tyler.durden
/
lynis
mirror of https://github.com/CISOfy/lynis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
700 Commits 2 Branches 63 Tags 18 MiB
Commit Graph

485 Commits

Author SHA1 Message Date
mboelen 84baf688c8 Renumber test and search for explicit yes value, log status 2015-09-07 11:26:09 +02:00
Michael Boelen f471bf9d96 Merge pull request #70 from kboratynski/auth-9407 
Wrote 'AUTH-9407' - logging failed login attempts.
 2015-09-07 11:19:40 +02:00
mboelen 5165e57b86 Added report option to store logging status of failed logins 2015-09-07 11:17:38 +02:00
mboelen 53840a4cfb Added variable for logging status of failed logins 2015-09-07 11:17:08 +02:00
mboelen fc27379452 Minor cleaning up and improved comment 2015-09-07 10:13:20 +02:00
Kamil Boratyński 0e97f7936f Wrote 'AUTH-9407' - logging failed login attempts. 2015-09-07 04:12:58 +02:00
mboelen a42e8feac2 Added Unbound status and configuration check, logging name cacher status to report file 2015-09-06 21:38:21 +02:00
mboelen 88caa85f59 Added default values for name cachers and Unbound status 2015-09-06 21:37:26 +02:00
mboelen 4a354c8479 Change ipfw to IPFW, change exeception ID for IPFW test 2015-09-06 17:42:56 +02:00
mboelen 10a300ddb7 Don't show pf status on screen when it is not available 2015-09-06 17:38:15 +02:00
Michael Boelen 8ab314cf07 Merge pull request #43 from rsmith-nl/ipfw 
Add test for 'ipfw' firewall on FreeBSD.
 2015-09-06 17:34:36 +02:00
mboelen 05dd1a6814 Remove systemctl to detect virtualization, use systemd-detect-virt instead 2015-09-05 18:51:36 +02:00
mboelen 461920ff72 Enabled dmidecode for virtualization detection 2015-09-05 18:41:04 +02:00
Michael Boelen 2fd7788b9b Merge pull request #58 from markruys/master 
More reliable and often faster check to determine virtualization.
 2015-09-05 17:34:18 +02:00
squid-cache-object 12d9b38288 Update tests_filesystems 2015-09-03 14:14:02 -07:00
Michael Boelen 3927d60b8e Merge pull request #69 from alobodzinski/name-4406-hostname-clash 
Do not let a hostname that is contained in "localhost" like "cal" tri…
 2015-09-03 17:35:25 +02:00
Alexander Lobodzinski e1a87794bc Do not let a hostname that is contained in "localhost" like "cal" trigger a false positive 2015-09-03 17:20:34 +02:00
mboelen d9b7d9a9fd Combined several potential mount option tests into 1 unit 2015-09-03 15:44:10 +02:00
mboelen f4c2bd52fb Ensure that docker is a file, not directory in /usr/libexec 2015-09-03 15:43:33 +02:00
mboelen 235b228fe2 Added vmtoolsd detection 2015-09-03 11:15:55 +02:00
dataking e37446521d include/tests_filesystems tweak 2015-09-01 11:50:07 -07:00
mboelen 2577caf66d Only show suggestion for ntpdate if ntpd isn't running 2015-09-01 17:40:05 +02:00
mboelen d2aaa9662e Changed test description 2015-09-01 16:10:16 +02:00
mboelen 18d97ce60e Use different status for unused firewall rules 2015-09-01 15:50:14 +02:00
mboelen 8cefc0f7b9 Show different status on screen when expired SSL certificates were found 2015-09-01 15:49:50 +02:00
mboelen d4b1812962 Changed screen output when finding old files in /tmp 2015-09-01 15:47:32 +02:00
mboelen 401bf26c91 NIS improvement for test 2015-09-01 13:37:55 +02:00
mboelen 7cb9e364c7 Proper filtering for IPv6 addresses 2015-08-31 13:23:17 +02:00
mboelen d1ae757240 Replaced -z for empty string testing 2015-08-20 18:50:30 +02:00
