tyler.durden
/
lynis
mirror of https://github.com/CISOfy/lynis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
1,642 Commits 2 Branches 63 Tags 18 MiB
Commit Graph

1149 Commits

Author SHA1 Message Date
Michael Boelen 6b79f38b82 Add then statement 2016-10-15 11:35:07 +02:00
Michael Boelen 76277f1bf9 Added process detection for Little Snitch 2016-10-15 11:30:12 +02:00
Michael Boelen 19bfb4a7a4 Version information for macOS 2016-10-15 11:27:04 +02:00
Michael Boelen fba5140150 [FIRE-4534] detection of Little Snitch 2016-10-15 11:26:51 +02:00
Michael Boelen 7dd3c27b97 Improvements for macOS 2016-10-15 10:43:45 +02:00
Michael Boelen 32711e4155 Added missing quote 2016-10-14 08:57:47 +02:00
Michael Boelen c87e423196 Added HOSTID2 for macOS platform 2016-10-14 08:49:00 +02:00
Michael Boelen 063f50f39c Add upload-only command 2016-10-13 20:15:00 +02:00
Michael Boelen 622d15321b Added clamconf binary 2016-10-06 11:15:28 +02:00
Michael Boelen e5e4262fba New group system integrity 2016-10-05 09:50:20 +02:00
Michael Boelen 0cc27b956e New test INSE-8050 2016-10-05 09:50:06 +02:00
Michael Boelen f0cfab3f04 Style changes and improved detection of Red Hat based clones 2016-09-27 11:20:35 +02:00
Michael Boelen 9caf3005b5 Style improvements and hardening points 2016-09-26 12:05:30 +02:00
Florian Heigl 343eb5304f Add support for Rudder configuration management (#284) 
Rudder (http://www.rudder-project.org) is a config management tool with automatic reporting / dynamic policy adjustment.
The "dynamic" bit happens using FusionInventory.
The config management part uses CFEngine under the hood.
I don't know if hw/os inventory tools also matter in the Lynis report, if yes, I can look into that too.

This patch extends the path searched to detect a running CFEngine agent (and fileserver daemon)
Since the agent is the same, this should immediately detect it.
 2016-09-26 10:34:38 +02:00
Michael Boelen a3f57e6d01 Mark tests PKGS-7320 and PKGS-7322 as Linux-only 2016-09-24 16:17:11 +02:00
Michael Boelen 870ac295c6 Show possible solution with findings 2016-09-24 15:51:05 +02:00
Michael Boelen 98d9096739 Mark arch-audit as a package audit tool 2016-09-24 15:36:45 +02:00
Michael Boelen 1418e0404b Extended message for arch-audit 2016-09-24 15:34:31 +02:00
Michael Boelen fb88bcaf1f Style improvements 2016-09-24 15:34:05 +02:00
Michael Boelen 263c0b558b Changes to show more details for warnings 2016-09-24 15:27:42 +02:00
Michael Boelen 1bc29ebb2e Added solution to arch-audit test 2016-09-24 15:20:24 +02:00
Michael Boelen 35ef5988e6 Add details to warnings 2016-09-24 15:16:41 +02:00
Michael Boelen 1063c8f3e8 Replace calls to binaries and changes in output within report 2016-09-24 15:07:20 +02:00
Michael Boelen 780e66ea81 Use OS full name to detect distribution 2016-09-24 14:58:30 +02:00
Michael Boelen db419495bf Added support for arch-audit tooling 2016-09-24 14:49:14 +02:00
Michael Boelen 9d91f7dac7 [PKGS-7381] Improved output of log and warning 2016-09-22 14:54:55 +02:00
Michael Boelen 6a7ec8795a [PKGS-7381] Collect FreeBSD details for vulnerable packages 2016-09-22 14:47:06 +02:00
Alex Zepeda 100afa5f5b Skip NTP checks from within a FreeBSD jail (#281) 2016-09-22 11:39:55 +02:00
Michael Boelen 76aece2e61 Removed warning and added more report data 2016-09-14 13:15:10 +02:00
Michael Boelen df2fff6cc7 Added NAME-4408 to check localhost to IP mapping 2016-09-13 17:27:25 +02:00
