tyler.durden
/
lynis
mirror of https://github.com/CISOfy/lynis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
1,832 Commits 2 Branches 61 Tags 16 MiB
Commit Graph

1253 Commits

Author SHA1 Message Date
Michael Boelen 0993c0a13b Style and readability improvements 2016-07-31 15:58:20 +02:00
Michael Boelen 2fe1819c35 [PKGS-7383] Simplified test 2016-07-31 15:51:34 +02:00
Michael Boelen 1e62769ce0 [MAIL-8818] Style and refactoring 2016-07-31 15:43:06 +02:00
Michael Boelen 5e2f6d256b Removed word 'checking' from several tests' and style improvements 2016-07-31 13:53:26 +02:00
Michael Boelen 6426ce68c0 [AUTH-9216] Simplified test and make it more efficient 2016-07-31 13:45:21 +02:00
Michael Boelen 2b4d7a1e85 [AUTH-9218] Clean ups and improve readability 2016-07-31 13:34:17 +02:00
Michael Boelen 23e400ea9e More style and text changes, and removed warning 2016-07-31 13:29:23 +02:00
Michael Boelen 1b3cdb9883 [AUTH-9226] Style, text, and removed warning 2016-07-31 13:25:35 +02:00
Michael Boelen aad8d89bf8 [AUTH-9228] Provide just an suggestion instead of warning 2016-07-31 13:23:09 +02:00
Michael Boelen 8ee6cb42a3 DisplayError can now use an optional exit code to quit the program 2016-07-31 11:46:41 +02:00
beelsr 4143cd69b5 fix yum gpgenabled check to allow spaces around = (#247) 
Issue 245

yum.conf allows an arbitrary number of spaces to surround the equals assignment.
 2016-07-30 17:14:51 +02:00
Michael Boelen 15e364eae6 Initialize variable and unset at end 2016-07-30 16:41:57 +02:00
Michael Boelen 95b24f074f Initialize variables and style improvements 2016-07-30 16:41:34 +02:00
Michael Boelen 4faaa10a8c Initialize variables and cleanup 2016-07-30 16:41:11 +02:00
Michael Boelen cfdc8228fd [PKGS-7388] Readability improvements and initialization 2016-07-30 16:40:44 +02:00
Michael Boelen d776c30b06 [AUTH-9406] - Readability and code style changes 2016-07-30 16:08:45 +02:00
Michael Boelen 6375953b26 [PHP-2211] - Readability improvement and code style changes 2016-07-30 16:03:35 +02:00
Michael Boelen c74c572422 [FILE-6332] Enable testing for UUID usage with blkid command 2016-07-30 14:10:29 +02:00
Michael Boelen 220476d955 Test for blkid binary 2016-07-30 14:09:44 +02:00
Michael Boelen 9b9a97bceb [DBS-1880] Corrected variable name and style 2016-07-30 14:03:28 +02:00
Michael Boelen c8096dd06c Only show number of running containers when there are any 2016-07-30 14:01:36 +02:00
Michael Boelen 7670560c2a [HTTP-6720] Improve readability of test 2016-07-30 13:55:10 +02:00
Michael Boelen 0ec7f45f05 [AUTH-9268] Improve readability of test 2016-07-30 13:54:04 +02:00
Michael Boelen 0e18551b2c Catting of changelog removed 2016-07-30 13:48:22 +02:00
Michael Boelen b5408e50df Removed unneeded spacing instructions 2016-07-30 13:46:04 +02:00
Michael Boelen a5baafca02 Determine if all Docker tests should be executed, depending on exit code 2016-07-30 13:23:27 +02:00
Liao Tonglang 3fdb949152 Fix description of CheckFilePermissions (#243) 
* Fix description of CheckFilePermissions 

"Adds a system to a group, which can be used for categorizing" should belong to 
AddSystemGroup but not CheckFilePermissions

