tyler.durden
/
lynis
mirror of https://github.com/CISOfy/lynis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
630 Commits 2 Branches 61 Tags 16 MiB
Commit Graph

434 Commits

Author SHA1 Message Date
mboelen 6857f01500 Added LDAP configuration file location to report, and code cleanups 2015-07-16 17:02:15 +02:00
James White f341b01e4d Fix false positive matches with unsafe ports on SQD-3624 
The grep statement needs to be modified to prevent tagging port values that contains a value in `SQUID_DAEMON_UNSAFE_PORTS_LIST` but aren't actually the listed port.
 2015-07-15 11:50:56 +01:00
Michael Boelen 4266992f6b Merge pull request #39 from aneeshusa/check-locate-preqs 
Prevent the locate test from running spuriously when locate is not present.
 2015-07-14 00:55:47 +02:00
Michael Boelen 6694add635 Merge pull request #38 from aneeshusa/update-systemd-sulogin-detection 
Update check for sulogin under systemd.
 2015-07-14 00:49:40 +02:00
mboelen e8111a124f Increase default minimum amount of connections before alerting 2015-07-14 00:31:59 +02:00
mboelen 7d30538311 Added missing bracket 2015-06-17 17:13:44 +02:00
mboelen b947bb085c Changed detection, added examples of fstab entries 2015-06-17 17:06:51 +02:00
mboelen f34e59663f Report hardening index, even when report is not shown 2015-06-11 20:50:19 +02:00
mboelen f0026427bb Textual changes 2015-06-11 13:58:30 +02:00
mboelen 0d4b25d308 Disable suggestion for this test 2015-06-11 13:58:16 +02:00
mboelen e13a9087ea Added compilers to report 2015-06-11 13:57:57 +02:00
mboelen 72feac9638 Added additional legal words for banner usage 2015-06-11 13:57:37 +02:00
mboelen 785ac74f91 Moved tests to new container group 2015-05-27 12:36:34 +02:00
mboelen 5f3c47df68 Added debsecan, debsums and kernel package counting 2015-05-27 12:35:56 +02:00
mboelen 7f0fbcf359 Initial import for container category 2015-05-27 12:34:01 +02:00
mboelen f60011eb1b Removing tests which were already performed in authentication section. 2015-05-27 11:43:08 +02:00
mboelen 917c790ecc Changed text 2015-05-27 11:42:31 +02:00
mboelen fe636c7d6c Docker support 2015-05-27 11:25:35 +02:00
mboelen 30b9b1edd9 Added support for Docker binary 2015-05-27 11:25:07 +02:00
mboelen bb696a04f1 Improved detection of directories in logrotate 2015-05-26 11:13:47 +02:00
mboelen c70f3e93cd Cleanup of screen output, with focus on minimum output 2015-05-26 11:13:23 +02:00
mboelen a1095ef941 Improved swap detection and added UUID check 2015-05-26 11:12:36 +02:00
mboelen 3c3bb2d0db Do not show auditd suggestion for OpenVZ systems 2015-05-26 11:11:42 +02:00
mboelen 1a04109dad Extended descriptions 2015-05-26 11:11:15 +02:00
mboelen 52b8c3a6a7 Added VMTYPE 2015-05-26 11:10:50 +02:00
mboelen b885b9f84f Add missing pipe 2015-05-25 23:20:52 +02:00
mboelen 1d1aa3c966 Improved kernel detection on Slackware 2015-05-25 23:17:42 +02:00
mboelen 2f0e9f0981 Changed last line 2015-05-25 23:17:21 +02:00
mboelen ef2b12e218 Added block and character type devices as symlinks 2015-05-25 23:17:08 +02:00
mboelen 3f3ced806e Changed last line 2015-05-25 23:16:45 +02:00
mboelen 7854eeae20 Chronyd support, finishing test 2015-05-25 17:45:41 +02:00
mboelen 1c07e6fa2c New test TIME-3106, Chronyd and systemd-timesyncd support 2015-05-25 17:33:51 +02:00
mboelen 45114e6557 Chef support added 2015-05-25 17:20:58 +02:00
mboelen f3bd9ca9ad Display only the tools actually found, to keep screen output as clean as possible 2015-05-17 23:22:54 +02:00
mboelen 46f9a3dec8 Log file integrity monitoring tool, adding support for lfd (CSF) tool 2015-05-17 23:01:38 +02:00
mboelen 283e198c23 Improved detection of blacklisted/disabled modules 2015-05-17 23:00:28 +02:00
mboelen 893e17d982 Added new AddSystemGroup function 2015-05-13 14:45:50 +02:00
mboelen 5729189349 Added additional legal words for banners 2015-05-13 14:45:16 +02:00
mboelen c37e2eb9eb Extended Sophos detection 2015-05-04 13:37:36 +02:00
mboelen 22810e58e7 Replace existing update check options with new helper utility 2015-04-30 01:28:33 +02:00
mboelen 943b944a13 New profile options for automatic updates 2015-04-30 01:28:05 +02:00
mboelen 0e581e6ad7 Initial import of helper for automatic updates 2015-04-30 01:27:36 +02:00
mboelen 8ae3cfd5ad Remove unused variable 2015-04-30 01:25:18 +02:00
mboelen 1ece78f1a8 Set default for showing program details at start 2015-04-30 01:23:47 +02:00
mboelen 508cf7ac71 Added missing space 2015-04-29 19:58:13 +02:00
mboelen 6a0417da8b Added Python and updated PHP description 2015-04-29 14:20:46 +02:00
mboelen 70e20d514c Ensure that only one value is provided 2015-04-29 13:53:40 +02:00
mboelen 2cd57933b6 Correction of Display function 2015-04-29 11:57:57 +02:00
mboelen aa8410477e Performance tuning by removing full listing of binaries from log 2015-04-29 11:57:30 +02:00
Roland Smith 1bb5b4b0a6 FreeBSD uses the bsdrc service manager. 
With this patch, a run on my machine returns:

