tyler.durden
/
lynis
mirror of https://github.com/CISOfy/lynis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
1,886 Commits 2 Branches 63 Tags 18 MiB
Commit Graph

1285 Commits

Author SHA1 Message Date
Michael Boelen a547953d99
Set default log directory, or allow it be set per OS 2017-08-08 14:52:59 +02:00
Michael Boelen 4660362e74
Redirect errors like file permissions 2017-08-08 14:52:11 +02:00
Michael Boelen 49c1bf8d55
[NETW-3006] Updated detection of MAC addresses on Linux 2017-08-03 20:28:38 +02:00
Michael Boelen 4781b1c170
Added /opt/apache 2017-08-02 13:01:23 +02:00
Stéphane BARBARAY 9ca2d640b8 Enhanced detection for LXC and LXC over VM (#426) 
* Update functions

* Update functions

* Update tests_shells

* Update tests_shells

* Update IsVirtualMachine

extra check on /proc/1/environ existence + Log result
 2017-07-31 12:51:19 +02:00
Michael Boelen dbec83566b
[FILE-6310] match mount points by exact name 2017-07-28 10:42:17 +02:00
Michael Boelen ebc706aa64
Merge branch 'master' of https://github.com/CISOfy/lynis 2017-07-28 10:26:34 +02:00
alobodzinski 6147ebd47b Suhosin is hard linked into PHP on OpenBSD (#423) 2017-07-28 10:14:04 +02:00
Michael Boelen 60f94fef47
[CRYP-7902] prevent test from showing error on screen related to wrong certificate file 2017-07-18 11:51:45 +02:00
James White d7b0c28699 Add /usr/lib/apache module search path for DirectAdmin (#417) 2017-07-11 09:26:00 +02:00
Michael Boelen d1969001c6
[PKGS-7370] only use debsums test for Debian systems 2017-07-10 16:08:32 +02:00
Michael Boelen df32cb29b0
Include instructions if hostid2 is empty 2017-07-10 16:07:39 +02:00
superpoussin22 29f5dc7e53 Update tests_containers (#412) 
last docker version no more use docker -d  sounds better to check dockerd
 2017-07-10 15:24:09 +02:00
(╯°□°)╯︵ uᴉǝssnH ɐɟɐʇsoW 3b66a22f39 Firewall check updates (#414) 
* Check if CSF is running

* Check for APF presence
 2017-07-10 15:23:32 +02:00
(╯°□°)╯︵ uᴉǝssnH ɐɟɐʇsoW 3a6fa0bb6b Suhosin simulation mode status (#411) 
* fix suhsoin check text

* use PHPINI_ALLFILES variable

* Check suhosin simulation mode status

* Small style improvement
 2017-07-10 14:38:42 +02:00
Jeremy Daer f33cdd3a17 OS detection: macOS 10.13, High Sierra (#409) 2017-07-01 10:29:05 +02:00
Michael Boelen f903b6f079
Allow tags and system-customer-name to be specified 2017-06-22 10:15:39 +02:00
Michael Boelen f4b6d8d401
Show full command for remote usage 2017-06-21 14:28:12 +02:00
Daniel Romell 5b12f17e3f Minor fixes for embedded Linux. (#406) 
* Check if the "locale" binary is available before using it.

This is no functional change as it will still fall back to english
when the locale can't be determined. This fix gets rid of the
following error when running on systems without the locale binary:

./lynis: line 112: locale: command not found

Signed-off-by: Daniel Romell <daro@hms.se>

* tests_kernel: KRNL-5677: Fix invalid use of shell test.

This fixes an issue (syntax error) triggered on systems with no PAE or
NX extensions:

- Checking CPU support (NX/PAE)
/usr/libexec/lynis/include/tests_kernel: line 126: [: too many arguments
/usr/libexec/lynis/include/tests_kernel: line 132: [: too many arguments

No need to use [] when only looking at function return values.

Signed-off-by: Daniel Romell <daro@hms.se>
 2017-06-21 14:17:49 +02:00
Athmane Madjoudj ac2c83870b Add lowercase path for changelog search (eg: Fedora/EPEL pkg) (#408) 2017-06-21 14:08:57 +02:00
(╯°□°)╯︵ uᴉǝssnH ɐɟɐʇsoW 98b80f7c49 add ini paths for cloudlinux (#400) 2017-06-14 14:07:37 +02:00
(╯°□°)╯︵ uᴉǝssnH ɐɟɐʇsoW 4cbe8f32c6 add suhosin status test (#401) 
* add suhosin status test

* get matched line only
 2017-06-14 14:06:51 +02:00
Jose Luis Duran 9dc4efefd6 Fix pkg audit option (#403) 
-F, --fetch
       Fetch the database before checking.

