tyler.durden
/
lynis
mirror of https://github.com/CISOfy/lynis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
2,605 Commits 2 Branches 62 Tags 17 MiB
Commit Graph

2605 Commits

Author SHA1 Message Date
Michael Boelen 7f1742fc54
Replaced direct calls to tools 2019-07-26 14:14:54 +02:00
Michael Boelen 1c79357526
Merge pull request #720 from dvehrs/exim4 
Added certificate tests for Exim
 2019-07-26 14:07:39 +02:00
Michael Boelen 75d75d590b
Updated log 2019-07-26 11:59:28 +02:00
Michael Boelen f49f0a2029
Altered order of entries 2019-07-26 11:59:19 +02:00
Michael Boelen 3af72e41c7
Improved selection of home directories for normal users in HOME-9304 and HOME-9306 2019-07-26 11:59:03 +02:00
Michael Boelen 4fde510f40
Merge pull request #735 from franciosi/patch-1 
Update README.md
 2019-07-26 11:34:15 +02:00
Michael Boelen 2ec0268692
Merge pull request #732 from Marzal/Marzal-FILE-7524 
Changes for new profile format
 2019-07-26 11:33:38 +02:00
Michael Boelen ce8c9f44a0
Updated log 2019-07-26 11:32:55 +02:00
Michael Boelen 17137408d2
Use IsRunning exit code instead of variable 2019-07-26 11:32:48 +02:00
Michael Boelen 8321b98689
[AUTH-9408] double escape to prevent error message (awk: warning: escape sequence '\[' treated as plain '[') 2019-07-26 11:11:03 +02:00
Michael Boelen b7fb98a47f
[AUTH-9266] skip .pam-old files in /etc/pam.d (used by Ubuntu) 2019-07-26 10:57:44 +02:00
Michael Boelen d621355b7e
Set variable instead of using return, otherwise other parameters won't be checked 2019-07-26 09:00:47 +02:00
Franciosi d6dab1846d
Update README.md 
Small typo fixes
 2019-07-25 11:38:58 -03:00
Michael Boelen b384fa2887
New option: --usecwd to run from current working directory 2019-07-25 11:34:58 +02:00
David b8a0190e82
Fix grep in PROFILEVALUE 
Make it work with new profile format
 2019-07-18 18:58:11 +02:00
David 4d5a0c59c7
Fix find fields in new profile format 
New format uses permfile= so it needs a new cut to filter the name file
 2019-07-18 18:52:36 +02:00
Michael Boelen 022f427a69
Updated log 2019-07-18 11:54:29 +02:00
Michael Boelen d6cce1cd08
Test if profiles provided using the command line are readable 2019-07-18 11:54:11 +02:00
Michael Boelen dcd829076b
Move this check to the DiscoverProfiles function 2019-07-18 11:48:00 +02:00
Michael Boelen 4b0f5517f7
Textual change 2019-07-18 11:47:24 +02:00
Michael Boelen b53b894f33
Added file check when a profile is provided 2019-07-18 11:42:26 +02:00
Michael Boelen b7f7179f1e
Moved variables 2019-07-18 11:42:01 +02:00
Michael Boelen 0e9e0fab36
Merge pull request #730 from Marzal/Marzal-PRIVILEGED 
Fix $privileged var being overwrite
 2019-07-18 11:36:47 +02:00
Michael Boelen 87fef1c27b
Merge pull request #729 from Marzal/Marzal-strictmode 
strictmode fixes
 2019-07-18 11:36:23 +02:00
Michael Boelen 62c5e5b881
Updated log 2019-07-18 11:33:43 +02:00
Michael Boelen 63043b536d
[AUTH-9408] added support for pam_tally2 to log failed logins 2019-07-18 11:33:28 +02:00
Julian Phillips e293af16aa Add FOUND var to unset list 2019-07-17 18:01:44 -07:00
Julian Phillips 84dd024887 [CRYP-7930] Modify to use 'lsblk' and 'cryptsetup' 
There are several challenges with the existing method of using
/etc/crypttab:

1)encrypted rootfs partitions are not typically listed in this
file (users are prompted for password in early boot instead)

2)the 'luks' option is the default option so it is possible for
/etc/crypttab entries to never have this set explicitly and any
block device configured as such will be missed currently

3)any device mounted manually, or using any other mechanism aside
from /etc/crypttab will be missed

This commit executes 'cryptsetup isLuks' on every block device in
the system to determine whether it is a LUKS device. This handles
all 3 cases mentioned above.

