elie/debian-cis
1
0
Fork 0
mirror of https://github.com/ovh/debian-cis.git synced 2024-11-22 13:37:02 +01:00
Code Issues Packages Projects Releases Wiki Activity

Renum 8.1.x auditing configuration

Browse Source 
renamed:    bin/hardening/8.1.1.1_audit_log_storage.sh -> bin/hardening/4.1.1.1_audit_log_storage.sh
	renamed:    bin/hardening/8.1.1.2_halt_when_audit_log_full.sh -> bin/hardening/4.1.1.2_halt_when_audit_log_full.sh
	renamed:    bin/hardening/8.1.1.3_keep_all_audit_logs.sh -> bin/hardening/4.1.1.3_keep_all_audit_logs.sh
	renamed:    bin/hardening/8.1.10_record_dac_edit.sh -> bin/hardening/4.1.10_record_dac_edit.sh
	renamed:    bin/hardening/8.1.11_record_failed_access_file.sh -> bin/hardening/4.1.11_record_failed_access_file.sh
	renamed:    bin/hardening/8.1.12_record_privileged_commands.sh -> bin/hardening/4.1.12_record_privileged_commands.sh
	renamed:    bin/hardening/8.1.13_record_successful_mount.sh -> bin/hardening/4.1.13_record_successful_mount.sh
	renamed:    bin/hardening/8.1.14_record_file_deletions.sh -> bin/hardening/4.1.14_record_file_deletions.sh
	renamed:    bin/hardening/8.1.15_record_sudoers_edit.sh -> bin/hardening/4.1.15_record_sudoers_edit.sh
	renamed:    bin/hardening/8.1.16_record_sudo_usage.sh -> bin/hardening/4.1.16_record_sudo_usage.sh
	renamed:    bin/hardening/8.1.17_record_kernel_modules.sh -> bin/hardening/4.1.17_record_kernel_modules.sh
	renamed:    bin/hardening/8.1.18_freeze_auditd_conf.sh -> bin/hardening/4.1.18_freeze_auditd_conf.sh
	renamed:    bin/hardening/8.1.2_enable_auditd.sh -> bin/hardening/4.1.2_enable_auditd.sh
	renamed:    bin/hardening/8.1.3_audit_bootloader.sh -> bin/hardening/4.1.3_audit_bootloader.sh
	renamed:    bin/hardening/8.1.4_record_date_time_edit.sh -> bin/hardening/4.1.4_record_date_time_edit.sh
	renamed:    bin/hardening/8.1.5_record_user_group_edit.sh -> bin/hardening/4.1.5_record_user_group_edit.sh
	renamed:    bin/hardening/8.1.6_record_network_edit.sh -> bin/hardening/4.1.6_record_network_edit.sh
	renamed:    bin/hardening/8.1.7_record_mac_edit.sh -> bin/hardening/4.1.7_record_mac_edit.sh
	renamed:    bin/hardening/8.1.8_record_login_logout.sh -> bin/hardening/4.1.8_record_login_logout.sh
	renamed:    bin/hardening/8.1.9_record_session_init.sh -> bin/hardening/4.1.9_record_session_init.sh
	renamed:    tests/hardening/8.1.9_record_session_init.sh -> tests/hardening/4.1.1.1_audit_log_storage.sh
	renamed:    tests/hardening/8.1.8_record_login_logout.sh -> tests/hardening/4.1.1.2_halt_when_audit_log_full.sh
	renamed:    tests/hardening/8.1.7_record_mac_edit.sh -> tests/hardening/4.1.1.3_keep_all_audit_logs.sh
	renamed:    tests/hardening/8.1.6_record_network_edit.sh -> tests/hardening/4.1.10_record_dac_edit.sh
	renamed:    tests/hardening/8.1.5_record_user_group_edit.sh -> tests/hardening/4.1.11_record_failed_access_file.sh
	renamed:    tests/hardening/8.1.4_record_date_time_edit.sh -> tests/hardening/4.1.12_record_privileged_commands.sh
	renamed:    tests/hardening/8.1.3_audit_bootloader.sh -> tests/hardening/4.1.13_record_successful_mount.sh
	renamed:    tests/hardening/8.1.2_enable_auditd.sh -> tests/hardening/4.1.14_record_file_deletions.sh
	renamed:    tests/hardening/8.1.18_freeze_auditd_conf.sh -> tests/hardening/4.1.15_record_sudoers_edit.sh
	renamed:    tests/hardening/8.1.17_record_kernel_modules.sh -> tests/hardening/4.1.16_record_sudo_usage.sh
	renamed:    tests/hardening/8.1.16_record_sudo_usage.sh -> tests/hardening/4.1.17_record_kernel_modules.sh
	renamed:    tests/hardening/8.1.15_record_sudoers_edit.sh -> tests/hardening/4.1.18_freeze_auditd_conf.sh
	renamed:    tests/hardening/8.1.14_record_file_deletions.sh -> tests/hardening/4.1.2_enable_auditd.sh
	renamed:    tests/hardening/8.1.13_record_successful_mount.sh -> tests/hardening/4.1.3_audit_bootloader.sh
	renamed:    tests/hardening/8.1.12_record_privileged_commands.sh -> tests/hardening/4.1.4_record_date_time_edit.sh
	renamed:    tests/hardening/8.1.11_record_failed_access_file.sh -> tests/hardening/4.1.5_record_user_group_edit.sh
	renamed:    tests/hardening/8.1.10_record_dac_edit.sh -> tests/hardening/4.1.6_record_network_edit.sh
	renamed:    tests/hardening/8.1.1.3_keep_all_audit_logs.sh -> tests/hardening/4.1.7_record_mac_edit.sh
	renamed:    tests/hardening/8.1.1.2_halt_when_audit_log_full.sh -> tests/hardening/4.1.8_record_login_logout.sh
	renamed:    tests/hardening/8.1.1.1_audit_log_storage.sh -> tests/hardening/4.1.9_record_session_init.sh
This commit is contained in:
Charles Herlin 2019-09-09 16:45:54 +02:00 committed by Thibault Ayanides
parent 032aaa7c79
commit 00dd3ef591
40 changed files with 22 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
bin/hardening/8.1.1.1_audit_log_storage.sh → bin/hardening/4.1.1.1_audit_log_storage.sh
View File

