with -H parameter also
2024-05-16 08:49:17 +02:00
Michael Boelen e75a7b9547
Merge branch 'master' into master 2024-05-16 08:48:23 +02:00
Michael Boelen 1278cd3f2b
Merge pull request #1499 from pyllyukko/krb-fix
KRB-1010: Silence output when SKIPTEST != 0
2024-05-16 08:38:34 +02:00
Michael Boelen c1d6328d46
Merge pull request #1498 from pyllyukko/typo-fix
Fixed a typo
2024-05-16 08:38:00 +02:00
pyllyukko c3996cd1bb
Rephrasing 2024-05-16 07:16:20 +03:00
pyllyukko d60c197e14
KRB-1010: Silence output when SKIPTEST != 0
Fixes https://github.com/CISOfy/lynis/pull/1456#issuecomment-2113390171
2024-05-15 23:31:17 +03:00
Michael Boelen 7ad42d689f
Fix for line that gave error 2024-05-15 20:29:28 +00:00
pyllyukko 5182ce31fb Changed the Kerberos plugin into a category
According to @mboelen's recommendations:
https://github.com/CISOfy/lynis/pull/1456#issuecomment-2110761098
2024-05-15 21:52:30 +03:00
pyllyukko 4d5b41cb4e plugin_krb5_phase1: Added few more tests
* Check that admin principals have disallow_tgt_based attribute
* Check that regular user principals have requires_pre_auth and
  disallow_svr attributes
* Check for weak crypto
    * Use kdb5_util for this
2024-05-15 21:52:30 +03:00
pyllyukko ac526be452 Added initial version of a Kerberos plugin 2024-05-15 21:52:30 +03:00
Michael Boelen 24679bee9a
Do not unset SKIPREASON, as it is cleared at the beginning of the function 2024-05-15 12:23:23 +00:00
Michael Boelen 1a26005b50
Update consts
Setting variables
2024-05-15 14:12:54 +02:00
Michael Boelen 2231470615
Merge pull request #1406 from xnoguer/issue-1275
Checking debsums default file to make sure cron jobs are enabled. Issue 1275
2024-05-15 13:40:45 +02:00
Michael Boelen b4e57bcbd8
Merge pull request #1489 from katalyst666/master
changed wording of the output AllowUsers to AllowGroups in test SSH-7440
2024-05-14 23:53:28 +02:00
Michael Boelen c8c7eeb2ec
Merge pull request #1458 from grandcentrix/mac-check-filevault-status
Added CRYP-7932 to determine if the system has enabled macOS FileVault.
2024-05-14 19:27:06 +02:00
Florian Sonnenschein 79632bfbe5 - Deleted "filevault_status" variable
- Now checks if "fdesetup" exists
- Add some hardening points (AddHP): 3 of 3 when enabled, 0 of 3, when not.
