tyler.durden
/
lynis
mirror of https://github.com/CISOfy/lynis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
2,484 Commits 2 Branches 61 Tags 16 MiB
Commit Graph

249 Commits

Author SHA1 Message Date
Michael Boelen 7f25a1f00e Remove colors properly with one function (contribution: Mike Slifcak at Pindrop 2016-07-18 19:58:32 +02:00
n[oO]ne 8aeba9fa3d fix: Test names are different. (#228) 
After changes in 9aa5736 the test names are different. This results in something like BOOT-5122 = boot-5122 and skipped test aren't skipped anymore.
 2016-07-14 13:49:20 +02:00
Michael Boelen f9011c43e6 Exit cleanly when displaying categories 2016-07-13 11:12:31 +02:00
Michael Boelen c090e73ca1 Add blue colors for tips 2016-07-11 20:06:46 +02:00
Michael Boelen 52317de56c Set date of break lines to similar format as normal log entries 2016-07-11 10:32:00 +02:00
Michael Boelen f8bee58ade Implement tooltips 2016-07-05 18:18:54 +02:00
Michael Boelen 75786a1c80 Added DisplayToolTip 2016-07-05 17:25:19 +02:00
Michael Boelen 5778d4fa0d Add fuctions: AddSetting, DiscoverProfiles, ParseProfiles 2016-07-05 16:47:32 +02:00
Michael Boelen fbd24b585a Rename Maid to CleanUp 2016-07-05 12:16:49 +02:00
Michael Boelen a1ebc18a76 Don't override variables of ReportDetails functions on every parameter 2016-06-30 11:34:27 +02:00
Michael Boelen b553f01b2a Allow long lines of text by resetting number of spaces to 0 when needed 2016-06-18 11:14:50 +02:00
Michael Boelen 1be27c7b00 Added IsDeveloperVersion to detect if release is still under development 2016-06-18 09:28:53 +02:00
Michael Boelen 7725ce6cc8 Use a common date/time format for log entries 2016-05-25 21:36:12 +02:00
Michael Boelen 0d62613388 Store host IDv2 and detect utilities when no binaries scan has been done 2016-05-17 18:07:43 +02:00
Michael Boelen 573698afdb Show debug details on screen in verbose mode 2016-05-16 20:56:16 +02:00
Michael Boelen 50609242c2 Only use public keys for host ID creation 2016-05-10 14:21:09 +02:00
Michael Boelen ef23180adc Decrease length of hostid v2 as hostname is stored already 2016-05-10 11:47:33 +02:00
Michael Boelen dfce1a770a Removed local variable assignment to prevent portability issues 2016-05-09 14:20:16 +02:00
Michael Boelen a40331aedc Clean up unneeded log entries 2016-05-09 13:50:38 +02:00
Michael Boelen 632e8bd47a Show hardware address in log 2016-05-09 13:46:32 +02:00
Michael Boelen 788ab9999d Create a version 2 host ID 2016-05-05 17:49:41 +02:00
Michael Boelen 076c5dd093 Initial work to profile for custom configurations check (key-value) 2016-05-04 21:38:42 +02:00
Michael Boelen eded02cfde Rewritten counters and dealing with values 2016-05-03 14:57:53 +02:00
Michael Boelen bbdfce2b05 Performance: only use lshw at end, and when having root privileges 2016-05-03 13:15:46 +02:00
Michael Boelen dab69d2860 Don't show errors when we are running non-privileged 2016-05-03 13:11:28 +02:00
Michael Boelen 062782e7a5 Remove blank line and space 2016-05-03 12:55:23 +02:00
Michael Boelen efebb99da1 Add action to take when a file has not the right permissions 2016-05-02 17:13:06 +02:00
