tyler.durden
/
lynis
mirror of https://github.com/CISOfy/lynis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
3,539 Commits 2 Branches 62 Tags 17 MiB
Commit Graph

245 Commits

Author SHA1 Message Date
Michael Boelen 32143f6377
Merge pull request #1139 from teoberi/New-test-BOOT-5140---Check-for-ELILO-boot-loader-presence 
New test: BOOT-5140 - Check for ELILO boot loader presence
 2021-05-11 11:21:33 +02:00
Michael Boelen e493c6717c
Added ACCT-9672 2021-05-11 11:18:37 +02:00
Michael Boelen 77fab97e77
Added ACCT-9670 2021-05-11 11:17:23 +02:00
Michael Boelen aab6af4017
Merge pull request #1118 from steph78630/master 
Add translated status
 2021-04-01 13:34:20 +02:00
Stéphane 3683ffd3c4
Add translated status 2021-03-02 23:31:41 +01:00
Steve Kolenich 197ab10fde Update EOL and URL for Alpine 2021-01-22 08:25:30 -05:00
Michael Boelen ab1111c0ed
Merge pull request #905 from topimiettinen/check-non-native-binary-formats 
Check for registered non-native binary formats
 2021-01-07 15:16:34 +01:00
Stéphane f1604c2e55
Add and improvements strings 2021-01-05 11:53:11 +01:00
teoberi a9cc4e0c62
Update tests.db 
Add TestID for ELILO
 2021-01-03 12:09:09 +02:00
Michael Boelen 208518d8fa
Merge pull request #1088 from steph78630/master 
Addition and improvement of translated strings
 2020-12-17 14:23:48 +01:00
Michael Boelen c9a57d2caf
Merge pull request #1062 from Varbin/solaris-loghost-not-localhost 
Test if loghost is not localhost
 2020-12-17 14:18:31 +01:00
Stéphane 8a32062459
Adding and improvement translated strings 2020-12-16 01:13:01 +01:00
Michael Boelen 258b2bf05f
Merge pull request #1064 from Varbin/solaris-ips-svcs 
Add support for Solaris services, run BOOT-5184 there
 2020-12-15 14:16:18 +01:00
Michael Boelen 1d908e19ac
Mark test as multi-OS by removing all values 2020-12-15 14:15:26 +01:00
Simon Biewald 7c475ddab0 Fix typos 
Signed-off-by: Simon Biewald <simon@fam-biewald.de>
 2020-11-14 21:25:40 +00:00
Simon Biewald 7ec3b5b0d5 Add more status strings (en and de) 
Signed-off-by: Simon Biewald <simon@fam-biewald.de>
 2020-11-14 20:34:34 +00:00
Simon Biewald 777da3a4eb Extend German translation file 
Signed-off-by: Simon Biewald <simon@fam-biewald.de>
 2020-11-14 20:34:23 +00:00
Simon Biewald 7cb84bf2a8 Add OmniosCE and Solaris EOL dates 2020-11-09 23:26:17 +00:00
Josh Soref f1cb5054c4 spelling: authoritative 
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
 2020-11-08 23:35:46 -05:00
Simon Biewald 25278b6b38 Add support for Solaris services, run BOOT-5184 there 
The Solaris IPS service manager (svcs) is now detected, and services
managed with it are enumerated.

Test BOOT-5184 now runs on Solaris, too, as SysV init scripts are
supported as well, even with IPS. SysV Init has been the traditional
init system on Solaris.
 2020-10-25 21:51:12 +00:00
Simon Biewald 1f3d0956a7 Test if loghost is not localhost 
On Solaris, the name loghost can be used to point to remote log servers.
By default loghost is configured to 127.0.0.1, logging to the local
machine.

