Commit Graph

62 Commits

Author SHA1 Message Date
Michael Boelen 2c9116dc0c
Changed action from flush to clear 2018-03-03 14:42:54 +01:00
Michael Boelen 5711868d9e
Extended help 2018-03-03 14:39:25 +01:00
Michael Boelen 5e9253e8f4
Add host identifier options and use manual configured setting in function 2018-02-16 19:29:08 +01:00
Michael Boelen 35e8c0ab3a
Added kernel.yama.ptrace_scope 2018-01-23 15:09:59 +01:00
Michael Boelen 2bf6a5e038
Overhaul of default profile settings and parsing 2018-01-23 15:01:02 +01:00
Michael Boelen 1504370e41
Added solution, extended timestamps key values, allow multiple values 2018-01-11 10:19:16 +01:00
Michael Boelen 4042c45954
Changes for new plugin class 'hardware' 2017-12-08 09:37:55 +01:00
Michael Boelen e4cb190237
Support for allow-auto-purge option in profiles 2017-11-25 16:11:04 +01:00
Michael Boelen f903b6f079
Allow tags and system-customer-name to be specified 2017-06-22 10:15:39 +02:00
Dave Vehrs 933b01ea1f Added kernel.dmesg_restrict to sysctl checks. (#404) 2017-06-14 14:06:04 +02:00
0ri0n 9e10fdfbc8 Adds Protected Links Checks (#389)
Fixes #386
2017-05-03 09:20:35 +02:00
Michael Boelen 4d2e0e5aab Added another certificate path for Plesk 2017-03-14 16:47:01 +01:00
Michael Boelen 35440d437c Support for Plesk certificates path 2017-03-14 16:42:51 +01:00
Michael Boelen a19a34cbf3 Allow data uploads to be configured in profile 2017-02-21 15:40:06 +01:00
Michael Boelen 8d6bc1ad21 Allow colored output to be configured from profile 2017-02-16 10:27:54 +01:00
Michael Boelen a7838f4d08 Added authentication plugin 2017-02-14 20:06:02 +01:00
Michael Boelen 304a5c20a9 Added paths for SSL certificates 2016-11-29 14:28:16 +01:00
Michael Boelen 13d4d3d6b7 Add remark for automatic updates and packages 2016-11-08 09:03:17 +01:00
marcus-cr 56ce017b4f Updated profiles (#300)
* Updated profiles

Added “personal” machine-role, changed “desktop” to “workstation”.

* Changed Default Profile

Amended roles of system: changed “desktop” to “workstation”, and added
“personal”.
2016-10-26 12:35:47 +02:00
Michael Boelen b6a9d294d8 Added missing separator 2016-10-15 15:15:40 +02:00
Michael Boelen 2cc3adf7ac Added new sysctl values 2016-10-05 09:50:34 +02:00
Michael Boelen 870ac295c6 Show possible solution with findings 2016-09-24 15:51:05 +02:00
Michael Boelen ad678eca74 Changed suggested value for kernel.randomize_va_space 2016-09-13 17:26:44 +02:00
Michael Boelen af00c1e8d1 Added more sysctl keys 2016-08-18 14:52:15 +02:00
Michael Boelen d95ab3d253 Support sysctl checks with multiple profiles 2016-08-18 14:35:20 +02:00
Michael Boelen e176011912 Allow repository update to be disabled 2016-08-11 10:01:29 +02:00
Michael Boelen 07a113e46e Set initial value for language and improve auto detection 2016-07-12 20:32:15 +02:00
Lukas Pirl 77634d578c expect value of sysctl:kernel.kptr_restrict to be 2 (#224)
from https://lwn.net/Articles/420403/:
  """
  The %pK format specifier is designed to hide exposed kernel
  pointers, specifically via /proc interfaces.  Exposing these
  pointers provides an easy target for kernel write vulnerabilities,
  since they reveal the locations of writable structures containing
  easily triggerable function pointers.  The behavior of %pK depends
  on the kptr_restrict sysctl. […] If kptr_restrict is set to 2,
  kernel pointers using %pK are printed as 0's regardless of
  privileges.
  """
2016-07-11 10:11:18 +02:00
Michael Boelen e22322920f More reorganizing as options will be deprecated 2016-07-05 19:57:43 +02:00
Michael Boelen bac442c6fe Migrate to new options, including skip-plugins 2016-07-05 17:26:27 +02:00
Michael Boelen cb73cbb968 Migration of several settings to new format 2016-07-05 16:49:50 +02:00
Michael Boelen 3ef81ed20d Textual change related to languages 2016-06-21 08:08:00 +02:00
Michael Boelen f851834dbd Added support for multiple languages 2016-06-11 14:09:41 +02:00
mboelen 4dcb9eccff Allow skipping of plugins with --skip-plugins or skip-plugins 2016-04-25 16:00:10 +02:00
mboelen a3075d2e8f Added error-on-warnings 2016-04-25 10:17:14 +02:00
mboelen f1a5c41b87 Add note and changed example of quick 2016-04-19 19:43:25 +02:00
mboelen 89efa9fae8 Added new profile option: quick 2016-04-19 12:03:04 +02:00
mboelen 9192f4bbb8 Changed sections into comment lines 2016-04-13 16:08:57 +02:00
mboelen c70be62f4e Added Let's Encrypt path /etc/letsencrypt 2016-03-24 13:44:28 +01:00
mboelen e399b49e1e Introduction of new style configuration file 2016-03-17 20:32:02 +01:00
mboelen 4d5ca94751 Changed URL 2016-02-16 14:48:49 +01:00
mboelen 2aa9b9a9b1 Changed custom URLs for hardening tips 2016-02-15 12:39:06 +01:00
mboelen f313b2edf8 Allow defining a proxy for data uploads 2016-01-07 12:57:24 +01:00
mboelen 252f774f57 Add upload_compressed option to profile 2015-12-21 11:37:27 +01:00
mboelen 4b83d7268d Added (future) CIS benchmarks to compliance standards 2015-10-08 16:24:40 +02:00
mboelen 3a4376baa5 Added profile settings for compliance standards like HIPAA, ISO27001/ISO27002 and PCI-DSS 2015-10-01 12:00:44 +02:00
mboelen 1a12d82ed6 Removed last newline 2015-09-07 21:11:51 +02:00
Laurent Quillerou 3cdd9ea949 Delete trailing whitespace 2015-09-07 18:35:07 +03:00
mboelen 3caaf0f744 Adjusted connections_max_wait_state 2015-07-14 00:34:38 +02:00
mboelen 0cc3a69be9 Additions to allow for automatic updates 2015-04-30 01:23:18 +02:00