tyler.durden/lynis
1
0
Fork 0
mirror of https://github.com/CISOfy/lynis.git synced 2025-07-31 01:34:23 +02:00
Code Issues Packages Projects Releases Wiki Activity
3,445 Commits 2 Branches 64 Tags
Commit Graph

3445 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Zafer Balkan
32a39eaaf8
Added Wazuh agent as a rootkit scanner 
Wazuh is a fork of OSSEC and is being actively maintained. Wazuh agent has capabilities to detect and prevent rootkits. Therefore, it seems feasible to add wazuh-agent to the accepted rootkit detection products.

https://documentation.wazuh.com/current/pci-dss/rootkit-detection.html
 2022-07-20 21:50:26 +03:00
Zafer Balkan
e4cd5eaede
Added Wazuh Agent as a malware scanner/antivirus 
Solves https://github.com/CISOfy/lynis/issues/1304

Wazuh is a fork of OSSEC and is being actively maintained. Wazuh agent has capabilities to detect and prevent malware acting as an EDR. Therefore, it seems feasible to add wazuh-agent to the accepted antivirus products.

https://documentation.wazuh.com/current/user-manual/capabilities/anomalies-detection/index.html
https://documentation.wazuh.com/current/pci-dss/rootkit-detection.html
 2022-07-20 21:41:55 +03:00
Michael Boelen
8d9cdb22f4
Release 3.0.8 3.0.8 2022-05-17 15:07:48 +02:00
Michael Boelen
64758216f2
Merge pull request #1271 from fizista/symlink_file 
Allow symlinks to be used when searching for configuration files
 2022-03-14 11:54:55 +01:00
Michael Boelen
0664dea946
Merge branch 'master' into symlink_file 2022-03-14 11:54:03 +01:00
Michael Boelen
5cd4b239b5
Update CHANGELOG.md 2022-03-14 11:49:41 +01:00
Michael Boelen
e2781677ba
[KRNL-5820] small changes to prevent using ROOTDIR and resetting it, also showing additional paths in screen output 2022-03-14 11:48:30 +01:00
Michael Boelen
ff3f24bbba
Merge pull request #1265 from rfrohl/alternative_path_security-limits 
[KRNL-5820] additional path for security/limits.conf
 2022-03-14 11:30:29 +01:00
Wojciech Banaś
4098236412 #1270 added finding configuration files in the "etc" directory, even if they are symlinks 2022-02-14 13:23:20 +01:00
Michael Boelen
4f382331b3
Renumbered new test PKGS-7346 to PKGS-7200 2022-02-10 14:26:38 +01:00
Michael Boelen
f64f17f90b
Update tests.db 2022-02-10 14:24:15 +01:00
Michael Boelen
b744cffdf2
Updated log 2022-02-10 14:20:25 +01:00
Michael Boelen
8afa7d93fe
Merge pull request #1254 from pyllyukko/pam_faillock 
Check for pam_faillock in AUTH-9408
 2022-02-10 14:18:19 +01:00
Michael Boelen
59d1d8acd8
Merge pull request #1247 from devnull-hub-lab/patch-1 
Update mod_security module version
 2022-02-10 12:05:43 +01:00
Michael Boelen
0830a745cc
Merge pull request #1250 from JensChrG/master 
Dont write over FIND variable. Fixes #1021
 2022-02-10 12:03:46 +01:00
Michael Boelen
cd433e928e
Merge pull request #1205 from kolenichsj/alpine_apk 
Adding support for Alpine Package Keeper
 2022-02-10 12:00:38 +01:00
Michael Boelen
e0b5dcf7d4
Merge pull request #1226 from konstruktoid/1220 
Extend HasCorrectCheckPermissions logging
 2022-02-10 11:52:11 +01:00
Michael Boelen
7fbcede421
Merge pull request #1235 from zwack-am/master 
Updated PAM_FILES_LOCATION for AARCH64
 2022-02-10 11:49:21 +01:00
Michael Boelen
66f93f0275
Removed bashism: == 2022-02-10 09:35:41 +01:00
Michael Boelen
4ecd03598f
Merge pull request #1225 from konstruktoid/ISSUE1214 
add symlink support to HasCorrectFilePermissions and IsWorldWritable
 2022-02-08 11:27:29 +01:00
Robert Frohl
14fd7dabc8
[KRNL-5820] additional path for security/limits.conf 
Changes the user facing output to display a full path, allowing the user to
better grasp which security/limits.conf file is affected.