Thus a new test - LOGG-2153 - is created to test if loghost is not
localhost and LOGG-2154 is modified to ignore @loghost lines if loghost
is localhost.
 2020-10-25 20:28:19 +00:00
Michael Boelen 43d0c6a8fd
Merge branch 'master' into add-suricata-ids-ips-test 2020-10-25 12:50:25 +01:00
Steve Kolenich 806ba69b36 Add values for Italian 2020-10-22 14:41:59 -04:00
Steve Kolenich 299f531dcb sorted italian language file 2020-10-22 12:17:00 -04:00
Michael Boelen bd6e1d5d39
Include AUTH-9284 and minor changes 2020-10-22 14:17:01 +02:00
Michael Boelen 1fe12c0023
Merge pull request #1008 from kolenichsj/master 
Alpine Improvements
 2020-10-22 13:28:05 +02:00
Stéphane 67d04f2536
Add translate function for all sections 
+ add EN and FR up to date languages files
 2020-10-22 00:13:42 +02:00
Claudia afc4604b9f
Update macOS EOL 2020-10-20 22:21:13 +02:00
Michael Boelen 5cb8c68d5c
Merge branch 'master' into macos-eol 2020-10-20 13:16:12 +02:00
Thomas Sjögren f0ded6c2a3 add Mageia EOL dates and grep /etc/mageia-release 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2020-10-19 12:07:16 +02:00
Stéphane eaca6127ec
Improvements and addition of strings 2020-10-17 00:04:09 +02:00
Timo Sigurdsson b7d5b8a4b9 Update tests.db and CHANGELOG.md for new test TOOL-5130 
Add the new test TOOL-5130 (Check for active Suricata daemon) to the tests
database and update the changelog accordingly.

Signed-off-by: Timo Sigurdsson <public_timo.s@silentcreek.de>
 2020-10-11 11:15:48 +02:00
Steve Kolenich ec551d732d Added Alpine Linux EOL dates 2020-08-10 12:26:55 -04:00
Claudia 48e794574a
Add macOS EOL 
Apple doesn’t disclose when it stops providing security updates for
macOS versions. There’s no consensus on when the exact EOL date is.

Lacking that information, I applied the following ruleset, which is
driven by what people have observed, and seems pragmatic enough:

- From Mac OS X 10.0 through 10.4, a version 10.N would be considered
  EOL on the day the first patch-level update 10.(N+2).1 for its
  N+2 successor was released.

- Starting with 10.5, Apple began to support three versions at the same
  time. For 10.5 itself, the EOL date is difficult to pin down so I
  went with 2011-06-23, the date given by the English-language
  Wikipedia.

- From 10.6 through 10.11, a version 10.N would be considered EOL on
  the day the first patch-level update 10.(N+3).1 for its N+3 successor
  was released.

- Starting with macOS Sierra (10.12), Lynis counts the patch level.
  Any version 10.N.P can be considered EOL on the day 10.N.(P+1)
  is released. If that hasn’t happened, the EOL date is the day
  10.(N+3).1 is released. If neither has been released, 10.N.P has
  no EOL date.
 2020-08-08 19:11:44 +02:00
Simon Biewald 38b6105c60
add new test to test database 2020-07-09 18:27:02 +02:00
Michael Boelen 1da058d6de
Corrected Amazon Linux entries 
Switched entries and added a note. Due to matching by regular expression, the shortest match would otherwise always win.
 2020-06-30 09:01:29 +02:00
Thomas Sjögren e3ccca4ac0 add SUSE Linux Enterprise Server EOL 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2020-06-25 15:33:31 +02:00
Michael Boelen d1cb4d71cd
Merge pull request #951 from al-lac/master 
Update language files (de, de-AT, en)
 2020-06-22 14:14:50 +02:00
Michael Boelen 22644edc50
Added missing colons 2020-06-21 12:40:43 +02:00
Michael Boelen f855fe7a04
Added Linux Mint 2020-06-21 12:40:03 +02:00
Michael Boelen 06b3cbe529
Reordered items 2020-06-21 12:36:36 +02:00
Alexander L dfb02e4179
Update de 
Sorting
 2020-06-20 14:23:17 +02:00
Alexander L 4a71989d2e
Update en 
Sorting
 2020-06-20 14:20:58 +02:00
Alexander Lackner 6aa63f1c95 Update language files (de, de-AT, en) 2020-06-20 02:12:57 +02:00
Thomas Sjögren 78e7ce36af add RHEL 6,7,8 EOL dates 
(cherry picked from commit 6ce0aa41c6)
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2020-06-18 10:15:13 +02:00
Thomas Sjögren 41ad9d380c update all EOL dates to seconds to epoch 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2020-06-16 09:05:55 +02:00
Thomas Sjögren ca6326a12b
Update db/software-eol.db 
Co-authored-by: Jaimie <59117167+Jaimie85@users.noreply.github.com>
 2020-06-15 07:40:57 +00:00
Thomas Sjögren b3e1fc67c8 add Fedora EOL, update other releases 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2020-06-15 01:35:00 +02:00
Jaimie f072f808a2
Update nl 2020-05-20 15:41:46 +02:00
Michael Boelen ce3c80b44f
Merge pull request #883 from topimiettinen/check-encrypted-swap-devices 
Check if system uses encrypted swap devices
 2020-04-12 16:22:22 +02:00
Topi Miettinen de848cb76a
Check for registered non-native binary formats 
Examine /proc/sys/fs/binfmt_misc (Linux) for additional registered
binary formats. Those are probably emulated and their emulation could
be less tested, more buggy and more vulnerable than native binary
formats, so they should be disabled when not needed.