* make description of IsVirtualMachine right

"Check if a specific item exists in the report" should no be the description of IsVirtualMachien, change it.
 2016-07-30 12:08:43 +02:00
Michael Boelen f1dc6be5bf Start of refactor fail2ban tests and splitting them into different test areas 2016-07-30 12:06:30 +02:00
Michael Boelen af999d3207 Allow strict code checking for developers 2016-07-28 11:39:10 +02:00
Michael Boelen db5d825701 Check for number of arguments 2016-07-28 11:10:59 +02:00
Michael Boelen 22f99ede81 Check for number or arguments on ReportSuggestion and ReportWarning 2016-07-28 11:06:46 +02:00
Michael Boelen 052350feb4 [FINT-4402] Use correct variable 2016-07-28 10:38:10 +02:00
Michael Boelen 4e3de865ac Extended examples 2016-07-27 13:40:19 +02:00
Michael Boelen 17ab4708ec Removed --info from options, as it has been replaced with 'lynis update info' 2016-07-27 12:17:18 +02:00
Michael Boelen ff3f13cdd0 Make Lynis run in quick mode by default 2016-07-27 12:14:25 +02:00
Michael Boelen abf34b56b6 Rephrase suggestion 2016-07-27 09:55:06 +02:00
Michael Boelen f9a4348f10 Uppercase tests: detect them properly as atomic tests. 2016-07-26 16:01:38 +02:00
Michael Boelen d23e4b0fa5 Changed header and footer of screen output 2016-07-26 16:00:36 +02:00
Michael Boelen 2d2398714a More spacing in report 2016-07-26 15:33:52 +02:00
Michael Boelen 64075a8497 Replaced function with generic echo, as functions are not available yet 2016-07-26 15:20:18 +02:00
atao60 0b5b4a47a3 Display function creates wrong indentation of result column (#237) 2016-07-26 15:00:05 +02:00
Michael Boelen 532e242a2f Style changes 2016-07-26 14:58:04 +02:00
Michael Boelen 019203e7e8 Typo fix 2016-07-26 14:35:47 +02:00
n[oO]ne 7dbe80c7a4 Make time test 3106 work again (#239) 
There was a little typo in the test
 2016-07-25 09:59:41 +02:00
Michael Boelen 37763dcf4f [DBS-1880] Detection for redis 2016-07-24 19:46:45 +02:00
Michael Boelen 6d6cd79a82 Improve detection and display of gzipped changelog 2016-07-24 17:54:59 +02:00
Michael Boelen 773c410a02 Update remaining items for categories and groups 2016-07-24 17:24:09 +02:00
Michael Boelen 2f4c854ba7 Rename of categories, introduction of groups 2016-07-24 17:22:00 +02:00
Michael Boelen ee9d7963e7 Add 'lynis show changelog' to display release details 2016-07-24 15:40:55 +02:00
Michael Boelen 9a2dcc9dec Add DisplayError for showing errors on screen 2016-07-24 13:11:32 +02:00
Michael Boelen 65eaeb7ce9 Add header as color 2016-07-24 13:05:36 +02:00
Michael Boelen c1d351fe32 Add bold as color 2016-07-24 11:43:18 +02:00
Michael Boelen 64348b772c Add category and display more details about tests 2016-07-24 11:42:50 +02:00
Michael Boelen ccb39d5e52 [PHP-2374] Changed text and cleanups 2016-07-22 15:46:25 +02:00
Michael Boelen 7f25a1f00e Remove colors properly with one function (contribution: Mike Slifcak at Pindrop 2016-07-18 19:58:32 +02:00
Michael Boelen 75d8824d8f Add 'update check' as example 2016-07-18 10:34:10 +02:00
Michael Boelen 6b92407234 Add 'update check' functionality 2016-07-18 10:33:52 +02:00
Michael Boelen d02cb095da [PHP-2376] Log to discovered item to report instead of logfile 2016-07-16 16:28:43 +02:00
Michael Boelen 7ec51cdae0 Only use license key when it is defined 2016-07-14 15:26:46 +02:00
n[oO]ne 8aeba9fa3d fix: Test names are different. (#228) 
After changes in 9aa5736 the test names are different. This results in something like BOOT-5122 = boot-5122 and skipped test aren't skipped anymore.
 2016-07-14 13:49:20 +02:00
Michael Boelen 9aa57362e6 Show all tests uppercase and remove first space from list for correct display 2016-07-13 13:21:35 +02:00
Michael Boelen dd378a0ca3 Allow showing categories, logfile, report, and test details 2016-07-13 13:20:55 +02:00
Michael Boelen f9011c43e6 Exit cleanly when displaying categories 2016-07-13 11:12:31 +02:00
Michael Boelen 09aa31bb5c Minor code cleanup 2016-07-12 20:32:49 +02:00
Michael Boelen 07a113e46e Set initial value for language and improve auto detection 2016-07-12 20:32:15 +02:00
Michael Boelen cb76421d9c Proper display of tool tips configuration, while not showing tips when using show module 2016-07-12 20:09:10 +02:00
Michael Boelen c090e73ca1 Add blue colors for tips 2016-07-11 20:06:46 +02:00
Michael Boelen 38e6ff18d4 Merge and initial changes for new tests FILE-6344 and FILE-6430 2016-07-11 19:57:45 +02:00
Lukas Pirl 9a5647f66c added test FILE-6337: check if /proc mounted with hidepid=(1|2) (#225) 
to hide users' sensitive files in /proc from other users
  (see `man proc` for details)
 2016-07-11 16:48:25 +02:00
Lukas Pirl f19f5927a5 added test for AllowAgentForwarding being turned off (#222) 
for reasons, see links below:
  https://wiki.mozilla.org/Security/Guidelines/OpenSSH#SSH_agent_forwarding
  https://heipei.github.io/2015/02/26/SSH-Agent-Forwarding-considered-harmful/
 2016-07-11 11:25:51 +02:00
Michael Boelen 576e11b995 [BOOT-5122] Extended password check 2016-07-11 11:24:52 +02:00
Michael Boelen 09a9b80fde Merge branch 'master' of https://github.com/CISOfy/lynis 2016-07-11 11:21:08 +02:00
ratrop cd2429688b Update tests_boot_services (#201) 
Added detection of password for Grub2 in Ubuntu 14.04 LTS. Previous version doesn't detect it.
 2016-07-11 11:20:05 +02:00
Michael Boelen 648d043b0a [FILE-6430] initial import and changes 2016-07-11 11:18:53 +02:00
Michael Boelen d1c8cd3d05 Merge branch 'master' of https://github.com/CISOfy/lynis 2016-07-11 10:32:30 +02:00
Michael Boelen 52317de56c Set date of break lines to similar format as normal log entries 2016-07-11 10:32:00 +02:00
Yann ILAS a62a09d9e4 Remove the support of some filesystems (#205) 
For now keeping the test as-is and merge.
 2016-07-11 10:24:38 +02:00
Michael Boelen 74c9513fbb [HTTP-6632] fix for proper detection of Apache modules 2016-07-11 09:49:24 +02:00
Michael Boelen 13c228fd2d Add --configured-only option to lynis show settings 2016-07-05 19:57:11 +02:00
Michael Boelen 1655b5728b Disable color status and clear blue color 2016-07-05 19:56:38 +02:00
Michael Boelen 467c30b16b Start of migration of deprecated profile options 2016-07-05 19:56:13 +02:00
Michael Boelen b44acc16e0 Disable upload compression for now 2016-07-05 19:55:45 +02:00
Michael Boelen 474455d18b Define colors 2016-07-05 19:55:31 +02:00
Michael Boelen f8bee58ade Implement tooltips 2016-07-05 18:18:54 +02:00
Michael Boelen bac442c6fe Migrate to new options, including skip-plugins 2016-07-05 17:26:27 +02:00
Michael Boelen 75786a1c80 Added DisplayToolTip 2016-07-05 17:25:19 +02:00
Michael Boelen 0c5387f1fe Migration to new profile names and store the related settings 2016-07-05 16:49:36 +02:00
Michael Boelen bdf9a5cf04 Add lynis show settings with --brief and --nocolors options 2016-07-05 16:49:10 +02:00
Michael Boelen 5778d4fa0d Add fuctions: AddSetting, DiscoverProfiles, ParseProfiles 2016-07-05 16:47:32 +02:00
Michael Boelen 8b8a1a9b66 [CRYP-7902] Use SSL paths as configured by profile 2016-07-05 16:46:50 +02:00
Michael Boelen 998af3d7de Add variable for settings and SSL paths 2016-07-05 16:45:27 +02:00
Michael Boelen 6c24c198ee [PRNT-2306] Check if files are readable before parsing them 2016-07-05 12:19:43 +02:00
Michael Boelen fbd24b585a Rename Maid to CleanUp 2016-07-05 12:16:49 +02:00
Michael Boelen 72ca2b926d [AUTH-9254] Only let root use this test, due to permissions 2016-07-05 12:10:32 +02:00
Michael Boelen c181a5745f [AUTH-9288] Only check for accounts which have a maximum password age set 2016-07-05 10:51:59 +02:00
Michael Boelen d9b609ed98 Do not provide a tip about uploading data when user is already doing that 2016-07-05 10:40:07 +02:00
Michael Boelen a1ebc18a76 Don't override variables of ReportDetails functions on every parameter 2016-06-30 11:34:27 +02:00
Michael Boelen 114d95c475 [AUTH-9234] Test for minimal UID number via /etc/login.defs 2016-06-30 11:30:58 +02:00
Michael Boelen 6861e8065f Improve screen output 2016-06-18 11:15:39 +02:00
Michael Boelen 87efe5651f Replaced text strings to allow translations 2016-06-18 11:15:11 +02:00
Michael Boelen b553f01b2a Allow long lines of text by resetting number of spaces to 0 when needed 2016-06-18 11:14:50 +02:00
Michael Boelen 983e293eb1 Replaced text strings to allow translations 2016-06-18 11:14:01 +02:00
Michael Boelen 1be27c7b00 Added IsDeveloperVersion to detect if release is still under development 2016-06-18 09:28:53 +02:00
Michael Boelen 52ad74c5ce [SSH-7408] Show SSH items as a suggestion on screen, like in the report 2016-06-11 14:45:17 +02:00
Michael Boelen f8b134f3c3 Add automatic detection of used language 2016-06-11 14:34:21 +02:00
Michael Boelen f851834dbd Added support for multiple languages 2016-06-11 14:09:41 +02:00
Michael Boelen 7ff4f3b1d3 Add upcoming profile option to choose between upload tools 2016-06-07 17:01:16 +02:00
Michael Boelen 138d1fdcd5 Add comment for upcoming option to choose between upload tools 2016-06-07 17:00:51 +02:00
Michael Boelen 6b05d59855 Add variables for alternative upload tool 2016-06-07 17:00:12 +02:00
Michael Boelen c88a2678f6 [HTTP-6642] Test disabled 2016-06-07 16:59:37 +02:00
Michael Boelen 02fdaf4c1e [PKGS-7328] Set non-interactive as first option like other calls to Zypper 2016-05-30 19:43:10 +02:00
Michael Boelen 751c9734c5 Restrict find action to the /tmp mount 2016-05-30 19:38:42 +02:00
Michael Boelen d3202ade5d Properly display lines again after changing date format in log 2016-05-30 19:36:30 +02:00
Andreas Stieger ece464b1da improve non-interactive use of zypper (#208) 
* PKGS-7328: only list installed items of type package

