mboelen
|
b9c7a2857e
|
Changed links
|
2014-11-25 14:20:45 +01:00 |
mboelen
|
76a6d1a263
|
Added --manpage and --dumpoptions
|
2014-11-14 16:15:35 +01:00 |
mboelen
|
2938a2d5af
|
GRUB2 password protection test
|
2014-11-13 00:58:11 +01:00 |
mboelen
|
f50595d4e2
|
Show only unique files for deleted files [LOGG-2190]
|
2014-11-13 00:57:36 +01:00 |
mboelen
|
64d3464543
|
Use ReportException function
|
2014-11-11 19:03:57 +01:00 |
mboelen
|
16eab10590
|
Check for rootsh binary
|
2014-11-04 14:17:18 +01:00 |
mboelen
|
a1d8ee1e13
|
Changes to uptime calculation for OpenBSD
|
2014-11-04 02:23:43 +01:00 |
mboelen
|
160f727709
|
Try to use OpenSSL for SHA1 related functions if sha1/sha1sum are not present
|
2014-11-04 02:08:56 +01:00 |
mboelen
|
6eedbdd176
|
Do not run Apache test on OpenBSD and strip control chars [HTTP-6624]
|
2014-11-04 02:08:29 +01:00 |
mboelen
|
dcef76d250
|
Allow OpenBSD boot loader test for all platforms
|
2014-11-04 01:36:56 +01:00 |
mboelen
|
525c430d84
|
Minor improvements to Shellshock test
|
2014-11-04 01:34:14 +01:00 |
mboelen
|
5439083b4e
|
Added uptime detection for OpenBSD systems [BOOT-5202]
|
2014-11-04 01:04:28 +01:00 |
mboelen
|
3609da194a
|
Properly parse PAM lines and add them to report [AUTH-9264]
|
2014-11-04 00:42:37 +01:00 |
mboelen
|
28b31b95c8
|
Add OpenBSD support to gather UDP/TCP ports which listen on network
|
2014-11-04 00:30:08 +01:00 |
mboelen
|
0a3482b968
|
OpenBSD support for boot loader detection
|
2014-11-04 00:29:44 +01:00 |
mboelen
|
9f1f006005
|
Check if Linux config file is set, before executing other tests
|
2014-10-30 18:09:47 +01:00 |
mboelen
|
c8189d05e8
|
Improvements for file systems, with focus on ext2, ext3 and ext4
|
2014-10-30 18:09:03 +01:00 |
mboelen
|
183be1a45a
|
Log license key to report
|
2014-10-30 13:05:06 +01:00 |
mboelen
|
4dfcce354c
|
Don't show error when file system can not be opened by tune2fs
|
2014-10-29 23:07:59 +01:00 |
mboelen
|
e176c0028a
|
Added getcap binary check
|
2014-10-27 23:11:37 +01:00 |
mboelen
|
ca6c6d14fb
|
Small changes in naming, added binary paths to report file
|
2014-10-27 23:10:28 +01:00 |
mboelen
|
77e2705eb7
|
Perform configuration integrity test for AIDE
|
2014-10-27 00:28:28 +01:00 |
mboelen
|
46de3f8d99
|
Hide RPM related database errors, show suggestion instead
|
2014-10-26 23:33:26 +01:00 |
mboelen
|
410861f4df
|
Added AIX support for volume groups
|
2014-10-26 23:33:08 +01:00 |
mboelen
|
16b25ceda3
|
Added lsvg detection
|
2014-10-26 23:32:51 +01:00 |
mboelen
|
f465da5351
|
Small adjustment to avoid getting error when no files are in APT sources.list.d directory
|
2014-10-24 01:23:35 +02:00 |
mboelen
|
6f6d51a11a
|
Minor textual changes
|
2014-10-23 23:06:46 +02:00 |
mboelen
|
75c2d0ab15
|
Changed qdaemon test
|
2014-10-21 00:03:42 +02:00 |
mboelen
|
067360db1b
|
Improved qdaemon printer detection
|
2014-10-19 12:43:15 +02:00 |
mboelen
|
8bf76a9a0f
|
Improved Shellshock test by searching for bash via which if /etc/shell is not present
|
2014-10-19 12:39:37 +02:00 |
mboelen
|
47b2a7df33
|
Redirect errors when searching for readlink binary
|
2014-10-19 12:30:26 +02:00 |
mboelen
|
84c51eead7
|
Boot loader detection for AIX [BOOT-5102]