Michael Boelen 86051feaf8 Correct ServerAlias test 2016-09-10 16:16:58 +02:00
Michael Boelen 903016df36 Code cleanups and generic enhancements 2016-09-10 16:12:44 +02:00
Michael Boelen 2534fb99a9 Added file, head, mount, uname, uniq, wc, and xargs 2016-09-10 16:12:15 +02:00
Michael Boelen 9e7dfd52d8 Initialize variables for binaries 2016-09-10 16:11:43 +02:00
Michael Boelen 2b005afd04 Add cut and sed to binary list 2016-09-08 21:04:35 +02:00
Michael Boelen 82ededed31 Style improvements and command replacements 2016-09-08 21:04:17 +02:00
Michael Boelen 81d8486cb0 [CRYP-7902] Gather more certificate details and style improvements 2016-09-08 21:04:02 +02:00
BlueC0re a596bdc349 added TRBINARY + fix nftables check (#276) 
fixes #273
 2016-09-06 20:58:30 +02:00
Michael Boelen 5b2d1570db [KRNL-5820] Corrected function and style changes 2016-09-06 20:57:47 +02:00
Michael Boelen 737b9359ae Renamed tr command 2016-09-05 22:01:02 +02:00
Michael Boelen 1a832476bb [TIME-3104] Changed timedatectl test 2016-09-05 19:48:23 +02:00
alobodzinski 01c687eb55 FILE-6336: Fixed flawed logic: work correctly even if there is no swap at all (#272) 2016-09-05 19:30:04 +02:00
Michael Boelen 0a0453e1bc [FILE-6344] Adjusted /proc test 2016-09-05 19:28:44 +02:00
Michael Boelen 2eb6d908e1 Style improvement and extended log messages 2016-09-05 12:56:58 +02:00
Michael Boelen 2942b4196b Added test FIRE-4540 and textual changes 2016-09-05 12:29:04 +02:00
Michael Boelen cbed07cdb2 [LOGG-2146] Changed text and style 2016-09-05 11:54:42 +02:00
Michael Boelen 04f9fae67c [FIRE-4520] Use discovered pfctl binary and style improvement 2016-09-05 11:22:39 +02:00
Michael Boelen 042e52c0b9 [FIRE-4520] Remove suggestion 2016-09-05 11:21:27 +02:00
Michael Boelen 08036358ea Style changes 2016-09-01 17:33:18 +02:00
Rutger van Sleen 67b1abedfa Fix sed syntax for ServerAlias removal 
When a Apache config directive is in use, it has whitespace(s) or nothing at all prepended. Assuming that it always has a space before it doesn't have to match.
 2016-08-30 20:03:38 +02:00
afa- 4e139f4d71 Check for arpon as ARP monitoring software (#267) 2016-08-29 19:31:17 +02:00
alobodzinski 639c5adc72 Fixed cut-and-paste error (#265) 2016-08-29 19:31:06 +02:00
Mark Ruys e6a829b6ed GlusterFS mounts are nodev and nosuid by default, and are invalid mount options. So ignore GlusterFS mount points. (#268) 2016-08-29 19:30:48 +02:00
Michael Boelen 1ea2578494 Split of Docker tests 2016-08-29 19:26:35 +02:00
Michael Boelen facb68bc32 Added base64 binary 2016-08-29 10:06:41 +02:00
Michael Boelen a425e9b0a1 Added 'details' to help 2016-08-26 14:08:24 +02:00
Michael Boelen fdf3ded89f New command 'lynis show details' to display test details 2016-08-26 14:05:20 +02:00
Michael Boelen 8de53d87be Added missing dollar sign 2016-08-26 11:59:51 +02:00
Michael Boelen 679e8c628e Use detected binaries 2016-08-25 15:31:33 +02:00
Michael Boelen a6b04a3ace Added sort to list of binaries 2016-08-25 15:30:25 +02:00
Michael Boelen 2f4d65b831 Style changes 2016-08-25 15:25:51 +02:00
Michael Boelen dfb025a863 [AUTH-9204] style changes and add data to report 2016-08-25 15:18:44 +02:00
Michael Boelen cc5142329b [FILE-6362] added details 2016-08-24 11:37:25 +02:00
Michael Boelen e3af7c3727 [DBS-1816] Set skip reason variable 2016-08-24 11:36:51 +02:00
Michael Boelen 5ab139931d [FILE-6362] optimized test, style, removed warning 2016-08-24 11:36:16 +02:00
