tyler.durden
/
lynis
mirror of https://github.com/CISOfy/lynis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
2,089 Commits 2 Branches 63 Tags 18 MiB
Commit Graph

1399 Commits

Author SHA1 Message Date
Oliver Mueller 7e0b300e27 Issue/288 (#530) 
* enhanced check "DBS-1816: mysql root user with empty password" to avoid false positived when authentication plugins are used

* fixed indent to spaces
 2018-03-22 09:07:48 +01:00
Michael Boelen 40282cde49
[TIME-3160] improvements to detect step-ticker file and entries 2018-03-10 12:26:09 +01:00
James White 1d982a26d0 Add remi repo php.ini paths (#529) 2018-03-10 12:07:29 +01:00
Michael Boelen a7845b6748
[NAME-4402] Enhanced test to filter out empty lines 2018-03-05 11:43:33 +01:00
Michael Boelen dabf7d3e80
Merge branch 'master' of https://github.com/CISOfy/lynis 2018-03-05 11:32:40 +01:00
Michael Boelen 211fb9117c
[CRYP-7902] - Do prevalidation for certificates before testing them 2018-03-05 11:32:23 +01:00
Jason Soto 94e4fb4bd9 Solved null byte bash warning (#523) 2018-03-05 11:19:57 +01:00
Michael Boelen 73a4e92a7b
[HRDN-7222] enhanced compiler permission test 2018-03-04 17:52:15 +01:00
Michael Boelen e210d7f3b6
[PKGS-7384] changes to detect yum-utils package and related tooling 2018-02-19 15:01:59 +01:00
Michael Boelen f0ef7fb785
Initial version of PackageIsInstalled function 2018-02-19 15:01:26 +01:00
Michael Boelen 5e9253e8f4
Add host identifier options and use manual configured setting in function 2018-02-16 19:29:08 +01:00
mslifcak c170f1fc0a Pin db sync (#519) 
* fix testname in one Register and four comments

* remove db dup MAIL-8816; add db AUTH-9489 BOOT-5261 CORE-1000 FILE-6363 FILE-6439 KRNL-5831 MAIL-8817 SINT-7010 USB-3000

* fix description PLGN-3856
 2018-02-09 12:37:10 +01:00
Michael Boelen c53072e31e
Ensure a parent directory with binaries is scanned - issue #517 on GitHub 2018-02-06 10:45:41 +01:00
Michael Boelen a5cbc12734
Include location when uploading data 2018-02-06 10:44:30 +01:00
Michael Boelen 96b21da96a
Removed brackets while searching for home directory entries 2018-01-26 13:00:24 +01:00
Michael Boelen ce6693e873
Use existing IDs for tests, renumbering will happen later 2018-01-26 12:36:33 +01:00
Michael Boelen 0d3b89e254
Minor changes 2018-01-26 12:28:52 +01:00
Dave Vehrs a30d429315 tests_usb updates (#514) 
* Added kernel.dmesg_restrict to sysctl checks.

* Moved usb-storage and autthorization tests tests_usb

* Limit Suggestions when USBGuard installed

* Changed usb_devices to usb
 2018-01-26 12:24:33 +01:00
Michael Boelen 7b664a7560
Reverse PATH search 2018-01-25 19:43:51 +01:00
Michael Boelen 3a4bc4db9c
Use binary paths from both PATH and predefined list to improve detection on all platforms 2018-01-25 19:14:58 +01:00
Michael Boelen eb8b467915
Add TODO for PAM checks on AUTH-9286 2018-01-24 19:41:15 +01:00
Michael Boelen 2ec24e73ed
Initial import for USB group 2018-01-24 19:39:06 +01:00
Michael Boelen 6259e27b0b
Initial value for PHPVERSION 2018-01-24 19:38:36 +01:00
Dave Vehrs 8f689d4723 Adding USBGuard to checks for USB Devices. (#499) 
* Added kernel.dmesg_restrict to sysctl checks.