[ci skip]
 2017-06-14 14:06:18 +02:00
Michael Boelen 0e535c851a
Small style improvement 2017-05-31 15:47:21 +02:00
mslifcak 8d2b3a202f A250 2 (#398) 
* fix missing ROOTDIR prefix

* sort list of services before processing

* sort list of certificates before processing

* sort list of startup scripts before processing

* spell check

* remove possessive pronoun
 2017-05-31 15:40:39 +02:00
(╯°□°)╯︵ uᴉǝssnH ɐɟɐʇsoW 360be2a700 Add a check for csf testing mode (#399) 2017-05-31 15:37:22 +02:00
mslifcak af60a2463a 250 fixes (#393) 
* restore use of lshw

* add ROOTDIR to restore lost PHP file ref

* refactor certificate search to benefit older "find" command
 2017-05-23 14:56:25 +02:00
Michael Boelen aec9b57c29
Changes to BOOT-5104 and HTTP-6716 2017-05-08 14:56:39 +02:00
Michael Boelen 918b962ae5
Code enhancements 2017-05-03 10:42:34 +02:00
Michael Boelen a9b67dc675
Reinitialize temporary files to prevent possible symlink attack - CVE-2017-8108 2017-05-03 09:47:35 +02:00
Michael Boelen 67333bb09a
[SHLL-6290] Removed ShellShock test as it is no longer needed - CVE-2017-8108 2017-05-03 09:33:40 +02:00
Michael Boelen 4ecb9d4d05
[bulk change] cleaning up, code enhancements, initialization of variables, and new tests 2017-04-30 17:59:35 +02:00
Michael Boelen 5ccd0912cf
[MALW-3280] Added detection of Symantic components 2017-04-29 14:22:40 +02:00
Michael Boelen f39e72dbd5
Remove unused file 2017-04-23 20:19:30 +02:00
Michael Boelen 2340e7bbbc
Added HasData and IsEmpty function 2017-04-23 20:19:18 +02:00
Michael Boelen a04b2da851
Initialize variables 2017-04-23 20:19:02 +02:00
Michael Boelen 70ea29483a
Code enhancements 2017-04-23 20:06:54 +02:00
Michael Boelen 9e9b95e1da
Apply substite for TIME-3148 and first batch of code enhancements 2017-04-23 20:06:24 +02:00
0ri0n b433cf0bac Add Additional php.ini Paths (#377) 2017-04-17 15:38:48 +02:00
Michael Boelen b0b0fd0256 Add atomic tests to report 2017-03-27 17:15:02 +02:00
Michael Boelen e498e6ae64 Remove unused test parts 2017-03-27 17:14:34 +02:00
Michael Boelen 7f06a2c34f Added MAIL-8820 test for Postfix 2017-03-27 17:14:11 +02:00
Michael Boelen e14376cdab Minor cleanups 2017-03-27 12:23:27 +02:00
Michael Boelen b306ab891f Add additional check for Puppet tool 2017-03-27 12:21:42 +02:00
Athmane Madjoudj 5f0b24d2c8 Add support for cPanel PHP (Scl-based pacakging) GHT #340 (#373) 
* Add support for cPanel PHP (Scl-based pacakging) GHT #340

* Add myself to contributors as requested
 2017-03-27 09:21:37 +02:00
pyllyukko 88f39b9540 Fix regex to disregard locked accounts (#371) 
This way, accounts that have ":!!:" in shadow and have an entry in
"Password expires" field don't get flagged with "Result: password of
user XYZ has been expired" by AUTH-9288.

Fixes #362
 2017-03-27 09:19:55 +02:00
guyav a0849ac053 Added quote marks on SSH commands (#372) 
Added quote marks for the SSH commands in steps and 6.
 2017-03-27 09:19:01 +02:00
Michael Boelen 57770fe332 [HTTP-6641] support Apache mod_reqtimeout module 2017-03-20 13:40:00 +01:00
Michael Boelen 90e240cfb5 [CUPS-2308] removed exception handler, improved logging 2017-03-20 13:12:55 +01:00
Yaisel Hurtado 4368013b43 Fixed detection of security repositories (#370) 2017-03-17 17:59:21 +00:00