tyler.durden
/
lynis
mirror of https://github.com/CISOfy/lynis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
3,156 Commits 2 Branches 63 Tags 18 MiB
Commit Graph

3156 Commits

Author SHA1 Message Date
Jim dabac5bf89
Change timesync sync file, fixes #1012 2020-08-23 22:41:19 +02:00
danielorihuelarodriguez@gmail.com c857ee7cf2 fix: take into account unlocked system accounts 2020-08-23 19:54:59 +02:00
Simon Biewald bd7131f6db Detect sysstat systemd unit 2020-08-19 20:47:09 +00:00
danielorihuelarodriguez@gmail.com 6bad6b058b feature: gather locked accounts info 2020-08-10 19:27:43 +02:00
Steve Kolenich f65f4d011b Improve detecting kernel version on disk 
Improve handling of kenrel files
/boot/vmlinuz-linux-lts
/boot/vmlinuz-linux
/boot/vmlinuz-lts
by updateing RegEx and adding elif
this corrects issue where version is identified
as 'linux' or 'lts' causing false report that a
reboot is needed
 2020-08-10 12:27:30 -04:00
Steve Kolenich ec551d732d Added Alpine Linux EOL dates 2020-08-10 12:26:55 -04:00
Claudia 48e794574a
Add macOS EOL 
Apple doesn’t disclose when it stops providing security updates for
macOS versions. There’s no consensus on when the exact EOL date is.

Lacking that information, I applied the following ruleset, which is
driven by what people have observed, and seems pragmatic enough:

- From Mac OS X 10.0 through 10.4, a version 10.N would be considered
  EOL on the day the first patch-level update 10.(N+2).1 for its
  N+2 successor was released.

- Starting with 10.5, Apple began to support three versions at the same
  time. For 10.5 itself, the EOL date is difficult to pin down so I
  went with 2011-06-23, the date given by the English-language
  Wikipedia.

- From 10.6 through 10.11, a version 10.N would be considered EOL on
  the day the first patch-level update 10.(N+3).1 for its N+3 successor
  was released.

- Starting with macOS Sierra (10.12), Lynis counts the patch level.
  Any version 10.N.P can be considered EOL on the day 10.N.(P+1)
  is released. If that hasn’t happened, the EOL date is the day
  10.(N+3).1 is released. If neither has been released, 10.N.P has
  no EOL date.
 2020-08-08 19:11:44 +02:00
Michael Boelen 7df0b8618b
Updated log 2020-08-07 11:56:19 +02:00
Michael Boelen 792a202934
Merge pull request #913 from topimiettinen/check-der-certs 
[CRYP-7902] Check also certificates in DER format
 2020-08-07 11:54:39 +02:00
Michael Boelen 4206177081
Merge pull request #981 from Varbin/openntpd-equals 
[TIME-3180, TIME-3181, TIME-3182] Fix OpenNTPD tests
 2020-08-07 11:50:22 +02:00
Michael Boelen 9715c21c71
Merge pull request #957 from Varbin/rsh-permissions 
rsh host file permissions
 2020-08-07 11:48:13 +02:00
Michael Boelen 30e0fed04f
Merge pull request #993 from Varbin/more-cron-ntp 
[TIME-3104] Find more time synchronization commands
 2020-08-07 11:46:51 +02:00
Michael Boelen 21311364e7
Merge pull request #980 from Varbin/953-timesyncd-no-dbus 
Fix timesyncd detection on systems without dbus.
 2020-08-07 11:44:06 +02:00
Michael Boelen 343e9bdc1c
Merge pull request #974 from igloonet/feature/warn-slow-settting 
Command line option for slow test threshold
 2020-08-07 11:39:39 +02:00
Michael Boelen 3173dd8010
Merge pull request #1002 from kolenichsj/master 
Adding Alpine Linux to OSDetection
 2020-08-07 11:37:31 +02:00
Steve Kolenich 33d8e8e00b Adding Alpine Linux to OSDetection 2020-08-06 20:15:18 -04:00
Michael Boelen 138cce7f9c
Update CHANGELOG.md 2020-08-05 11:50:37 +02:00
Michael Boelen 30c8a92594
Merge pull request #994 from konstruktoid/issue992 
add Microsoft Defender ATP, malware scanner
 2020-08-05 11:49:32 +02:00
Michael Boelen c0ddfd0f77
Changed suggestion text for 4+ months old version 2020-08-04 09:39:05 +02:00
Michael Boelen 65cc4daa57
Update CHANGELOG.md 2020-08-04 09:26:50 +02:00
Michael Boelen 55c65aeddd
Merge pull request #997 from quantumpacket/patch-4 
Add PHP 7.4 Detection Paths
 2020-08-04 09:23:16 +02:00
0ri0n f988e573db
Add missing PHP 7.4 check for BSD 2020-07-27 13:59:46 -04:00
0ri0n 9b388518de
Add PHP 7.4 Detection Paths 2020-07-26 23:33:34 -04:00
Thomas Sjögren baf5f7ad4d add Microsoft Defender ATP, malware scanner 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2020-07-21 23:56:47 +02:00
Simon Biewald e27208a342
use STATBINARY, put filename in variable 2020-07-10 00:48:12 +02:00
Simon Biewald 7ba220811f
use = instead of == 2020-07-10 00:41:45 +02:00
Simon Biewald 092fe08c40
shellcheck: check exit code directly 2020-07-10 00:40:36 +02:00
Simon Biewald d4639b3c6a
find more cron ntp clients, iterate over cron files with glob 2020-07-10 00:29:35 +02:00
Simon Biewald 9107867fa1
use correct regex and comparison to match peers 2020-07-09 18:57:01 +02:00
Simon Biewald df7c6257a5
compare correct stuff in openntpd tests 
I accidentially compared rubbish in the openntpd tests,
thus they were not executed at all.
Additionally, == was used instead of =.
 2020-07-09 18:41:09 +02:00
Simon Biewald 38b6105c60
add new test to test database 2020-07-09 18:27:02 +02:00
Simon Biewald b2be7c160e
detect and test for timesyncd w/o working timedatectl 
On systems without dbus timedatectl does not work.