    [+] Initializing program
    ------------------------------------
    - Detecting OS...  [ DONE ]

    ---------------------------------------------------
    Program version:           2.1.1
    Operating system:          FreeBSD
    Operating system name:     FreeBSD
    ...

    [+] Boot and services
    ------------------------------------
    - Service Manager [ bsdrc ]
 2015-04-27 20:09:18 +02:00
Roland Smith db828b5e03 Used service(8) to discover running services. 
On all supported FreeBSD releases, the service(8) program can be used to
discover which services are running. This program has been added to the test
for binaries. If available, it will be used to test for services. If not, the
original code that parses /etc/rc.conf is used.

On my system, the following information is produced in the logfile:

    [19:51:22] Performing test ID BOOT-5165 (Check for FreeBSD boot services)
    [19:51:22] Searching for services at startup (service)
    [19:51:23] Found service (service/rc.conf): bgfsck
    [19:51:23] Found service (service/rc.conf): cleanvar
    [19:51:23] Found service (service/rc.conf): cron
    [19:51:23] Found service (service/rc.conf): cupsd
    [19:51:23] Found service (service/rc.conf): dbus
    [19:51:23] Found service (service/rc.conf): devd
    [19:51:23] Found service (service/rc.conf): dmesg
    [19:51:23] Found service (service/rc.conf): dnsmasq
    [19:51:23] Found service (service/rc.conf): gptboot
    [19:51:23] Found service (service/rc.conf): hostid
    [19:51:23] Found service (service/rc.conf): hostid_save
    [19:51:23] Found service (service/rc.conf): ip6addrctl
    [19:51:23] Found service (service/rc.conf): ipfw
    [19:51:23] Found service (service/rc.conf): mixer
    [19:51:23] Found service (service/rc.conf): motd
    [19:51:23] Found service (service/rc.conf): newsyslog
    [19:51:23] Found service (service/rc.conf): nginx
    [19:51:23] Found service (service/rc.conf): openntpd
    [19:51:23] Found service (service/rc.conf): postfix
    [19:51:23] Found service (service/rc.conf): powerd
    [19:51:23] Found service (service/rc.conf): sendmail
    [19:51:23] Found service (service/rc.conf): smartd
    [19:51:23] Found service (service/rc.conf): syslogd
    [19:51:23] Found service (service/rc.conf): virecover
    [19:51:23] Found 24 services/options to run at startup

