7.4.1_install_tcp_wrapper.sh 7.4.2_hosts_allow.sh 7.4.3_hosts_allow_permissions.sh 7.4.4_hosts_deny.sh 7.4.5_hosts_deny_permissions.sh 7.5.1_disable_dccp.sh 7.5.2_disable_sctp.sh 7.5.3_disable_rds.sh 7.5.4_disable_tipc.sh 7.6_disable_wireless.sh 7.7_enable_firewall.sh 8.0_install_auditd.sh 8.1.1.1_audit_log_storage.sh

2024-11-24 14:31:24 +01:00 · 2016-04-13 22:51:18 +02:00 · 2016-04-13 22:51:18 +02:00 · 1f873a14f6
commit 1f873a14f6
parent 9b3cd3e31d
24 changed files with 710 additions and 0 deletions
--- a/bin/hardening/7.4.1_install_tcp_wrapper.sh
+++ b/bin/hardening/7.4.1_install_tcp_wrapper.sh
@ -0,0 +1,55 @@
+#!/bin/bash
+
+#
+# CIS Debian 7 Hardening
+# Authors : Thibault Dewailly, OVH <thibault.dewailly@corp.ovh.com>
+#
+
+#
+# 7.4.1 Install TCP Wrappers (Scored)
+#
+
+set -e # One error, it's over
+set -u # One variable unset, it's over
+
+PACKAGE='tcpd'
+
+# This function will be called if the script status is on enabled / audit mode
+audit () {
+    is_pkg_installed $PACKAGE
+    if [ $FNRET != 0 ]; then
+        crit "$PACKAGE is not installed !"
+    else
+        ok "$PACKAGE is installed"
+    fi
+}
+
+# This function will be called if the script status is on enabled mode
+apply () {
+        is_pkg_installed $PACKAGE
+        if [ $FNRET = 0 ]; then
+            ok "$PACKAGE is installed"
+        else
+            crit "$PACKAGE is absent, installing it"
+            apt_install $PACKAGE
+        fi
+}
+
+# This function will check config parameters required
+check_config() {
+    :
+}
+
+# Source Root Dir Parameter
+if [ ! -r /etc/default/cis-hardenning ]; then
+    echo "There is no /etc/default/cis-hardenning file, cannot source CIS_ROOT_DIR variable, aborting"
+    exit 128
+else
+    . /etc/default/cis-hardenning
+    if [ -z $CIS_ROOT_DIR ]; then
+        echo "No CIS_ROOT_DIR variable, aborting"
+    fi
+fi 
+
+# Main function, will call the proper functions given the configuration (audit, enabled, disabled)
+[ -r $CIS_ROOT_DIR/lib/main.sh ] && . $CIS_ROOT_DIR/lib/main.sh
--- a/bin/hardening/7.4.2_hosts_allow.sh
+++ b/bin/hardening/7.4.2_hosts_allow.sh
@ -0,0 +1,56 @@
+#!/bin/bash
+
+#
+# CIS Debian 7 Hardening
+# Authors : Thibault Dewailly, OVH <thibault.dewailly@corp.ovh.com>
+#
+
+#
+# 7.4.2 Create /etc/hosts.allow (Not Scored)
+#
+
+set -e # One error, it's over
+set -u # One variable unset, it's over
+
+FILE='/etc/hosts.allow'
+
+# This function will be called if the script status is on enabled / audit mode
+audit () {
+    does_file_exist $FILE
+    if [ $FNRET != 0 ]; then
+        crit "$FILE does not exist"
+    else
+        ok "$FILE exist"
+    fi
+}
+
+# This function will be called if the script status is on enabled mode
+apply () {
+    does_file_exist $FILE
+    if [ $FNRET != 0 ]; then
+        warn "$FILE does not exist, creating it"
+        touch $FILE
+        warn "You may want to fill it with allowed networks"
+    else
+        ok "$FILE exist"
+    fi
+}
+
+# This function will check config parameters required
+check_config() {
+    :
+}
+
+# Source Root Dir Parameter