2024-05-14 16:02:51 +02:00
Michael Boelen c13da07039
Merge pull request #1460 from grandcentrix/macos-get-applications-and-services
Added PKGS-7305 - macOS Applications and CoreService (Name & Version)
2024-05-14 14:51:00 +02:00
Michael Boelen 65ac3e65b4
Merge pull request #1388 from xnoguer/issue-1367
Fixing test on kernel major and minor version (FILE-6344). Issue 1367
2024-05-14 14:39:00 +02:00
Michael Boelen 1773db0bef
Merge pull request #1296 from konstruktoid/issue1286
use systemctl get-default instead of following link
2024-05-14 14:30:11 +02:00
Michael Boelen 68c99760a1
Merge pull request #1392 from ianchesal/ianchesal.recognize-cos
Add .editorconfig and detection for Google's Container-Optimized OS
2024-05-14 14:27:20 +02:00
Michael Boelen ba4cd63bda
Added KDE Neon 2024-05-14 12:23:36 +00:00
Michael Boelen e41e08ad1b
Merge pull request #1284 from mab974/koozali
osdetection: add Koozali #1274
2024-05-14 14:13:17 +02:00
Michael Boelen 481880e0f6
Merge pull request #1317 from zbalkan/wazuh-malware-scan
Added Wazuh as a malware scanner/antivirus and rootkit detection tool
2024-05-14 13:30:58 +02:00
Michael Boelen 2db0bb7334
Merge pull request #1302 from konstruktoid/issue1285
add check for ESET oaeventd
2024-05-14 13:18:07 +02:00
Michael Boelen a0f9a61b73
Merge pull request #1279 from Hyask/skia/pmos
osdetection: add PostmarketOS
2024-05-14 11:58:42 +02:00
Michael Boelen fd62c192fe
Merge pull request #1156 from sanderu/FILE-6398
Added FILE-6398 test
2024-05-14 11:57:43 +02:00
Michael Boelen a29a5786be
Merge pull request #1343 from alangonzalez/master
Replace newer tr command syntax with older ascii specific operations
2024-05-14 11:54:27 +02:00
Michael Boelen 9fd1a811d1
Merge pull request #1474 from tsvenbla/master
Added regex for NETW-3200 in tests_networking
2024-05-14 11:44:41 +02:00
Michael Boelen 2cb1f4351f
Merge pull request #1373 from jsegitz/tests_mac_frameworks2
tests_mac_frameworks: check for existance of semanage binary
2024-05-14 11:41:04 +02:00
Michael Boelen eeec52b160
Update tests_mac_frameworks
Changed check from is executable to is not empty
2024-05-14 11:40:50 +02:00
Michael Boelen 83695ad3e2
Merge pull request #1395 from xnoguer/issue-1280
Adding missing test number for suggestion. Issue 1280
2024-05-14 11:35:29 +02:00
Michael Boelen 182ba62369
Merge pull request #1389 from xnoguer/issue-1354
Change in suggestion message. Issue 1354
2024-05-14 11:34:12 +02:00
Michael Boelen b8064bc5de
Don't reset status of malware scanner, as there might be two available. Small change to format 2024-05-14 06:50:26 +00:00
Michael Boelen f22bfb5c6a
Merge pull request #1481 from vk6xebec/vk6xebec-macafee-1
McAfee antivirus has been deprecated
2024-05-14 08:35:15 +02:00
Michael Boelen 529102c5e7
Merge pull request #1459 from grandcentrix/macos-brew-get-versions
PKGS-7303: Added version numbers to brew packages.
2024-05-14 08:33:51 +02:00
Michael Boelen ba18b533d9
Merge pull request #1473 from NL-TCH/patch-1
Add nobara osdetection
2024-05-14 08:32:51 +02:00
Michael Boelen 6cbea90a7d
Merge pull request #1384 from xnoguer/issue-1322
Adding test MALW-3291 in order to solve issue 1322
2024-05-14 08:31:29 +02:00
Michael Boelen 52139773f3
Merge pull request #1318 from zbalkan/wazuh-logging
Added wazuh-agent as a remote syslog capability
2024-05-14 08:29:19 +02:00
Michael Boelen d9ac616d11
Merge pull request #1450 from hmrodrigues/fix/apk-PackageIsInstalled
Fixed Alpine Linux installed package detection
2024-05-14 08:23:54 +02:00
Michael Boelen f1da7bf069
Merge pull request #1365 from pyllyukko/legal-keywords-report
Added "prosecute" & "report" to LEGAL_BANNER_STRINGS
2024-05-14 08:22:41 +02:00
Michael Boelen 04e46071c7
Merge pull request #1387 from xnoguer/pr_docker_error
Checking for errors, not only warning in docker info output
2024-05-14 08:21:53 +02:00
Michael Boelen 308106993d
Merge pull request #1345 from pyllyukko/pkgtools
Added Slackware support for PackageIsInstalled() function
2024-05-14 08:20:30 +02:00
Michael Boelen 9e589806dc
Merge pull request #1154 from sanderu/HTTP-6660
Adding HTTP-6660 test
2024-05-14 08:18:53 +02:00
Michael Boelen 400d5dd0e2
Merge pull request #1470 from eltociear/patch-1
Update osdetection
2024-05-14 08:17:05 +02:00
Michael Boelen bf54ba6194
Merge pull request #1438 from xnoguer/pr_grep_3.8
PR grep 3.8
2024-05-14 08:15:25 +02:00
Michael Boelen e8facbdf35
Merge pull request #1475 from Constacalm/patch-altlinux-name-checking
Update osdetection (ALT Linux)
2024-05-14 08:13:13 +02:00
Andre @ ARK-ICT 740baf29af postgresDB fixes for almalinux, rockylinux and freebsd. Tested on almalinux8/9, rockylinux9 and freebsd13 2024-05-09 20:45:45 +02:00
gonzalo aec1f59432
Update binaries
Fix a showing error for grep --help on OpenBSD.

