chore: remove CIS recommendation numbers from bin/hardening scripts

2025-07-15 05:12:17 +02:00 · 2025-06-25 16:15:32 +02:00
parent aebb65889e
commit b6965e73ec
242 changed files with 242 additions and 243 deletions
--- a/bin/hardening/acc_logindefs_sha512.sh
+++ b/bin/hardening/acc_logindefs_sha512.sh
@ -6,7 +6,7 @@
 #

 #
-# 99.5.4.5.1 Check that any password that will be created will use sha512crypt (or yescrypt for Debian 11+)
+# Check that any password that will be created will use sha512crypt (or yescrypt for Debian 11+)
 #

 set -e # One error, it's over
--- a/bin/hardening/acc_pam_sha512.sh
+++ b/bin/hardening/acc_pam_sha512.sh
@ -6,7 +6,7 @@
 #

 #
-# 5.3.4 Ensure password hashing algorithm is SHA-512 (Scored)
+# Ensure password hashing algorithm is SHA-512 (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/acc_shadow_sha512.sh
+++ b/bin/hardening/acc_shadow_sha512.sh
@ -6,7 +6,7 @@
 #

 #
-# 99.5.4.5.2 Check that passwords in /etc/shadow are sha512crypt (or yescrypt for Debian 11+) hashed and salted
+# Check that passwords in /etc/shadow are sha512crypt (or yescrypt for Debian 11+) hashed and salted
 #

 set -e # One error, it's over
--- a/bin/hardening/acc_sudoers_no_all.sh
+++ b/bin/hardening/acc_sudoers_no_all.sh
@ -6,7 +6,7 @@
 #

 #
-# 99.1.3 Check there are no carte-blanche authorization in sudoers file(s).
+# Check there are no carte-blanche authorization in sudoers file(s).
 #

 set -e # One error, it's over
--- a/bin/hardening/audit_backlog_limit.sh
+++ b/bin/hardening/audit_backlog_limit.sh
@ -6,7 +6,7 @@
 #

 #
-# 4.1.1.4 Ensure audit_backlog_limit is sufficient (Scored)
+# Ensure audit_backlog_limit is sufficient (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/audit_bootloader.sh
+++ b/bin/hardening/audit_bootloader.sh
@ -6,7 +6,7 @@
 #

 #
-# 4.1.1.3 Ensure auditing for processes that start prior to auditd is enabled (Scored)
+# Ensure auditing for processes that start prior to auditd is enabled (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/audit_log_storage.sh
+++ b/bin/hardening/audit_log_storage.sh
@ -6,7 +6,7 @@
 #

 #
-# 4.1.2.1 Ensure audit log storage size is configured (Scored)
+# Ensure audit log storage size is configured (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/bootloader_ownership.sh
+++ b/bin/hardening/bootloader_ownership.sh
@ -6,7 +6,7 @@
 #

 #
-# 1.5.1 Ensure permissions on bootloader config are configured (Scored)
+# Ensure permissions on bootloader config are configured (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/bootloader_password.sh
+++ b/bin/hardening/bootloader_password.sh
@ -6,7 +6,7 @@
 #

 #
-# 1.5.2 Ensure bootloader password is set (Scored)
+# Ensure bootloader password is set (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/check_distribution.sh
+++ b/bin/hardening/check_distribution.sh
@ -6,7 +6,7 @@
 #

 #
-# 99.99 Ensure that the distribution version is debian and that the version is 9 or 10
+# Ensure that the distribution version is debian and that the version is 9 or 10
 #

 set -e # One error, it's over
--- a/bin/hardening/check_duplicate_gid.sh
+++ b/bin/hardening/check_duplicate_gid.sh
@ -6,7 +6,7 @@
 #

 #
-# 6.2.17 Ensure no duplicate GIDs exist (Scored)
+# Ensure no duplicate GIDs exist (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/check_duplicate_groupname.sh
+++ b/bin/hardening/check_duplicate_groupname.sh
@ -6,7 +6,7 @@
 #

 #
-# 6.2.19 Ensure no duplicate group names exist (Scored)
+# Ensure no duplicate group names exist (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/check_duplicate_uid.sh
+++ b/bin/hardening/check_duplicate_uid.sh
@ -6,7 +6,7 @@
 #

 #
-# 6.2.16 Ensure no duplicate UIDs exist (Scored)
+# Ensure no duplicate UIDs exist (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/check_duplicate_username.sh
+++ b/bin/hardening/check_duplicate_username.sh
@ -6,7 +6,7 @@
 #

 #
-# 6.2.18 Ensure no duplicate user names exist (Scored)
+# Ensure no duplicate user names exist (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/check_user_dir_perm.sh
+++ b/bin/hardening/check_user_dir_perm.sh
@ -6,7 +6,7 @@
 #

 #
-# 6.2.8 Ensure users' home directories permissions are 750 or more restrictive (Scored
+# Ensure users' home directories permissions are 750 or more restrictive (Scored
 #

 set -e # One error, it's over
--- a/bin/hardening/check_user_dot_file_perm.sh
+++ b/bin/hardening/check_user_dot_file_perm.sh
@ -6,7 +6,7 @@
 #

 #
-# 6.2.10 Ensure users' dot files are not group or world writable (Scored)
+# Ensure users' dot files are not group or world writable (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/configure_chrony.sh
+++ b/bin/hardening/configure_chrony.sh
@ -6,7 +6,7 @@
 #

