tyler.durden/lynis
1
0
Fork 0
mirror of https://github.com/CISOfy/lynis.git synced 2025-07-28 00:04:16 +02:00
Code Issues Packages Projects Releases Wiki Activity
3,814 Commits 2 Branches 63 Tags
Commit Graph

3814 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michael Boelen
73d43c25eb
Moved section to discover current timestamp related to issue #1329 2022-09-17 14:49:26 +00:00
Zafer Balkan
2788d9fff3
Merge branch 'CISOfy:master' into wazuh-malware-scan 2022-08-29 15:40:23 +03:00
Michael Boelen
b53d6a80d7
Updated log 2022-08-24 11:43:37 +00:00
Michael Boelen
622f53247d
[DBS-1820] added newer style format for Mongo authorization setting 2022-08-24 11:42:22 +00:00
Thomas Sjögren
4f6eeb7537 remove file from path 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2022-08-24 10:17:54 +02:00
Thomas Sjögren
fc62b39f34 find redis.conf if /snap directory exists 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2022-08-23 11:57:05 +02:00
Thomas Sjögren
fe5990f208 remove whitespaces 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2022-08-23 11:56:25 +02:00
Nick Anderson
a19f532ddf
Fixed typo in Group for FINT-4316 
Closes #1323
 2022-08-17 14:03:21 -05:00
Zafer Balkan
3140a245da
Added wazuh-agent as a remote syslog capability 2022-08-05 15:45:35 +03:00
Zafer Balkan
32a39eaaf8
Added Wazuh agent as a rootkit scanner 
Wazuh is a fork of OSSEC and is being actively maintained. Wazuh agent has capabilities to detect and prevent rootkits. Therefore, it seems feasible to add wazuh-agent to the accepted rootkit detection products.

https://documentation.wazuh.com/current/pci-dss/rootkit-detection.html
 2022-07-20 21:50:26 +03:00
Zafer Balkan
e4cd5eaede
Added Wazuh Agent as a malware scanner/antivirus 
Solves https://github.com/CISOfy/lynis/issues/1304

Wazuh is a fork of OSSEC and is being actively maintained. Wazuh agent has capabilities to detect and prevent malware acting as an EDR. Therefore, it seems feasible to add wazuh-agent to the accepted antivirus products.