+if [ ! -r /etc/default/cis-hardenning ]; then
+    echo "There is no /etc/default/cis-hardenning file, cannot source CIS_ROOT_DIR variable, aborting"
+    exit 128
+else
+    . /etc/default/cis-hardenning
+    if [ -z $CIS_ROOT_DIR ]; then
+        echo "No CIS_ROOT_DIR variable, aborting"
+    fi
+fi 
+
+# Main function, will call the proper functions given the configuration (audit, enabled, disabled)
+[ -r $CIS_ROOT_DIR/lib/main.sh ] && . $CIS_ROOT_DIR/lib/main.sh
--- a/bin/hardening/7.4.3_hosts_allow_permissions.sh
+++ b/bin/hardening/7.4.3_hosts_allow_permissions.sh
@ -0,0 +1,56 @@
+#!/bin/bash
+
+#
+# CIS Debian 7 Hardening
+# Authors : Thibault Dewailly, OVH <thibault.dewailly@corp.ovh.com>
+#
+
+#
+# 7.4.3 Verify Permissions on /etc/hosts.allow (Scored)
+#
+
+set -e # One error, it's over
+set -u # One variable unset, it's over
+
+FILE='/etc/hosts.allow'
+PERMISSIONS='644'
+
+# This function will be called if the script status is on enabled / audit mode
+audit () {
+    has_file_correct_permissions $FILE $PERMISSIONS
+    if [ $FNRET = 0 ]; then
+        ok "$FILE has correct permissions"
+    else
+        crit "$FILE has not $PERMISSIONS permissions set"
+    fi 
+}
+
+# This function will be called if the script status is on enabled mode
+apply () {
+    has_file_correct_permissions $FILE $PERMISSIONS
+    if [ $FNRET = 0 ]; then
+        ok "$FILE has correct permissions"
+    else
+        info "fixing $FILE permissions to $PERMISSIONS"
+        chmod 0$PERMISSIONS $FILE
+    fi
+}
+
+# This function will check config parameters required
+check_config() {
+    :
+}
+
+# Source Root Dir Parameter
+if [ ! -r /etc/default/cis-hardenning ]; then
+    echo "There is no /etc/default/cis-hardenning file, cannot source CIS_ROOT_DIR variable, aborting"
+    exit 128
+else
+    . /etc/default/cis-hardenning
+    if [ -z $CIS_ROOT_DIR ]; then
+        echo "No CIS_ROOT_DIR variable, aborting"
+    fi
+fi 
+
+# Main function, will call the proper functions given the configuration (audit, enabled, disabled)
+[ -r $CIS_ROOT_DIR/lib/main.sh ] && . $CIS_ROOT_DIR/lib/main.sh
--- a/bin/hardening/7.4.4_hosts_deny.sh
+++ b/bin/hardening/7.4.4_hosts_deny.sh
@ -0,0 +1,70 @@
+#!/bin/bash
+
+#
+# CIS Debian 7 Hardening
+# Authors : Thibault Dewailly, OVH <thibault.dewailly@corp.ovh.com>
+#
+
+#
+# 7.4.4 Create /etc/hosts.deny (Not Scored)
+#
+
+set -e # One error, it's over
+set -u # One variable unset, it's over
+
+FILE='/etc/hosts.deny'
+PATTERN='ALL: ALL'
+
+# This function will be called if the script status is on enabled / audit mode
+audit () {
+    does_file_exist $FILE
+    if [ $FNRET != 0 ]; then
+        crit "$FILE does not exist"
+    else
+        ok "$FILE exist, checking configuration"
+        does_pattern_exists_in_file $FILE "$PATTERN"
+        if [ $FNRET != 0 ]; then
+            crit "$PATTERN not present in $FILE, we have to deny everything"
+        else
+            ok "$PATTERN present in $FILE"
+        fi
+    fi
+}
+
+# This function will be called if the script status is on enabled mode
+apply () {
+    does_file_exist $FILE