Michael Boelen afe30cf3a7 Merge pull request #56 from mpepping/master 
Comparison error when Docker is present, but the daemon is not running (or unset).
 2015-08-20 18:48:32 +02:00
mboelen 210ba41a3c Improved umask detection and logging 2015-08-20 18:46:06 +02:00
mboelen 649f0cfb3c Improved BOOT-5180 detection for newer systems like Debian 8 and screen output enhancement 2015-08-20 18:37:03 +02:00
mboelen 7bd91675fe Improved debug logging 2015-08-19 16:20:21 +02:00
mboelen 0c2a9daef9 Show help on screen 2015-08-19 16:19:14 +02:00
mboelen 8c1e1f29a3 Additional logging 2015-08-19 16:02:50 +02:00
mboelen 2e87b8fde9 Apply additional checks on first cURL command execution 2015-08-19 15:51:52 +02:00
mboelen c153344240 Capture self-signed certificates during upload with cURL 2015-08-19 15:31:24 +02:00
Mark Ruys 919e48001d More reliable and often faster check to determine virtualization. 2015-07-27 12:38:13 +02:00
Martijn Pepping 25c8567b57 Fixed an comparison error when Docker is present, but the daemon is not running (or unset). 2015-07-24 23:58:50 +02:00
Mark Ruys c998924b51 Fix STRG-1840 (Check for disabled USB storage) 2015-07-24 15:11:39 +02:00
mboelen dd66273f41 Removed unused categories 2015-07-22 18:28:34 +02:00
mboelen db131518f0 Clean up code 2015-07-22 17:37:39 +02:00
mboelen afd01ece5d Remove incomplete tests, code enhancements 2015-07-22 17:37:11 +02:00
mboelen 66fb369593 Copyright line changes and cleanups 2015-07-22 16:28:11 +02:00
mboelen 17c44ced52 Include examples and clarify usage 2015-07-22 14:57:57 +02:00
mboelen 8f9a616854 Add more descriptive text to the template 2015-07-22 14:26:25 +02:00
mboelen 2b1061ef14 Added suggestions for Solaris auditing 2015-07-22 13:47:44 +02:00
mboelen fd5c968d16 Cleaning up some lines 2015-07-22 13:44:30 +02:00
mboelen afaecd9512 Removing deprecated strings and cleaning up 2015-07-22 12:21:36 +02:00
mboelen 95d08a735a Optimizing code, cleaning up 2015-07-22 12:20:27 +02:00
mboelen e06d706c83 Optimizing code, cleaning up 2015-07-22 12:20:03 +02:00
mboelen 6857f01500 Added LDAP configuration file location to report, and code cleanups 2015-07-16 17:02:15 +02:00
James White f341b01e4d Fix false positive matches with unsafe ports on SQD-3624 
The grep statement needs to be modified to prevent tagging port values that contains a value in `SQUID_DAEMON_UNSAFE_PORTS_LIST` but aren't actually the listed port.
 2015-07-15 11:50:56 +01:00
Michael Boelen 4266992f6b Merge pull request #39 from aneeshusa/check-locate-preqs 
Prevent the locate test from running spuriously when locate is not present.
 2015-07-14 00:55:47 +02:00
Michael Boelen 6694add635 Merge pull request #38 from aneeshusa/update-systemd-sulogin-detection 
Update check for sulogin under systemd.
 2015-07-14 00:49:40 +02:00
mboelen e8111a124f Increase default minimum amount of connections before alerting 2015-07-14 00:31:59 +02:00
mboelen 7d30538311 Added missing bracket 2015-06-17 17:13:44 +02:00
mboelen b947bb085c Changed detection, added examples of fstab entries 2015-06-17 17:06:51 +02:00
mboelen f34e59663f Report hardening index, even when report is not shown 2015-06-11 20:50:19 +02:00
mboelen f0026427bb Textual changes 2015-06-11 13:58:30 +02:00
mboelen 0d4b25d308 Disable suggestion for this test 2015-06-11 13:58:16 +02:00
mboelen e13a9087ea Added compilers to report 2015-06-11 13:57:57 +02:00
