tyler.durden
/
lynis
mirror of https://github.com/CISOfy/lynis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
1,711 Commits 2 Branches 63 Tags 18 MiB
Commit Graph

1181 Commits

Author SHA1 Message Date
Michael Boelen 2cc3f889c8 [DBS-1818] MongoDB status 2017-02-10 13:07:30 +01:00
Michael Boelen 9c71f6061d Check for pgrep binary 2017-02-10 12:58:59 +01:00
Michael Boelen d27c1eda84 [DBS-1820] Test for MongoDB authentication 2017-02-10 12:58:47 +01:00
Michael Boelen bfbe35055a [FIRE-4586] escape search string 2017-02-10 11:14:01 +01:00
Michael Boelen 34ba1ba184 Changed date and preparing for release 2017-02-09 13:35:40 +01:00
Michael Boelen a7409568c9 Updated commands 2017-02-05 21:08:08 +01:00
Michael Boelen bbe95bb0ff Check for OS name in Postfix banner 2017-01-28 15:48:26 +01:00
Michael Boelen 551f89c63b Log weak banner and code enhancements 2017-01-28 15:47:47 +01:00
Michael Boelen 57dd96f6c6 Added support for iptables-save 2017-01-28 15:46:56 +01:00
Michael Boelen 103ed2afb3 Added FIRE-4586 2017-01-28 15:46:42 +01:00
Michael Boelen ed45fe7b29 Use the data from machine ID when no SSH keys are available 2017-01-28 12:11:38 +01:00
Michael Boelen 670b18b6f5 Strip out any comments at end of nginx configuration lines 2017-01-27 14:36:55 +01:00
Michael Boelen d4f4c2d785 Added support for Trend Micro and Cylance (macOS) 2017-01-24 20:01:22 +01:00
Michael Boelen 338edb4971 Add stderr for other network tests 2017-01-24 19:30:17 +01:00
Michael Boelen d2a80ed789 Add stderr for NETW-3004 2017-01-24 19:28:06 +01:00
Andres Gomez Casanova 145e1164be Variable name in reportWarning function (#342) 
* Variable name

* Update functions

* Update functions
 2017-01-16 11:03:07 +00:00
pyllyukko d25dcd09ef Set MAC_FRAMEWORK_ACTIVE=1 if grsecurity's RBAC is enabled (#348) 
* Look for gradm utility

* Set MAC_FRAMEWORK_ACTIVE=1 if grsec's RBAC is enabled
 2017-01-16 11:02:03 +00:00
Michael Boelen e483d69050 Solved error on AIX 2016-12-02 20:48:37 +01:00
Michael Boelen aadd58e6a6 Allow option to configure host IDs via profile 2016-12-02 13:19:29 +01:00
Michael Boelen c6f80c0a90 Improve output of report 2016-11-20 16:23:25 +01:00
Michael Boelen e7938c19e6 [KRNL-5830] Improved logging 2016-11-20 16:23:17 +01:00
Michael Boelen d7ed46ae9e [KRNL-5788] Remove exception, style improvements 2016-11-20 16:16:02 +01:00
Michael Boelen f16325ff55 Only show non-privileged tests that were skipped if they are applicable to our platform 2016-11-19 15:38:32 +01:00
Zach Crownover 659d3e42c5 Improve DragonFly support (#329) 
* Update facter location for BSDs

BSDs tend to place third party binaries in /usr/local rather than /usr

* Add support for DragonFly boot loader detection

DragonFly BSD has the same file paths for the bootloader as FreeBSD

* Add kernel module checking for DragonFly

DragonFly BSD checks kernel modules the same way as FreeBSD

* Add DragonFly check for login shells

DragonFly's login files are the same as FreeBSD's

* Add HAMMER PFS Detection

All PFS mounts in HAMMER systems for DragonFly will be detected now
 2016-11-19 12:39:57 +00:00
Michael Boelen 40e19b62be Added Arch Linux detection via /etc/os-release 2016-11-08 19:53:11 +01:00
Michael Boelen b5a1deae47 Added variable for readlink binary 2016-11-08 19:47:59 +01:00
alobodzinski 3aa2efba4d Fix for NAME-4408: getent hosts localhost may show two lines on Ope… (#310) 
* Fix for NAME-4408: getent hosts localhost   may show two lines on OpenBSD

* This version does the comparisons in little less awkward way
 2016-11-05 11:55:11 +01:00
Justin P 50b06efd30 macOS Refactoring (#311) 
* Default all macOS `OS` names as macOS. Added comments to specify `uname` outputs for better understanding.