The report shows:

    [+] Boot and services
    ------------------------------------
    - Service Manager [ UNKNOWN ]
    - Checking presence FreeBSD loader [ FOUND ]
    - Checking services at startup (service/rc.conf) [ DONE ]
    Result: found 24 services/options set
 2015-04-27 19:58:07 +02:00
Roland Smith 4d94227a08 Find FreeBSD service binary. 2015-04-27 19:33:11 +02:00
Roland Smith a0b20fcfe3 Wrap ipfw test in SKIPTEST block. 2015-04-27 18:26:39 +02:00
Roland Smith ded7e95a14 Check if ipfw is enabled in rc.conf. 2015-04-27 18:24:18 +02:00
Roland Smith 5d7dc80481 Initial version of IPFW test (FreeBSD). 2015-04-27 18:24:11 +02:00
Aneesh Agrawal bfd24585cf Pass information about locate prereqs to Register. 
Prevent the locate test from running spuriously when locate is not
present
 2015-04-27 03:31:43 -04:00
Aneesh Agrawal d282fbfc9c Update check for sulogin under systemd. 
The default rescue.service unit file was updated
in the systemd repo on Jan 23, 2015
to allow for sulogin location variability.
 2015-04-27 03:13:42 -04:00
mboelen 474d69dfd6 Added /usr/lib64/apache2 as search path 2015-04-24 13:31:49 +02:00
mboelen cd78379906 Extended screen output when upload fails 2015-04-22 11:02:22 +02:00
mboelen ec5e9cbecf Extending ShowSymlinkPath function to account for missing -f option 2015-04-22 00:57:58 +02:00
mboelen c397b20b68 Initialize some variables for cleaner output 2015-04-22 00:57:35 +02:00
mboelen 0d900536a5 Remove priority label 2015-04-21 16:03:14 +02:00
mboelen 94607e4ae4 Redirect sysctl errors properly 2015-04-20 11:35:02 +02:00
mboelen a6290d1bec Enhance screen output on Mac OS 2015-04-19 22:10:27 +02:00
mboelen 4c8a6dc3d2 Rename of package auditing tool, for upcoming plugin/module 2015-04-17 15:50:46 +02:00
mboelen a29335823f Improved core dump checking 2015-04-16 20:00:09 +02:00
mboelen 017c145357 Zypper enhancements 2015-04-16 19:59:51 +02:00
mboelen 3bce5191ef Apply group check on all groups when using AIX 2015-04-16 19:00:03 +02:00
mboelen de60926705 Changed sed statement 2015-04-13 22:06:14 +02:00
mboelen 95d5cabdb2 Ensure sysctl is present before calling it 2015-04-07 17:20:11 +02:00
mboelen 7ad2dd5480 Change pf firewall detection 2015-04-07 17:19:49 +02:00
mboelen e21e8679e0 Check also /var and assign hardening points 2015-04-07 17:19:25 +02:00
mboelen 7785c5a610 Improved report output 2015-04-07 17:18:54 +02:00
mboelen f85d33fe42 Improved text for malware scanner suggestion 2015-04-07 17:17:35 +02:00
mboelen d5bdde7a93 Changed counting with -m to support locale 2015-04-02 13:29:18 +02:00
mboelen d2175e833d Change description of test 2015-04-01 14:45:12 +02:00
mboelen c2bbf4a0a7 Improved detection for McAfee anti-virus (cma) 2015-04-01 14:22:53 +02:00
mboelen 003d4857bb Updated last line 2015-03-31 19:20:57 +02:00
mboelen d16732a47a Smart replacement does not work on Solaris, rewriting domain extraction from FQDN 2015-03-31 19:20:42 +02:00
mboelen f9c79007b8 Updated functions for checking permissions on files 2015-03-25 17:31:47 +01:00
mboelen 9978e5c824 Using return codes and minor cleanups of code 2015-03-25 17:31:17 +01:00
mboelen 30bc903c5a Using return codes for file permission checks 2015-03-25 17:30:13 +01:00
mboelen c94269c1d1 Add lynis audit dockerfile as option 2015-03-25 16:49:02 +01:00