Michael Boelen 6ea27b912c Add owner and group permissions check 2016-05-02 15:45:27 +02:00
mboelen 539bd49856 Big overhaul of functions file. Cleaning up, structurizing, and adding comments 2016-04-28 12:31:38 +02:00
mboelen 9e312f5a5f Replaced functions and minor cleanups 2016-04-28 09:15:54 +02:00
mboelen f109c318d9 Detect when weak protocols are used, simplify nginx test 2016-04-27 16:51:12 +02:00
mboelen 7c4099a7da Call WaitForKeypress from wait_for_keypress, and report this old function when called to developers 2016-04-27 16:14:22 +02:00
mboelen f4691536ee Add nginx ssl_protocol values to report, minor adjustments to ReportDetails function 2016-04-27 16:09:29 +02:00
mboelen 6a4287bd64 Proper reference to IsDeveloperMode 2016-04-26 21:25:14 +02:00
mboelen c98b37955c Added IsOwnedByRoot function 2016-04-26 21:20:37 +02:00
mboelen 216611259e Optimize IsWorldWritable function, with additional debugging data for developers 2016-04-26 13:52:26 +02:00
mboelen 55799a524c Added developer mode (--developer) 2016-04-26 13:40:21 +02:00
mboelen 2cefdb79d6 Log when a file is world-writable according IsWorldWritable 2016-04-26 13:34:17 +02:00
mboelen ba0381a775 Lowercase all tests when using them in comparisons 2016-04-25 15:49:00 +02:00
mboelen c02ab08b50 Set quiet and quickmode when using --show-warnings-only or show-warnings-only 2016-04-25 11:51:37 +02:00
mboelen bedadd9cd1 Do not show text on screen in quiet mode 2016-04-25 11:13:27 +02:00
mboelen 2f07fa1d87 Allow show-warnings-only and --(show-)warnings-only option 2016-04-25 11:10:23 +02:00
mboelen 0f64d106b1 Changed supporting text for ReportManual function 2016-04-25 10:55:34 +02:00
mboelen 821be1ea0c Remove color between categories, to prevent new users missing that on white background 2016-04-20 14:14:10 +02:00
mboelen 560acfadf6 Log what particular atomic test has been skipped and why 2016-04-20 12:08:34 +02:00
mboelen 64561d4b07 Add IsDebug and IsVerbose functions 2016-04-19 19:44:23 +02:00
mboelen c2d5d93fad Colored output for debug details on screen 2016-04-19 18:01:16 +02:00
mboelen 1f0261f168 Add details to AddHP function 2016-04-19 17:48:06 +02:00
mboelen 6d512f48ac Improved text for assigning hardening points 2016-04-19 17:35:45 +02:00
mboelen a23758e21f Replace = signs to simplify parsing of data 2016-04-19 13:56:28 +02:00
mboelen e9eae5b8b5 Allow skipping of individual tests or atomic tests 2016-04-19 12:37:00 +02:00
mboelen 461bb84b62 Use correct TEMP_FILE variable 2016-04-19 10:34:04 +02:00
mboelen 41589b14c2 Added missing ;; 2016-04-19 09:55:02 +02:00
mboelen 722703da31 Extended ReportDetails function 2016-04-19 09:53:30 +02:00
mboelen bebf3d0bd5 Use semicolon instead of comma 2016-04-19 07:38:24 +02:00
mboelen c5de5e6a1b Added ReportDetails to store values of atomic tests 2016-04-13 16:11:46 +02:00
mboelen 991083c13f Added new function ContainsString to search for the needle in the haystack 2016-04-13 11:48:02 +02:00
Kamil Boratyński 2465556567 features/testcases (#161) 
* Implemented equal test case.

