tyler.durden
/
lynis
mirror of https://github.com/CISOfy/lynis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
3,787 Commits 2 Branches 62 Tags 17 MiB
Commit Graph

271 Commits

Author SHA1 Message Date
Amaury Korb e1bcfe955e
Add STATUS_NOT_ACTIVE 2023-08-02 23:24:47 +02:00
Amaury Korb a23853eebd
Add STATUS_NOT_ACTIVE 2023-08-02 23:24:18 +02:00
Samuel Henrique (samueloph) e797d2d3bf Update Amazon Linux EOL dates and add Amazon Linux 2023 
Sources:
 AL2023 EOL: https://docs.aws.amazon.com/linux/al2023/release-notes/support-info-by-support-statement.html#support-info-by-support-statement-eol
 AL2 EOL: https://aws.amazon.com/amazon-linux-2/faqs/
 AL EOL: https://aws.amazon.com/blogs/aws/update-on-amazon-linux-ami-end-of-life/
 2023-08-02 17:20:01 +00:00
Xavier Noguer b16b4628c7 Fixing test numbers in db/tests.db with the actual numbers used for those tests 2023-05-30 08:38:17 +00:00
Xavier Noguer 9f36e17ee0 Added tests considering Wazuh for file integrity and tooling 2023-05-23 15:07:42 +00:00
xnoguer fd64aa24d6 Adding test MALW-3291 in order to solve issue 1322 (related to issue 994) 2023-04-18 16:46:19 -04:00
DemurAIdev 02ad15862d ID Languages add 2023-03-06 11:45:01 +07:00
noci2012 b64f7c8f53
Typo in previous paste 2023-01-08 00:41:56 +01:00
noci2012 e618acaf96
Update some EOL date 2023-01-08 00:40:36 +01:00
Nick Anderson a19f532ddf
Fixed typo in Group for FINT-4316 
Closes #1323
 2022-08-17 14:03:21 -05:00
Michael Boelen f64f17f90b
Update tests.db 2022-02-10 14:24:15 +01:00
Michael Boelen 4c66b504f5
Merge pull request #1204 from kolenichsj/eol 
Update EOL for Alpine Linux release
 2022-01-31 15:58:56 +01:00
Michael Boelen b4287df9c6
Corrected timestamp for Alpine 3.15 2022-01-31 15:58:07 +01:00
Michael Boelen 98f57d6d76
Added MALW-3274 to detect McAfee VirusScan Command Line Scanner 2022-01-31 13:29:11 +01:00
Steve Kolenich 7f3ed088cd Update EOL for Alpine Linux release 2022-01-11 09:13:12 -05:00
Steve Kolenich 80e13f2742 Merge remote-tracking branch 'origin/master' into eol 2022-01-11 09:06:12 -05:00
zhelemysh cb9b5e0340
Update ru 
fix
 2021-11-09 14:55:32 +00:00
zhelemysh 161042c0e2
Update ru 2021-11-08 16:48:34 +00:00
Steve Kolenich b96e42d50b Update EOL for Alpine Linux release 2021-09-01 15:58:59 -04:00
Michael Boelen a836d0d5fb
Added MALW-3290 2021-07-27 10:43:16 +02:00
Michael Boelen 609cbf34f3
Sorted text strings 2021-07-21 00:22:28 +02:00
Michael Boelen 7e2cec540b
Added missing strings 2021-07-21 00:20:50 +02:00
Michael Boelen 997b84cc55
Merge pull request #1170 from al-lac/extend-german-language 
Update german language (de)
 2021-07-20 23:27:36 +02:00
Alexander Lackner 7542f2fadb Add missing german strings 2021-06-15 20:52:11 +02:00
Félix Brezo, Ph. D 448b69ddb1 Update es 
Add additional messages from the English version. The elements were reordered alphabetically.
 2021-06-14 23:20:09 +02:00
Michael Boelen d0e1b7cd8e
Added CRYP-8006 2021-05-11 19:59:16 +02:00
Michael Boelen 32143f6377
Merge pull request #1139 from teoberi/New-test-BOOT-5140---Check-for-ELILO-boot-loader-presence 
New test: BOOT-5140 - Check for ELILO boot loader presence
 2021-05-11 11:21:33 +02:00
Michael Boelen e493c6717c
Added ACCT-9672 2021-05-11 11:18:37 +02:00
Michael Boelen 77fab97e77
Added ACCT-9670 2021-05-11 11:17:23 +02:00
Michael Boelen aab6af4017
Merge pull request #1118 from steph78630/master 
Add translated status
 2021-04-01 13:34:20 +02:00
Stéphane 3683ffd3c4
Add translated status 2021-03-02 23:31:41 +01:00
Steve Kolenich 197ab10fde Update EOL and URL for Alpine 2021-01-22 08:25:30 -05:00
Michael Boelen ab1111c0ed
Merge pull request #905 from topimiettinen/check-non-native-binary-formats 
Check for registered non-native binary formats
 2021-01-07 15:16:34 +01:00
Stéphane f1604c2e55
Add and improvements strings 2021-01-05 11:53:11 +01:00
teoberi a9cc4e0c62
Update tests.db 
Add TestID for ELILO
 2021-01-03 12:09:09 +02:00
Michael Boelen 208518d8fa
Merge pull request #1088 from steph78630/master 
Addition and improvement of translated strings
 2020-12-17 14:23:48 +01:00
Michael Boelen c9a57d2caf
Merge pull request #1062 from Varbin/solaris-loghost-not-localhost 
Test if loghost is not localhost
 2020-12-17 14:18:31 +01:00
Stéphane 8a32062459
Adding and improvement translated strings 2020-12-16 01:13:01 +01:00
Michael Boelen 258b2bf05f
Merge pull request #1064 from Varbin/solaris-ips-svcs 
Add support for Solaris services, run BOOT-5184 there
 2020-12-15 14:16:18 +01:00
Michael Boelen 1d908e19ac
Mark test as multi-OS by removing all values 2020-12-15 14:15:26 +01:00
Simon Biewald 7c475ddab0 Fix typos 
Signed-off-by: Simon Biewald <simon@fam-biewald.de>
 2020-11-14 21:25:40 +00:00
Simon Biewald 7ec3b5b0d5 Add more status strings (en and de) 
Signed-off-by: Simon Biewald <simon@fam-biewald.de>
 2020-11-14 20:34:34 +00:00
Simon Biewald 777da3a4eb Extend German translation file 
Signed-off-by: Simon Biewald <simon@fam-biewald.de>
 2020-11-14 20:34:23 +00:00
Simon Biewald 7cb84bf2a8 Add OmniosCE and Solaris EOL dates 2020-11-09 23:26:17 +00:00
Josh Soref f1cb5054c4 spelling: authoritative 
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
 2020-11-08 23:35:46 -05:00
Simon Biewald 25278b6b38 Add support for Solaris services, run BOOT-5184 there 
The Solaris IPS service manager (svcs) is now detected, and services
managed with it are enumerated.