https://documentation.wazuh.com/current/user-manual/capabilities/anomalies-detection/index.html
https://documentation.wazuh.com/current/pci-dss/rootkit-detection.html
 2022-07-20 21:41:55 +03:00
Fionn Fitzmaurice
74fdee1e33 Support Arch Linux ARM detection 2022-07-12 20:53:03 +08:00
Thomas Sjögren
b3436629ce add check for ESET oaeventd 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2022-06-20 09:54:29 +02:00
Thomas Sjögren
225338a923 use systemctl get-default instead of following links 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2022-05-18 18:02:34 +02:00
Michael Boelen
8d9cdb22f4
Release 3.0.8 3.0.8 2022-05-17 15:07:48 +02:00
Thomas Sjögren
975712a616 add plocate 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2022-05-15 23:58:43 +02:00
Thomas Sjögren
e124499e27 Only test Compression if sshd version < 7.4 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2022-05-04 10:51:35 +02:00
mab974
f315c0b325
osdetection: add Koozali #1274 2022-04-13 13:42:21 +04:00
Skia
34d99f72f6 osdetection: add PostmarketOS 2022-03-17 23:28:34 +01:00
Michael Boelen
64758216f2
Merge pull request #1271 from fizista/symlink_file 
Allow symlinks to be used when searching for configuration files
 2022-03-14 11:54:55 +01:00
Michael Boelen
0664dea946
Merge branch 'master' into symlink_file 2022-03-14 11:54:03 +01:00
Michael Boelen
5cd4b239b5
Update CHANGELOG.md 2022-03-14 11:49:41 +01:00
Michael Boelen
e2781677ba
[KRNL-5820] small changes to prevent using ROOTDIR and resetting it, also showing additional paths in screen output 2022-03-14 11:48:30 +01:00
Michael Boelen
ff3f24bbba
Merge pull request #1265 from rfrohl/alternative_path_security-limits 
[KRNL-5820] additional path for security/limits.conf
 2022-03-14 11:30:29 +01:00
Wojciech Banaś
4098236412 #1270 added finding configuration files in the "etc" directory, even if they are symlinks 2022-02-14 13:23:20 +01:00
Michael Boelen
4f382331b3
Renumbered new test PKGS-7346 to PKGS-7200 2022-02-10 14:26:38 +01:00
Michael Boelen
f64f17f90b
Update tests.db 2022-02-10 14:24:15 +01:00
Michael Boelen
b744cffdf2
Updated log 2022-02-10 14:20:25 +01:00
Michael Boelen
8afa7d93fe
Merge pull request #1254 from pyllyukko/pam_faillock 
Check for pam_faillock in AUTH-9408
 2022-02-10 14:18:19 +01:00
Michael Boelen
59d1d8acd8
Merge pull request #1247 from devnull-hub-lab/patch-1 
Update mod_security module version
 2022-02-10 12:05:43 +01:00
Michael Boelen
0830a745cc
Merge pull request #1250 from JensChrG/master 
Dont write over FIND variable. Fixes #1021
 2022-02-10 12:03:46 +01:00
Michael Boelen
cd433e928e
Merge pull request #1205 from kolenichsj/alpine_apk 
Adding support for Alpine Package Keeper
 2022-02-10 12:00:38 +01:00
Michael Boelen
e0b5dcf7d4
Merge pull request #1226 from konstruktoid/1220 
Extend HasCorrectCheckPermissions logging
 2022-02-10 11:52:11 +01:00
Michael Boelen
7fbcede421
Merge pull request #1235 from zwack-am/master 
Updated PAM_FILES_LOCATION for AARCH64
 2022-02-10 11:49:21 +01:00
Michael Boelen
66f93f0275
Removed bashism: == 2022-02-10 09:35:41 +01:00
Michael Boelen
4ecd03598f
Merge pull request #1225 from konstruktoid/ISSUE1214 
add symlink support to HasCorrectFilePermissions and IsWorldWritable
 2022-02-08 11:27:29 +01:00
Robert Frohl
14fd7dabc8
[KRNL-5820] additional path for security/limits.conf 
Changes the user facing output to display a full path, allowing the user to
better grasp which security/limits.conf file is affected.

fix issue #1264
 2022-02-04 13:51:36 +01:00
Michael Boelen
546693636d
Updated log 2022-01-31 17:08:08 +01:00
Michael Boelen
b0ca58895b
[KRNL-5788] Only run relevant tests and improved logging 2022-01-31 17:07:41 +01:00
Michael Boelen
83296d6e8f
Updated log 2022-01-31 16:39:09 +01:00
Michael Boelen
8604431e19
Merge pull request #1261 from jsegitz/reboot_test 
check /boot/vmlinuz as a symlink in the reboot test
 2022-01-31 16:38:38 +01:00
Steve Kolenich
eb46f39c44 Merge remote-tracking branch 'origin/master' into alpine_apk 2022-01-31 10:05:26 -05:00
Michael Boelen
ce4a0ce6bb
Updated log 2022-01-31 16:00:11 +01:00
Michael Boelen
4c66b504f5
Merge pull request #1204 from kolenichsj/eol 
Update EOL for Alpine Linux release
 2022-01-31 15:58:56 +01:00
Michael Boelen
b4287df9c6
Corrected timestamp for Alpine 3.15 2022-01-31 15:58:07 +01:00
Michael Boelen
ac853a03fb
Updated log 2022-01-31 15:08:30 +01:00
Michael Boelen
a0e9e3d363
Merge pull request #1263 from pyllyukko/needs_restarting 
KRNL-5830: Check for /var/run/needs_restarting
 2022-01-31 15:07:50 +01:00
Michael Boelen
a138f9e402
Merge pull request #1255 from myersg86/master 
Fix typo in README.md
 2022-01-31 15:06:38 +01:00
Michael Boelen
e5f5750bfa
Improved log message 2022-01-31 13:55:55 +01:00
Michael Boelen
558e3bb586
Switch to pre-release 2022-01-31 13:30:43 +01:00