tyler.durden
/
lynis
mirror of https://github.com/CISOfy/lynis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
1,515 Commits 2 Branches 61 Tags 16 MiB
Commit Graph

65 Commits

Author SHA1 Message Date
Michael Boelen 679e8c628e Use detected binaries 2016-08-25 15:31:33 +02:00
Michael Boelen 2f4c854ba7 Rename of categories, introduction of groups 2016-07-24 17:22:00 +02:00
Lukas Pirl f19f5927a5 added test for AllowAgentForwarding being turned off (#222) 
for reasons, see links below:
  https://wiki.mozilla.org/Security/Guidelines/OpenSSH#SSH_agent_forwarding
  https://heipei.github.io/2015/02/26/SSH-Agent-Forwarding-considered-harmful/
 2016-07-11 11:25:51 +02:00
Michael Boelen 983e293eb1 Replaced text strings to allow translations 2016-06-18 11:14:01 +02:00
Michael Boelen 52ad74c5ce [SSH-7408] Show SSH items as a suggestion on screen, like in the report 2016-06-11 14:45:17 +02:00
Eric Light 47748c8fd8 UseDNS = No is a safer configuration (#204) 
See Issue #197.  

References:
 - https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/424371/comments/11
 - https://unix.stackexchange.com/questions/56941/what-is-the-point-of-sshd-usedns-option
 - https://security.googleblog.com/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html
 2016-05-19 19:58:52 +02:00
mboelen 6e2640c4d5 Retrieve SSH settings from active configuration and store earlier, test with lowercase settings for other tests 2016-05-02 15:04:40 +02:00
mboelen 42607ceaf5 Replaced old function names with new ones 2016-04-28 12:31:57 +02:00
mboelen 5757837e28 Show skipped items when running in verbose mode 2016-04-20 12:08:10 +02:00
Eric Light a6393bd8a0 Display skipped atomic tests (#169) 
Added section to log & display skipped atomic tests.
 2016-04-20 10:46:40 +02:00
mboelen a2594fc370 [SSH-7408] Allow skipping some of the SSH tests 2016-04-19 12:37:40 +02:00
mboelen 0783b2fd4b Use SSH configuration from sshd instead of configuration file, add more details to report 2016-04-19 12:04:51 +02:00
mboelen 2c815129e4 Added details and changed suggestion text 2016-04-19 09:54:18 +02:00
mboelen 4d52e64b2a Match sshd process running and/or port 22 listening 2016-03-30 13:48:18 +02:00
Kamil Boratyński 232419df8c Modified SSH service checking. 2016-03-22 23:54:38 +01:00
mboelen 8cc47819b4 Removed copyright line, added description 2016-03-13 16:03:46 +01:00
mboelen 6197ac08e7 Added link to website, blog, github 2016-03-13 16:00:39 +01:00
mboelen 62f31a8b82 SSH-7408: use only the last occurrence of a configured option 2016-03-08 08:47:25 +01:00
Eric Light 4f38eb4739 Removed ServerAliveInterval 
Belongs in ssh_config instead.  Ref issue #120
 2016-02-10 09:24:19 +13:00
mboelen c4888fbb8e Added value for ServerAliveInterval setting 2016-02-09 15:53:11 +01:00
mboelen a3b4705508 Reordered SSH options, added ServerAliveInterval, changed TCPKeepAlive suggestion 2016-02-09 12:54:47 +01:00
asiebelt a095ba64a0 Fix scoring logic for "<" 2016-01-02 18:13:07 +01:00
asiebelt 7f462d0a41 Fix typo 2016-01-02 18:07:02 +01:00
asiebelt 81bac124ee Fix Scoring for "<" 2016-01-02 18:03:11 +01:00
asiebelt 99fd20aae0 Fix Test Definition 2016-01-02 17:49:01 +01:00
asiebelt 4234a646ed Update tests_ssh 2016-01-02 17:39:25 +01:00
mboelen d16b38eff8 Rename of logtext and report functions, upcoming year change 2015-12-21 21:17:15 +01:00
Kamil Boratyński 8c544846ab Improved [SSH-7408] with 'AllowTcpForwarding'. 2015-12-07 07:15:48 +01:00
Kamil Boratyński 785119824e Improved [SSH-7408] with 'PermitTunnel'. 2015-12-07 07:15:03 +01:00
Kamil Boratyński 490fd6d5ec Improved [SSH-7408] with 'GatewayPorts'. 2015-12-07 07:14:19 +01:00
Kamil Boratyński 3817ffd299 Improved [SSH-7408] with 'PermitUserEnvironment'. 2015-12-06 01:46:47 +01:00
Kamil Boratyński 5487401aba Improved [SSH-7408] with 'MaxSessions'. 2015-12-06 01:46:47 +01:00
Kamil Boratyński 47576a1bd0 Improved [SSH-7408] with 'MaxStartups'. 2015-12-06 01:46:35 +01:00
Kamil Boratyński 35b663cff9 Improved [SSH-7408] with 'LoginGraceTime'. 2015-12-06 01:45:31 +01:00
Kamil Boratyński 96dfb5cf15 Improved [SSH-7408] with 'Port'. 2015-12-06 01:41:23 +01:00
Kamil Boratyński c394024769 [SSH-7408]: Implemented '!' test type. 2015-12-05 21:46:03 +01:00
Kamil Boratyński d191bed2d7 Improved [SSH-7408] with 'ClientAliveInterval'. 2015-12-05 21:37:27 +01:00
Kamil Boratyński 7bcf442a1e Improved [SSH-7408] with 'ClientAliveCountMax'. 2015-12-05 21:36:13 +01:00
Kamil Boratyński c252b9b376 Improved [SSH-7408] with 'MaxAuthTries'. 2015-12-05 21:18:35 +01:00
Kamil Boratyński 2e37c17675 [SSH-7408]: Implemented '>' test type. 2015-12-05 21:18:35 +01:00
Kamil Boratyński 9a30640327 [SSH-7408]: Implemented '<' test type. 2015-12-05 21:18:32 +01:00
Kamil Boratyński 013886ec16 Refactorized [SSH-7408]. 
First step for differents types of tests.
 2015-12-05 20:39:30 +01:00
mboelen 386d7701f3 New SSH options added and small changes to improve output on screen and in log file 2015-12-04 11:05:13 +01:00
Kamil Boratyński 9421feb704 Improved [SSH-7408] with 'Compression'. 2015-12-04 09:29:54 +01:00
Kamil Boratyński 201a6728b8 Improved [SSH-7408] with 'TCPKeepAlive'. 2015-12-04 02:30:28 +01:00
Kamil Boratyński 11c6b06c91 Improved [SSH-7408] with 'FingerprintHash'. 2015-12-04 02:29:18 +01:00
mboelen 7d0f5acc54 No warnings for SSH configuration, instead only use suggestions. Plus logging of details. 2015-12-03 12:15:49 +01:00
Kamil Boratyński 10b9edd8ef Improved [SSH-7408] with 'PrintLastLog'. 2015-12-03 02:37:56 +01:00
Kamil Boratyński 42a5df3796 Improved [SSH-7408] with 'X11Forwarding'. 2015-12-03 02:29:57 +01:00
Kamil Boratyński cd3cd74b8e Improved [SSH-7408] with 'UseDNS'. 2015-12-03 02:29:57 +01:00