+    if [ $FNRET != 0 ]; then
+        warn "$FILE does not exist, creating it"
+        touch $FILE
+    else
+        ok "$FILE exist"
+    fi
+    does_pattern_exists_in_file $FILE "$PATTERN"
+    if [ $FNRET != 0 ]; then
+        crit "$PATTERN not present in $FILE, we have to deny everything"
+        add_end_of_file $FILE "$PATTERN"
+        warn "YOU MAY HAVE CUT YOUR ACCESS, CHECK BEFORE DISCONNECTING"
+    else
+        ok "$PATTERN present in $FILE"
+    fi
+}
+
+# This function will check config parameters required
+check_config() {
+    :
+}
+
+# Source Root Dir Parameter
+if [ ! -r /etc/default/cis-hardenning ]; then
+    echo "There is no /etc/default/cis-hardenning file, cannot source CIS_ROOT_DIR variable, aborting"
+    exit 128
+else
+    . /etc/default/cis-hardenning
+    if [ -z $CIS_ROOT_DIR ]; then
+        echo "No CIS_ROOT_DIR variable, aborting"
+    fi
+fi 
+
+# Main function, will call the proper functions given the configuration (audit, enabled, disabled)
+[ -r $CIS_ROOT_DIR/lib/main.sh ] && . $CIS_ROOT_DIR/lib/main.sh
--- a/bin/hardening/7.4.5_hosts_deny_permissions.sh
+++ b/bin/hardening/7.4.5_hosts_deny_permissions.sh
@ -0,0 +1,56 @@
+#!/bin/bash
+
+#
+# CIS Debian 7 Hardening
+# Authors : Thibault Dewailly, OVH <thibault.dewailly@corp.ovh.com>
+#
+
+#
+# 7.4.5 Verify Permissions on /etc/hosts.deny (Scored)
+#
+
+set -e # One error, it's over
+set -u # One variable unset, it's over
+
+FILE='/etc/hosts.deny'
+PERMISSIONS='644'
+
+# This function will be called if the script status is on enabled / audit mode
+audit () {
+    has_file_correct_permissions $FILE $PERMISSIONS
+    if [ $FNRET = 0 ]; then
+        ok "$FILE has correct permissions"
+    else
+        crit "$FILE has not $PERMISSIONS permissions set"
+    fi 
+}
+
+# This function will be called if the script status is on enabled mode
+apply () {
+    has_file_correct_permissions $FILE $PERMISSIONS
+    if [ $FNRET = 0 ]; then
+        ok "$FILE has correct permissions"
+    else
+        info "fixing $FILE permissions to $PERMISSIONS"
+        chmod 0$PERMISSIONS $FILE
+    fi
+}
+
+# This function will check config parameters required
+check_config() {
+    :
+}
+
+# Source Root Dir Parameter
+if [ ! -r /etc/default/cis-hardenning ]; then
+    echo "There is no /etc/default/cis-hardenning file, cannot source CIS_ROOT_DIR variable, aborting"
+    exit 128
+else
+    . /etc/default/cis-hardenning
+    if [ -z $CIS_ROOT_DIR ]; then
+        echo "No CIS_ROOT_DIR variable, aborting"
+    fi
+fi 
+
+# Main function, will call the proper functions given the configuration (audit, enabled, disabled)
+[ -r $CIS_ROOT_DIR/lib/main.sh ] && . $CIS_ROOT_DIR/lib/main.sh
--- a/bin/hardening/7.5.1_disable_dccp.sh
+++ b/bin/hardening/7.5.1_disable_dccp.sh
@ -0,0 +1,42 @@
+#!/bin/bash
+
+#
+# CIS Debian 7 Hardening
+# Authors : Thibault Dewailly, OVH <thibault.dewailly@corp.ovh.com>
+#
+
+#
+# 7.5.1 Disable DCCP (Not Scored)
+#
+
+set -e # One error, it's over
+set -u # One variable unset, it's over
+
+# This function will be called if the script status is on enabled / audit mode