Otherwise the package list may contain duplicate items of type application or patch

Signed-off-by: Andreas Stieger <astieger@suse.com>

* PKGS-7328, PKGS-7330: run zypper with non-interactive flag

Otherwise the test will hang if zypper issues an interactive query or warning,
such as for new/changed keys, network issues or other errors.

Signed-off-by: Andreas Stieger <astieger@suse.com>
 2016-05-30 19:20:37 +02:00
Michael Boelen 000077d379 Added more tips when cURL has issues uploading the data 2016-05-30 17:06:14 +02:00
Michael Boelen 268ff68966 Added error message when --data-urlencode on cURL is not available 2016-05-30 16:59:29 +02:00
Michael Boelen 7725ce6cc8 Use a common date/time format for log entries 2016-05-25 21:36:12 +02:00
Michael Boelen e20ef13b48 Change instructions to configure Lynis when using self-signed certificates with upload 2016-05-25 13:43:29 +02:00
Michael Boelen 6f1be4c82a Better display when multiple items are to be configured 2016-05-25 13:29:01 +02:00
Michael Boelen c42a1d4083 Improve error message when setting already exists 2016-05-24 20:53:16 +02:00
Michael Boelen a45d6e61f8 Allow automatic configuration of a setting 2016-05-24 20:49:36 +02:00
Michael Boelen 748039358c Remove unneeded quote 2016-05-24 11:31:49 +02:00
Michael Boelen d2c82adc98 Minor cleanups and add hostid2 value for uploads 2016-05-24 11:28:08 +02:00
Eric Light 47748c8fd8 UseDNS = No is a safer configuration (#204) 
See Issue #197.  