@ -5,7 +5,7 @@
# #
# #
# 8.1.1.1 Configure Audit Log Storage Size (Not Scored) # 4.1.1.1 Ensure audit log storage size is configured (Scored)
# #
set -e # One error, it's over set -e # One error, it's over

2
bin/hardening/8.1.1.2_halt_when_audit_log_full.sh → bin/hardening/4.1.1.2_halt_when_audit_log_full.sh
View File

@ -5,7 +5,7 @@
# #
# #
# 8.1.1.2 Disable System on Audit Log Full (Not Scored) # 4.1.1.2 Ensure system is disabled when audit logs are full (Scored)
# #
set -e # One error, it's over set -e # One error, it's over

2
bin/hardening/8.1.1.3_keep_all_audit_logs.sh → bin/hardening/4.1.1.3_keep_all_audit_logs.sh
View File

@ -5,7 +5,7 @@
# #
# #
# 8.1.1.3 Keep All Auditing Information (Scored) # 4.1.1.3 Ensure audit logs are not automatically deleted (Scored)
# #
set -e # One error, it's over set -e # One error, it's over

2
bin/hardening/8.1.10_record_dac_edit.sh → bin/hardening/4.1.10_record_dac_edit.sh
View File

@ -5,7 +5,7 @@
# #
# #
# 8.1.10 Collect Discretionary Access Control Permission Modification Events (Scored) # 4.1.10 Ensure discretionary access control permission modification events are collected (Scored)
# #
set -e # One error, it's over set -e # One error, it's over

2
bin/hardening/8.1.11_record_failed_access_file.sh → bin/hardening/4.1.11_record_failed_access_file.sh
View File

@ -5,7 +5,7 @@
# #
# #
# 8.1.11 Collect Unsuccessful Unauthorized Access Attempts to Files (Scored) # 4.1.11 Ensure unsuccessful unauthorized file access attempts are collected (Scored)
# #
set -e # One error, it's over set -e # One error, it's over

2
bin/hardening/8.1.12_record_privileged_commands.sh → bin/hardening/4.1.12_record_privileged_commands.sh
View File

@ -5,7 +5,7 @@
# #
# #
# 8.1.12 Collect Use of Privileged Commands (Scored) # 4.1.12 Ensure use of privileged commands is collected (Scored)
# #
set -e # One error, it's over set -e # One error, it's over

2
bin/hardening/8.1.13_record_successful_mount.sh → bin/hardening/4.1.13_record_successful_mount.sh
View File

@ -5,7 +5,7 @@
# #
# #
# 8.1.13 Collect Successful File System Mounts (Scored) # 4.1.13 Ensure successful file system mounts are collected (Scored)
# #
set -e # One error, it's over set -e # One error, it's over

