tyler.durden/lynis
1
0
Fork 0
mirror of https://github.com/CISOfy/lynis.git synced 2025-08-19 08:48:19 +02:00
Code Issues Packages Projects Releases Wiki Activity
3,721 Commits 2 Branches 64 Tags
Commit Graph

3721 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
HansHoogerwerf
98ac5a562a
Verify the linux OS supports nanoseconds 
Add extra check to verify the linux OS supports nanoseconds. This might not be the case with certain busybox implementations.
 2022-10-17 15:46:40 +02:00
Michael Boelen
490d39f580
Merge pull request #1292 from konstruktoid/issue1291 
Only test Compression if sshd version < 7.4
 2022-10-12 10:51:31 +02:00
Michael Boelen
bf4fa9fabf
Merge pull request #1294 from konstruktoid/issue1288 
add plocate
 2022-10-12 10:48:25 +02:00
Michael Boelen
6a5b5f90c9
Merge pull request #1324 from nickanderson/issue-1323/master 
Fixed typo in Group for FINT-4316
 2022-10-12 10:37:05 +02:00
Michael Boelen
6ee10048b1
Merge pull request #1336 from MassacreNetworks/patch-1 
expected variable $NOW
 2022-10-12 10:36:29 +02:00
Ximalas
49bbf25abe
Update tests_database: Redis configuration file 
On FreeBSD the Redis configuration file is typically stored as /usr/local/etc/redis.conf.
 2022-09-26 10:05:39 +02:00
Massacre Networks
2c27a8fdce
expected variable $NOW 2022-09-24 19:11:40 +03:00
Michael Boelen
73d43c25eb
Moved section to discover current timestamp related to issue #1329 2022-09-17 14:49:26 +00:00
Zafer Balkan
2788d9fff3
Merge branch 'CISOfy:master' into wazuh-malware-scan 2022-08-29 15:40:23 +03:00
Michael Boelen
b53d6a80d7
Updated log 2022-08-24 11:43:37 +00:00
Michael Boelen
622f53247d
[DBS-1820] added newer style format for Mongo authorization setting 2022-08-24 11:42:22 +00:00
Thomas Sjögren
4f6eeb7537 remove file from path 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2022-08-24 10:17:54 +02:00
Thomas Sjögren
fc62b39f34 find redis.conf if /snap directory exists 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2022-08-23 11:57:05 +02:00
Thomas Sjögren
fe5990f208 remove whitespaces 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2022-08-23 11:56:25 +02:00
Nick Anderson
a19f532ddf
Fixed typo in Group for FINT-4316 
Closes #1323
 2022-08-17 14:03:21 -05:00
Zafer Balkan
3140a245da
Added wazuh-agent as a remote syslog capability 2022-08-05 15:45:35 +03:00
Zafer Balkan
32a39eaaf8
Added Wazuh agent as a rootkit scanner 
Wazuh is a fork of OSSEC and is being actively maintained. Wazuh agent has capabilities to detect and prevent rootkits. Therefore, it seems feasible to add wazuh-agent to the accepted rootkit detection products.

https://documentation.wazuh.com/current/pci-dss/rootkit-detection.html
 2022-07-20 21:50:26 +03:00
Zafer Balkan
e4cd5eaede
Added Wazuh Agent as a malware scanner/antivirus 
Solves https://github.com/CISOfy/lynis/issues/1304

Wazuh is a fork of OSSEC and is being actively maintained. Wazuh agent has capabilities to detect and prevent malware acting as an EDR. Therefore, it seems feasible to add wazuh-agent to the accepted antivirus products.