References:
 - https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/424371/comments/11
 - https://unix.stackexchange.com/questions/56941/what-is-the-point-of-sshd-usedns-option
 - https://security.googleblog.com/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html
 2016-05-19 19:58:52 +02:00
Yann ILAS e8d6308d82 use ${LSMODBINARY} instead of lsmod (#200) 2016-05-19 17:34:35 +02:00
Yann ILAS 770605e4c6 use ${LSMODBINARY} instead of lsmod (#199) 
Use detected lsmod binary instead of calling it directly.
 2016-05-19 17:24:49 +02:00
Yann ILAS bc313949c8 Add of MODPROBE variable (#202) 
Test for presence of modprobe utility
 2016-05-19 17:23:54 +02:00
Michael Boelen 7b769214cd Split auditd between Linux and Solaris, store if an audit daemon is running 2016-05-19 17:23:01 +02:00
Michael Boelen 9dafcac6b0 Extend configure module to allow making changes to custom.prf soon 2016-05-17 21:39:02 +02:00
Michael Boelen 7b819b4eca Show release as version with release type (e.g. 2.2.0-dev) 2016-05-17 18:12:49 +02:00
Michael Boelen 443497855e Add lynis show hostids to display host IDs 2016-05-17 18:08:08 +02:00
Michael Boelen 0d62613388 Store host IDv2 and detect utilities when no binaries scan has been done 2016-05-17 18:07:43 +02:00
Michael Boelen 933edeeae0 Improve screen output when an error in a profile has been found 2016-05-16 20:56:42 +02:00
Michael Boelen 573698afdb Show debug details on screen in verbose mode 2016-05-16 20:56:16 +02:00
Michael Boelen f7e353fe17 Report multiple file integrity tools, clean ups, and renumber FINT-4316 to FINT-4402 2016-05-16 20:55:42 +02:00
Michael Boelen 9542dc2f6b Initial import of configure helper 2016-05-15 20:37:10 +02:00
Michael Boelen bb2c97f9c1 Added --man-page alias 2016-05-15 20:01:32 +02:00
Michael Boelen c751302a76 Add helper tool 'configure' 2016-05-15 20:00:18 +02:00
Michael Boelen 1cbf7244c2 Added detection and display of profile directory 2016-05-15 14:03:57 +02:00
Michael Boelen 26c67e4ec6 Use full paths when local directory is used for includedir or dbdir 2016-05-15 13:41:03 +02:00
Michael Boelen 098f7685fc Added show dbdir, show includedir, show workdir 2016-05-14 18:04:26 +02:00
Michael Boelen 18fb54e92d Improve screen output of 'lynis update info' 2016-05-14 17:43:40 +02:00
Michael Boelen e7afd92533 Improve screen output 2016-05-14 17:42:51 +02:00
Michael Boelen b72b510301 Improve help output and error messages 2016-05-14 17:42:33 +02:00
Michael Boelen 08bad0ffbf Initial support for remote scanning with: lynis audit system remote 2016-05-14 15:44:06 +02:00
Michael Boelen 93074a89ea Initial import of remote system scanning 2016-05-14 15:43:29 +02:00
Michael Boelen 4225611b5b Remove debugging details 2016-05-12 11:21:20 +02:00
Michael Boelen d6ceeaa11f Clean ups and added hints for contributions 2016-05-11 16:02:46 +02:00
Michael Boelen 5db9d4a4e0 [FILE-6376] Enabled contributed test and enhancements 2016-05-11 15:57:36 +02:00
Yann ILAS 125f704a10 FILE-xyzz : Bind mount the /var/tmp directory to /tmp (#193) 
Check if a bind mount is done between /var/tmp and the directory /tmp
 2016-05-11 15:20:08 +02:00
Yann ILAS 8ba1f51c19 FILE-6372 : error in awk comparaison (#192) 2016-05-11 15:18:39 +02:00
Yann ILAS 8e73f33475 Check of /dev/shm:nosuid,nodev,noexec (#194) 2016-05-11 15:17:50 +02:00
Yann ILAS 527955211b The XFS root FS is not checked (#190) 
At line 431, you should maybe add some tests...
 2016-05-11 15:16:28 +02:00
Michael Boelen 668a1fd0e5 Alignment, restructuring, and quoting of -? option 2016-05-11 15:12:37 +02:00
Michael Boelen 50609242c2 Only use public keys for host ID creation 2016-05-10 14:21:09 +02:00
Michael Boelen ef23180adc Decrease length of hostid v2 as hostname is stored already 2016-05-10 11:47:33 +02:00
Michael Boelen 41197f722b Added -? argument as alias for --help 2016-05-10 11:47:01 +02:00
Michael Boelen dfce1a770a Removed local variable assignment to prevent portability issues 2016-05-09 14:20:16 +02:00
Michael Boelen a40331aedc Clean up unneeded log entries 2016-05-09 13:50:38 +02:00
Michael Boelen 632e8bd47a Show hardware address in log 2016-05-09 13:46:32 +02:00
Michael Boelen 788ab9999d Create a version 2 host ID 2016-05-05 17:49:41 +02:00
Michael Boelen 9f14495d70 Added sha256 and sha256sum utilities 2016-05-05 17:49:04 +02:00
Michael Boelen 90f196f067 [PKGS-7381] Check for vuln.xml file 2016-05-04 21:59:52 +02:00
Michael Boelen 412613e14c Added check-value for custom configurations check 2016-05-04 21:39:13 +02:00
Michael Boelen 076c5dd093 Initial work to profile for custom configurations check (key-value) 2016-05-04 21:38:42 +02:00
Michael Boelen 049569ceca Set default value for CHECK 2016-05-04 13:42:46 +02:00
Michael Boelen eded02cfde Rewritten counters and dealing with values 2016-05-03 14:57:53 +02:00
Michael Boelen eda79af419 Minor cleanups, including comment about -c option (deprecated soon) 2016-05-03 13:53:20 +02:00
Michael Boelen c8c7a11e37 Implemented linter suggestions 2016-05-03 13:16:11 +02:00
Michael Boelen bbdfce2b05 Performance: only use lshw at end, and when having root privileges 2016-05-03 13:15:46 +02:00
Michael Boelen dab69d2860 Don't show errors when we are running non-privileged 2016-05-03 13:11:28 +02:00
Michael Boelen 062782e7a5 Remove blank line and space 2016-05-03 12:55:23 +02:00
Michael Boelen 7260f3030c Code rewrites after linting 2016-05-03 12:40:26 +02:00
Michael Boelen 0173bd3832 Code rewrites after linting 2016-05-03 12:40:05 +02:00
Michael Boelen 5339a0d466 Improve readability and add missing ;; 2016-05-03 12:19:26 +02:00