+audit () {
+    info "Not implemented yet"
+}
+
+# This function will be called if the script status is on enabled mode
+apply () {
+    info "Not implemented yet"
+}
+
+# This function will check config parameters required
+check_config() {
+    :
+}
+
+# Source Root Dir Parameter
+if [ ! -r /etc/default/cis-hardenning ]; then
+    echo "There is no /etc/default/cis-hardenning file, cannot source CIS_ROOT_DIR variable, aborting"
+    exit 128
+else
+    . /etc/default/cis-hardenning
+    if [ -z $CIS_ROOT_DIR ]; then
+        echo "No CIS_ROOT_DIR variable, aborting"
+    fi
+fi 
+
+# Main function, will call the proper functions given the configuration (audit, enabled, disabled)
+[ -r $CIS_ROOT_DIR/lib/main.sh ] && . $CIS_ROOT_DIR/lib/main.sh
--- a/bin/hardening/7.5.2_disable_sctp.sh
+++ b/bin/hardening/7.5.2_disable_sctp.sh
@ -0,0 +1,42 @@
+#!/bin/bash
+
+#
+# CIS Debian 7 Hardening
+# Authors : Thibault Dewailly, OVH <thibault.dewailly@corp.ovh.com>
+#
+
+#
+# 7.5.2 Disable SCTP (Not Scored)
+#
+
+set -e # One error, it's over
+set -u # One variable unset, it's over
+
+# This function will be called if the script status is on enabled / audit mode
+audit () {
+    info "Not implemented yet"
+}
+
+# This function will be called if the script status is on enabled mode
+apply () {
+    info "Not implemented yet"
+}
+
+# This function will check config parameters required
+check_config() {
+    :
+}
+
+# Source Root Dir Parameter
+if [ ! -r /etc/default/cis-hardenning ]; then
+    echo "There is no /etc/default/cis-hardenning file, cannot source CIS_ROOT_DIR variable, aborting"
+    exit 128
+else
+    . /etc/default/cis-hardenning
+    if [ -z $CIS_ROOT_DIR ]; then
+        echo "No CIS_ROOT_DIR variable, aborting"
+    fi
+fi 
+
+# Main function, will call the proper functions given the configuration (audit, enabled, disabled)
+[ -r $CIS_ROOT_DIR/lib/main.sh ] && . $CIS_ROOT_DIR/lib/main.sh
--- a/bin/hardening/7.5.3_disable_rds.sh
+++ b/bin/hardening/7.5.3_disable_rds.sh
@ -0,0 +1,42 @@
+#!/bin/bash
+
+#
+# CIS Debian 7 Hardening
+# Authors : Thibault Dewailly, OVH <thibault.dewailly@corp.ovh.com>
+#
+
+#
+# 7.5.2 Disable SCTP (Not Scored)
+#
+
+set -e # One error, it's over
+set -u # One variable unset, it's over
+
+# This function will be called if the script status is on enabled / audit mode
+audit () {
+    info "Not implemented yet"
+}
+
+# This function will be called if the script status is on enabled mode
+apply () {
+    info "Not implemented yet"
+}
+
+# This function will check config parameters required
+check_config() {
+    :
+}
+
+# Source Root Dir Parameter
+if [ ! -r /etc/default/cis-hardenning ]; then
+    echo "There is no /etc/default/cis-hardenning file, cannot source CIS_ROOT_DIR variable, aborting"
+    exit 128
+else
+    . /etc/default/cis-hardenning
+    if [ -z $CIS_ROOT_DIR ]; then
+        echo "No CIS_ROOT_DIR variable, aborting"
+    fi
+fi 
+
+# Main function, will call the proper functions given the configuration (audit, enabled, disabled)
