Commit graph

1490 commits

Author SHA1 Message Date
jirib
0dafe4a02b better OpenBSD support (#641) 2019-03-05 19:03:44 +01:00
chr0mag
06bf77cb30 [FIRE-4540] Modify test to better measure rules (#636)
This test was previously measuring the number of bytes (wc -c)
in the exported JSON which is likely not what was intended and
will lead to false positives anytime the number of bytes exceeds
16.

The export feature is poorly documented and requires the jansson
package on the target system to export as JSON - which may not
always be the case.

Lastly, 16 is an arbitrary and uncessarily high number. A simple
workstation firewall can have only 3 rules and be effective.

This commit makes use of 'nft list ruleset' instead of the export
command, strips out blank lines as well as table & chain headers
before measuring the number of lines in the output. Any result
with more than 3 rules is now considered non-empty. This is more
consistent with the equivalent iptables test case.
2019-03-05 18:57:58 +01:00
Michael Boelen
ff6446a5bc
Added 'show eol' command 2019-03-04 12:33:25 +01:00
Michael Boelen
f7a291a62f
Use datestamps instead of date, due to compatibility with other platforms 2019-03-04 12:33:03 +01:00
Michael Boelen
9d8b12e0f8
Initial lookup with awk corrected 2019-03-04 12:13:47 +01:00
Michael Boelen
e0b93ed0cc
Replace awk statement with grep to simplify search 2019-03-04 12:08:47 +01:00
Michael Boelen
19921ab001
Style improvements, typo, variable usage 2019-02-28 10:19:09 +01:00
chr0mag
353cf84413 [AUTH-9252] Sudo configuration file/folder check improvements (#637)
* [AUTH-9252] Adds support for files in sudoers.d

This commit adds permission checks for files found in 'sudoers.d'.
Previously only the main 'sudoers' file is checked. Fixes #600.

* [AUTH-9252] Check drop-in directory permissions

The test case currently only checks file permissions. This adds
logic to check the drop-in directory permissions as well.

* [AUTH-9252] Check file/folder ownership

This test currently only checks file/directory permissions. This
commit adds checks to ensure sudo configuration files/folders are
owned with UID=0 and GID=0.
2019-02-28 10:15:57 +01:00
dataking
76ec39176a Fix #638. (#640)
* fix for issue #453; simply add RPi/Raspian path to PAM_FILE_LOCATIONS