Michael Boelen 9c9ca6f947 Proper call to WaitForKeyPress 2016-05-03 11:00:06 +02:00
Michael Boelen 70fd028713 Remove inclusion of empty tests_custom file 2016-05-03 10:58:41 +02:00
Michael Boelen 924e53ed76 Do an earlier detection of grsecurity and store result, so tests can be simplified 2016-05-03 10:58:05 +02:00
Michael Boelen 2205866521 Remove tabs, test for all Red Hat clones, enhanced text 2016-05-02 19:12:55 +02:00
alobodzinski 2b52276110 - Running lynis from /etc/cron.daily some programs delete in-use files (#186) 
- grep for whole words to ignore
- logging what exactly keeps a file open can be very helpful
 2016-05-02 19:08:11 +02:00
StrangeBubble 3a19887972 Update tests_kernel (#185) 
Error during the process of the FIND variable.
 2016-05-02 17:35:55 +02:00
Michael Boelen 99236b13f4 Mark apt-get related tests to be root-only 2016-05-02 17:13:31 +02:00
Michael Boelen efebb99da1 Add action to take when a file has not the right permissions 2016-05-02 17:13:06 +02:00
Michael Boelen 6ea27b912c Add owner and group permissions check 2016-05-02 15:45:27 +02:00
mboelen 6e2640c4d5 Retrieve SSH settings from active configuration and store earlier, test with lowercase settings for other tests 2016-05-02 15:04:40 +02:00
mboelen 9208e35f20 Added alias --no-plugins to skip plugins 2016-05-02 13:57:16 +02:00
mboelen a765163a25 Minor changes to identation and variable names 2016-05-02 13:26:27 +02:00
Eric Light bcaf7a55ef Remove wchan from PROC-3614, to finish #179 (#182) 
Attempt number two, fixing the awk line this time  :)
 2016-05-02 13:24:19 +02:00
StrangeBubble 81a4821636 Check if file is symlink or not (#184) 2016-05-02 13:23:43 +02:00
mboelen 1a680c294f Replace incorrect function call to report 2016-04-28 12:58:33 +02:00
mboelen 43f6baeb2e Replaced old function names with new ones 2016-04-28 12:32:18 +02:00
mboelen 42607ceaf5 Replaced old function names with new ones 2016-04-28 12:31:57 +02:00
mboelen 539bd49856 Big overhaul of functions file. Cleaning up, structurizing, and adding comments 2016-04-28 12:31:38 +02:00
mboelen 9e312f5a5f Replaced functions and minor cleanups 2016-04-28 09:15:54 +02:00
mboelen 5e587adf8a Change ntp_falseticker in report, added ntp_unreliable_peer 2016-04-28 08:51:43 +02:00
mboelen f109c318d9 Detect when weak protocols are used, simplify nginx test 2016-04-27 16:51:12 +02:00
mboelen 1825d91c85 [HTTP-6710] Show suggestion when using a weak protocol 2016-04-27 16:37:32 +02:00
mboelen eb0206198a [HTTP-6710] Show SSLv3 as weak protocol 2016-04-27 16:36:24 +02:00
mboelen 7c4099a7da Call WaitForKeypress from wait_for_keypress, and report this old function when called to developers 2016-04-27 16:14:22 +02:00
mboelen f4691536ee Add nginx ssl_protocol values to report, minor adjustments to ReportDetails function 2016-04-27 16:09:29 +02:00
mboelen b453190cd7 Added firewall_software[] to report 2016-04-27 10:52:45 +02:00
mboelen 84d619852a [PROC-3612] Removed wchan from output to solve issue with grsecurity-enabled kernel 2016-04-27 10:30:40 +02:00
mboelen 6a4287bd64 Proper reference to IsDeveloperMode 2016-04-26 21:25:14 +02:00
mboelen b6884dfda3 Add file permission and ownership tests for cronjobs 2016-04-26 21:21:15 +02:00
mboelen c98b37955c Added IsOwnedByRoot function 2016-04-26 21:20:37 +02:00
mboelen 098a2e3760 Added istat binary 2016-04-26 21:20:17 +02:00
mboelen e20404c60b Add test for world-writable cronjobs 2016-04-26 14:06:27 +02:00
mboelen 7b33ead897 Adding aliases and optimization for value testing 2016-04-26 14:05:56 +02:00
mboelen 216611259e Optimize IsWorldWritable function, with additional debugging data for developers 2016-04-26 13:52:26 +02:00
mboelen 812a0ea270 Added developer-mode option for profiles 2016-04-26 13:51:54 +02:00
mboelen 55799a524c Added developer mode (--developer) 2016-04-26 13:40:21 +02:00
mboelen 2cefdb79d6 Log when a file is world-writable according IsWorldWritable 2016-04-26 13:34:17 +02:00
mboelen 4791b8a6bf Add scheduler[] and minor cleanups 2016-04-26 13:05:17 +02:00
mboelen 448fd65e31 Remove tab 2016-04-26 13:00:41 +02:00
mboelen 705e2444ee [SCHD-7702] Added test to check cron daemon status 2016-04-26 12:58:17 +02:00
mboelen ea9c40a36c Changed text to avoid showing up as a suggestion 2016-04-25 20:48:21 +02:00
mboelen ee7b5f87bb [BANN-7119/BANN-7122] Disabled tests 2016-04-25 20:04:23 +02:00
mboelen 7878fad617 Removed --config option in favor of lynis show profiles 2016-04-25 20:04:00 +02:00
mboelen 4dcb9eccff Allow skipping of plugins with --skip-plugins or skip-plugins 2016-04-25 16:00:10 +02:00
mboelen e5790dc8c6 Added: lynis show tests skipped (skipped tests) 2016-04-25 15:49:45 +02:00
mboelen ba0381a775 Lowercase all tests when using them in comparisons 2016-04-25 15:49:00 +02:00
mboelen c02ab08b50 Set quiet and quickmode when using --show-warnings-only or show-warnings-only 2016-04-25 11:51:37 +02:00
mboelen bedadd9cd1 Do not show text on screen in quiet mode 2016-04-25 11:13:27 +02:00
mboelen 2f07fa1d87 Allow show-warnings-only and --(show-)warnings-only option 2016-04-25 11:10:23 +02:00
mboelen 3e20c1e30b [KRNL-5788] Improvements for grsecurity kernels 2016-04-25 10:56:11 +02:00
mboelen 0f64d106b1 Changed supporting text for ReportManual function 2016-04-25 10:55:34 +02:00
mboelen eae8ef99a4 Exit with exit code 0 by default, unless error-on-warnings is being used 2016-04-25 10:18:09 +02:00
Eric Light bcdca90942 Update KRNL-5788 for grsecurity (#178) 
* If grsec installed, build FINDKERNEL from uname -r