+[ -r $CIS_ROOT_DIR/lib/main.sh ] && . $CIS_ROOT_DIR/lib/main.sh
--- a/bin/hardening/7.5.4_disable_tipc.sh
+++ b/bin/hardening/7.5.4_disable_tipc.sh
@ -0,0 +1,42 @@
+#!/bin/bash
+
+#
+# CIS Debian 7 Hardening
+# Authors : Thibault Dewailly, OVH <thibault.dewailly@corp.ovh.com>
+#
+
+#
+# 7.5.2 Disable SCTP (Not Scored)
+#
+
+set -e # One error, it's over
+set -u # One variable unset, it's over
+
+# This function will be called if the script status is on enabled / audit mode
+audit () {
+    info "Not implemented yet"
+}
+
+# This function will be called if the script status is on enabled mode
+apply () {
+    info "Not implemented yet"
+}
+
+# This function will check config parameters required
+check_config() {
+    :
+}
+
+# Source Root Dir Parameter
+if [ ! -r /etc/default/cis-hardenning ]; then
+    echo "There is no /etc/default/cis-hardenning file, cannot source CIS_ROOT_DIR variable, aborting"
+    exit 128
+else
+    . /etc/default/cis-hardenning
+    if [ -z $CIS_ROOT_DIR ]; then
+        echo "No CIS_ROOT_DIR variable, aborting"
+    fi
+fi 
+
+# Main function, will call the proper functions given the configuration (audit, enabled, disabled)
+[ -r $CIS_ROOT_DIR/lib/main.sh ] && . $CIS_ROOT_DIR/lib/main.sh
--- a/bin/hardening/7.6_disable_wireless.sh
+++ b/bin/hardening/7.6_disable_wireless.sh
@ -0,0 +1,42 @@
+#!/bin/bash
+
+#
+# CIS Debian 7 Hardening
+# Authors : Thibault Dewailly, OVH <thibault.dewailly@corp.ovh.com>
+#
+
+#
+# 7.6 Deactivate Wireless Interfaces (Not Scored)
+#
+
+set -e # One error, it's over
+set -u # One variable unset, it's over
+
+# This function will be called if the script status is on enabled / audit mode
+audit () {
+    info "Not implemented yet"
+}
+
+# This function will be called if the script status is on enabled mode
+apply () {
+    info "Not implemented yet"
+}
+
+# This function will check config parameters required
+check_config() {
+    :
+}
+
+# Source Root Dir Parameter
+if [ ! -r /etc/default/cis-hardenning ]; then
+    echo "There is no /etc/default/cis-hardenning file, cannot source CIS_ROOT_DIR variable, aborting"
+    exit 128
+else
+    . /etc/default/cis-hardenning
+    if [ -z $CIS_ROOT_DIR ]; then
+        echo "No CIS_ROOT_DIR variable, aborting"
+    fi
+fi 
+
+# Main function, will call the proper functions given the configuration (audit, enabled, disabled)
+[ -r $CIS_ROOT_DIR/lib/main.sh ] && . $CIS_ROOT_DIR/lib/main.sh
--- a/bin/hardening/7.7_enable_firewall.sh
+++ b/bin/hardening/7.7_enable_firewall.sh
@ -0,0 +1,58 @@
+#!/bin/bash
+
+#
+# CIS Debian 7 Hardening
+# Authors : Thibault Dewailly, OVH <thibault.dewailly@corp.ovh.com>
+#
+
+#
+# 7.4.1 Install TCP Wrappers (Scored)
+#
+
+set -e # One error, it's over
+set -u # One variable unset, it's over
+
+# Quick note here : CIS recommends your iptables rules to be persistent. 
+# Do as you want, but this script does not handle this
+
+PACKAGE='iptables'
+
+# This function will be called if the script status is on enabled / audit mode
+audit () {
+    is_pkg_installed $PACKAGE
+    if [ $FNRET != 0 ]; then
+        crit "$PACKAGE is not installed !"