Discovered by me, fixed by  @mboelen
2024-05-04 07:52:47 +02:00
katleese 8d7c30fd9a changed AllowUsers to AllowGroups in test SSH-7440 2024-04-29 10:21:59 +02:00
vk6xebec 22ce0b40c3
Update tests_php to include PHP8.3 and 8.4
PHP 8.3 is the latest version. 8.4 is the upcoming version
2024-04-07 11:16:46 +08:00
vk6xebec 75818a636c
McAfee antivirus has been deprecated
As of 1 Oct 2023, McAfee antivirus for Linux has been deprecated https://www.mcafee.com/support/?locale=no-NO&articleId=TS103384&page=shell&shell=article-view
2024-04-07 11:02:14 +08:00
Constacalm 48cb2c7cb8
Update osdetection (ALT Linux)
Consider to update osdetection script to detect ALT Linux distro in issue #1465 (https://github.com/CISOfy/lynis/issues/1465)
2024-04-01 14:48:23 +03:00
Tobias Svenblad afd0eaddf0
Added regex for NETW-3200 in tests_networking
Changed the check /bin/true to /bin/(true|false) to be more inclusive and get rid of false positives.
2024-03-28 22:01:14 +02:00
TCH 58d084ef71
Update osdetection 2024-03-26 20:50:50 +01:00
Ikko Eltociear Ashimine f36e39063a
Update osdetection
minor fix
2024-03-22 14:42:14 +09:00
Michael Boelen 7627d86b88
Merge pull request #1441 from D3vil0p3r/patch-1
added Athena OS detection
2024-03-19 11:52:00 +01:00
Erasure5959 6f81b6502b
Update osdetection - add support for OSMC
Add detection support for OSMC.
2024-03-18 15:21:27 +02:00
Michael Boelen a2649bd500
Added ArcoLinux 2024-03-17 10:28:13 +00:00
Michael Boelen 264012a4ff
Merge pull request #1328 from konstruktoid/issue1327
find redis.conf if /snap directory exists
2024-03-12 13:38:40 +01:00
Michael Boelen 1d3de50579
Update tests_databases 2024-03-12 13:38:04 +01:00
Michael Boelen c869eb92bc
Merge pull request #1337 from Ximalas/redis-configuration-file-FreeBSD
Update tests_database: Redis configuration file
2024-03-12 08:38:09 +01:00
Florian Sonnenschein e23898b52b Added PKGS-7305
Query macOS Apps in /Applications and Apple CoreServices and add them to the Report
2024-03-11 14:38:41 +01:00
Florian Sonnenschein 0b7e8c3bfe Added CRYP-7932 to determine if the system has enabled macOS FileVault. 2024-03-11 14:37:07 +01:00
Florian Sonnenschein 126b8053aa PKGS-7303: Added version numbers to brew packages.
This allows lynis enterprise to render the software  packages in the webinterface.