* Implemented not-equal test case.

* Implemented greater-than test case.

* Implemented greater-or-equal test case.

* Implemented less-than test case.

* Implemented less-or-eqal test case.

Added some improvements and unifications.

* Added more unifications.

* Added more logs.

* Unified not-equal test.
 2016-04-10 16:32:21 +02:00
mboelen cab2b9071c Adding --debug to Display function 2016-04-02 18:28:02 +02:00
mboelen 17c435801d Added return values to IsRunning function 2016-04-02 17:18:19 +02:00
mboelen 251b861df5 Changed function name to better reflect goal and UDP support 2016-03-30 13:45:34 +02:00
mboelen 3ad0bc9582 Renamed function to IsPortListening 2016-03-30 12:18:11 +02:00
Kamil Boratyński 1f320f68c2 Fixed IsTcpUdpListening function 2016-03-22 23:57:09 +01:00
Kamil Boratyński 3e5555fb12 Added listening function. 
Listening functions checks whether there exist a service listening
on specified protocol and port.
 2016-03-22 23:53:58 +01:00
mboelen 488c08c3f3 Add better description of hardening points assignment 2016-03-16 11:19:17 +01:00
Michael Boelen a629248048 Merge pull request #134 from rhyven/patch-4 
Make AddHP identify non-optimal HP in logfile entries
 2016-03-16 11:02:15 +01:00
mboelen 322c7354d9 Added alternative location for dmidecode 2016-03-16 10:54:49 +01:00
mboelen bdc0f010c1 Set fixed dmidecode location 2016-03-16 09:54:54 +01:00
Eric Light 2ff7ce26c9 Make AddHP identify non-optimal HP in logfile entries 2016-03-14 10:35:57 +13:00
mboelen 6197ac08e7 Added link to website, blog, github 2016-03-13 16:00:39 +01:00
mboelen f6c84785e7 Changed exception of missing eth0 interface into an informational message 2016-02-24 19:59:23 +01:00
mboelen 1cb90916ee Added functions and variables for creation of temporary files 2016-01-11 01:04:04 +01:00
mboelen 70c90bc8fa Added new function TestValue 2016-01-01 14:56:09 +01:00
mboelen 95832c61d1 Update to reflect renamed functions logtext and report 2015-12-22 16:02:32 +01:00
mboelen a59731405f Comment out unused function RealFilename 2015-12-21 11:26:00 +01:00
mboelen c68771a57a Ensure that readlink only is used when it is available 2015-12-21 10:03:51 +01:00
mboelen 3e94c4a8f0 Added ssh_host_ed25519_key and ssh_host_ed25519_key.pub as sources to create Host ID 2015-12-04 14:25:24 +01:00
mboelen 54e7f62d9a Enhancements to retrieve file permissions and related logging 2015-12-01 12:38:40 +01:00
mboelen a98f377f4d Test for blacklisted host ID values 2015-10-23 13:42:23 +02:00
mboelen ebc7cb113e Create a host ID by using SSH keys, when possible 2015-10-22 15:54:51 +02:00
mboelen 9d1cec8a9b Changes to check for presence BusyBox, to better support platforms using this as primary shell 2015-10-14 16:49:57 +02:00
SiemKorteweg 0c48fc3880 Optimized use of cat, grep and awk. 
Detection of duplicate entries in /etc/hosts is now more robust.
On CentOS7 the SERVICE_MANAGER is detected correctly.
 2015-10-10 13:25:14 +02:00
mboelen ac87ce4c79 Added DisplayManual function, friendly name for compliance, minor enhancements 2015-10-01 22:40:29 +02:00
mboelen 2b5c63bff9 Added ShowComplianceFinding function to display any non-compliance with security standards 2015-10-01 13:16:27 +02:00
mboelen fee1961eed Added DigitsOnly function to extract only numbers from a text string 2015-09-30 18:34:16 +02:00
mboelen 784224f4e7 Uniform way of saving warnings and suggestions to the log for later parsing 2015-09-24 21:40:54 +02:00
mboelen 8b5b8b4a01 Added new parameters to ReportSuggestion and ReportWarning functions 2015-09-24 20:26:32 +02:00
mboelen 0db8eca467 Count total amount of suggestions and warnings 2015-09-10 09:18:20 +02:00
mboelen 7f4ee7ba56 Added ExitCustom function and notes for virtualization 2015-09-10 08:35:09 +02:00
mboelen 090bb2d4eb Extended virtualization tests and logging 2015-09-09 20:24:48 +02:00
Laurent Quillerou 3cdd9ea949 Delete trailing whitespace 2015-09-07 18:35:07 +03:00
mboelen 05dd1a6814 Remove systemctl to detect virtualization, use systemd-detect-virt instead 2015-09-05 18:51:36 +02:00
mboelen 461920ff72 Enabled dmidecode for virtualization detection 2015-09-05 18:41:04 +02:00
Michael Boelen 2fd7788b9b Merge pull request #58 from markruys/master 
More reliable and often faster check to determine virtualization.
 2015-09-05 17:34:18 +02:00
mboelen 235b228fe2 Added vmtoolsd detection 2015-09-03 11:15:55 +02:00
Mark Ruys 919e48001d More reliable and often faster check to determine virtualization. 2015-07-27 12:38:13 +02:00
mboelen fd5c968d16 Cleaning up some lines 2015-07-22 13:44:30 +02:00
mboelen 1a04109dad Extended descriptions 2015-05-26 11:11:15 +02:00
mboelen ef2b12e218 Added block and character type devices as symlinks 2015-05-25 23:17:08 +02:00
mboelen 893e17d982 Added new AddSystemGroup function 2015-05-13 14:45:50 +02:00