* Refactored all `Mac` instances referring to macOS over to `macOS` formatting.

Tested on my own machine, unable to find any errors outside of normal parameters.
 2016-11-05 11:53:22 +01:00
Michael Mior 0f318a4b7c Fix Dockerfile audit (#313) 2016-11-05 11:52:06 +01:00
Michael Boelen 1cb1fc40ca Added more definitions for tools 2016-10-28 11:48:20 +02:00
Michael Boelen 3c8e93c28e Improve usage and display of update tool 2016-10-28 11:47:31 +02:00
Michael Boelen 7155afa2bb Added missing space 2016-10-27 11:45:21 +02:00
Michael Boelen a1f9f902a1 [FIRE-4518] mark as a root-only test - correction 2016-10-27 10:08:43 +02:00
Michael Boelen 3a57b628d6 [FIRE-4518] mark as a root-only test 2016-10-27 10:07:03 +02:00
Michael Boelen e0ea967f01 [NETW-3004] add macOS support 2016-10-27 10:06:41 +02:00
Michael Boelen e4cc0b1b9b [AUTH-9234] reversed username and uid 2016-10-27 09:40:13 +02:00
Michael Boelen 43d3088a04 Check for presence of custom.prf, otherwise quit with suggestion 2016-10-27 09:30:25 +02:00
Michael Boelen db0ebcd374 Improved logging 2016-10-27 09:21:56 +02:00
Michael Boelen 5488c6fc4b Missing exclamation mark 2016-10-27 09:19:37 +02:00
Michael Boelen 0d66aec62c [AUTH-9234] style and enhanced support for macOS 2016-10-27 09:13:57 +02:00
Michael Boelen ef7a120997 [AUTH-9234] support for macOS user gathering 2016-10-27 08:56:52 +02:00
Justin P e687b20866 Updates to include/tests_authentication (#308) 
* adjusted.
For test number 9234, added comments stating macOS doesn’t use
/etc/passwd for normal users. macOS uses `opendirectoryd` as the
backend for user management. So, `dscacheutil` is the recommended
program to parse that information. I input a sample line as a comment
in the test area.

* Revert "adjusted."

This reverts commit 2166e5da94.

* Test 9208 and 9234 Updated

For test number 9208, the LogText was clumsily written. Text has been adjusted.
For test number 9234, added comments stating macOS doesn’t use `/etc/passwd` for normal users. macOS uses `opendirectoryd` as the backend for user management. So, `dscacheutil` is the recommended
program to parse that information. I input a sample line as a comment in the test area.

* Test 9208 and 9234 Updated

For test number 9208, the LogText was clumsily written. Text has been adjusted.

For test number 9234, added comments stating macOS doesn’t use `/etc/passwd` for normal users. macOS uses `opendirectoryd` as the backend for user management. So, `dscacheutil` is the recommended
program to parse that information. I input a sample line as a comment in the test area.
 2016-10-27 08:46:23 +02:00
Michael Boelen db7bff9cb2 Missing fi in BOOT-5139 2016-10-26 13:31:59 +02:00
Michael Boelen e96a31eab4 Style improvements 2016-10-26 12:58:51 +02:00
Michael Boelen 4886054187 Style improvements 2016-10-26 12:55:46 +02:00
Michael Boelen e54bae0c6d Merge branch 'master' of https://github.com/CISOfy/lynis 2016-10-26 12:54:59 +02:00
marcus-cr 94d31bba22 NETW-3030 - DHCPD Support Added (#299) 
Added support for DHCPD
 2016-10-26 12:37:35 +02:00
marcus-cr 9208125c06 Malware Scanner Colors for Personal Machine Role (#301) 
Results for malware scanner will show  different color for “personal”
machine-roles (in yellow) rather than the other roles (in red).

Added for leniency towards typical personal PC users for not having
malware scanner (should be a suggestion).

Also included log text result if no scanner found, regardless of
machine-role.
 2016-10-26 12:36:31 +02:00
marcus-cr 56ce017b4f Updated profiles (#300) 
* Updated profiles

Added “personal” machine-role, changed “desktop” to “workstation”.

* Changed Default Profile

Amended roles of system: changed “desktop” to “workstation”, and added
“personal”.
 2016-10-26 12:35:47 +02:00
Michael Boelen 9203b01f88 [BOOT-5139] support for roles 2016-10-26 12:34:56 +02:00