|
2014-10-19 12:25:40 +02:00 |
mboelen
|
1e624d5f2e
|
Improved text
|
2014-10-14 10:54:02 +02:00 |
mboelen
|
bd5c9ddd7b
|
Textual improvement on screen for Apache configuration test
|
2014-10-14 10:40:00 +02:00 |
mboelen
|
d6dbbeedb5
|
Added warning when GLSA finds security updates
|
2014-10-14 10:39:34 +02:00 |
mboelen
|
a6f50356d9
|
Added new tests
|
2014-10-14 10:03:54 +02:00 |
mboelen
|
4fa5139bfa
|
Improve function to search for kernels on disk and checking results
|
2014-10-14 10:03:29 +02:00 |
mboelen
|
f5399981c2
|
When searching for a swap partition in /etd/fstab, use sw as search string, instead of matching sw or swap
|
2014-10-14 10:02:41 +02:00 |
mboelen
|
1f032c767f
|
Directories will be skipped when searching for nginx log files
|
2014-10-14 10:01:46 +02:00 |
mboelen
|
b31a6c4659
|
Textual changes
|
2014-10-13 22:39:16 +02:00 |
mboelen
|
381fbf25d0
|
Escaping --security option as string search
|
2014-10-13 20:47:42 +02:00 |
mboelen
|
20815d8133
|
Changed typo cly.py to cli.py
|
2014-10-13 20:45:43 +02:00 |
mboelen
|
19fd348249
|
Changed typo cly.py to cli.py
|
2014-10-13 20:43:46 +02:00 |
mboelen
|
5e840367ca
|
Test for built-in security measures in YUM [PKGS-7386]
|
2014-10-13 20:36:09 +02:00 |
mboelen
|
34b177547f
|
Added better text for discovered directories which have symlink
|
2014-10-13 20:35:14 +02:00 |
mboelen
|
5ac6812ba5
|
Skip directory if it has already been found, or its symlink
|
2014-10-13 20:07:19 +02:00 |
mboelen
|
8454ac7baf
|
Set temporary readlink function if binary scan is not finished yet
|
2014-10-13 19:57:15 +02:00 |
mboelen
|
a68b226d3a
|
Added BINARY_SCAN_FINISHED
|
2014-10-13 19:56:44 +02:00 |
mboelen
|
3b7e1a63ae
|
Mark when binary scan is complete
|
2014-10-13 19:55:49 +02:00 |
mboelen
|
badd27ac7e
|
Added additional debug information for symlink function
|
2014-10-13 19:51:20 +02:00 |
mboelen
|
6f893ea3b4
|
Improved symlink detection and reporting
|
2014-10-13 19:45:14 +02:00 |
mboelen
|
ebdee5b0d2
|
Altered symlink function, message display, small cleanups
|
2014-10-13 19:36:36 +02:00 |
mboelen
|
0378677ea9
|
Cleanup of test and properly show status of timedated [TIME-3104]
|
2014-10-13 19:19:40 +02:00 |
mboelen
|
f7bcf60640
|
Changed copyright line
|
2014-10-13 10:43:37 +02:00 |
mboelen
|
7797c32d76
|
Only extract unique name servers [NAME-2704]
|
2014-10-13 10:42:07 +02:00 |
d4t4king
|
fab2ea5e5e
|
Minor tweak to glsa-check to show '0' when all tests are compliant
|
2014-10-13 00:19:59 -07:00 |
mboelen
|
2bf7e35bf2
|
Added missing -f for GRUB2 bootloader test [BOOT-5121]
|
2014-10-09 00:41:06 +02:00 |
d4t4king
|
111097506f
|
Tweaked nginx protocol check so it actually works. Added insecure protocol detection.
|
2014-10-08 22:04:29 +00:00 |
mboelen
|
3d0fb8d529
|
Improved boot loader detection for Grub2 [BOOT-5121]
|
2014-10-06 21:27:23 +02:00 |
mboelen
|
81d910c050
|
When searching for bash shell, skip comment lines and only take first hit (e.g. Fedora has multiple hits) [SHLL-6290]
|
2014-10-06 20:57:56 +02:00 |
mboelen
|
74f7cfec84
|
Added Shellshock test improvements
|
2014-10-06 13:41:55 +02:00 |
d4t4king
|
ef6de1eddc
|
Added shellshocker checks.