When running a grsecurity-patched custom kernel, the /vmlinuz link is often missing.  If this link is missing, and grsecurity is installed, then we can calculate the location of FINDKERNEL with the words "linux-image-", plus the output of "uname -r".

* Suggest manually checking kernel if grsec installed

We can't rely on the apt-cache output when running grsecurity.  This is because apt-cache can't tell us if we're running an up-to-date kernel, when it's a custom kernel with grsecurity.  Instead of confirming that the kernel is OK, we instead should remind the auditor to double-check themselves.
 2016-04-25 09:34:14 +02:00
Eric Light c0f86fef09 Minor reword ("latest" -> "latest installed") (#174) 2016-04-25 09:33:55 +02:00
mboelen 904da4d123 Allow additional profile with --profile 2016-04-23 17:55:32 +02:00
mboelen 60a7abf877 [PKGS-7354] Test for DNF repoquery plugin before using it 2016-04-21 11:44:42 +02:00
mboelen 821be1ea0c Remove color between categories, to prevent new users missing that on white background 2016-04-20 14:14:10 +02:00
mboelen 560acfadf6 Log what particular atomic test has been skipped and why 2016-04-20 12:08:34 +02:00
mboelen 5757837e28 Show skipped items when running in verbose mode 2016-04-20 12:08:10 +02:00
Eric Light a6393bd8a0 Display skipped atomic tests (#169) 
Added section to log & display skipped atomic tests.
 2016-04-20 10:46:40 +02:00
mboelen f915df67d1 Add --verbose option 2016-04-19 21:11:42 +02:00
mboelen b1403aac20 Only show specific status of services when using --verbose 2016-04-19 21:09:27 +02:00
mboelen 5996dcdc95 Add verbose option to profiles 2016-04-19 19:47:50 +02:00
mboelen f0e7b531cd Add --verbose option 2016-04-19 19:46:20 +02:00
mboelen 64561d4b07 Add IsDebug and IsVerbose functions 2016-04-19 19:44:23 +02:00
mboelen d54f3ae307 Collect more ideas for improving the show command 2016-04-19 19:43:51 +02:00
mboelen c1f0b5e8b0 Allow usage of quick=yes in profile 2016-04-19 18:01:48 +02:00
mboelen c2d5d93fad Colored output for debug details on screen 2016-04-19 18:01:16 +02:00
mboelen 1f0261f168 Add details to AddHP function 2016-04-19 17:48:06 +02:00
mboelen 166c35bc69 Change color when UEFI is disabled 2016-04-19 17:45:46 +02:00
mboelen 2a22e5c42a Renamed logtext and report function calls 2016-04-19 17:43:33 +02:00
mboelen 11d0dabf4f [FILE-6372] Ignore comments in /etc/fstab 2016-04-19 17:39:01 +02:00
mboelen 5aa1a27e32 Cleanup 2016-04-19 17:36:53 +02:00
mboelen 6d512f48ac Improved text for assigning hardening points 2016-04-19 17:35:45 +02:00
mboelen a2514f20e1 Improve logging to state what directory will be scanned 2016-04-19 17:25:25 +02:00
mboelen a3ae0a450a No breaks betweens directories 2016-04-19 17:24:08 +02:00
mboelen 2d7ef97605 Consider binaries check as a core test 2016-04-19 17:23:12 +02:00
mboelen a23758e21f Replace = signs to simplify parsing of data 2016-04-19 13:56:28 +02:00
mboelen 3008727ce0 Log exit code of upload activities 2016-04-19 13:56:00 +02:00
mboelen 2886ad0b7e Allow skipping of tests 2016-04-19 12:38:00 +02:00
mboelen a2594fc370 [SSH-7408] Allow skipping some of the SSH tests 2016-04-19 12:37:40 +02:00
mboelen e9eae5b8b5 Allow skipping of individual tests or atomic tests 2016-04-19 12:37:00 +02:00
mboelen 1af95edd8a Updated ReportDetails call with service name 2016-04-19 12:05:13 +02:00
mboelen 0783b2fd4b Use SSH configuration from sshd instead of configuration file, add more details to report 2016-04-19 12:04:51 +02:00
mboelen e68d9e0dae Make report better readable 2016-04-19 12:04:08 +02:00
mboelen 36b7d1bcdd Added new profile option: quick 2016-04-19 12:03:48 +02:00
mboelen 461bb84b62 Use correct TEMP_FILE variable 2016-04-19 10:34:04 +02:00
mboelen 41589b14c2 Added missing ;; 2016-04-19 09:55:02 +02:00
mboelen 2c815129e4 Added details and changed suggestion text 2016-04-19 09:54:18 +02:00
mboelen 722703da31 Extended ReportDetails function 2016-04-19 09:53:30 +02:00
mboelen bebf3d0bd5 Use semicolon instead of comma 2016-04-19 07:38:24 +02:00
mboelen 1205511c9d Change of variables for IDS/IPS and layout changes 2016-04-15 20:07:20 +02:00
mboelen e86f0522bf [TOOL-5102] Imported Fail2ban support and minor improvements 2016-04-15 14:51:53 +02:00
Eric Light 9c2229483f Replaced call to iptables with $IPTABLESBINARY (#167) 
* Replaced call to iptables with $IPTABLESBINARY

