tyler.durden
/
lynis
mirror of https://github.com/CISOfy/lynis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
554 Commits 2 Branches 63 Tags 18 MiB
Commit Graph

383 Commits

Author SHA1 Message Date
mboelen aa8410477e Performance tuning by removing full listing of binaries from log 2015-04-29 11:57:30 +02:00
Roland Smith a0b20fcfe3 Wrap ipfw test in SKIPTEST block. 2015-04-27 18:26:39 +02:00
Roland Smith ded7e95a14 Check if ipfw is enabled in rc.conf. 2015-04-27 18:24:18 +02:00
Roland Smith 5d7dc80481 Initial version of IPFW test (FreeBSD). 2015-04-27 18:24:11 +02:00
Aneesh Agrawal bfd24585cf Pass information about locate prereqs to Register. 
Prevent the locate test from running spuriously when locate is not
present
 2015-04-27 03:31:43 -04:00
Aneesh Agrawal d282fbfc9c Update check for sulogin under systemd. 
The default rescue.service unit file was updated
in the systemd repo on Jan 23, 2015
to allow for sulogin location variability.
 2015-04-27 03:13:42 -04:00
mboelen 474d69dfd6 Added /usr/lib64/apache2 as search path 2015-04-24 13:31:49 +02:00
mboelen cd78379906 Extended screen output when upload fails 2015-04-22 11:02:22 +02:00
mboelen ec5e9cbecf Extending ShowSymlinkPath function to account for missing -f option 2015-04-22 00:57:58 +02:00
mboelen c397b20b68 Initialize some variables for cleaner output 2015-04-22 00:57:35 +02:00
mboelen 0d900536a5 Remove priority label 2015-04-21 16:03:14 +02:00
mboelen 94607e4ae4 Redirect sysctl errors properly 2015-04-20 11:35:02 +02:00
mboelen a6290d1bec Enhance screen output on Mac OS 2015-04-19 22:10:27 +02:00
mboelen 4c8a6dc3d2 Rename of package auditing tool, for upcoming plugin/module 2015-04-17 15:50:46 +02:00
mboelen a29335823f Improved core dump checking 2015-04-16 20:00:09 +02:00
mboelen 017c145357 Zypper enhancements 2015-04-16 19:59:51 +02:00
mboelen 3bce5191ef Apply group check on all groups when using AIX 2015-04-16 19:00:03 +02:00
mboelen de60926705 Changed sed statement 2015-04-13 22:06:14 +02:00
mboelen 95d5cabdb2 Ensure sysctl is present before calling it 2015-04-07 17:20:11 +02:00
mboelen 7ad2dd5480 Change pf firewall detection 2015-04-07 17:19:49 +02:00
mboelen e21e8679e0 Check also /var and assign hardening points 2015-04-07 17:19:25 +02:00
mboelen 7785c5a610 Improved report output 2015-04-07 17:18:54 +02:00
mboelen f85d33fe42 Improved text for malware scanner suggestion 2015-04-07 17:17:35 +02:00
mboelen d5bdde7a93 Changed counting with -m to support locale 2015-04-02 13:29:18 +02:00
mboelen d2175e833d Change description of test 2015-04-01 14:45:12 +02:00
mboelen c2bbf4a0a7 Improved detection for McAfee anti-virus (cma) 2015-04-01 14:22:53 +02:00
mboelen 003d4857bb Updated last line 2015-03-31 19:20:57 +02:00
mboelen d16732a47a Smart replacement does not work on Solaris, rewriting domain extraction from FQDN 2015-03-31 19:20:42 +02:00
mboelen f9c79007b8 Updated functions for checking permissions on files 2015-03-25 17:31:47 +01:00
mboelen 9978e5c824 Using return codes and minor cleanups of code 2015-03-25 17:31:17 +01:00
mboelen 30bc903c5a Using return codes for file permission checks 2015-03-25 17:30:13 +01:00
mboelen c94269c1d1 Add lynis audit dockerfile as option 2015-03-25 16:49:02 +01:00
mboelen e1d96752f2 Removed variable 2015-03-25 16:48:39 +01:00
mboelen 5ecbaafa4f Use improved function with return values 2015-03-25 16:47:37 +01:00
mboelen 355bf37459 Changed copyright line 2015-03-25 15:55:46 +01:00
mboelen 7f97bfa973 Typos corrected 2015-03-25 15:55:29 +01:00
mboelen 3cda4cf562 Added CUPS location for Mac OS 2015-03-23 21:38:37 +01:00