Test case wording was also updated to reflect the fact that it
only checks for LUKS entrypted block devices. So, plain dm-crypt
and TrueCrypt/VeraCrypt block device encryption is not detected.
Nor is any file system level encryption such as eCryptfs, EncFs,
gocryptfs.
 2019-07-17 16:18:12 -07:00
David d1cb74e7d9
Delete PRIVILEGED var from this file 
if PRIVILEGED is set in the file, it will overwrite the value in the main program always to 0.
This change depends in the other commit that set the variable in both cases.
 2019-07-17 23:28:51 +02:00
David 8de806c9a7
PRIVILEGED var needs to set in both cases 
set PRIVILEGED in both cases, because now this variable is set before ". ${INCLUDEDIR}/consts" and needs not to be set in that file in order to not be reset to a default value.

Also fix typo:
PENTESTINGMODE is set when NO root privileges are used
 2019-07-17 23:25:40 +02:00
David 06413994cf
Initialize some vars to allow strict mode to work 
IsRunning():
To check if $users is empty in strict mode we need the var to be initializez

ReportException:
Some test call this function without the second parameter, this is not allowed in strict mode if we don't initialize the variable
 2019-07-17 23:16:47 +02:00
David 250fb965d3
Strict mode needs this vars initialized 2019-07-17 23:08:20 +02:00
Michael Boelen 2576bc8fca
Updated log 2019-07-16 19:11:07 +02:00
Michael Boelen a4d15f77b5
Differentiate between a discovered binary and running process 2019-07-16 19:10:04 +02:00
Michael Boelen 9e56706aa6
Formatting and improved logging 2019-07-16 19:06:31 +02:00
Michael Boelen 2bd1b1b590
Format change 2019-07-16 19:05:28 +02:00
Michael Boelen d696d521c1
Extended IsRunning function to allow for searching by a combination of process name and user. 2019-07-16 19:04:53 +02:00
Michael Boelen 5869fa4eb1
[INSE-8050] added com.apple.ftp-proxy and improved text output 2019-07-16 14:35:00 +02:00
Michael Boelen b935ab8b6a
Updated log 2019-07-16 13:23:00 +02:00
Michael Boelen a2c57e0b75
Added missing 'then' 2019-07-16 13:21:32 +02:00
Michael Boelen fa8bad20db
Use -n instead of ! -z 2019-07-16 13:20:30 +02:00
Michael Boelen 2777caf6d2
Updated log 2019-07-16 13:13:35 +02:00
Michael Boelen 3213cadd5a
Added new tests INSE-8318 and INSE-8320 2019-07-16 13:13:25 +02:00
Michael Boelen a12aaa2d3a
Added quotes 2019-07-16 13:13:15 +02:00
Michael Boelen 2e192788bb
Added new tests INSE-8318 and INSE-8320 2019-07-16 13:12:17 +02:00
Michael Boelen 95db1dc145
Updated log 2019-07-15 20:05:08 +02:00
Michael Boelen 27b2a4dc7a
Renamed STRG-1840 and STRG-1842 2019-07-15 20:04:59 +02:00
Michael Boelen f8564f2923
[STRG-1840] renamed to USB-1000 2019-07-15 20:04:38 +02:00
Michael Boelen 52610e1abe
[STRG-1842] renamed to USB-2000 2019-07-15 20:00:14 +02:00
Michael Boelen 7ec81715aa
Minor cleanup 2019-07-15 19:57:23 +02:00