* Initial addition of tests_usb_devices

* More updates for tests_usb_devices

* More updates

* Updated logging and other output.
 2018-01-24 19:29:50 +01:00
Katarina Durechova 993edc9738 [FILE-6363] Check for sticky bit on /var/tmp (#473) 2018-01-24 17:08:21 +01:00
Michael Boelen 4ba9882335
Added notes 2018-01-23 17:37:27 +01:00
mslifcak 84ea9530d7 restore UsePrivilegeSeparation to list of ssh daemon checks (#509) 2018-01-23 17:35:34 +01:00
Michael Boelen 2bf6a5e038
Overhaul of default profile settings and parsing 2018-01-23 15:01:02 +01:00
Michael Boelen 6192cbd8fa
Update tests to reflect new style profile configuration 2018-01-23 15:00:34 +01:00
Michael Boelen 18bd61ebec
Deprecate internal updater options 2018-01-23 14:37:02 +01:00
Michael Boelen 85c83102df
Add 'compliance-standards' as profile option, compliance_standards will be deprecated 2018-01-23 14:36:04 +01:00
Michael Boelen 3ba399c4c3
Mark deprecated options as a warning 2018-01-23 14:29:37 +01:00
melak 0b2cd02f0d Fix/amend DHCP client detection (#513) 
- dhcpd is a server; the client is dhcpcd

- While here, add udhcpc to the list of recognised DHCP clients
 2018-01-21 12:29:49 +01:00
mslifcak e0e76c97df also find exim4 in MAIL-8802 (#512) 2018-01-20 17:32:26 +01:00
Michael Boelen 3da779f62c
Added 'system-groups' option for Enterprise users 2018-01-19 20:01:06 +01:00
Michael Boelen 1bf789861d
Add possibility to define an array of allowed operating systems for a test 2018-01-18 20:26:19 +01:00
Michael Boelen 18feb2356b
[TIME-3170] Chrony NetBSD support 2018-01-18 20:14:38 +01:00
Michael Boelen c6269941b3
Added lsmod binary 2018-01-18 16:54:45 +01:00
Michael Boelen fcb421e458
Added vgdisplay binary 2018-01-18 16:53:39 +01:00
Michael Boelen cb8ab96308
Added GRUB conf file 2018-01-18 16:52:30 +01:00
Michael Boelen 503b2662c6
Implemented NetBSD patch: use correct syntax to compare values 2018-01-18 16:50:23 +01:00
mslifcak 6c257d6224 touchup BOOT_LOADER_SEARCHED setting for BOOT-5106 and BOOT-5108 (#511) 2018-01-18 16:36:43 +01:00
Michael Boelen 6e549eb545
Set ip binary 2018-01-18 16:23:55 +01:00
Michael Boelen 3957ca32cd
Minor code enhancements 2018-01-18 16:23:23 +01:00
Michael Boelen 173068b402
Added getcap and grpck back 2018-01-18 11:10:11 +01:00
Michael Boelen 4f751c9037
Remove service manager reference from systemctl, minor cleanup 2018-01-18 10:23:39 +01:00
Michael Boelen 182ce09bc1
Additional code enhancements 2018-01-18 09:19:06 +01:00
Michael Boelen 8934042473
Code enhancements 2018-01-17 17:26:30 +01:00
mslifcak 25b3c4f1eb VBoxService running is another VirtualBox clue (#505) 2018-01-17 17:19:51 +01:00
BlessJah d7d42d9103 remove non printable characters from code (#470) 
Non printable ESC character is required to obtain terminal escape
sequence i.e. for changing output color.

Such sequences (especially ESC character) were replaced by command
substitution producing exactly same result (variable value), but using
only "safe" characters.

Use of printf and especialy '\033' or '\0ddd' sequences is described
here:
http://pubs.opengroup.org/onlinepubs/9699919799/utilities/printf.html#tag_20_94_13

Use of $(command) or command substitution is described here:
http://pubs.opengroup.org/onlinepubs/9699919799/utilities/V3_chap02.html#tag_18_06_03

Verbatim TAB characters were replaced with \t escape sequence as
described to avoid problems with editors silently replacing them or
developer accidentialy messing up the regex.
 2018-01-17 17:12:36 +01:00