+    else
+        ok "$PACKAGE is installed"
+    fi
+}
+
+# This function will be called if the script status is on enabled mode
+apply () {
+        is_pkg_installed $PACKAGE
+        if [ $FNRET = 0 ]; then
+            ok "$PACKAGE is installed"
+        else
+            crit "$PACKAGE is absent, installing it"
+            apt_install $PACKAGE
+        fi
+}
+
+# This function will check config parameters required
+check_config() {
+    :
+}
+
+# Source Root Dir Parameter
+if [ ! -r /etc/default/cis-hardenning ]; then
+    echo "There is no /etc/default/cis-hardenning file, cannot source CIS_ROOT_DIR variable, aborting"
+    exit 128
+else
+    . /etc/default/cis-hardenning
+    if [ -z $CIS_ROOT_DIR ]; then
+        echo "No CIS_ROOT_DIR variable, aborting"
+    fi
+fi 
+
+# Main function, will call the proper functions given the configuration (audit, enabled, disabled)
+[ -r $CIS_ROOT_DIR/lib/main.sh ] && . $CIS_ROOT_DIR/lib/main.sh
--- a/bin/hardening/8.0_install_auditd.sh
+++ b/bin/hardening/8.0_install_auditd.sh
@ -0,0 +1,57 @@
+#!/bin/bash
+
+#
+# CIS Debian 7 Hardening
+# Authors : Thibault Dewailly, OVH <thibault.dewailly@corp.ovh.com>
+#
+
+#
+# 8.0 Install auditd
+#
+
+set -e # One error, it's over
+set -u # One variable unset, it's over
+
+# Note : Not port of the CIS guide, but what's the point configuring a software not installed ? :)
+
+PACKAGE='auditd'
+
+# This function will be called if the script status is on enabled / audit mode
+audit () {
+    is_pkg_installed $PACKAGE
+    if [ $FNRET != 0 ]; then
+        crit "$PACKAGE is not installed !"
+    else
+        ok "$PACKAGE is installed"
+    fi
+}
+
+# This function will be called if the script status is on enabled mode
+apply () {
+        is_pkg_installed $PACKAGE
+        if [ $FNRET = 0 ]; then
+            ok "$PACKAGE is installed"
+        else
+            crit "$PACKAGE is absent, installing it"
+            apt_install $PACKAGE
+        fi
+}
+
+# This function will check config parameters required
+check_config() {
+    :
+}
+
+# Source Root Dir Parameter
+if [ ! -r /etc/default/cis-hardenning ]; then
+    echo "There is no /etc/default/cis-hardenning file, cannot source CIS_ROOT_DIR variable, aborting"
+    exit 128
+else
+    . /etc/default/cis-hardenning
+    if [ -z $CIS_ROOT_DIR ]; then
+        echo "No CIS_ROOT_DIR variable, aborting"
+    fi
+fi 
+
+# Main function, will call the proper functions given the configuration (audit, enabled, disabled)
+[ -r $CIS_ROOT_DIR/lib/main.sh ] && . $CIS_ROOT_DIR/lib/main.sh
--- a/bin/hardening/8.1.1.1_audit_log_storage.sh
+++ b/bin/hardening/8.1.1.1_audit_log_storage.sh
@ -0,0 +1,70 @@
+#!/bin/bash
+
+#
+# CIS Debian 7 Hardening
+# Authors : Thibault Dewailly, OVH <thibault.dewailly@corp.ovh.com>
+#
+
+#
+# 8.1.1.1 Configure Audit Log Storage Size (Not Scored)
+#
+
+set -e # One error, it's over
+set -u # One variable unset, it's over
+
+FILE='/etc/audit/auditd.conf'
+PATTERN='max_log_file'
+VALUE=5
+
+# This function will be called if the script status is on enabled / audit mode
+audit () {
+    does_file_exist $FILE
+    if [ $FNRET != 0 ]; then
+        crit "$FILE does not exist"