mboelen 72feac9638 Added additional legal words for banner usage 2015-06-11 13:57:37 +02:00
mboelen 785ac74f91 Moved tests to new container group 2015-05-27 12:36:34 +02:00
mboelen 5f3c47df68 Added debsecan, debsums and kernel package counting 2015-05-27 12:35:56 +02:00
mboelen 7f0fbcf359 Initial import for container category 2015-05-27 12:34:01 +02:00
mboelen f60011eb1b Removing tests which were already performed in authentication section. 2015-05-27 11:43:08 +02:00
mboelen 917c790ecc Changed text 2015-05-27 11:42:31 +02:00
mboelen fe636c7d6c Docker support 2015-05-27 11:25:35 +02:00
mboelen 30b9b1edd9 Added support for Docker binary 2015-05-27 11:25:07 +02:00
mboelen bb696a04f1 Improved detection of directories in logrotate 2015-05-26 11:13:47 +02:00
mboelen c70f3e93cd Cleanup of screen output, with focus on minimum output 2015-05-26 11:13:23 +02:00
mboelen a1095ef941 Improved swap detection and added UUID check 2015-05-26 11:12:36 +02:00
mboelen 3c3bb2d0db Do not show auditd suggestion for OpenVZ systems 2015-05-26 11:11:42 +02:00
mboelen 1a04109dad Extended descriptions 2015-05-26 11:11:15 +02:00
mboelen 52b8c3a6a7 Added VMTYPE 2015-05-26 11:10:50 +02:00
mboelen b885b9f84f Add missing pipe 2015-05-25 23:20:52 +02:00
mboelen 1d1aa3c966 Improved kernel detection on Slackware 2015-05-25 23:17:42 +02:00
mboelen 2f0e9f0981 Changed last line 2015-05-25 23:17:21 +02:00
mboelen ef2b12e218 Added block and character type devices as symlinks 2015-05-25 23:17:08 +02:00
mboelen 3f3ced806e Changed last line 2015-05-25 23:16:45 +02:00
mboelen 7854eeae20 Chronyd support, finishing test 2015-05-25 17:45:41 +02:00
mboelen 1c07e6fa2c New test TIME-3106, Chronyd and systemd-timesyncd support 2015-05-25 17:33:51 +02:00
mboelen 45114e6557 Chef support added 2015-05-25 17:20:58 +02:00
mboelen f3bd9ca9ad Display only the tools actually found, to keep screen output as clean as possible 2015-05-17 23:22:54 +02:00
mboelen 46f9a3dec8 Log file integrity monitoring tool, adding support for lfd (CSF) tool 2015-05-17 23:01:38 +02:00
mboelen 283e198c23 Improved detection of blacklisted/disabled modules 2015-05-17 23:00:28 +02:00
mboelen 893e17d982 Added new AddSystemGroup function 2015-05-13 14:45:50 +02:00
mboelen 5729189349 Added additional legal words for banners 2015-05-13 14:45:16 +02:00
mboelen c37e2eb9eb Extended Sophos detection 2015-05-04 13:37:36 +02:00
mboelen 22810e58e7 Replace existing update check options with new helper utility 2015-04-30 01:28:33 +02:00
mboelen 943b944a13 New profile options for automatic updates 2015-04-30 01:28:05 +02:00
mboelen 0e581e6ad7 Initial import of helper for automatic updates 2015-04-30 01:27:36 +02:00
mboelen 8ae3cfd5ad Remove unused variable 2015-04-30 01:25:18 +02:00
mboelen 1ece78f1a8 Set default for showing program details at start 2015-04-30 01:23:47 +02:00
mboelen 508cf7ac71 Added missing space 2015-04-29 19:58:13 +02:00
mboelen 6a0417da8b Added Python and updated PHP description 2015-04-29 14:20:46 +02:00
mboelen 70e20d514c Ensure that only one value is provided 2015-04-29 13:53:40 +02:00
mboelen 2cd57933b6 Correction of Display function 2015-04-29 11:57:57 +02:00
mboelen aa8410477e Performance tuning by removing full listing of binaries from log 2015-04-29 11:57:30 +02:00
Roland Smith 1bb5b4b0a6 FreeBSD uses the bsdrc service manager. 
With this patch, a run on my machine returns:

    [+] Initializing program
    ------------------------------------
    - Detecting OS...  [ DONE ]

    ---------------------------------------------------
    Program version:           2.1.1
    Operating system:          FreeBSD
    Operating system name:     FreeBSD
    ...

    [+] Boot and services
    ------------------------------------
    - Service Manager [ bsdrc ]
 2015-04-27 20:09:18 +02:00
Roland Smith db828b5e03 Used service(8) to discover running services. 
On all supported FreeBSD releases, the service(8) program can be used to
discover which services are running. This program has been added to the test
for binaries. If available, it will be used to test for services. If not, the
original code that parses /etc/rc.conf is used.

On my system, the following information is produced in the logfile:

    [19:51:22] Performing test ID BOOT-5165 (Check for FreeBSD boot services)
    [19:51:22] Searching for services at startup (service)
    [19:51:23] Found service (service/rc.conf): bgfsck
    [19:51:23] Found service (service/rc.conf): cleanvar
    [19:51:23] Found service (service/rc.conf): cron
    [19:51:23] Found service (service/rc.conf): cupsd
    [19:51:23] Found service (service/rc.conf): dbus
    [19:51:23] Found service (service/rc.conf): devd
    [19:51:23] Found service (service/rc.conf): dmesg
    [19:51:23] Found service (service/rc.conf): dnsmasq
    [19:51:23] Found service (service/rc.conf): gptboot
    [19:51:23] Found service (service/rc.conf): hostid
    [19:51:23] Found service (service/rc.conf): hostid_save
    [19:51:23] Found service (service/rc.conf): ip6addrctl
    [19:51:23] Found service (service/rc.conf): ipfw
    [19:51:23] Found service (service/rc.conf): mixer
    [19:51:23] Found service (service/rc.conf): motd
    [19:51:23] Found service (service/rc.conf): newsyslog
    [19:51:23] Found service (service/rc.conf): nginx
    [19:51:23] Found service (service/rc.conf): openntpd
    [19:51:23] Found service (service/rc.conf): postfix
    [19:51:23] Found service (service/rc.conf): powerd
    [19:51:23] Found service (service/rc.conf): sendmail
    [19:51:23] Found service (service/rc.conf): smartd
    [19:51:23] Found service (service/rc.conf): syslogd
    [19:51:23] Found service (service/rc.conf): virecover
    [19:51:23] Found 24 services/options to run at startup

The report shows:

    [+] Boot and services
    ------------------------------------
    - Service Manager [ UNKNOWN ]
    - Checking presence FreeBSD loader [ FOUND ]
    - Checking services at startup (service/rc.conf) [ DONE ]
    Result: found 24 services/options set
 2015-04-27 19:58:07 +02:00
Roland Smith 4d94227a08 Find FreeBSD service binary. 2015-04-27 19:33:11 +02:00
Roland Smith a0b20fcfe3 Wrap ipfw test in SKIPTEST block. 2015-04-27 18:26:39 +02:00
Roland Smith ded7e95a14 Check if ipfw is enabled in rc.conf. 2015-04-27 18:24:18 +02:00
Roland Smith 5d7dc80481 Initial version of IPFW test (FreeBSD). 2015-04-27 18:24:11 +02:00
Aneesh Agrawal bfd24585cf Pass information about locate prereqs to Register. 
Prevent the locate test from running spuriously when locate is not
present
 2015-04-27 03:31:43 -04:00
Aneesh Agrawal d282fbfc9c Update check for sulogin under systemd. 
The default rescue.service unit file was updated
in the systemd repo on Jan 23, 2015
to allow for sulogin location variability.
 2015-04-27 03:13:42 -04:00
mboelen 474d69dfd6 Added /usr/lib64/apache2 as search path 2015-04-24 13:31:49 +02:00
mboelen cd78379906 Extended screen output when upload fails 2015-04-22 11:02:22 +02:00
mboelen ec5e9cbecf Extending ShowSymlinkPath function to account for missing -f option 2015-04-22 00:57:58 +02:00
mboelen c397b20b68 Initialize some variables for cleaner output 2015-04-22 00:57:35 +02:00
mboelen 0d900536a5 Remove priority label 2015-04-21 16:03:14 +02:00
mboelen 94607e4ae4 Redirect sysctl errors properly 2015-04-20 11:35:02 +02:00
mboelen a6290d1bec Enhance screen output on Mac OS 2015-04-19 22:10:27 +02:00
mboelen 4c8a6dc3d2 Rename of package auditing tool, for upcoming plugin/module 2015-04-17 15:50:46 +02:00
mboelen a29335823f Improved core dump checking 2015-04-16 20:00:09 +02:00
mboelen 017c145357 Zypper enhancements 2015-04-16 19:59:51 +02:00
mboelen 3bce5191ef Apply group check on all groups when using AIX 2015-04-16 19:00:03 +02:00
mboelen de60926705 Changed sed statement 2015-04-13 22:06:14 +02:00
mboelen 95d5cabdb2 Ensure sysctl is present before calling it 2015-04-07 17:20:11 +02:00
mboelen 7ad2dd5480 Change pf firewall detection 2015-04-07 17:19:49 +02:00
mboelen e21e8679e0 Check also /var and assign hardening points 2015-04-07 17:19:25 +02:00
mboelen 7785c5a610 Improved report output 2015-04-07 17:18:54 +02:00
mboelen f85d33fe42 Improved text for malware scanner suggestion 2015-04-07 17:17:35 +02:00
mboelen d5bdde7a93 Changed counting with -m to support locale 2015-04-02 13:29:18 +02:00
mboelen d2175e833d Change description of test 2015-04-01 14:45:12 +02:00
mboelen c2bbf4a0a7 Improved detection for McAfee anti-virus (cma) 2015-04-01 14:22:53 +02:00
mboelen 003d4857bb Updated last line 2015-03-31 19:20:57 +02:00
mboelen d16732a47a Smart replacement does not work on Solaris, rewriting domain extraction from FQDN 2015-03-31 19:20:42 +02:00
mboelen f9c79007b8 Updated functions for checking permissions on files 2015-03-25 17:31:47 +01:00
mboelen 9978e5c824 Using return codes and minor cleanups of code 2015-03-25 17:31:17 +01:00
mboelen 30bc903c5a Using return codes for file permission checks 2015-03-25 17:30:13 +01:00
mboelen c94269c1d1 Add lynis audit dockerfile as option 2015-03-25 16:49:02 +01:00
mboelen e1d96752f2 Removed variable 2015-03-25 16:48:39 +01:00
mboelen 5ecbaafa4f Use improved function with return values 2015-03-25 16:47:37 +01:00
mboelen 355bf37459 Changed copyright line 2015-03-25 15:55:46 +01:00
mboelen 7f97bfa973 Typos corrected 2015-03-25 15:55:29 +01:00
mboelen 3cda4cf562 Added CUPS location for Mac OS 2015-03-23 21:38:37 +01:00
mboelen bdf8347162 Don't require sha1sum AND openssl AND csum, but just one of them to exist 2015-03-19 00:03:58 +01:00
mboelen 9932e878b1 Clarified message 2015-03-18 16:06:02 +01:00
mboelen 0e321e1c6b Improved host ID generation on AIX systems 2015-03-18 15:35:37 +01:00
mboelen e1a3d59f8d Added csum binary detection for AIX systems 2015-03-18 15:35:11 +01:00
mboelen 8b2da6329e Changed path names into variables 2015-03-18 10:40:59 +01:00
mboelen 49414f8b06 Check if value after access_log option is filled 2015-03-17 19:02:46 +01:00
mboelen a12876e472 Test for presence of CSF 2015-03-17 18:06:00 +01:00
mboelen 8201510d6a Check timeout sessions and if they are readonly 2015-03-17 17:58:58 +01:00
mboelen 332277b7e1 Enhance timeout check and ensure there are .sh files in /etc/profile.d 2015-03-17 14:55:03 +01:00
mboelen c8e17e317d Redirect sysctl error output 2015-03-09 14:09:59 +01:00
mboelen 7e912be0af Clarify the main purpose of the tooling 2015-02-25 20:33:48 +01:00