fix issue #1264
 2022-02-04 13:51:36 +01:00
Michael Boelen
546693636d
Updated log 2022-01-31 17:08:08 +01:00
Michael Boelen
b0ca58895b
[KRNL-5788] Only run relevant tests and improved logging 2022-01-31 17:07:41 +01:00
Michael Boelen
83296d6e8f
Updated log 2022-01-31 16:39:09 +01:00
Michael Boelen
8604431e19
Merge pull request #1261 from jsegitz/reboot_test 
check /boot/vmlinuz as a symlink in the reboot test
 2022-01-31 16:38:38 +01:00
Steve Kolenich
eb46f39c44 Merge remote-tracking branch 'origin/master' into alpine_apk 2022-01-31 10:05:26 -05:00
Michael Boelen
ce4a0ce6bb
Updated log 2022-01-31 16:00:11 +01:00
Michael Boelen
4c66b504f5
Merge pull request #1204 from kolenichsj/eol 
Update EOL for Alpine Linux release
 2022-01-31 15:58:56 +01:00
Michael Boelen
b4287df9c6
Corrected timestamp for Alpine 3.15 2022-01-31 15:58:07 +01:00
Michael Boelen
ac853a03fb
Updated log 2022-01-31 15:08:30 +01:00
Michael Boelen
a0e9e3d363
Merge pull request #1263 from pyllyukko/needs_restarting 
KRNL-5830: Check for /var/run/needs_restarting
 2022-01-31 15:07:50 +01:00
Michael Boelen
a138f9e402
Merge pull request #1255 from myersg86/master 
Fix typo in README.md
 2022-01-31 15:06:38 +01:00
Michael Boelen
e5f5750bfa
Improved log message 2022-01-31 13:55:55 +01:00
Michael Boelen
558e3bb586
Switch to pre-release 2022-01-31 13:30:43 +01:00
Michael Boelen
98f57d6d76
Added MALW-3274 to detect McAfee VirusScan Command Line Scanner 2022-01-31 13:29:11 +01:00
pyllyukko
12ad1ca6bd KRNL-5830: Check for /var/run/needs_restarting 
Creating this file was introduced in slackpkg version 15.0.10.
 2022-01-25 18:59:36 +02:00
Johannes Segitz
521487310f check /boot/vmlinuz as a symlink in the reboot test 2022-01-25 09:55:52 +01:00
Michael Boelen
ad5dc53a5f
Release 3.0.7 3.0.7 2022-01-18 14:23:49 +01:00
Michael Boelen
28409265db
Switch to array type for account_without_password 2022-01-18 14:23:39 +01:00
myersg86
6ae2accb9d
Fix typo in README.md 
README.md:51: sytems -> systems
 2022-01-15 12:14:57 -07:00
pyllyukko
3153c89c87
Check for pam_faillock in AUTH-9408 
pam_tally2 was removed in PAM 1.5.0 and pam_faillock has replaced it.
 2022-01-12 19:09:42 +02:00
Steve Kolenich
302b52c55d Merge remote-tracking branch 'upstream/master' into alpine_apk 2022-01-11 09:19:19 -05:00
Steve Kolenich
7f3ed088cd Update EOL for Alpine Linux release 2022-01-11 09:13:12 -05:00
Steve Kolenich
80e13f2742 Merge remote-tracking branch 'origin/master' into eol 2022-01-11 09:06:12 -05:00
Jens Christian Gram
f81aff384c Dont write over FIND variable. Fixes #1021 2022-01-01 18:55:01 +01:00
Rafael Grether
6c5ddb9cc2
Update mod_security module version 
Update ModSecurity version. Actual version: 3

Issue #1246
 2021-12-16 15:41:18 -03:00
Adam Morris
11306422ac
Corrected a minor typo 2021-11-20 05:23:34 +00:00
Adam Morris
0eb92f5291
Added the aarch64-linux-64 path 
This resolves Issue #1234
 2021-11-20 05:19:37 +00:00
Michael Boelen
2d16c60da1
Merge pull request #1209 from mrpjl/master 
Added Funtoo Linux to osdetection
 2021-11-18 11:08:06 +01:00
Michael Boelen
7674a08ab8
Merge pull request #1202 from digitalcheetah/openrc 
Adding OpenRC to boot service test
 2021-11-18 11:06:14 +01:00