Test BOOT-5184 now runs on Solaris, too, as SysV init scripts are
supported as well, even with IPS. SysV Init has been the traditional
init system on Solaris.
 2020-10-25 21:51:12 +00:00
Simon Biewald 1f3d0956a7 Test if loghost is not localhost 
On Solaris, the name loghost can be used to point to remote log servers.
By default loghost is configured to 127.0.0.1, logging to the local
machine.

Thus a new test - LOGG-2153 - is created to test if loghost is not
localhost and LOGG-2154 is modified to ignore @loghost lines if loghost
is localhost.
 2020-10-25 20:28:19 +00:00
Michael Boelen 43d0c6a8fd
Merge branch 'master' into add-suricata-ids-ips-test 2020-10-25 12:50:25 +01:00
Steve Kolenich 806ba69b36 Add values for Italian 2020-10-22 14:41:59 -04:00
Steve Kolenich 299f531dcb sorted italian language file 2020-10-22 12:17:00 -04:00
Michael Boelen bd6e1d5d39
Include AUTH-9284 and minor changes 2020-10-22 14:17:01 +02:00
Michael Boelen 1fe12c0023
Merge pull request #1008 from kolenichsj/master 
Alpine Improvements
 2020-10-22 13:28:05 +02:00
Stéphane 67d04f2536
Add translate function for all sections 
+ add EN and FR up to date languages files
 2020-10-22 00:13:42 +02:00
Claudia afc4604b9f
Update macOS EOL 2020-10-20 22:21:13 +02:00
Michael Boelen 5cb8c68d5c
Merge branch 'master' into macos-eol 2020-10-20 13:16:12 +02:00
Thomas Sjögren f0ded6c2a3 add Mageia EOL dates and grep /etc/mageia-release 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2020-10-19 12:07:16 +02:00
Stéphane eaca6127ec
Improvements and addition of strings 2020-10-17 00:04:09 +02:00
Timo Sigurdsson b7d5b8a4b9 Update tests.db and CHANGELOG.md for new test TOOL-5130 
Add the new test TOOL-5130 (Check for active Suricata daemon) to the tests
database and update the changelog accordingly.