* Check for iptables before checking Fail2Ban chain
 2016-04-15 14:18:11 +02:00
mboelen e86c68e3c5 Using question mark better defines the status then NA for most users 2016-04-13 21:49:43 +02:00
mboelen d4a5aba7ea [FILE-7524] Support for multiple profiles 2016-04-13 19:50:15 +02:00
mboelen 015287e963 [CRYP-7902] Added support for multiple profiles 2016-04-13 19:49:30 +02:00
mboelen f4a1ee8ac2 [NETW-3014] Test whitelisted interface in enabled profiles 2016-04-13 17:08:58 +02:00
mboelen 9a0102384f [KRNL-6000] Change test to allow parsing multiple profiles and storing more details 2016-04-13 16:13:04 +02:00
mboelen fdd20a324e Added plugindir argument of show command 2016-04-13 16:12:22 +02:00
mboelen c5de5e6a1b Added ReportDetails to store values of atomic tests 2016-04-13 16:11:46 +02:00
mboelen 13f1373944 Add --plugindir as alias to --plugin-dir 2016-04-13 12:08:31 +02:00
mboelen 28bc866686 Only set new plugin directory if not set before 2016-04-13 12:07:46 +02:00
mboelen 37a2614f79 Allow plugin directory to be configured, and apply new style configuration matching 2016-04-13 11:49:11 +02:00
mboelen 991083c13f Added new function ContainsString to search for the needle in the haystack 2016-04-13 11:48:02 +02:00
mboelen 0288c6df34 Enhanced error handling during license check 2016-04-13 09:09:52 +02:00
Eric Light 3b3a852122 Added tooling tests for Fail2Ban (#162) 
* Added binary for Fail2Ban

* Added test for Fail2Ban (presence and configuration)

* Added test to check for enabled Fail2Ban jails

* Added test to confirm at least one enabled jail. Fixed regex.

* Added check to confirm iptables has a fail2ban chain
 2016-04-13 08:12:26 +02:00
mboelen 59bbacd59b Added more details to show command 2016-04-12 21:59:23 +02:00
mboelen 8a35eed518 Show message on screen when data was uploaded 2016-04-12 21:58:19 +02:00
mboelen af13d322b9 Updated colors 2016-04-12 21:58:01 +02:00
mboelen c0228b8e48 Show release date 2016-04-11 07:57:29 +02:00
Kamil Boratyński 2465556567 features/testcases (#161) 
* Implemented equal test case.

* Implemented not-equal test case.

* Implemented greater-than test case.

* Implemented greater-or-equal test case.

* Implemented less-than test case.

* Implemented less-or-eqal test case.

Added some improvements and unifications.

* Added more unifications.

* Added more logs.

* Unified not-equal test.
 2016-04-10 16:32:21 +02:00
mboelen 066f562365 Allow parsing of multiple profiles 2016-04-07 16:25:11 +02:00
mboelen 810c37287f Support for show helper utility 2016-04-07 16:24:38 +02:00
mboelen 78167f37f2 Clean up of old variables 2016-04-05 11:31:21 +02:00
mboelen b954eeceec Optimized code and solve double proxy statement to upload command 2016-04-05 10:02:32 +02:00
mboelen 95944c0035 Generic improvements for debug status, and cleaning up code 2016-04-02 18:28:53 +02:00
mboelen cab2b9071c Adding --debug to Display function 2016-04-02 18:28:02 +02:00
mboelen 40d11eb37b Added variables related to database status 2016-04-02 18:27:32 +02:00
mboelen 4e58267658 [DBS-1860] Changes to test to make it more optimized 2016-04-02 17:18:49 +02:00
mboelen 17c435801d Added return values to IsRunning function 2016-04-02 17:18:19 +02:00
Andres Gomez Casanova 1b9920fde9 Checks if DB2 LUW is running on a server 
The check if performing by doing a grep on db2sysc, the DB2 instance process.
 2016-04-01 17:38:20 -05:00
mboelen 1426ff16f9 Removed old Display function parameter --text 2016-03-30 14:35:16 +02:00
Michael Boelen 079efdada1 Merge pull request #138 from rhyven/patch-1 
Hide fail2ban open+deleted file warning, when grsec is installed
 2016-03-30 14:34:36 +02:00
Michael Boelen 420b72ae20 Merge pull request #140 from kboratynski/features/macosx_php 
Added OSX default php.ini location.
 2016-03-30 14:33:54 +02:00
Michael Boelen 570639599b Merge pull request #137 from technimad/technimad-patch-1-PHPiniEl6fix 
Added ini dir of EL6
 2016-03-30 14:33:27 +02:00
mboelen 70bb10328f Use echo when checking parameters to prevent incorrect issues with screen output 2016-03-30 14:26:01 +02:00
mboelen 4d52e64b2a Match sshd process running and/or port 22 listening 2016-03-30 13:48:18 +02:00
mboelen 251b861df5 Changed function name to better reflect goal and UDP support 2016-03-30 13:45:34 +02:00
mboelen 3ad0bc9582 Renamed function to IsPortListening 2016-03-30 12:18:11 +02:00
Michael Boelen beb02e2c3d Merge pull request #142 from kboratynski/features/sshd 
features/sshd
 2016-03-30 11:55:58 +02:00
cnrat fcaa7ffe8b Bug fixed 
echo /etc/fstab is wrong.
 2016-03-29 16:35:39 +08:00
mboelen 0e9b63a6ed Adjusted variable to properly check systemd directory 2016-03-24 17:28:53 +01:00
mboelen 0779005b46 [AUTH-9308] Skip testing some files when systemd is used 2016-03-24 17:16:14 +01:00
mboelen d7c8233dd4 Check for systemd 2016-03-24 17:15:39 +01:00
mboelen 0d2be381f9 [AUTH-9308] Test systemd targets 2016-03-24 16:46:54 +01:00
mboelen 95df056ca8 Don't use type -p, as it won't work on all systems 2016-03-24 14:35:12 +01:00
mboelen 45f6bcc601 Minor text changes 2016-03-24 11:11:40 +01:00
Michael Boelen d1bb7855df Merge pull request #139 from rhyven/patch-2 
AUTH-9262 - restructure + pwquality
 2016-03-24 10:52:20 +01:00
Michael Boelen 30dae85a63 Merge pull request #141 from kboratynski/features/macosx_brew 
Added brew as package manager.
 2016-03-24 10:48:03 +01:00
mboelen a3084da623 Improved templates and examples 2016-03-24 10:34:16 +01:00
Kamil Boratyński 1f320f68c2 Fixed IsTcpUdpListening function 2016-03-22 23:57:09 +01:00
Kamil Boratyński 232419df8c Modified SSH service checking. 2016-03-22 23:54:38 +01:00
Kamil Boratyński 3e5555fb12 Added listening function. 
Listening functions checks whether there exist a service listening
on specified protocol and port.
 2016-03-22 23:53:58 +01:00
Kamil Boratyński 85236bb996 Added brew as package manager. 2016-03-22 23:06:10 +01:00
Kamil Boratyński 89cb26c1f1 Added OSX default php.ini location. 2016-03-22 22:21:55 +01:00
Eric Light fad4dfc0cc Modified AUTH-9262 
Added pwquality (default in some Ubuntu variants) to accepted password-quality modules.  Reworked test so that full points are possible (passwdqc and cracklib incompatible).
 2016-03-22 16:30:47 +13:00
Eric Light 2a2c094825 Hide fail2ban open+deleted file warning with grsec 
One of the features in grsecurity also prevents Fail2Ban from creating a temp file under /var/tmp.  I've been unable to pinpoint the line in fail2ban which causes the issue, but have confirmed it's related to Fail2Ban.