mboelen 70e20d514c Ensure that only one value is provided 2015-04-29 13:53:40 +02:00
mboelen ec5e9cbecf Extending ShowSymlinkPath function to account for missing -f option 2015-04-22 00:57:58 +02:00
mboelen 94607e4ae4 Redirect sysctl errors properly 2015-04-20 11:35:02 +02:00
mboelen d5bdde7a93 Changed counting with -m to support locale 2015-04-02 13:29:18 +02:00
mboelen f9c79007b8 Updated functions for checking permissions on files 2015-03-25 17:31:47 +01:00
mboelen bdf8347162 Don't require sha1sum AND openssl AND csum, but just one of them to exist 2015-03-19 00:03:58 +01:00
mboelen 9932e878b1 Clarified message 2015-03-18 16:06:02 +01:00
mboelen 0e321e1c6b Improved host ID generation on AIX systems 2015-03-18 15:35:37 +01:00
mboelen 49414f8b06 Check if value after access_log option is filled 2015-03-17 19:02:46 +01:00
mboelen c8e17e317d Redirect sysctl error output 2015-03-09 14:09:59 +01:00
mboelen 902eafeca9 Do not show exception in different scan modes 2015-01-30 19:58:29 +01:00
mboelen 5caf4ddc4f Update of the files to reflect HTTPS version of website and 2015. Happy New Year! 2015-01-03 12:45:22 +01:00
mboelen 7f45bb5d85 Only include numeric characters in latest version string 2014-12-05 16:01:41 +01:00
mboelen 7995e1e2c7 Changed update check location from previous website to cisofy.com 2014-12-03 23:43:48 +01:00
mboelen 26a6e33637 Changed the way how progress is displayed and improved virtual machine detection 2014-12-03 22:45:23 +01:00
mboelen 92660aec3c Added comments 2014-12-03 14:11:38 +01:00
mboelen 358ea148ca Added additional virtualization detection for NetBSD and OpenBSD 2014-12-03 14:10:52 +01:00
mboelen f826a4f63f Added Progress function, --progress to Register function and docker detection 2014-11-25 14:22:52 +01:00
mboelen 64d3464543 Use ReportException function 2014-11-11 19:03:57 +01:00
mboelen 160f727709 Try to use OpenSSL for SHA1 related functions if sha1/sha1sum are not present 2014-11-04 02:08:56 +01:00
mboelen 47b2a7df33 Redirect errors when searching for readlink binary 2014-10-19 12:30:26 +02:00
mboelen 8454ac7baf Set temporary readlink function if binary scan is not finished yet 2014-10-13 19:57:15 +02:00
mboelen badd27ac7e Added additional debug information for symlink function 2014-10-13 19:51:20 +02:00
mboelen ebdee5b0d2 Altered symlink function, message display, small cleanups 2014-10-13 19:36:36 +02:00
d4t4king 111097506f Tweaked nginx protocol check so it actually works. Added insecure protocol detection. 2014-10-08 22:04:29 +00:00
mboelen f3a7921a3d Improved ShowSymlinkPath function and optimized FileIsReadable function 2014-10-03 19:16:13 +02:00
mboelen 9067551508 Improved GetHostID if only ip binary is available 2014-09-25 17:57:25 +02:00
mboelen c257882a24 Improved log output for CheckItem function 2014-09-23 23:26:34 +02:00
mboelen 2006838144 Added drill binary to list to determine latest version 2014-09-22 04:07:46 +02:00
mboelen d99dbc7406 Added detection for machine ID 2014-09-19 16:43:20 +02:00
mboelen fb52ee9239 Added more extensions for virtual machine detection 2014-09-19 01:55:55 +02:00
mboelen 5b0944057b Added FileIsEmpty function and small adjustments to other functions 2014-09-17 09:59:18 +02:00
mboelen 8a9abeb81f Updated log 2014-09-12 17:24:29 +02:00
mboelen 97e0dc9e30 Added ShowSymlinkPath function 2014-09-12 15:33:28 +02:00
mboelen 4287a6f1e9 Added proper description for zvm 2014-09-12 15:19:43 +02:00
mboelen ef3f7f1ebf Added new function IsVirtualMachine() 2014-09-12 14:56:19 +02:00
mboelen b9a9aea340 Adjusted file permissions, permissions check and storage of PID file 2014-09-11 16:11:43 +02:00
mboelen 56cc2df2c2 Adjustments to allow non-privileged scan and reduce errors on screen 2014-09-08 23:51:27 +02:00
mboelen 691019f9ae Added FileIsReadable function 2014-09-08 21:30:54 +02:00
mboelen c3494b32d1 Properly check if CheckUpdates output is usable for display 2014-09-08 19:59:01 +02:00
mboelen 2ce4cf5c57 Redirect stderr for host command 2014-09-08 19:39:11 +02:00
mboelen 310febde05 Log what tests are skipped to be root-only 2014-09-08 15:19:58 +02:00
mboelen ac54b4fe83 Capture all skip tests which require root permissions 2014-09-08 15:13:14 +02:00
mboelen 5fbc1ab471 Extended Register function to allow the definition of root-only tests 2014-09-08 15:03:22 +02:00
mboelen cf9a44cd41 Changed file permissions check to allow non-privileged mode 2014-09-08 14:55:37 +02:00
mboelen e0be20e699 Let SafePerms function also check for UID 2014-09-04 15:32:59 +02:00
mboelen 0228bd5317 Changed some report calls to ReportException 2014-08-28 13:50:08 +02:00
mboelen 64c48d5559 Extended GetHostID function, ip binary preferred for detection 2014-08-27 12:53:09 +02:00
mboelen c0ae2e217b Initial import 2014-08-26 17:33:55 +02:00