mboelen bdf8347162 Don't require sha1sum AND openssl AND csum, but just one of them to exist 2015-03-19 00:03:58 +01:00
mboelen 9932e878b1 Clarified message 2015-03-18 16:06:02 +01:00
mboelen 0e321e1c6b Improved host ID generation on AIX systems 2015-03-18 15:35:37 +01:00
mboelen e1a3d59f8d Added csum binary detection for AIX systems 2015-03-18 15:35:11 +01:00
mboelen 8b2da6329e Changed path names into variables 2015-03-18 10:40:59 +01:00
mboelen 49414f8b06 Check if value after access_log option is filled 2015-03-17 19:02:46 +01:00
mboelen a12876e472 Test for presence of CSF 2015-03-17 18:06:00 +01:00
mboelen 8201510d6a Check timeout sessions and if they are readonly 2015-03-17 17:58:58 +01:00
mboelen 332277b7e1 Enhance timeout check and ensure there are .sh files in /etc/profile.d 2015-03-17 14:55:03 +01:00
mboelen c8e17e317d Redirect sysctl error output 2015-03-09 14:09:59 +01:00
mboelen 7e912be0af Clarify the main purpose of the tooling 2015-02-25 20:33:48 +01:00
mboelen 6521ced36f Remove suggestion 2015-02-25 20:33:21 +01:00
mboelen 209e1991d2 Test for presence php.ini file 2015-02-15 23:50:28 +01:00
mboelen d56d33a63d Added /etc/php5/fpm/php.ini to PHP locations 2015-02-15 23:02:46 +01:00
mboelen e6d7da4885 No error display when file is uploaded and exit code is 0 2015-02-13 15:10:27 +01:00
mboelen 3ae5c61839 Support openSUSE location of sulogin binary 2015-02-13 15:09:37 +01:00
mboelen 7723f85d5c Replacing /usr/lib/apache2/modules with /usr/lib/apache2 2015-02-03 18:30:15 +01:00
mboelen e3206dd343 Adding new options for defining upload options and server 2015-02-03 18:28:03 +01:00
mboelen db46a375c6 Cleaning up parameters and moving them to profile 2015-02-03 18:27:13 +01:00
mboelen 5686b82f17 Allow overriding of the upload and license server 2015-02-03 18:26:30 +01:00
mboelen f5550fa5d2 Adding upload options and audit scan mode 2015-01-30 19:59:48 +01:00
mboelen 42e3f46a28 Allowing URLs to control information to be adjusted for CUST tests 2015-01-30 19:59:17 +01:00
mboelen 902eafeca9 Do not show exception in different scan modes 2015-01-30 19:58:29 +01:00
mboelen 554d8bd857 Allow overriding CURL options with parameter and exit cleanly when license is not found 2015-01-30 19:58:00 +01:00
mboelen b41d12d077 Decrease screen output when scanning for binaries 2015-01-30 19:57:18 +01:00
mboelen 2e0c90079b Added custom appending/prepending of URLs for control information 2015-01-30 18:09:46 +01:00
mboelen 391476f38e Improvements to report output, including custom URLs 2015-01-30 18:09:18 +01:00
mboelen 0a196b7e79 Updated copyright lines 2015-01-30 18:04:30 +01:00
mboelen da0cc9d403 Added helper, report and upload related defaults 2015-01-30 13:14:18 +01:00
mboelen ac8b4d27b5 Adding helper tool for Dockerfile auditing 2015-01-30 13:13:38 +01:00
mboelen 2b075c24b0 Avoid hanging PHP test [PHP-2368] 2015-01-16 00:15:20 +01:00
mboelen ef531081bc Only show suggestion when shell does not exist [AUTH-9218] 2015-01-15 23:21:17 +01:00
mboelen 44a530719c Disabling Shellshock test as it gives false positives 2015-01-15 22:06:34 +01:00
mboelen 5caf4ddc4f Update of the files to reflect HTTPS version of website and 2015. Happy New Year! 2015-01-03 12:45:22 +01:00
mboelen afa2d50aac Improved screen output on FreeBSD and enhanced version detection on Gentoo 2014-12-10 11:08:15 +01:00
mboelen d2b7d3ed00 Changed header 2014-12-09 18:11:38 +01:00
mboelen c7a242a020 New single user mode test for systemd, improvements for FreeBSD and better detection of init process on Linux 2014-12-09 18:11:21 +01:00