|
2014-10-06 11:49:20 +02:00 |
mboelen
|
ac2b2fc548
|
Added new test to determine if Snoopy is used [ACCT-9636]
|
2014-10-06 11:30:15 +02:00 |
mboelen
|
ebe29bc148
|
Log discovered pam_modules to report
|
2014-10-06 11:29:31 +02:00 |
mboelen
|
aeddf84aed
|
Added SSH without-password option for PermitRootLogin
|
2014-10-06 11:29:04 +02:00 |
mboelen
|
f3a7921a3d
|
Improved ShowSymlinkPath function and optimized FileIsReadable function
|
2014-10-03 19:16:13 +02:00 |
mboelen
|
616209560f
|
Use quiet mode when checking emerge-webrsync
|
2014-09-25 19:10:58 +02:00 |
mboelen
|
c5ce09af9f
|
Added ClamXav test
|
2014-09-25 19:08:47 +02:00 |
mboelen
|
ab71616900
|
Added Mac OS uptime test [BOOT-5202]
|
2014-09-25 19:00:36 +02:00 |
mboelen
|
348d024dd4
|
Set found status when a possible match for boot loader has been found
|
2014-09-25 17:57:59 +02:00 |
mboelen
|
9067551508
|
Improved GetHostID if only ip binary is available
|
2014-09-25 17:57:25 +02:00 |
mboelen
|
27973d5c18
|
Adjust text and GRUB2 check to work properly
|
2014-09-25 17:51:08 +02:00 |
mboelen
|
08f77d2531
|
Added GRUB2 detection on empty /boot
|
2014-09-25 17:47:23 +02:00 |
mboelen
|
f0292d3653
|
Missing binary in variable
|
2014-09-25 17:47:05 +02:00 |
mboelen
|
6f321b6a08
|
Added grub2-install
|
2014-09-25 17:42:57 +02:00 |
mboelen
|
e209b1046b
|
Changed addresses
|
2014-09-25 17:32:50 +02:00 |
mboelen
|
0dd484f22e
|
Extended logging
|
2014-09-25 17:00:31 +02:00 |
mboelen
|
b36be2f82c
|
Missing -eq statement
|
2014-09-25 16:55:47 +02:00 |
mboelen
|
a0f0e895eb
|
Minor code adjustments
|
2014-09-25 16:55:23 +02:00 |
mboelen
|
7f7d869ae5
|
Improvements to kernel detection (e.g. Gentoo) [KRNL-5830]
|
2014-09-25 16:55:02 +02:00 |
mboelen
|
10dc6d3930
|
Added privileged mode
|
2014-09-25 11:25:07 +02:00 |
mboelen
|
17a6aa3691
|
Improved detection of mod_evasive
|
2014-09-23 23:27:01 +02:00 |
mboelen
|
c257882a24
|
Improved log output for CheckItem function
|
2014-09-23 23:26:34 +02:00 |
mboelen
|
6dbeb9f6cb
|
Gentoo updates to gather packages and test for vulnerabilities
|
2014-09-23 22:54:38 +02:00 |
mboelen
|
e9557423cc
|
Gentoo updates to gather packages and test for vulnerabilities
|
2014-09-23 22:48:20 +02:00 |
mboelen
|
6fbcf20c96
|
Added new tests for pacman based systems
|
2014-09-22 23:40:53 +02:00 |
mboelen
|
47cfff0e16
|
Improvements to boot loader tests
|
2014-09-22 23:39:31 +02:00 |
mboelen
|
2006838144
|
Added drill binary to list to determine latest version
|
2014-09-22 04:07:46 +02:00 |
mboelen
|
595f84ae45
|
Altered /boot/config.gz into /proc/config.gz as target
|
2014-09-22 03:46:13 +02:00 |
mboelen
|
ad4a4cc1a5
|
Proper sort kernel versions on disk for test KERN-5830
|
2014-09-22 00:57:34 +02:00 |
mboelen
|
f3f829c7bc
|
Adjusted logging
|
2014-09-21 13:05:14 +02:00 |
mboelen
|
98a68c52ef
|
Added /usr/libexec/apache as search location for Mac OS
|
2014-09-21 13:03:40 +02:00 |
mboelen
|
911a5e88f6
|
Mac OS improvement for test NETW-3012
|
2014-09-21 13:01:29 +02:00 |
mboelen
|
116b1eab97
|
Added support for Mac OS to gather information
|
2014-09-21 12:58:08 +02:00 |
mboelen
|
b0e739a15d
|
Support /boot/vmlinuz-linux for Arch systems to determine kernel version
|
2014-09-19 17:55:00 +02:00 |
mboelen
|
74fc711965
|
Removed unneeded exception line
|
2014-09-19 16:46:35 +02:00 |
mboelen
|