https://documentation.wazuh.com/current/user-manual/capabilities/anomalies-detection/index.html
https://documentation.wazuh.com/current/pci-dss/rootkit-detection.html
 2022-07-20 21:41:55 +03:00
Fionn Fitzmaurice
74fdee1e33 Support Arch Linux ARM detection 2022-07-12 20:53:03 +08:00
Thomas Sjögren
b3436629ce add check for ESET oaeventd 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2022-06-20 09:54:29 +02:00
Thomas Sjögren
225338a923 use systemctl get-default instead of following links 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2022-05-18 18:02:34 +02:00
Michael Boelen
8d9cdb22f4
Release 3.0.8 3.0.8 2022-05-17 15:07:48 +02:00
Thomas Sjögren
975712a616 add plocate 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2022-05-15 23:58:43 +02:00
Thomas Sjögren
e124499e27 Only test Compression if sshd version < 7.4 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2022-05-04 10:51:35 +02:00
mab974
f315c0b325
osdetection: add Koozali #1274 2022-04-13 13:42:21 +04:00
Skia
34d99f72f6 osdetection: add PostmarketOS 2022-03-17 23:28:34 +01:00
Michael Boelen
64758216f2
Merge pull request #1271 from fizista/symlink_file 
Allow symlinks to be used when searching for configuration files
 2022-03-14 11:54:55 +01:00
Michael Boelen
0664dea946
Merge branch 'master' into symlink_file 2022-03-14 11:54:03 +01:00
Michael Boelen
5cd4b239b5
Update CHANGELOG.md 2022-03-14 11:49:41 +01:00
Michael Boelen
e2781677ba
[KRNL-5820] small changes to prevent using ROOTDIR and resetting it, also showing additional paths in screen output 2022-03-14 11:48:30 +01:00
Michael Boelen
ff3f24bbba
Merge pull request #1265 from rfrohl/alternative_path_security-limits 
[KRNL-5820] additional path for security/limits.conf
 2022-03-14 11:30:29 +01:00
Wojciech Banaś
4098236412 #1270 added finding configuration files in the "etc" directory, even if they are symlinks 2022-02-14 13:23:20 +01:00
Michael Boelen
4f382331b3
Renumbered new test PKGS-7346 to PKGS-7200 2022-02-10 14:26:38 +01:00
Michael Boelen
f64f17f90b
Update tests.db 2022-02-10 14:24:15 +01:00
Michael Boelen
b744cffdf2
Updated log 2022-02-10 14:20:25 +01:00
Michael Boelen
8afa7d93fe
Merge pull request #1254 from pyllyukko/pam_faillock 
Check for pam_faillock in AUTH-9408
 2022-02-10 14:18:19 +01:00
Michael Boelen
59d1d8acd8
Merge pull request #1247 from devnull-hub-lab/patch-1 
Update mod_security module version
 2022-02-10 12:05:43 +01:00
Michael Boelen
0830a745cc
Merge pull request #1250 from JensChrG/master 
Dont write over FIND variable. Fixes #1021
 2022-02-10 12:03:46 +01:00
Michael Boelen
cd433e928e
Merge pull request #1205 from kolenichsj/alpine_apk 
Adding support for Alpine Package Keeper
 2022-02-10 12:00:38 +01:00
Michael Boelen
e0b5dcf7d4
Merge pull request #1226 from konstruktoid/1220 
Extend HasCorrectCheckPermissions logging
 2022-02-10 11:52:11 +01:00
Michael Boelen
7fbcede421
Merge pull request #1235 from zwack-am/master 
Updated PAM_FILES_LOCATION for AARCH64
 2022-02-10 11:49:21 +01:00
Michael Boelen
66f93f0275
Removed bashism: == 2022-02-10 09:35:41 +01:00
Michael Boelen
4ecd03598f
Merge pull request #1225 from konstruktoid/ISSUE1214 
add symlink support to HasCorrectFilePermissions and IsWorldWritable
 2022-02-08 11:27:29 +01:00
Robert Frohl
14fd7dabc8
[KRNL-5820] additional path for security/limits.conf 
Changes the user facing output to display a full path, allowing the user to
better grasp which security/limits.conf file is affected.

fix issue #1264
 2022-02-04 13:51:36 +01:00
Michael Boelen
546693636d
Updated log 2022-01-31 17:08:08 +01:00
Michael Boelen
b0ca58895b
[KRNL-5788] Only run relevant tests and improved logging 2022-01-31 17:07:41 +01:00
Michael Boelen
83296d6e8f
Updated log 2022-01-31 16:39:09 +01:00
Michael Boelen
8604431e19
Merge pull request #1261 from jsegitz/reboot_test 
check /boot/vmlinuz as a symlink in the reboot test
 2022-01-31 16:38:38 +01:00
Steve Kolenich
eb46f39c44 Merge remote-tracking branch 'origin/master' into alpine_apk 2022-01-31 10:05:26 -05:00
Michael Boelen
ce4a0ce6bb
Updated log 2022-01-31 16:00:11 +01:00