mboelen e1d96752f2 Removed variable 2015-03-25 16:48:39 +01:00
mboelen 5ecbaafa4f Use improved function with return values 2015-03-25 16:47:37 +01:00
mboelen 355bf37459 Changed copyright line 2015-03-25 15:55:46 +01:00
mboelen 7f97bfa973 Typos corrected 2015-03-25 15:55:29 +01:00
mboelen 3cda4cf562 Added CUPS location for Mac OS 2015-03-23 21:38:37 +01:00
mboelen bdf8347162 Don't require sha1sum AND openssl AND csum, but just one of them to exist 2015-03-19 00:03:58 +01:00
mboelen 9932e878b1 Clarified message 2015-03-18 16:06:02 +01:00
mboelen 0e321e1c6b Improved host ID generation on AIX systems 2015-03-18 15:35:37 +01:00
mboelen e1a3d59f8d Added csum binary detection for AIX systems 2015-03-18 15:35:11 +01:00
mboelen 8b2da6329e Changed path names into variables 2015-03-18 10:40:59 +01:00
mboelen 49414f8b06 Check if value after access_log option is filled 2015-03-17 19:02:46 +01:00
mboelen a12876e472 Test for presence of CSF 2015-03-17 18:06:00 +01:00
mboelen 8201510d6a Check timeout sessions and if they are readonly 2015-03-17 17:58:58 +01:00
mboelen 332277b7e1 Enhance timeout check and ensure there are .sh files in /etc/profile.d 2015-03-17 14:55:03 +01:00
mboelen c8e17e317d Redirect sysctl error output 2015-03-09 14:09:59 +01:00
mboelen 7e912be0af Clarify the main purpose of the tooling 2015-02-25 20:33:48 +01:00
mboelen 6521ced36f Remove suggestion 2015-02-25 20:33:21 +01:00
mboelen 209e1991d2 Test for presence php.ini file 2015-02-15 23:50:28 +01:00
mboelen d56d33a63d Added /etc/php5/fpm/php.ini to PHP locations 2015-02-15 23:02:46 +01:00
mboelen e6d7da4885 No error display when file is uploaded and exit code is 0 2015-02-13 15:10:27 +01:00
mboelen 3ae5c61839 Support openSUSE location of sulogin binary 2015-02-13 15:09:37 +01:00
mboelen 7723f85d5c Replacing /usr/lib/apache2/modules with /usr/lib/apache2 2015-02-03 18:30:15 +01:00
mboelen e3206dd343 Adding new options for defining upload options and server 2015-02-03 18:28:03 +01:00
mboelen db46a375c6 Cleaning up parameters and moving them to profile 2015-02-03 18:27:13 +01:00
mboelen 5686b82f17 Allow overriding of the upload and license server 2015-02-03 18:26:30 +01:00
mboelen f5550fa5d2 Adding upload options and audit scan mode 2015-01-30 19:59:48 +01:00
mboelen 42e3f46a28 Allowing URLs to control information to be adjusted for CUST tests 2015-01-30 19:59:17 +01:00
mboelen 902eafeca9 Do not show exception in different scan modes 2015-01-30 19:58:29 +01:00
mboelen 554d8bd857 Allow overriding CURL options with parameter and exit cleanly when license is not found 2015-01-30 19:58:00 +01:00
mboelen b41d12d077 Decrease screen output when scanning for binaries 2015-01-30 19:57:18 +01:00
mboelen 2e0c90079b Added custom appending/prepending of URLs for control information 2015-01-30 18:09:46 +01:00
mboelen 391476f38e Improvements to report output, including custom URLs 2015-01-30 18:09:18 +01:00
mboelen 0a196b7e79 Updated copyright lines 2015-01-30 18:04:30 +01:00
mboelen da0cc9d403 Added helper, report and upload related defaults 2015-01-30 13:14:18 +01:00
mboelen ac8b4d27b5 Adding helper tool for Dockerfile auditing 2015-01-30 13:13:38 +01:00
mboelen 2b075c24b0 Avoid hanging PHP test [PHP-2368] 2015-01-16 00:15:20 +01:00