40f210ae74
|
Added detection for machine ID
|
2014-09-19 16:44:22 +02:00 |
mboelen
|
d99dbc7406
|
Added detection for machine ID
|
2014-09-19 16:43:20 +02:00 |
mboelen
|
f5dcb5e7f1
|
Added usage of ip to NETW-3006 and NETW-3008
|
2014-09-19 16:28:53 +02:00 |
mboelen
|
1b881ec957
|
Added ss binary
|
2014-09-19 16:20:24 +02:00 |
mboelen
|
475b6c3799
|
Added usage of ss to gather listening ports in NETW-3012
|
2014-09-19 16:18:09 +02:00 |
mboelen
|
94efdd0af1
|
Check if ifconfig exists before using it in tests (e.g. Arch Linux)
|
2014-09-19 11:45:19 +02:00 |
mboelen
|
d3d630258f
|
Added extra permission to CUPS test
|
2014-09-19 11:44:43 +02:00 |
mboelen
|
e12b95ba88
|
Added support for /boot/config.gz file
|
2014-09-19 02:23:07 +02:00 |
mboelen
|
1267f89e5b
|
Added zgrep detection
|
2014-09-19 02:14:16 +02:00 |
mboelen
|
2530256d85
|
Small textual replacements for logging purposes
|
2014-09-19 02:02:22 +02:00 |
mboelen
|
fb52ee9239
|
Added more extensions for virtual machine detection
|
2014-09-19 01:55:55 +02:00 |
mboelen
|
fb53e586fe
|
Added /proc/modules as dependency to KRNL-5723 and KRNL-5726
|
2014-09-19 01:46:40 +02:00 |
mboelen
|
bba133afbb
|
Generic code enhancements
|
2014-09-19 01:19:07 +02:00 |
mboelen
|
6b7362cefd
|
Generic code enhancements
|
2014-09-19 01:17:05 +02:00 |
mboelen
|
805cdf6bf5
|
Generic code enhancements
|
2014-09-19 01:10:43 +02:00 |
mboelen
|
cac6a8e438
|
Generic code enhancements
|
2014-09-19 01:07:34 +02:00 |
mboelen
|
94387348f0
|
Generic code enhancements
|
2014-09-19 00:56:51 +02:00 |
mboelen
|
a145b0091a
|
Code cleanup
|
2014-09-19 00:35:24 +02:00 |
mboelen
|
8a637d588b
|
Better logging of kernel IO scheduler
|
2014-09-19 00:12:04 +02:00 |
mboelen
|
1ed24265e3
|
Adjusted normal user ID detection and added exception for currently unsupported operating systems
|
2014-09-18 23:56:16 +02:00 |
mboelen
|
28fc31fdaf
|
Remove carriage return of SSH version output
|
2014-09-18 23:42:35 +02:00 |
mboelen
|
d4b445c316
|
Check Linux kernel version and properly display short version
|
2014-09-18 22:22:11 +02:00 |
mboelen
|
c4aad72201
|
Improved reboot check to support Linux in general [KRNL-5830]
|
2014-09-18 22:20:15 +02:00 |
mboelen
|
f69fc779c2
|
Added SaltStack tooling
|
2014-09-18 11:06:29 +02:00 |
mboelen
|
1915bd884e
|
Added SaltStack tooling
|
2014-09-18 11:04:22 +02:00 |
mboelen
|
5b0944057b
|
Added FileIsEmpty function and small adjustments to other functions
|
2014-09-17 09:59:18 +02:00 |
mboelen
|
c9fde8c2d1
|
Code cleanup and small enhancements
|
2014-09-15 12:01:09 +02:00 |
mboelen
|
35d32fb5e4
|
Add pre-test before running test [PKGS-7388]
|
2014-09-15 11:17:26 +02:00 |
mboelen
|
bce234fa00
|
Removed warnings, updated changelog
|
2014-09-15 10:52:06 +02:00 |
mboelen
|
3cc696edfc
|
Adjusted suggestion call for [FILE-6354]
|
2014-09-15 10:42:11 +02:00 |
mboelen
|
59ad28795e
|
Extended telnet in inetd test [INSE-8016]
|
2014-09-15 10:38:13 +02:00 |
mboelen
|
f5f0f02777
|
Prevent false positive between inetd and xinetd
|
2014-09-15 10:32:36 +02:00 |
mboelen
|
8a9abeb81f
|
Updated log
|
2014-09-12 17:24:29 +02:00 |
mboelen
|
83f4fb9ff4
|
Set default binary for ps variable
|
2014-09-12 17:04:27 +02:00 |
mboelen
|
97e0dc9e30
|
Added ShowSymlinkPath function
|
2014-09-12 15:33:28 +02:00 |
mboelen
|
4287a6f1e9
|
Added proper description for zvm