mboelen 4a5fe6d201 Check ntpdate for other systems than only FreeBSD, NTP no longer required for virtual machines 2014-12-08 23:57:47 +01:00
mboelen 8efbb80497 Starting user ID 1000 for Linux systems 2014-12-05 20:08:10 +01:00
mboelen 1fa4416a7a Check for /var/db/pkg/pkgs-vulnerabilities presence before performing audit with pkg_admin [PKGS-7381] 2014-12-05 19:43:35 +01:00
mboelen 951afea1f3 Enhanced reboot test to work on Arch Linux and others [KRNL-5830] 2014-12-05 19:42:12 +01:00
mboelen dbf9bfd173 Enhancements for DragonFly BSD 2014-12-05 17:11:59 +01:00
mboelen 3802a934c6 Check if hostname is set for NAME-4404 and NAME-4404 tests 2014-12-05 17:11:34 +01:00
mboelen 40e93c9b45 Enhance screen output for DragonFly BSD 2014-12-05 17:03:04 +01:00
mboelen 7f45bb5d85 Only include numeric characters in latest version string 2014-12-05 16:01:41 +01:00
mboelen defecac381 Small change regarding logging item to report 2014-12-05 13:29:26 +01:00
mboelen 50907dd21a Remove suggestion from control, as it will be checked in HRDN-7222 2014-12-05 13:28:53 +01:00
mboelen 767a8cf053 Removed warning for missing swap partition as this is more common now 2014-12-05 13:28:22 +01:00
mboelen 3bc7f1fb02 Added additional process check for OpenSMTPD 2014-12-05 13:27:29 +01:00
mboelen a70e0558c8 Log status of Salt tools and add them to report 2014-12-05 12:41:33 +01:00
mboelen f0ae9d015c Extended PHP search path for NetBSD systems 2014-12-05 12:29:18 +01:00
mboelen cbf96e156f Allow Lynis Enterprise users to provide an URL to upload to 2014-12-05 12:28:44 +01:00
mboelen 841c99cc30 Added comm (file comparing) 2014-12-05 12:28:13 +01:00
mboelen 2a586d1326 Changes to allow uploading to different server via parameters 2014-12-05 12:06:41 +01:00
mboelen f16c4f1d80 Added journalctl (systemd) 2014-12-05 12:06:05 +01:00
mboelen 7995e1e2c7 Changed update check location from previous website to cisofy.com 2014-12-03 23:43:48 +01:00
mboelen 747fd5bb19 Changed status of file integrity tool in report 2014-12-03 22:51:19 +01:00
mboelen 7537419a68 Improvement for SuSE based systems when detecting Linux kernel on disk 2014-12-03 22:50:25 +01:00
mboelen 44cde264a2 Changed website address 2014-12-03 22:49:46 +01:00
mboelen df0da8b0c4 Improve output on NetBSD by using a non-break version of echo as well 2014-12-03 22:49:22 +01:00
mboelen 26a6e33637 Changed the way how progress is displayed and improved virtual machine detection 2014-12-03 22:45:23 +01:00
mboelen f9d5f9f017 Added NetBSD paths and changed copyright line 2014-12-03 22:44:31 +01:00
mboelen a5a702a1da Added pkg_admin binary 2014-12-03 14:50:55 +01:00
mboelen 639fd1d96a Extended detection for service manager and NetBSD uptime support 2014-12-03 14:22:58 +01:00
mboelen 1759f66181 Removed warning for expired SSL certificate, added suggestion instead 2014-12-03 14:13:29 +01:00
mboelen 92660aec3c Added comments 2014-12-03 14:11:38 +01:00
mboelen 358ea148ca Added additional virtualization detection for NetBSD and OpenBSD 2014-12-03 14:10:52 +01:00
mboelen 9a8ea8584a Updated copyright line 2014-12-03 14:10:22 +01:00
mboelen f60b00e6f0 Added dpkg binary 2014-12-02 21:38:51 +01:00
mboelen 89217d7ade Testing for service/job manager [BOOT-5104] 2014-12-02 13:55:06 +01:00
mboelen 2bdc4d7742 Fixed typo in report 2014-12-02 13:54:13 +01:00
mboelen 98abf325e4 Cleaning up code a little bit 2014-11-29 16:25:18 +01:00
mboelen b25fa10b1d Do not check for klogd when systemd-journal is being used 2014-11-29 16:23:52 +01:00
mboelen 19cf98dd82 Show if compliance tests have been performed in report output 2014-11-29 16:22:59 +01:00