Signed-off-by: Timo Sigurdsson <public_timo.s@silentcreek.de>
 2020-10-11 11:15:48 +02:00
Steve Kolenich ec551d732d Added Alpine Linux EOL dates 2020-08-10 12:26:55 -04:00
Claudia 48e794574a
Add macOS EOL 
Apple doesn’t disclose when it stops providing security updates for
macOS versions. There’s no consensus on when the exact EOL date is.

Lacking that information, I applied the following ruleset, which is
driven by what people have observed, and seems pragmatic enough:

- From Mac OS X 10.0 through 10.4, a version 10.N would be considered
  EOL on the day the first patch-level update 10.(N+2).1 for its
  N+2 successor was released.

- Starting with 10.5, Apple began to support three versions at the same
  time. For 10.5 itself, the EOL date is difficult to pin down so I
  went with 2011-06-23, the date given by the English-language
  Wikipedia.

- From 10.6 through 10.11, a version 10.N would be considered EOL on
  the day the first patch-level update 10.(N+3).1 for its N+3 successor
  was released.

- Starting with macOS Sierra (10.12), Lynis counts the patch level.
  Any version 10.N.P can be considered EOL on the day 10.N.(P+1)
  is released. If that hasn’t happened, the EOL date is the day
  10.(N+3).1 is released. If neither has been released, 10.N.P has
  no EOL date.
 2020-08-08 19:11:44 +02:00
Simon Biewald 38b6105c60
add new test to test database 2020-07-09 18:27:02 +02:00
Michael Boelen 1da058d6de
Corrected Amazon Linux entries 
Switched entries and added a note. Due to matching by regular expression, the shortest match would otherwise always win.
 2020-06-30 09:01:29 +02:00
Thomas Sjögren e3ccca4ac0 add SUSE Linux Enterprise Server EOL 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2020-06-25 15:33:31 +02:00
Michael Boelen d1cb4d71cd
Merge pull request #951 from al-lac/master 
Update language files (de, de-AT, en)
 2020-06-22 14:14:50 +02:00
Michael Boelen 22644edc50
Added missing colons 2020-06-21 12:40:43 +02:00
Michael Boelen f855fe7a04
Added Linux Mint 2020-06-21 12:40:03 +02:00
Michael Boelen 06b3cbe529
Reordered items 2020-06-21 12:36:36 +02:00
Alexander L dfb02e4179
Update de 
Sorting
 2020-06-20 14:23:17 +02:00
Alexander L 4a71989d2e
Update en 
Sorting
 2020-06-20 14:20:58 +02:00
Alexander Lackner 6aa63f1c95 Update language files (de, de-AT, en) 2020-06-20 02:12:57 +02:00
Thomas Sjögren 78e7ce36af add RHEL 6,7,8 EOL dates 
(cherry picked from commit 6ce0aa41c6)
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2020-06-18 10:15:13 +02:00
Thomas Sjögren 41ad9d380c update all EOL dates to seconds to epoch 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2020-06-16 09:05:55 +02:00
Thomas Sjögren ca6326a12b
Update db/software-eol.db 
Co-authored-by: Jaimie <59117167+Jaimie85@users.noreply.github.com>
 2020-06-15 07:40:57 +00:00
Thomas Sjögren b3e1fc67c8 add Fedora EOL, update other releases 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2020-06-15 01:35:00 +02:00
Jaimie f072f808a2
Update nl 2020-05-20 15:41:46 +02:00
Michael Boelen ce3c80b44f
Merge pull request #883 from topimiettinen/check-encrypted-swap-devices 
Check if system uses encrypted swap devices
 2020-04-12 16:22:22 +02:00
Topi Miettinen de848cb76a
Check for registered non-native binary formats 
Examine /proc/sys/fs/binfmt_misc (Linux) for additional registered
binary formats. Those are probably emulated and their emulation could
be less tested, more buggy and more vulnerable than native binary
formats, so they should be disabled when not needed.