Signed-off-by: Topi Miettinen <toiwoton@gmail.com>
 2020-04-10 12:54:48 +03:00
0xD503 49549f9155 Added Russian translation 
Added Russian localization
 2020-04-05 22:01:29 +01:00
Michael Boelen 032bb6988e
Added new test NETW-2400 2020-04-04 15:28:04 +02:00
Michael Boelen 5288479296
Merge pull request #899 from bginsbach/auth-9218 
AUTH-9218 Improvements
 2020-04-03 09:48:39 +02:00
Brian Ginsbach 6308682cae Combine AUTH-9218 and AUTH-9489 
These two tests are essentially identical. There is no need separate
the DragonFly and FreeBSD tests. This will make it easier to add
support for other BSD systems.
 2020-04-02 20:09:01 -05:00
Michael Boelen 38a5c2cb79
Added new test PHP-2382 2020-04-02 19:46:58 +02:00
Michael Boelen 4cf21ebdcc
Added FILE-6394 2020-04-01 16:19:09 +02:00
Topi Miettinen 5c5cc43c6f
Check if system uses encrypted swap devices 
Add test CRYP-7931 to check if the system uses any encrypted swap
devices.

Signed-off-by: Topi Miettinen <toiwoton@gmail.com>
 2020-03-27 13:05:56 +02:00
Michael Boelen 5e821687af
Added new tests 2020-03-24 13:33:24 +01:00
Michael Boelen 18a570c0b8
Merge pull request #880 from konstruktoid/grphashrounds 
Add test for group password hash rounds
 2020-03-24 13:24:12 +01:00
Thomas Sjögren 6818db5e12 add AUTH-9230 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2020-03-24 11:43:34 +01:00
Topi Miettinen 8913374092 Run 'systemd-analyze security' 
'systemd-analyze security' (available since systemd v240) makes a nice
overall evaluation of hardening levels of services in a system. More
details can be found with 'systemd-analyze security SERVICE' for each
service.

Signed-off-by: Topi Miettinen <toiwoton@gmail.com>
 2020-03-23 17:31:32 +02:00
Michael Boelen 32cefdea0a
Merge pull request #878 from topimiettinen/check-ima-evm 
Check IMA/EVM, dm-integrity and dm-verity statuses
 2020-03-23 13:18:16 +01:00
Michael Boelen 122619d01f
Merge pull request #874 from topimiettinen/check-password-hashing-methods 
Check password hashing methods
 2020-03-23 12:49:20 +01:00
Topi Miettinen 8ea39314f2
Check for dm-integrity and dm-verity 
Detect tools for dm-integrity and dm-verity, check if some devices
in /dev/mapper/* use them and especially the system root device.

Signed-off-by: Topi Miettinen <toiwoton@gmail.com>
 2020-03-23 10:35:38 +02:00
Topi Miettinen 203a4d3480
Check IMA/EVM status 
Check for evmctl (Extended Verification Module) tool and system IMA (Integrity Measurement
Architecture) status.

Signed-off-by: Topi Miettinen <toiwoton@gmail.com>
 2020-03-22 11:21:52 +02:00
Topi Miettinen 26a54991ba
Check for software pseudo random number generators 
Check for running audio-entropyd, havegd or jitterentropy-rngd.

Signed-off-by: Topi Miettinen <toiwoton@gmail.com>
 2020-03-21 16:26:30 +02:00
Michael Boelen 6e9482a571
Merge branch 'master' into netbsd-eol 2020-03-21 13:34:41 +01:00
Topi Miettinen 4a51ad031b
Check password hashing methods 
Manual page crypt(5) gives recommendations for choosing password
hashing methods, so let's check if there are weakly encrypted
passwords in the system.