mboelen 376b37f250 Added proper check for smtpctl binary 2014-11-29 16:22:36 +01:00
mboelen 9beee9a514 Added smtpctl for OpenSMTPD 2014-11-29 16:21:49 +01:00
mboelen 68234525a3 New variables 2014-11-29 16:21:13 +01:00
mboelen 33720a54ac Check for OpenSMTPD on all platforms, but only if smtpctl is found 2014-11-29 16:20:20 +01:00
mboelen 36c9f435f7 Added initctl, launchctl, nft binaries and textual improvements 2014-11-28 23:51:16 +01:00
mboelen 87994330f1 Added test for systemd journal daemon [LOGG-2136] 2014-11-28 23:50:07 +01:00
mboelen f826a4f63f Added Progress function, --progress to Register function and docker detection 2014-11-25 14:22:52 +01:00
mboelen ccf849f214 Properly log as binary 2014-11-25 14:21:23 +01:00
mboelen b9c7a2857e Changed links 2014-11-25 14:20:45 +01:00
mboelen 76a6d1a263 Added --manpage and --dumpoptions 2014-11-14 16:15:35 +01:00
mboelen 2938a2d5af GRUB2 password protection test 2014-11-13 00:58:11 +01:00
mboelen f50595d4e2 Show only unique files for deleted files [LOGG-2190] 2014-11-13 00:57:36 +01:00
mboelen 64d3464543 Use ReportException function 2014-11-11 19:03:57 +01:00
mboelen 16eab10590 Check for rootsh binary 2014-11-04 14:17:18 +01:00
mboelen a1d8ee1e13 Changes to uptime calculation for OpenBSD 2014-11-04 02:23:43 +01:00
mboelen 160f727709 Try to use OpenSSL for SHA1 related functions if sha1/sha1sum are not present 2014-11-04 02:08:56 +01:00
mboelen 6eedbdd176 Do not run Apache test on OpenBSD and strip control chars [HTTP-6624] 2014-11-04 02:08:29 +01:00
mboelen dcef76d250 Allow OpenBSD boot loader test for all platforms 2014-11-04 01:36:56 +01:00
mboelen 525c430d84 Minor improvements to Shellshock test 2014-11-04 01:34:14 +01:00
mboelen 5439083b4e Added uptime detection for OpenBSD systems [BOOT-5202] 2014-11-04 01:04:28 +01:00
mboelen 3609da194a Properly parse PAM lines and add them to report [AUTH-9264] 2014-11-04 00:42:37 +01:00
mboelen 28b31b95c8 Add OpenBSD support to gather UDP/TCP ports which listen on network 2014-11-04 00:30:08 +01:00
mboelen 0a3482b968 OpenBSD support for boot loader detection 2014-11-04 00:29:44 +01:00
mboelen 9f1f006005 Check if Linux config file is set, before executing other tests 2014-10-30 18:09:47 +01:00
mboelen c8189d05e8 Improvements for file systems, with focus on ext2, ext3 and ext4 2014-10-30 18:09:03 +01:00
mboelen 183be1a45a Log license key to report 2014-10-30 13:05:06 +01:00
mboelen 4dfcce354c Don't show error when file system can not be opened by tune2fs 2014-10-29 23:07:59 +01:00
mboelen e176c0028a Added getcap binary check 2014-10-27 23:11:37 +01:00
mboelen ca6c6d14fb Small changes in naming, added binary paths to report file 2014-10-27 23:10:28 +01:00
mboelen 77e2705eb7 Perform configuration integrity test for AIDE 2014-10-27 00:28:28 +01:00
mboelen 46de3f8d99 Hide RPM related database errors, show suggestion instead 2014-10-26 23:33:26 +01:00
mboelen 410861f4df Added AIX support for volume groups 2014-10-26 23:33:08 +01:00
mboelen 16b25ceda3 Added lsvg detection 2014-10-26 23:32:51 +01:00
mboelen f465da5351 Small adjustment to avoid getting error when no files are in APT sources.list.d directory 2014-10-24 01:23:35 +02:00
mboelen 6f6d51a11a Minor textual changes 2014-10-23 23:06:46 +02:00
mboelen 75c2d0ab15 Changed qdaemon test 2014-10-21 00:03:42 +02:00
mboelen 067360db1b Improved qdaemon printer detection 2014-10-19 12:43:15 +02:00
mboelen 8bf76a9a0f Improved Shellshock test by searching for bash via which if /etc/shell is not present 2014-10-19 12:39:37 +02:00
mboelen 47b2a7df33 Redirect errors when searching for readlink binary 2014-10-19 12:30:26 +02:00