Signed-off-by: Topi Miettinen <toiwoton@gmail.com>
 2020-04-10 12:54:48 +03:00
0xD503 49549f9155 Added Russian translation 
Added Russian localization
 2020-04-05 22:01:29 +01:00
Michael Boelen 032bb6988e
Added new test NETW-2400 2020-04-04 15:28:04 +02:00
Michael Boelen 5288479296
Merge pull request #899 from bginsbach/auth-9218 
AUTH-9218 Improvements
 2020-04-03 09:48:39 +02:00
Brian Ginsbach 6308682cae Combine AUTH-9218 and AUTH-9489 
These two tests are essentially identical. There is no need separate
the DragonFly and FreeBSD tests. This will make it easier to add
support for other BSD systems.
 2020-04-02 20:09:01 -05:00
Michael Boelen 38a5c2cb79
Added new test PHP-2382 2020-04-02 19:46:58 +02:00
Michael Boelen 4cf21ebdcc
Added FILE-6394 2020-04-01 16:19:09 +02:00
Topi Miettinen 5c5cc43c6f
Check if system uses encrypted swap devices 
Add test CRYP-7931 to check if the system uses any encrypted swap
devices.

Signed-off-by: Topi Miettinen <toiwoton@gmail.com>
 2020-03-27 13:05:56 +02:00
Michael Boelen 5e821687af
Added new tests 2020-03-24 13:33:24 +01:00
Michael Boelen 18a570c0b8
Merge pull request #880 from konstruktoid/grphashrounds 
Add test for group password hash rounds
 2020-03-24 13:24:12 +01:00
Thomas Sjögren 6818db5e12 add AUTH-9230 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2020-03-24 11:43:34 +01:00
Topi Miettinen 8913374092 Run 'systemd-analyze security' 
'systemd-analyze security' (available since systemd v240) makes a nice
overall evaluation of hardening levels of services in a system. More
details can be found with 'systemd-analyze security SERVICE' for each
service.

Signed-off-by: Topi Miettinen <toiwoton@gmail.com>
 2020-03-23 17:31:32 +02:00
Michael Boelen 32cefdea0a
Merge pull request #878 from topimiettinen/check-ima-evm 
Check IMA/EVM, dm-integrity and dm-verity statuses
 2020-03-23 13:18:16 +01:00
Michael Boelen 122619d01f
Merge pull request #874 from topimiettinen/check-password-hashing-methods 
Check password hashing methods
 2020-03-23 12:49:20 +01:00
Topi Miettinen 8ea39314f2
Check for dm-integrity and dm-verity 
Detect tools for dm-integrity and dm-verity, check if some devices
in /dev/mapper/* use them and especially the system root device.

Signed-off-by: Topi Miettinen <toiwoton@gmail.com>
 2020-03-23 10:35:38 +02:00
Topi Miettinen 203a4d3480
Check IMA/EVM status 
Check for evmctl (Extended Verification Module) tool and system IMA (Integrity Measurement
Architecture) status.

Signed-off-by: Topi Miettinen <toiwoton@gmail.com>
 2020-03-22 11:21:52 +02:00
Topi Miettinen 26a54991ba
Check for software pseudo random number generators 
Check for running audio-entropyd, havegd or jitterentropy-rngd.

Signed-off-by: Topi Miettinen <toiwoton@gmail.com>
 2020-03-21 16:26:30 +02:00
Michael Boelen 6e9482a571
Merge branch 'master' into netbsd-eol 2020-03-21 13:34:41 +01:00
Topi Miettinen 4a51ad031b
Check password hashing methods 
Manual page crypt(5) gives recommendations for choosing password
hashing methods, so let's check if there are weakly encrypted
passwords in the system.

Signed-off-by: Topi Miettinen <toiwoton@gmail.com>
 2020-03-21 12:50:38 +02:00
Brian Ginsbach 50fc3f816a Add NetBSD EOL data 2020-03-20 13:42:28 -05:00
Brian Ginsbach 52344913d3 Add a way to signify undetermined EOL 
Replace setting an artificaly high date and converted date for
operating systems with no EOL (rolling) or the EOL is still to
be determined. This makes it easier for humans and saves making
a comparison (when using an artifically high converted time)
will always be false (EOL=0).

An example entry

        os:AGreatOS 2.0:👎

The converted time (seconds since the epoch) could be specified as
zero but this typically means the OS is out of date (now), A value
of -1 is a convention indicating no EOL.
 2020-03-20 13:42:28 -05:00
Michael Boelen af03c07d9f
Shortened CentOS 7/8 strings to allow match and added note 2020-03-20 19:39:49 +01:00
Michael Boelen 724acf1be5
Added CentOS 8 end-of-life 2020-03-20 19:33:10 +01:00
Michael Boelen 27cdcec741
Add CentOS 7 (Core) 2020-03-20 14:57:28 +01:00