2
bin/hardening/8.1.14_record_file_deletions.sh → bin/hardening/4.1.14_record_file_deletions.sh
View File

@ -5,7 +5,7 @@
# #
# #
# 8.1.14 Collect File Deletion Events by User (Scored) # 4.1.14 Ensure file deletion events by users are collected (Scored)
# #
set -e # One error, it's over set -e # One error, it's over

2
bin/hardening/8.1.15_record_sudoers_edit.sh → bin/hardening/4.1.15_record_sudoers_edit.sh
View File

@ -5,7 +5,7 @@
# #
# #
# 8.1.15 Collect Changes to System Administration Scope (sudoers) (Scored) # 4.1.15 nsure changes to system administration scope (sudoers) is collected (Scored)
# #
set -e # One error, it's over set -e # One error, it's over

2
bin/hardening/8.1.16_record_sudo_usage.sh → bin/hardening/4.1.16_record_sudo_usage.sh
View File

@ -5,7 +5,7 @@
# #
# #
# 8.1.16 Collect System Administrator Actions (sudolog) (Scored) # 4.1.16 Ensure system administrator actions (sudolog) are collected (Scored)
# #
set -e # One error, it's over set -e # One error, it's over

2
bin/hardening/8.1.17_record_kernel_modules.sh → bin/hardening/4.1.17_record_kernel_modules.sh
View File

@ -5,7 +5,7 @@
# #
# #
# 8.1.17 Collect Kernel Module Loading and Unloading (Scored) # 4.1.17 Ensure kernel module loading and unloading is collected (Scored)
# #
set -e # One error, it's over set -e # One error, it's over

2
bin/hardening/8.1.18_freeze_auditd_conf.sh → bin/hardening/4.1.18_freeze_auditd_conf.sh
View File

@ -5,7 +5,7 @@
# #
# #
# 8.1.18 Make the Audit Configuration Immutable (Scored) # 4.1.18 Ensure the audit configuration is immutable (Scored)
# #
set -e # One error, it's over set -e # One error, it's over

6
bin/hardening/8.1.2_enable_auditd.sh → bin/hardening/4.1.2_enable_auditd.sh
View File

@ -5,7 +5,7 @@
# #
# #
# 8.1.2 Install and Enable auditd Service (Scored) # 4.1.2 Ensure auditd service is enabled (Scored)
# #
set -e # One error, it's over set -e # One error, it's over
@ -27,7 +27,7 @@ audit () {
is_service_enabled $SERVICE_NAME is_service_enabled $SERVICE_NAME
if [ $FNRET = 0 ]; then if [ $FNRET = 0 ]; then
ok "$SERVICE_NAME is enabled" ok "$SERVICE_NAME is enabled"
else else
crit "$SERVICE_NAME is not enabled" crit "$SERVICE_NAME is not enabled"
fi fi
fi fi
@ -45,7 +45,7 @@ apply () {
is_service_enabled $SERVICE_NAME is_service_enabled $SERVICE_NAME
if [ $FNRET = 0 ]; then if [ $FNRET = 0 ]; then
ok "$SERVICE_NAME is enabled" ok "$SERVICE_NAME is enabled"
else else
warn "$SERVICE_NAME is not enabled, enabling it" warn "$SERVICE_NAME is not enabled, enabling it"
update-rc.d $SERVICE_NAME remove > /dev/null 2>&1 update-rc.d $SERVICE_NAME remove > /dev/null 2>&1
update-rc.d $SERVICE_NAME defaults > /dev/null 2>&1 update-rc.d $SERVICE_NAME defaults > /dev/null 2>&1

2
bin/hardening/8.1.3_audit_bootloader.sh → bin/hardening/4.1.3_audit_bootloader.sh
View File

@ -5,7 +5,7 @@
# #
# #
# 8.1.3 Enable Auditing for Processes That Start Prior to auditd (Scored) # 4.1.3 Ensure auditing for processes that start prior to auditd is enabled (Scored)
# #
set -e # One error, it's over set -e # One error, it's over

2
bin/hardening/8.1.4_record_date_time_edit.sh → bin/hardening/4.1.4_record_date_time_edit.sh
View File

@ -5,7 +5,7 @@
# #
# #
# 8.1.4 Record Events That Modify Date and Time Information (Scored) # 4.1.4 Ensure events that modify date and time information are collected (Scored)
# #
set -e # One error, it's over set -e # One error, it's over

2
bin/hardening/8.1.5_record_user_group_edit.sh → bin/hardening/4.1.5_record_user_group_edit.sh
View File