* Only use data before # to handle inline comments in /etc/resolv.conf.
2019-02-28 09:51:57 +01:00
Michael Boelen
34a2742cdb
Initial support for end-of-life OS detection 2019-02-26 16:15:15 +01:00
Michael Boelen
08ed748a86
Disable logging of virtual host to report due to length 2019-01-31 14:49:00 +01:00
Michael Boelen
66066ae226
Changed year and preparing for new release 2019-01-31 14:47:35 +01:00
TheFlipside
7fded881d8 Update tests_system_integrity (#627)
https://github.com/CISOfy/lynis/issues/626
2019-01-31 14:28:18 +01:00
Michael Boelen
41d5d61a16
Removed non-compatible code (eg AIX) 2019-01-31 14:27:36 +01:00
Michael Boelen
bca2d00ad7
Added STATUS_WEAK 2019-01-14 18:49:49 +01:00
Michael Boelen
750f55bd27
Minor changes and remarks regarding HostID 2019-01-14 11:13:37 +01:00
Michael Boelen
11368b4ca8
Added STATUS_WEAK 2019-01-14 11:13:03 +01:00
Michael Boelen
533a0631e7
Remove unneeded variable for firewall as data is stored in report 2018-12-31 10:03:26 +01:00
Michael Boelen
21956cc42c
[LOGG-2190] added filter for MariaDB, tested onCentOS 2018-12-29 17:10:06 +01:00
Michael Boelen
e014e12310
Remove FIND1 variable, as we prefer FIND to limit number of variables 2018-12-17 09:58:57 +01:00
Capashenn
47e37bf058 [AUTH-9282][AUTH-9283] Add support for RedHad and clones (#609)
[AUTH-9282][AUTH-9283] Add support for Red Hat and clones
2018-12-17 09:55:41 +01:00
theycallhimpat
0f32d2725c Fix printed error when wget comes from busybox (#602)
Busybox's wget does't provide the -V parameter to get the version, so
redirect stderr to /dev/null to hide the printed error message
2018-12-17 09:53:27 +01:00
marcinozga
b98217aba9 Update tests_firewalls (#599)
Added detection of Little Snitch alternative firewalls: Hands Off!, LuLu, and Radio Silence.
2018-12-14 13:20:01 +01:00
Michael Boelen
81f67584cb
[BOOT-5177] changed note to a hint 2018-12-14 13:17:46 +01:00
Katarina Durechova
2fb4ae4987 [SHLL-6230] Add etc/bash.bashrc.local to umask check (#595) 2018-12-13 12:13:27 +01:00
柯豪
760ed040c8 Fix MacOS Mojave detect pattern (#603) 2018-12-13 12:12:26 +01:00
Michael Boelen
28a2580a36
Detection added for macOS Mojave 2018-10-30 13:39:47 +01:00
Michael Boelen
5028aa2f70
Added SSH-7406 to detect OpenSSH version + condition based checking in SSH-7408 2018-10-23 17:14:47 +02:00
Michael Boelen
d44f51a353
Added and changed description for TOOL-5160 2018-10-23 13:00:16 +02:00
Michael Boelen
361ad7d9da
Renamed variable 2018-10-23 12:58:40 +02:00
Michael Boelen
de7d64a8a0
[TOOL-5160] OSSEC detection test 2018-10-23 12:58:22 +02:00
Wagner
c94b97bd9e osdetection: ignore quotes in OS_ID (#593) 2018-10-23 12:16:36 +02:00
Michael Boelen
532c1a9bb6
Add TOMOYO tests 2018-10-18 11:01:30 +02:00
Katarina Durechova
631853a924 [BOOT-5260] Make "sulogin" more generic for systemd rescue.service (#590) 2018-10-17 14:21:30 +02:00
Deon Spengler
72796f5757 Added support for TOMOYO Linux Mandatory Access Control (#589)
* Added binary for TOMOYO Linux

* Added support for TOMOYO Linux Mandatory Access Control
2018-10-17 14:20:52 +02:00
Michael Boelen
823ebd8268
Replaced 'warning' status to 'found' 2018-10-17 14:16:54 +02:00
Jesus Christian Cruz Acono
414be240e8 Update tests_ports_packages (#586)
change " " <- space for [[:blank:]] (to clean all pausible spaces)
2018-10-05 10:23:19 +02:00
Przemysław Dąbek
fd75c9fd0f typo fix in warning message (#585) 2018-10-05 10:19:23 +02:00
Michael Boelen
c1f9417792
Initialise some variables for uploading 2018-10-05 10:17:26 +02:00
Michael Boelen
c50db85aaa
[DBS-1882] added support for QNAP path 2018-09-19 13:29:03 +02:00
Michael Boelen
c34c8265ad
Detection for QNAP devices 2018-09-19 13:28:46 +02:00
Michael Boelen
7e41339d95
Added QNAP device variable 2018-09-19 13:26:27 +02:00
Michael Boelen
bf1e99f3cd
[DBS-1882] added /usr/local/redis/etc path 2018-09-19 13:23:27 +02:00
Michael Boelen
f8697db25b
[TIME-3104] added more logging 2018-09-19 13:19:57 +02:00
Michael Boelen
7635d58fe3
Add TODO for BusyBox support 2018-09-17 11:47:07 +02:00
Michael Boelen
f0c84e3d01
[KRNL-5788] ignore exception when no vmlinuz file was discovered 2018-09-17 11:46:36 +02:00
Michael Boelen
b4e93d4fcc
[PKGS-7322] Updated solution text 2018-09-17 09:23:04 +02:00
Michael Boelen
1d52e57e45
Changed output for remote system audit 2018-09-08 11:22:28 +02:00
Michael Boelen
d0f4a90c00
Grammar change 2018-09-06 07:55:58 +02:00
superpoussin22
2334bba492 avoid “can't shift that many” error (#571)
got this error on debian auditing a docker file when testing an ubuntu Dockerfile when lynis try to find KEY_USED
2018-09-06 07:48:40 +02:00