|
2014-09-12 15:19:43 +02:00 |
mboelen
|
8dc9b2080d
|
Removed individual warnings for BOOT-5184
|
2014-09-12 14:58:43 +02:00 |
mboelen
|
ef3f7f1ebf
|
Added new function IsVirtualMachine()
|
2014-09-12 14:56:19 +02:00 |
mboelen
|
07e77ed4e1
|
Added timedatectl detection
|
2014-09-12 13:52:01 +02:00 |
mboelen
|
b9a9aea340
|
Adjusted file permissions, permissions check and storage of PID file
|
2014-09-11 16:11:43 +02:00 |
mboelen
|
dd2ea3efaf
|
Made adjustments to run in non-privileged scans
|
2014-09-09 14:49:37 +02:00 |
mboelen
|
3beae44e92
|
Do not scan symlinked binary directories
|
2014-09-09 14:49:14 +02:00 |
mboelen
|
56cc2df2c2
|
Adjustments to allow non-privileged scan and reduce errors on screen
|
2014-09-08 23:51:27 +02:00 |
mboelen
|
691019f9ae
|
Added FileIsReadable function
|
2014-09-08 21:30:54 +02:00 |
mboelen
|
c3494b32d1
|
Properly check if CheckUpdates output is usable for display
|
2014-09-08 19:59:01 +02:00 |
mboelen
|
2ce4cf5c57
|
Redirect stderr for host command
|
2014-09-08 19:39:11 +02:00 |
mboelen
|
3f7d0260e5
|
Do not set logfile and reportfile for pentesting mode in this file. Perform check later in lynis file
|
2014-09-08 15:52:21 +02:00 |
mboelen
|
f5ec6027b9
|
Add root-only to some tests
|
2014-09-08 15:41:57 +02:00 |
mboelen
|
310febde05
|
Log what tests are skipped to be root-only
|
2014-09-08 15:19:58 +02:00 |
mboelen
|
0da19d1297
|
Changes to allow non-privileged scans
|
2014-09-08 15:19:37 +02:00 |
mboelen
|
2644399057
|
Display skipped root-only tests
|
2014-09-08 15:19:13 +02:00 |
mboelen
|
ac54b4fe83
|
Capture all skip tests which require root permissions
|
2014-09-08 15:13:14 +02:00 |
mboelen
|
5c4c0f0ac0
|
Added root-only tests variable
|
2014-09-08 15:12:44 +02:00 |
mboelen
|
5fbc1ab471
|
Extended Register function to allow the definition of root-only tests
|
2014-09-08 15:03:22 +02:00 |
mboelen
|
cf9a44cd41
|
Changed file permissions check to allow non-privileged mode
|
2014-09-08 14:55:37 +02:00 |
mboelen
|
d983b6ba48
|
Fixed statement to check swap
|
2014-09-08 14:53:44 +02:00 |
mboelen
|
fe08018029
|
Added --pentest parameter to run without root privileges
|
2014-09-08 13:58:46 +02:00 |
mboelen
|
3731da54df
|
Added pentesting mode variable
|
2014-09-08 13:58:24 +02:00 |
mboelen
|
7af9a9e88c
|
Fixed typo when searching for swap partition
|
2014-09-04 20:38:57 +02:00 |
mboelen
|
b121be4317
|
Improved vulnerable packages test when using apt-check
|
2014-09-04 20:38:21 +02:00 |
mboelen
|
e0be20e699
|
Let SafePerms function also check for UID
|
2014-09-04 15:32:59 +02:00 |
mboelen
|
5d730bf9b0
|
Allow swap partitions to have swap in 4th column
|
2014-09-02 14:00:36 +02:00 |
mboelen
|
0575468980
|
Log proper daemon qmail/sendmail
|
2014-08-28 14:03:31 +02:00 |
mboelen
|
09d1ca7fd6
|
No direct calls to netstat binary, but first determine if the binary was found (e.g. for Arch Linux)
|
2014-08-28 13:59:30 +02:00 |
mboelen
|
5d1ef9f3cd
|
Test if there are files in /etc/modprobe.d before grepping in it
|
2014-08-28 13:58:41 +02:00 |
mboelen
|
0228bd5317
|
Changed some report calls to ReportException
|
2014-08-28 13:50:08 +02:00 |
mboelen
|
64c48d5559
|
Extended GetHostID function, ip binary preferred for detection
|
2014-08-27 12:53:09 +02:00 |
mboelen
|
c0ae2e217b
|
Initial import
|
2014-08-26 17:33:55 +02:00 |