+    else
+        ok "$FILE exist, checking configuration"
+        does_pattern_exists_in_file $FILE "^$PATTERN[[:space:]]"
+        if [ $FNRET != 0 ]; then
+            crit "$PATTERN not present in $FILE, we have to deny everything"
+        else
+            ok "$PATTERN present in $FILE"
+        fi
+    fi
+}
+
+# This function will be called if the script status is on enabled mode
+apply () {
+    does_file_exist $FILE
+    if [ $FNRET != 0 ]; then
+        warn "$FILE does not exist, creating it"
+        touch $FILE
+    else
+        ok "$FILE exist"
+    fi
+    does_pattern_exists_in_file $FILE "^$PATTERN[[:space:]]"
+    if [ $FNRET != 0 ]; then
+        warn "$PATTERN not present in $FILE, adding it"
+        add_end_of_file $FILE "$PATTERN = $VALUE"
+    else
+        ok "$PATTERN present in $FILE"
+    fi
+}
+
+# This function will check config parameters required
+check_config() {
+    :
+}
+
+# Source Root Dir Parameter
+if [ ! -r /etc/default/cis-hardenning ]; then
+    echo "There is no /etc/default/cis-hardenning file, cannot source CIS_ROOT_DIR variable, aborting"
+    exit 128
+else
+    . /etc/default/cis-hardenning
+    if [ -z $CIS_ROOT_DIR ]; then
+        echo "No CIS_ROOT_DIR variable, aborting"
+    fi
+fi 
+
+# Main function, will call the proper functions given the configuration (audit, enabled, disabled)
+[ -r $CIS_ROOT_DIR/lib/main.sh ] && . $CIS_ROOT_DIR/lib/main.sh
--- a/etc/conf.d/7.4.1_install_tcp_wrapper.cfg
+++ b/etc/conf.d/7.4.1_install_tcp_wrapper.cfg
@ -0,0 +1,2 @@
+# Configuration for script of same name
+status=enabled
--- a/etc/conf.d/7.4.2_hosts_allow.cfg
+++ b/etc/conf.d/7.4.2_hosts_allow.cfg
@ -0,0 +1,2 @@
+# Configuration for script of same name
+status=enabled
--- a/etc/conf.d/7.4.3_hosts_allow_permissions.cfg
+++ b/etc/conf.d/7.4.3_hosts_allow_permissions.cfg
@ -0,0 +1,2 @@
+# Configuration for script of same name
+status=enabled
--- a/etc/conf.d/7.4.4_hosts_deny.cfg
+++ b/etc/conf.d/7.4.4_hosts_deny.cfg
@ -0,0 +1,2 @@
+# Configuration for script of same name
+status=enabled
--- a/etc/conf.d/7.4.5_hosts_deny_permissions.cfg
+++ b/etc/conf.d/7.4.5_hosts_deny_permissions.cfg
@ -0,0 +1,2 @@
+# Configuration for script of same name
+status=enabled
--- a/etc/conf.d/7.5.1_disable_dccp.cfg
+++ b/etc/conf.d/7.5.1_disable_dccp.cfg
@ -0,0 +1,2 @@
+# Configuration for script of same name
+status=enabled
--- a/etc/conf.d/7.5.2_disable_sctp.cfg
+++ b/etc/conf.d/7.5.2_disable_sctp.cfg
@ -0,0 +1,2 @@
+# Configuration for script of same name
+status=enabled
--- a/etc/conf.d/7.6_disable_wireless.cfg
+++ b/etc/conf.d/7.6_disable_wireless.cfg
@ -0,0 +1,2 @@
+# Configuration for script of same name
+status=enabled
--- a/etc/conf.d/7.7_enable_firewall.cfg
+++ b/etc/conf.d/7.7_enable_firewall.cfg
@ -0,0 +1,2 @@
+# Configuration for script of same name
+status=enabled
--- a/etc/conf.d/8.0_install_auditd.cfg
+++ b/etc/conf.d/8.0_install_auditd.cfg
@ -0,0 +1,2 @@
+# Configuration for script of same name
+status=enabled
--- a/etc/conf.d/8.1.1.1_audit_log_storage.cfg
+++ b/etc/conf.d/8.1.1.1_audit_log_storage.cfg
@ -0,0 +1,2 @@
+# Configuration for script of same name
+status=enabled