mirror of
https://github.com/ovh/debian-cis.git
synced 2024-11-22 13:37:02 +01:00
Renumber 7.4.x tcp wrappers
renamed: bin/hardening/7.4.1_install_tcp_wrapper.sh -> bin/hardening/3.3.1_install_tcp_wrapper.sh renamed: bin/hardening/7.4.2_hosts_allow.sh -> bin/hardening/3.3.2_hosts_allow.sh renamed: bin/hardening/7.4.4_hosts_deny.sh -> bin/hardening/3.3.3_hosts_deny.sh renamed: bin/hardening/7.4.3_hosts_allow_permissions.sh -> bin/hardening/3.3.4_hosts_allow_permissions.sh renamed: bin/hardening/7.4.5_hosts_deny_permissions.sh -> bin/hardening/3.3.5_hosts_deny_permissions.sh renamed: tests/hardening/7.4.5_hosts_deny_permissions.sh -> tests/hardening/3.3.1_install_tcp_wrapper.sh renamed: tests/hardening/7.4.4_hosts_deny.sh -> tests/hardening/3.3.2_hosts_allow.sh renamed: tests/hardening/7.4.3_hosts_allow_permissions.sh -> tests/hardening/3.3.3_hosts_deny.sh renamed: tests/hardening/7.4.2_hosts_allow.sh -> tests/hardening/3.3.4_hosts_allow_permissions.sh renamed: tests/hardening/7.4.1_install_tcp_wrapper.sh -> tests/hardening/3.3.5_hosts_deny_permissions.sh
This commit is contained in:
parent
c5674c3627
commit
68f9f56192
@ -5,7 +5,7 @@
|
|||||||
#
|
#
|
||||||
|
|
||||||
#
|
#
|
||||||
# 7.4.1 Install TCP Wrappers (Scored)
|
# 3.3.1 Ensure TCP Wrappers is installed (Scored)
|
||||||
#
|
#
|
||||||
|
|
||||||
set -e # One error, it's over
|
set -e # One error, it's over
|
@ -5,7 +5,7 @@
|
|||||||
#
|
#
|
||||||
|
|
||||||
#
|
#
|
||||||
# 7.4.2 Create /etc/hosts.allow (Not Scored)
|
# 3.3.2 Ensure /etc/hosts.allow is configured (Not Scored)
|
||||||
#
|
#
|
||||||
|
|
||||||
set -e # One error, it's over
|
set -e # One error, it's over
|
@ -5,7 +5,7 @@
|
|||||||
#
|
#
|
||||||
|
|
||||||
#
|
#
|
||||||
# 7.4.4 Create /etc/hosts.deny (Not Scored)
|
# 3.3.3 Ensure /etc/hosts.deny is configured (Not Scored)
|
||||||
#
|
#
|
||||||
|
|
||||||
set -e # One error, it's over
|
set -e # One error, it's over
|
@ -5,17 +5,19 @@
|
|||||||
#
|
#
|
||||||
|
|
||||||
#
|
#
|
||||||
# 7.4.3 Verify Permissions on /etc/hosts.allow (Scored)
|
# 3.3.4 Ensure permissions on /etc/hosts.allow are configured (Scored)
|
||||||
#
|
#
|
||||||
|
|
||||||
set -e # One error, it's over
|
set -e # One error, it's over
|
||||||
set -u # One variable unset, it's over
|
set -u # One variable unset, it's over
|
||||||
|
|
||||||
HARDENING_LEVEL=3
|
HARDENING_LEVEL=3
|
||||||
DESCRIPTION="Check 644 permissions on /hosts.allow ."
|
DESCRIPTION="Check 644 permissions and root:root ownership on /hosts.allow ."
|
||||||
|
|
||||||
FILE='/etc/hosts.allow'
|
FILE='/etc/hosts.allow'
|
||||||
PERMISSIONS='644'
|
PERMISSIONS='644'
|
||||||
|
USER='root'
|
||||||
|
GROUP='root'
|
||||||
|
|
||||||
# This function will be called if the script status is on enabled / audit mode
|
# This function will be called if the script status is on enabled / audit mode
|
||||||
audit () {
|
audit () {
|
||||||
@ -25,6 +27,12 @@ audit () {
|
|||||||
else
|
else
|
||||||
crit "$FILE permissions were not set to $PERMISSIONS"
|
crit "$FILE permissions were not set to $PERMISSIONS"
|
||||||
fi
|
fi
|
||||||
|
has_file_correct_ownership $FILE $USER $GROUP
|
||||||
|
if [ $FNRET = 0 ]; then
|
||||||
|
ok "$FILE has correct ownership"
|
||||||
|
else
|
||||||
|
crit "$FILE ownership was not set to $USER:$GROUP"
|
||||||
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
# This function will be called if the script status is on enabled mode
|
# This function will be called if the script status is on enabled mode
|
@ -5,17 +5,19 @@
|
|||||||
#
|
#
|
||||||
|
|
||||||
#
|
#
|
||||||
# 7.4.5 Verify Permissions on /etc/hosts.deny (Scored)
|
# 3.3.5 Verify Permissions on /etc/hosts.deny (Scored)
|
||||||
#
|
#
|
||||||
|
|
||||||
set -e # One error, it's over
|
set -e # One error, it's over
|
||||||
set -u # One variable unset, it's over
|
set -u # One variable unset, it's over
|
||||||
|
|
||||||
HARDENING_LEVEL=3
|
HARDENING_LEVEL=3
|
||||||
DESCRIPTION="Check 644 permissions on /etc/hosts.deny ."
|
DESCRIPTION="Check 644 permissions and root:root ownership on /etc/hosts.deny ."
|
||||||
|
|
||||||
FILE='/etc/hosts.deny'
|
FILE='/etc/hosts.deny'
|
||||||
PERMISSIONS='644'
|
PERMISSIONS='644'
|
||||||
|
USER='root'
|
||||||
|
GROUP='root'
|
||||||
|
|
||||||
# This function will be called if the script status is on enabled / audit mode
|
# This function will be called if the script status is on enabled / audit mode
|
||||||
audit () {
|
audit () {
|
||||||
@ -25,6 +27,12 @@ audit () {
|
|||||||
else
|
else
|
||||||
crit "$FILE permissions were not set to $PERMISSIONS"
|
crit "$FILE permissions were not set to $PERMISSIONS"
|
||||||
fi
|
fi
|
||||||
|
has_file_correct_ownership $FILE $USER $GROUP
|
||||||
|
if [ $FNRET = 0 ]; then
|
||||||
|
ok "$FILE has correct ownership"
|
||||||
|
else
|
||||||
|
crit "$FILE ownership was not set to $USER:$GROUP"
|
||||||
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
# This function will be called if the script status is on enabled mode
|
# This function will be called if the script status is on enabled mode
|
Loading…
Reference in New Issue
Block a user