tyler.durden/lynis
1
0
Fork 0
mirror of https://github.com/CISOfy/lynis.git synced 2025-04-08 17:15:25 +02:00
Code Issues Packages Projects Releases Wiki Activity
1,390 Commits 2 Branches 63 Tags
Commit Graph

1390 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
mboelen
1825d91c85 [HTTP-6710] Show suggestion when using a weak protocol 2016-04-27 16:37:32 +02:00
mboelen
eb0206198a [HTTP-6710] Show SSLv3 as weak protocol 2016-04-27 16:36:24 +02:00
mboelen
d6fa2bbd4c Initial import of developer profile, to be used like: lynis audit system --profile developer.prf 2016-04-27 16:18:46 +02:00
mboelen
7c4099a7da Call WaitForKeypress from wait_for_keypress, and report this old function when called to developers 2016-04-27 16:14:22 +02:00
mboelen
f4691536ee Add nginx ssl_protocol values to report, minor adjustments to ReportDetails function 2016-04-27 16:09:29 +02:00
mboelen
2cab82f71f Replaced logtext and report with proper functions 2016-04-27 15:37:07 +02:00
mboelen
b453190cd7 Added firewall_software[] to report 2016-04-27 10:52:45 +02:00
mboelen
84d619852a [PROC-3612] Removed wchan from output to solve issue with grsecurity-enabled kernel 2016-04-27 10:30:40 +02:00
mboelen
24e5e75611 Updated log 2016-04-26 21:27:58 +02:00
mboelen
6a4287bd64 Proper reference to IsDeveloperMode 2016-04-26 21:25:14 +02:00
mboelen
b6884dfda3 Add file permission and ownership tests for cronjobs 2016-04-26 21:21:15 +02:00
mboelen
c98b37955c Added IsOwnedByRoot function 2016-04-26 21:20:37 +02:00
mboelen
098a2e3760 Added istat binary 2016-04-26 21:20:17 +02:00
mboelen
e20404c60b Add test for world-writable cronjobs 2016-04-26 14:06:27 +02:00
mboelen
7b33ead897 Adding aliases and optimization for value testing 2016-04-26 14:05:56 +02:00
mboelen
216611259e Optimize IsWorldWritable function, with additional debugging data for developers 2016-04-26 13:52:26 +02:00
mboelen
812a0ea270 Added developer-mode option for profiles 2016-04-26 13:51:54 +02:00
mboelen
55799a524c Added developer mode (--developer) 2016-04-26 13:40:21 +02:00
mboelen
2cefdb79d6 Log when a file is world-writable according IsWorldWritable 2016-04-26 13:34:17 +02:00
mboelen
4791b8a6bf Add scheduler[] and minor cleanups 2016-04-26 13:05:17 +02:00
mboelen
448fd65e31 Remove tab 2016-04-26 13:00:41 +02:00
mboelen
705e2444ee [SCHD-7702] Added test to check cron daemon status 2016-04-26 12:58:17 +02:00
mboelen
ea9c40a36c Changed text to avoid showing up as a suggestion 2016-04-25 20:48:21 +02:00
mboelen
6143e7ed83 Updated bash completion script 2016-04-25 20:04:44 +02:00
mboelen
ee7b5f87bb [BANN-7119/BANN-7122] Disabled tests 2016-04-25 20:04:23 +02:00
mboelen
7878fad617 Removed --config option in favor of lynis show profiles 2016-04-25 20:04:00 +02:00
mboelen
4dcb9eccff Allow skipping of plugins with --skip-plugins or skip-plugins 2016-04-25 16:00:10 +02:00
mboelen
e5790dc8c6 Added: lynis show tests skipped (skipped tests) 2016-04-25 15:49:45 +02:00
mboelen
021fd8a98c Reduce debugging for PAM plugin 2016-04-25 15:49:21 +02:00
mboelen
ba0381a775 Lowercase all tests when using them in comparisons 2016-04-25 15:49:00 +02:00
mboelen
c02ab08b50 Set quiet and quickmode when using --show-warnings-only or show-warnings-only 2016-04-25 11:51:37 +02:00
mboelen
bedadd9cd1 Do not show text on screen in quiet mode 2016-04-25 11:13:27 +02:00
mboelen
22cb6d6523 Updated man page with new options 2016-04-25 11:10:39 +02:00
mboelen
2f07fa1d87 Allow show-warnings-only and --(show-)warnings-only option 2016-04-25 11:10:23 +02:00
mboelen
3e20c1e30b [KRNL-5788] Improvements for grsecurity kernels 2016-04-25 10:56:11 +02:00
mboelen
0f64d106b1 Changed supporting text for ReportManual function 2016-04-25 10:55:34 +02:00
mboelen
eae8ef99a4 Exit with exit code 0 by default, unless error-on-warnings is being used 2016-04-25 10:18:09 +02:00
mboelen
a3075d2e8f Added error-on-warnings 2016-04-25 10:17:14 +02:00
mboelen
32da184947 Add new hints to the database 2016-04-25 10:16:57 +02:00
Eric Light
bcdca90942 Update KRNL-5788 for grsecurity (#178) 
* If grsec installed, build FINDKERNEL from uname -r

When running a grsecurity-patched custom kernel, the /vmlinuz link is often missing.  If this link is missing, and grsecurity is installed, then we can calculate the location of FINDKERNEL with the words "linux-image-", plus the output of "uname -r".

* Suggest manually checking kernel if grsec installed

We can't rely on the apt-cache output when running grsecurity.  This is because apt-cache can't tell us if we're running an up-to-date kernel, when it's a custom kernel with grsecurity.  Instead of confirming that the kernel is OK, we instead should remind the auditor to double-check themselves.
 2016-04-25 09:34:14 +02:00
Eric Light
c0f86fef09 Minor reword ("latest" -> "latest installed") (#174) 2016-04-25 09:33:55 +02:00
mboelen
904da4d123 Allow additional profile with --profile 2016-04-23 17:55:32 +02:00
mboelen
7823cf60f5 Changed text when no auditor name is specified 2016-04-23 17:42:40 +02:00
mboelen
b336304ae6 Identation of help text 2016-04-23 17:06:10 +02:00
mboelen
998e63535c Changed colors and text of default help 2016-04-23 17:00:42 +02:00
mboelen
cdebe9dc06 Update date 2016-04-21 11:45:59 +02:00
mboelen
60a7abf877 [PKGS-7354] Test for DNF repoquery plugin before using it 2016-04-21 11:44:42 +02:00
mboelen
821be1ea0c Remove color between categories, to prevent new users missing that on white background 2016-04-20 14:14:10 +02:00
mboelen
560acfadf6 Log what particular atomic test has been skipped and why 2016-04-20 12:08:34 +02:00
mboelen
5757837e28 Show skipped items when running in verbose mode 2016-04-20 12:08:10 +02:00