Note: disabling the PaX MPROTECT function on /usr/bin/python will also resolve this issue, but it's better to keep MPROTECT on.
 2016-03-22 15:28:21 +13:00
Erwin Vrolijk 7c2b8b90d9 Added ini dir of EL6 
On my EL6 systems PHP uses an ini directory of /etc/php.d, added this to the php test.
 2016-03-21 11:20:30 +01:00
mboelen c3d5dabb49 Move stderr redirection to sysctl command instead of grep, to prevent errors displaying on screen 2016-03-17 21:02:28 +01:00
mboelen e949e560d7 Improve systemd detection on Fedora 2016-03-17 20:57:31 +01:00
mboelen b9dba2f3be Don't show umask exception, as it will trigger on Debian 8 2016-03-17 20:54:28 +01:00
mboelen a427eb6fa7 Rewrote test to determine system manager 2016-03-17 20:32:21 +01:00
mboelen abbcd2f97e Added additional logging for KRNL-5830 2016-03-17 19:39:36 +01:00
mboelen 39f24a57b9 Add Gentoo as Linux version 2016-03-17 18:11:03 +01:00
mboelen 9689417aec Add missing fi 2016-03-17 16:43:33 +01:00
mboelen a33b3c828f Check system manager and allow init as option in /proc/1/cmdline 2016-03-17 16:40:53 +01:00
mboelen 7adf2425a6 Added STRG-1842 to check for authorized USB devices 2016-03-17 16:36:52 +01:00
mboelen 237c0f87a7 BOOT-5104: Rewrote test to detect service manager 2016-03-16 12:10:10 +01:00
mboelen 488c08c3f3 Add better description of hardening points assignment 2016-03-16 11:19:17 +01:00
Michael Boelen 2fe5fa2cc6 Merge pull request #135 from rhyven/patch-5 
Accept apt-get as a package audit tool
 2016-03-16 11:02:35 +01:00
Michael Boelen a629248048 Merge pull request #134 from rhyven/patch-4 
Make AddHP identify non-optimal HP in logfile entries
 2016-03-16 11:02:15 +01:00
mboelen 322c7354d9 Added alternative location for dmidecode 2016-03-16 10:54:49 +01:00
mboelen bdc0f010c1 Set fixed dmidecode location 2016-03-16 09:54:54 +01:00
Eric Light a97bcb2142 Accept apt-get as a package audit tool 2016-03-14 12:02:18 +13:00
Eric Light 2ff7ce26c9 Make AddHP identify non-optimal HP in logfile entries 2016-03-14 10:35:57 +13:00
mboelen b8df6c4204 DBS-1816: Removed suggestion 2016-03-13 16:49:08 +01:00
mboelen 8cc47819b4 Removed copyright line, added description 2016-03-13 16:03:46 +01:00
mboelen 6197ac08e7 Added link to website, blog, github 2016-03-13 16:00:39 +01:00
mboelen dcb7f311fa Changed text and links 2016-03-13 15:48:03 +01:00
mboelen cf553b543c Added missing } 2016-03-12 20:50:28 +01:00
mboelen 89fbdd2feb HTTP-6622: Determine Apache version and store in report 2016-03-12 20:45:37 +01:00
mboelen 6d2770ede6 Added FreeBSD path for namedb configuration file 2016-03-12 20:19:12 +01:00
mboelen e88f15fd82 Removed tabs 2016-03-12 19:08:53 +01:00
mboelen bd833057e1 NAME-4406: adjusted filter for localhost detection + logging 2016-03-12 19:08:23 +01:00