mboelen ef531081bc Only show suggestion when shell does not exist [AUTH-9218] 2015-01-15 23:21:17 +01:00
mboelen 44a530719c Disabling Shellshock test as it gives false positives 2015-01-15 22:06:34 +01:00
mboelen 5caf4ddc4f Update of the files to reflect HTTPS version of website and 2015. Happy New Year! 2015-01-03 12:45:22 +01:00
mboelen afa2d50aac Improved screen output on FreeBSD and enhanced version detection on Gentoo 2014-12-10 11:08:15 +01:00
mboelen d2b7d3ed00 Changed header 2014-12-09 18:11:38 +01:00
mboelen c7a242a020 New single user mode test for systemd, improvements for FreeBSD and better detection of init process on Linux 2014-12-09 18:11:21 +01:00
mboelen 4a5fe6d201 Check ntpdate for other systems than only FreeBSD, NTP no longer required for virtual machines 2014-12-08 23:57:47 +01:00
mboelen 8efbb80497 Starting user ID 1000 for Linux systems 2014-12-05 20:08:10 +01:00
mboelen 1fa4416a7a Check for /var/db/pkg/pkgs-vulnerabilities presence before performing audit with pkg_admin [PKGS-7381] 2014-12-05 19:43:35 +01:00
mboelen 951afea1f3 Enhanced reboot test to work on Arch Linux and others [KRNL-5830] 2014-12-05 19:42:12 +01:00
mboelen dbf9bfd173 Enhancements for DragonFly BSD 2014-12-05 17:11:59 +01:00
mboelen 3802a934c6 Check if hostname is set for NAME-4404 and NAME-4404 tests 2014-12-05 17:11:34 +01:00
mboelen 40e93c9b45 Enhance screen output for DragonFly BSD 2014-12-05 17:03:04 +01:00
mboelen 7f45bb5d85 Only include numeric characters in latest version string 2014-12-05 16:01:41 +01:00
mboelen defecac381 Small change regarding logging item to report 2014-12-05 13:29:26 +01:00
mboelen 50907dd21a Remove suggestion from control, as it will be checked in HRDN-7222 2014-12-05 13:28:53 +01:00
mboelen 767a8cf053 Removed warning for missing swap partition as this is more common now 2014-12-05 13:28:22 +01:00
mboelen 3bc7f1fb02 Added additional process check for OpenSMTPD 2014-12-05 13:27:29 +01:00
mboelen a70e0558c8 Log status of Salt tools and add them to report 2014-12-05 12:41:33 +01:00
mboelen f0ae9d015c Extended PHP search path for NetBSD systems 2014-12-05 12:29:18 +01:00
mboelen cbf96e156f Allow Lynis Enterprise users to provide an URL to upload to 2014-12-05 12:28:44 +01:00
mboelen 841c99cc30 Added comm (file comparing) 2014-12-05 12:28:13 +01:00
mboelen 2a586d1326 Changes to allow uploading to different server via parameters 2014-12-05 12:06:41 +01:00
mboelen f16c4f1d80 Added journalctl (systemd) 2014-12-05 12:06:05 +01:00
mboelen 7995e1e2c7 Changed update check location from previous website to cisofy.com 2014-12-03 23:43:48 +01:00
mboelen 747fd5bb19 Changed status of file integrity tool in report 2014-12-03 22:51:19 +01:00
mboelen 7537419a68 Improvement for SuSE based systems when detecting Linux kernel on disk 2014-12-03 22:50:25 +01:00
mboelen 44cde264a2 Changed website address 2014-12-03 22:49:46 +01:00
mboelen df0da8b0c4 Improve output on NetBSD by using a non-break version of echo as well 2014-12-03 22:49:22 +01:00
mboelen 26a6e33637 Changed the way how progress is displayed and improved virtual machine detection 2014-12-03 22:45:23 +01:00
mboelen f9d5f9f017 Added NetBSD paths and changed copyright line 2014-12-03 22:44:31 +01:00