@ -5,7 +5,7 @@
# #
# #
# 8.1.5 Record Events That Modify User/Group Information (Scored) # 4.1.5 Ensure events that modify user/group information are collected (Scored)
# #
set -e # One error, it's over set -e # One error, it's over

2
bin/hardening/8.1.6_record_network_edit.sh → bin/hardening/4.1.6_record_network_edit.sh
View File

@ -5,7 +5,7 @@
# #
# #
# 8.1.6 Record Events That Modify the System's Network Environment (Scored) # 4.1.6 Ensure events that modify the system's network environment are collected (Scored)
# #
set -e # One error, it's over set -e # One error, it's over

2
bin/hardening/8.1.7_record_mac_edit.sh → bin/hardening/4.1.7_record_mac_edit.sh
View File

@ -5,7 +5,7 @@
# #
# #
# 8.1.7 Record Events That Modify the System's Mandatory Access Controls (Scored) # 4.1.7 Ensure that events that modify the system's Mandatory Access Controls are collected (Scored)
# #
set -e # One error, it's over set -e # One error, it's over

2
bin/hardening/8.1.8_record_login_logout.sh → bin/hardening/4.1.8_record_login_logout.sh
View File

@ -5,7 +5,7 @@
# #
# #
# 8.1.8 Collect Login and Logout Events (Scored) # 4.1.8 Ensure login and logout events are collected (Scored)
# #
set -e # One error, it's over set -e # One error, it's over

2
bin/hardening/8.1.9_record_session_init.sh → bin/hardening/4.1.9_record_session_init.sh
View File

@ -5,7 +5,7 @@
# #
# #
# 8.1.9 Collect Session Initiation Information (Scored) # 4.1.9 Ensure session initiation information is collected (Scored)
# #
set -e # One error, it's over set -e # One error, it's over

0
tests/hardening/8.1.1.1_audit_log_storage.sh → tests/hardening/4.1.1.1_audit_log_storage.sh
View File

0
tests/hardening/8.1.1.2_halt_when_audit_log_full.sh → tests/hardening/4.1.1.2_halt_when_audit_log_full.sh
View File

0
tests/hardening/8.1.1.3_keep_all_audit_logs.sh → tests/hardening/4.1.1.3_keep_all_audit_logs.sh
View File

0
tests/hardening/8.1.10_record_dac_edit.sh → tests/hardening/4.1.10_record_dac_edit.sh
View File

0
tests/hardening/8.1.11_record_failed_access_file.sh → tests/hardening/4.1.11_record_failed_access_file.sh
View File

0
tests/hardening/8.1.12_record_privileged_commands.sh → tests/hardening/4.1.12_record_privileged_commands.sh
View File

0
tests/hardening/8.1.13_record_successful_mount.sh → tests/hardening/4.1.13_record_successful_mount.sh
View File

0
tests/hardening/8.1.14_record_file_deletions.sh → tests/hardening/4.1.14_record_file_deletions.sh
View File

0
tests/hardening/8.1.15_record_sudoers_edit.sh → tests/hardening/4.1.15_record_sudoers_edit.sh
View File

0
tests/hardening/8.1.16_record_sudo_usage.sh → tests/hardening/4.1.16_record_sudo_usage.sh
View File

0
tests/hardening/8.1.17_record_kernel_modules.sh → tests/hardening/4.1.17_record_kernel_modules.sh
View File

0
tests/hardening/8.1.18_freeze_auditd_conf.sh → tests/hardening/4.1.18_freeze_auditd_conf.sh
View File

0
tests/hardening/8.1.2_enable_auditd.sh → tests/hardening/4.1.2_enable_auditd.sh
View File

0
tests/hardening/8.1.3_audit_bootloader.sh → tests/hardening/4.1.3_audit_bootloader.sh
View File

0
tests/hardening/8.1.4_record_date_time_edit.sh → tests/hardening/4.1.4_record_date_time_edit.sh
View File

0
tests/hardening/8.1.5_record_user_group_edit.sh → tests/hardening/4.1.5_record_user_group_edit.sh
View File

0
tests/hardening/8.1.6_record_network_edit.sh → tests/hardening/4.1.6_record_network_edit.sh
View File

0
tests/hardening/8.1.7_record_mac_edit.sh → tests/hardening/4.1.7_record_mac_edit.sh
View File

0
tests/hardening/8.1.8_record_login_logout.sh → tests/hardening/4.1.8_record_login_logout.sh
View File

0
tests/hardening/8.1.9_record_session_init.sh → tests/hardening/4.1.9_record_session_init.sh
View File