Michael Boelen c11f7fc1ce Do not show update message when using 'show' helper 2016-08-23 20:21:26 +02:00
Michael Boelen b85c782fae Added LOGG-2192 test 2016-08-22 12:21:43 +02:00
Michael Boelen c061d31bde Change text of AppArmor test and add more details to report 2016-08-22 12:12:38 +02:00
Michael Boelen b01c801a39 Added aliases for --tests-from-group 2016-08-18 22:00:05 +02:00
Michael Boelen 7744aa87ad [BOOT-5108] Support for Syslinux bootloader 2016-08-18 15:31:51 +02:00
Michael Boelen 8fcc2d7e12 [LOGG-2190] ignore files in /tmp caused by early MySQL 5.x releases 2016-08-18 15:25:57 +02:00
Eric Light b1bf319f18 Filter out open+deleted files held by MySQL <5.6 (#210) 
Resolves #209
 2016-08-18 15:09:59 +02:00
Michael Boelen d95ab3d253 Support sysctl checks with multiple profiles 2016-08-18 14:35:20 +02:00
cnrat 4368b59a1d Fix FILE-6344 bug (#263) 
The result of mount command returns like
/proc on /proc type proc (rw,hidepid=2)

Witch means the regular expression should be '^/proc' not '^proc' or you can grep nothing. :P
 2016-08-18 11:48:45 +02:00
Michael Boelen 0050c993f8 [FILE-6374] Improved logging 2016-08-17 11:54:57 +02:00
Michael Boelen 315c619825 [KRNL-5830] Improved logging 2016-08-17 11:49:02 +02:00
Michael Boelen 0dab1e9308 Allow multiple level of includes 2016-08-16 08:36:42 +02:00
Michael Boelen 4b96452dab Clean out unneeded file 2016-08-16 08:11:51 +02:00
Michael Boelen 1b30f6e558 Extended nginx testing 2016-08-16 08:08:15 +02:00
Michael Boelen 2bbc17868d Added --bin-dirs option 2016-08-16 08:07:52 +02:00
Michael Boelen c730a3185e Add StoreNginxSettings function to store parsed nginx configuration 2016-08-16 08:07:08 +02:00
Michael Boelen a0e289d73f Replace / with root directory 2016-08-15 20:00:54 +02:00
Michael Boelen 242f91ab97 Added --rootdir for forensics 2016-08-15 19:50:52 +02:00
Michael Boelen bf7b8ab44e Changed text for Redis test 2016-08-14 20:43:05 +02:00
Michael Boelen db88216326 Define Redis (server) running status in report 2016-08-13 17:05:38 +02:00
Michael Boelen 05585fab62 Add support for multiple Redis configuration files and permission check 2016-08-13 17:03:36 +02:00
Michael Boelen e06db1477d Add notebook hardware detection 2016-08-13 16:38:07 +02:00
Michael Boelen 67a636f351 Merge branch 'master' of https://github.com/CISOfy/lynis 2016-08-13 11:19:15 +02:00
Michael Boelen a928d57804 Add more details to report 2016-08-13 11:18:34 +02:00
Michael Boelen 1ae7028982 Add details on why a test is skipped 2016-08-13 11:17:01 +02:00
Michael Boelen 89cb348950 Variable for reason why tests are skipped 2016-08-13 11:16:37 +02:00
Michael Boelen bc87855b6f Aligning of code 2016-08-13 11:16:08 +02:00
Michael Boelen ed9c6190a7 Corrected setting display for show-tool-tips 2016-08-13 11:15:48 +02:00
Michael Boelen e0f50e9e25 Always register strict code checking in settings 2016-08-13 11:13:44 +02:00
Michael Boelen 075a69e125 Extended example 2016-08-13 10:48:35 +02:00
Michael Boelen d5a5cc3173 Allow logging a custom reason to skip a test 2016-08-13 10:16:15 +02:00
Michael Boelen 6fde12e579 Extended details for Redis tests 2016-08-13 10:06:34 +02:00
Michael Boelen f4ed6f11df Adjusted setting in registration 2016-08-13 10:06:09 +02:00
Michael Boelen 75d7c5dad6 Show logging of tests that have incorrect OS 2016-08-13 10:03:33 +02:00
Michael Boelen e691cb9faf Added aliases for several settings 2016-08-13 09:53:14 +02:00