Signed-off-by: Topi Miettinen <toiwoton@gmail.com>
 2020-03-21 12:50:38 +02:00
Brian Ginsbach 50fc3f816a Add NetBSD EOL data 2020-03-20 13:42:28 -05:00
Brian Ginsbach 52344913d3 Add a way to signify undetermined EOL 
Replace setting an artificaly high date and converted date for
operating systems with no EOL (rolling) or the EOL is still to
be determined. This makes it easier for humans and saves making
a comparison (when using an artifically high converted time)
will always be false (EOL=0).

An example entry

        os:AGreatOS 2.0:👎

The converted time (seconds since the epoch) could be specified as
zero but this typically means the OS is out of date (now), A value
of -1 is a convention indicating no EOL.
 2020-03-20 13:42:28 -05:00
Michael Boelen af03c07d9f
Shortened CentOS 7/8 strings to allow match and added note 2020-03-20 19:39:49 +01:00
Michael Boelen 724acf1be5
Added CentOS 8 end-of-life 2020-03-20 19:33:10 +01:00
Michael Boelen 27cdcec741
Add CentOS 7 (Core) 2020-03-20 14:57:28 +01:00
Michael Boelen 8f37edb626
Update tests.db 
Corrected test ID
 2020-03-20 09:46:08 +01:00
Topi Miettinen 820d2ec607
Check DNSSEC status with resolvectl when available 
'resolvectl statistics' shows if DNSSEC is supported by
systemd-resolved and upstream DNS servers.

Signed-off-by: Topi Miettinen <toiwoton@gmail.com>
 2020-03-19 23:56:24 +02:00
Topi Miettinen 3aaeeea856
Check for rEFInd boot loader 
Detect rEFInd boot loader (https://www.rodsbooks.com/refind/).

Signed-off-by: Topi Miettinen <toiwoton@gmail.com>
 2020-03-19 15:44:30 +02:00
Michael Boelen 3bbe34ea73
[CRYP-8004] enhanced after pulling in initital test 2020-02-15 14:09:56 +01:00
pyllyukko c88953a815
Test SINT-7010 in macOS only 2019-10-08 20:31:35 +03:00
Michael Boelen 87f5596952
Added new test DBS-1828 2019-10-08 15:15:18 +02:00
Michael Boelen f188bac7e8
Update description for FILE-6374 2019-10-08 15:10:02 +02:00
Michael Boelen 157c23e892
Added additional string 2019-09-12 11:14:44 +02:00
Michael Boelen b3cb6e91f0
Ordering of entries 2019-09-03 10:55:05 +02:00
2*yo b8c3c55d68
Add Debian EOL 2019-09-03 10:41:13 +02:00
Michael Boelen a87c2b10f9
Added CRYP-8002 2019-08-29 10:39:43 +02:00
Michael Boelen 1e4e00adea
Changed description of TOOL-5160 2019-08-28 15:37:35 +02:00
Michael Boelen f89aa98408
Added FINT-4316 2019-08-26 08:02:11 +02:00
Michael Boelen d2deb63ebb
Added NETW-3200 2019-08-22 14:12:53 +02:00
Michael Boelen d3464d88b1
[CRYP-7930] changed description 2019-08-21 14:08:17 +02:00
Michael Boelen e5b8047133
Added data and detection of Amazon Linux 2019-08-13 22:00:30 +02:00
Michael Boelen 3e392c8e6c
Added end-of-life data for Arch Linux (rolling) 2019-08-13 21:40:29 +02:00
Michael Boelen a510c1c136
Sorting and added new strings 2019-08-08 12:38:46 +02:00
Michael Boelen 0a6417423f
Added HOME-9304 and HOME-9306 2019-07-26 14:15:09 +02:00
Michael Boelen 3213cadd5a
Added new tests INSE-8318 and INSE-8320 2019-07-16 13:13:25 +02:00
Michael Boelen 27b2a4dc7a
Renamed STRG-1840 and STRG-1842 2019-07-15 20:04:59 +02:00
Michael Boelen 7d33b59b0c
Added tests 2019-07-14 13:19:11 +02:00
Michael Boelen e4498be840
Added new test: PROC-3802 2019-07-10 20:12:43 +02:00
Michael Boelen 6891f64c39
Added CRYP-7930 2019-07-09 10:33:51 +02:00
Michael Boelen a49ea33fea
Changed Ubuntu 18.10 period 2019-07-07 18:47:35 +02:00
pyllyukko 2065b06e95
Added Slackware Linux EOLs 2019-06-12 11:44:22 +03:00