Thus it is checked if timesyncd currently runs and when
/run/systemd/timesyncd/synchronized was last modified.
Timesyncd touches this file on any sucessfull synchronization.
This is documented in systemd-timesyncd(8).

The new test for successfull documentation has the id TIME-3185.
 2020-07-09 18:19:35 +02:00
Kepi a2e752a8db [functions] ParseNginx: Ignore empty included wildcards 
Its ok to have empty directories included. We should not output errors with
lsbinary unable to find anything there.
 2020-07-07 15:38:19 +02:00
Kepi de18ddc2c0 [functions] ParseNginx: Support include on absolute paths 
Includes can be absolute paths too. This is quick fix counting on fact that
absolute paths have slash at start.
 2020-07-07 15:37:56 +02:00
Michael Boelen 6355360972
Update CHANGELOG.md 2020-07-07 12:29:57 +02:00
Michael Boelen 9165cb76fa
Merge pull request #972 from igloonet/fix/FILE-6425-no-modprobe-d 
[FILE-6430] Don't grep nonexistant modprobe.d files
 2020-07-07 12:29:11 +02:00
Michael Boelen a2387e82e8
Merge pull request #977 from Firesphere/patch-1 
Update HAPPY_USERS.md
 2020-07-07 12:22:36 +02:00
Simon Erkelens 2c928a4151
Update HAPPY_USERS.md 2020-07-07 15:05:50 +12:00
Michael Boelen 6eae35e564
Fix for too short IDs due to hexdump output missing leading or trailing zeroes 2020-07-06 09:26:27 +02:00
Michael Boelen 7b6624f85d
Updated log 2020-07-06 09:25:56 +02:00
Kepi f94817f66f Command line option for slow test threshold 
IMHO it should be OK to run long tests if we count with it.

Example:

    lynis audit system --slow-warning 300

Will warn when test takes longer than 300 seconds, instead of default 10.
 2020-07-02 23:42:28 +02:00
Kepi 9d52395952 [FILE-6430] Don't grep nonexistant modprobe.d files 
We don't want to grep files in modprobe.d when dir is empty. Uses same approach
as in USB-1000.
 2020-07-02 18:22:03 +02:00
Michael Boelen 1da058d6de
Corrected Amazon Linux entries 
Switched entries and added a note. Due to matching by regular expression, the shortest match would otherwise always win.
 2020-06-30 09:01:29 +02:00
Michael Boelen ac28c281b6
Updated log 2020-06-28 14:58:32 +02:00
Michael Boelen ea38da3439
Add /etc/os-release detection of Linux Mint 2020-06-28 14:58:23 +02:00
Michael Boelen 0eaa9bc9c5
Updated log 2020-06-27 13:31:52 +02:00
Michael Boelen b35e99a0b6
Merge pull request #970 from chrislynch8/chrislynch8 
Fix for Issues #964 - Pop!_OS added to osdetection
 2020-06-27 13:30:10 +02:00
Chris Lynch 5b11c468eb Fix for Issues #964 - Pop!_OS added to osdetection 2020-06-27 10:44:31 +01:00
Michael Boelen 73ee7d9985
Merge pull request #966 from konstruktoid/suseeol 
add SUSE Linux Enterprise Server EOL
 2020-06-27 10:23:41 +02:00
Michael Boelen b94a842e19
Updated log 2020-06-27 10:21:31 +02:00