2024-03-11 14:35:24 +01:00
Thomas Sjögren df2e839c2c
Merge branch 'master' into issue1286 2023-12-21 23:29:54 +01:00
Hugo Rodrigues 90ece54445
Fixed Alpine Linux installed package detection 2023-12-13 12:40:05 +00:00
D3vil0p3r 83e9ee4e0c
added Athena OS detection 2023-10-01 13:15:37 +02:00
Xavier Noguer a5dbda51b9 Reverting change from another PR 2023-09-19 16:47:23 +00:00
Xavier Noguer 04a73a9c19 Reverting change from another PR 2023-09-19 16:46:20 +00:00
Xavier Noguer bc36b3ec63 Avoiding warning because of hyphen. Due to changes in grep 3.8 2023-09-19 16:12:52 +00:00
xnoguer 1e53af9a83
Merge branch 'CISOfy:master' into master 2023-09-19 08:02:22 -03:00
Stefan Baumgartner bf197ffd7f
Update tests_malware
Fix incorrect "IsRunning" invocations for SentinelOne detection.
2023-09-17 10:24:52 +02:00
Michael Boelen 74fa9ab164
Merge branch 'master' into issue-1397 2023-09-13 16:15:05 +02:00
Michael Boelen 23bed418e5
Merge pull request #1396 from xnoguer/issue-1300
Replacing deprecated option -i. Issue 1300
2023-09-13 16:10:04 +02:00
Michael Boelen 9a19aa6a5b
Merge pull request #1404 from avenjamin/sentinelone-malware
Add malware detection support for SentinelOne
2023-09-13 16:08:36 +02:00
Michael Boelen 1bfcc9b146
Update tests_malware
Corrected variable
2023-09-13 16:07:41 +02:00
Michael Boelen 7b98ad465e
Merge pull request #1405 from xnoguer/issue-1277
Updating parsing of arch-audit since arch-audit modified its output. Issue 1277
2023-09-13 16:04:58 +02:00
Michael Boelen 4b912ab357
Merge pull request #1399 from xnoguer/issue-1319
Added tests considering Wazuh for file integrity and tooling
2023-09-13 16:04:04 +02:00
Michael Boelen 20a6c2b774
Merge pull request #1403 from xnoguer/fix_test_names
Fixing missing or erroneous test number comments
2023-09-13 16:00:02 +02:00
Michael Boelen 2c313249de
Merge pull request #1372 from al-lac/os-detection-mac-os-ventura
osdetection: add macOS Ventura and Sonoma
2023-09-13 13:34:41 +02:00
Michael Boelen fd067df465
Merge pull request #1390 from akuster/master
osdetection: add OpenEmbedded and Poky
2023-09-13 13:08:33 +02:00
Michael Boelen 986237f557
Merge pull request #1408 from digitalcheetah/guix
Adding Guix to detected OSes
2023-09-13 13:07:08 +02:00
Michael Boelen 111494f972
Merge pull request #1409 from digitalcheetah/lsdk
Update osdetection with LSDK
2023-09-13 13:05:43 +02:00
Michael Boelen 0d77a367c5
[MALW-3280] Correction to detect com.avast.daemon 2023-08-08 11:15:34 +00:00
Michael Boelen 9d9cedee4e
Only quote binary, not the option -E 2023-08-08 09:11:02 +00:00
Michael Boelen d0c855d19b
Merge branch 'master' into issue-1338 2023-08-07 10:06:12 +02:00
al-lac 461edd3e1f Add OS support for macOS Sonoma (14.x) 2023-08-07 09:55:28 +02:00
rpmbuild 6e3cea8c87 use grep -E instead of egrep if possible 2023-07-30 09:37:10 +02:00
Jay Keller 5214132e97
Update osdetection with LSDK
This should close issue #1393.
2023-06-10 11:20:10 +00:00
Jay Keller be5a63a45b
Update osdetection with Guix
Closes issue #1379
2023-06-10 11:03:48 +00:00