2016-04-01 07:50:08 +02:00
|
|
|
# CIS Debian 7 Hardening git repository
|
2016-04-18 13:19:46 +02:00
|
|
|
# Authors : Thibault Dewailly, OVH <thibault.dewailly@corp.ovh.com>
|
2016-04-01 16:48:31 +02:00
|
|
|
# This is the code base which will be used to fill CIS hardening requirements
|
2016-04-18 13:19:46 +02:00
|
|
|
|
|
|
|
|
# Hardening scripts :
|
|
|
|
|
# bin/hardening : Every script has a .cfg associated, status must be defined here
|
|
|
|
|
|
|
|
|
|
# Configuration
|
|
|
|
|
# etc/hardening.cfg : Global variables defined such as backup directory, or log level
|
2016-04-19 09:31:01 +02:00
|
|
|
# etc/conf.d : Folder with all .cfg associated to hardening scripts
|
|
|
|
|
|
|
|
|
|
# Status parameter will define on each script if it has to be disabled (do nothing), audit (RO), enabled (RW)
|
|
|
|
|
# Enabled will perform audit and most of the time correct your system accordingly.
|
|
|
|
|
# There is exceptions as it is difficult to know how you want to correct that.
|
|
|
|
|
|
|
|
|
|
# Main script :
|
|
|
|
|
# bin/hardening.sh : Will execute hardening according to configuration
|
|
|
|
|
# Options are :
|
|
|
|
|
# --apply : Will apply hardening when scripts have status enabled (RW), and audit points where status is audit (RO)
|
|
|
|
|
# --audit : Will audit hardening when scripts have status enabled or audit (RO)
|
|
|
|
|
# --audit-all : Apply audit (RO) on all scripts
|