 #
-# 2.2.1.3 Ensure chrony is configured (Scored)
+# Ensure chrony is configured (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/configure_logrotate.sh
+++ b/bin/hardening/configure_logrotate.sh
@ -6,7 +6,7 @@
 #

 #
-# 4.3 Ensure logrotate is configured (Not Scored)
+# Ensure logrotate is configured (Not Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/configure_ntp.sh
+++ b/bin/hardening/configure_ntp.sh
@ -6,7 +6,7 @@
 #

 #
-# 2.2.1.2 Ensure ntp is configured (Scored)
+# Ensure ntp is configured (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/configure_ssh_max_startups.sh
+++ b/bin/hardening/configure_ssh_max_startups.sh
@ -6,7 +6,7 @@
 #

 #
-# 5.2.22 Ensure SSH MaxStartups is configured (Scored)
+# Ensure SSH MaxStartups is configured (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/configure_syslog-ng.sh
+++ b/bin/hardening/configure_syslog-ng.sh
@ -6,7 +6,7 @@
 #

 #
-# 4.2.1.3 Configure /etc/syslog-ng/syslog-ng.conf (Not Scored)
+# Configure /etc/syslog-ng/syslog-ng.conf (Not Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/configure_systemd-timesyncd.sh
+++ b/bin/hardening/configure_systemd-timesyncd.sh
@ -6,7 +6,7 @@
 #

 #
-# 2.2.1.2 Ensure systemd-timesyncd is configured (Not Scored)
+# Ensure systemd-timesyncd is configured (Not Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/cron_d_perm_ownership.sh
+++ b/bin/hardening/cron_d_perm_ownership.sh
@ -6,7 +6,7 @@
 #

 #
-# 5.1.7 Ensure permissions on /etc/cron.d are configured (Scored)
+# Ensure permissions on /etc/cron.d are configured (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/cron_daily_perm_ownership.sh
+++ b/bin/hardening/cron_daily_perm_ownership.sh
@ -6,7 +6,7 @@
 #

 #
-# 5.1.4 Ensure permissions on /etc/cron.daily are configured (Scored)
+# Ensure permissions on /etc/cron.daily are configured (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/cron_hourly_perm_ownership.sh
+++ b/bin/hardening/cron_hourly_perm_ownership.sh
@ -6,7 +6,7 @@
 #

 #
-# 5.1.3 Ensure permissions on /etc/cron.hourly are configured (Scored)
+# Ensure permissions on /etc/cron.hourly are configured (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/cron_monthly_perm_ownership.sh
+++ b/bin/hardening/cron_monthly_perm_ownership.sh
@ -6,7 +6,7 @@
 #

 #
-# 5.1.6 Ensure permissions on /etc/cron.monthly are configured (Scored)
+# Ensure permissions on /etc/cron.monthly are configured (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/cron_users.sh
+++ b/bin/hardening/cron_users.sh
@ -6,7 +6,7 @@
 #

 #
-# 5.1.8 Ensure at/cron is restricted to authorized users (Scored)
+# Ensure at/cron is restricted to authorized users (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/cron_weekly_perm_ownership.sh
+++ b/bin/hardening/cron_weekly_perm_ownership.sh
@ -6,7 +6,7 @@
 #

 #
-# 5.1.5 Ensure permissions on /etc/cron.weekly are configured (Scored)
+# Ensure permissions on /etc/cron.weekly are configured (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/crontab_perm_ownership.sh
+++ b/bin/hardening/crontab_perm_ownership.sh
@ -6,7 +6,7 @@
 #

 #
-# 5.1.2 Ensure permissions on /etc/crontab are configured (Scored)
+# Ensure permissions on /etc/crontab are configured (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/default_root_group.sh
+++ b/bin/hardening/default_root_group.sh
@ -6,7 +6,7 @@
 #

 #
-# 5.4.3 Ensure default group for the root account is GID 0 (Scored)
+# Ensure default group for the root account is GID 0 (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/default_timeout.sh
+++ b/bin/hardening/default_timeout.sh
@ -6,7 +6,7 @@
 #

 #
-# 5.4.4 Ensure default usershell timeout is 900 seconds or less
+# Ensure default usershell timeout is 900 seconds or less
 #

 set -e # One error, it's over
--- a/bin/hardening/default_umask.sh
+++ b/bin/hardening/default_umask.sh
@ -6,7 +6,7 @@
 #

 #
-# 5.4.4 Ensure default user umask is 027 or more restrictive (Scored)
+# Ensure default user umask is 027 or more restrictive (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/disable_apport.sh
+++ b/bin/hardening/disable_apport.sh
@ -6,7 +6,7 @@
 #

 #
-# 1.6.3.1 Ensure apport is disabled (Scored)
+# Ensure apport is disabled (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/disable_automounting.sh
+++ b/bin/hardening/disable_automounting.sh
@ -6,7 +6,7 @@
 #

 #
-# 1.1.22 Disable Automounting (Scored)
+# Disable Automounting (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/disable_avahi_server.sh
+++ b/bin/hardening/disable_avahi_server.sh
@ -6,7 +6,7 @@
 #

 #
-# 2.2.3 Ensure Avahi Server is not enabled (Scored)
+# Ensure Avahi Server is not enabled (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/disable_bsd_inetd.sh
+++ b/bin/hardening/disable_bsd_inetd.sh
@ -6,7 +6,7 @@
 #

 #
-# 2.1.2 Ensure bsd-inetd is not enabled (Scored)
+# Ensure bsd-inetd is not enabled (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/disable_cramfs.sh
+++ b/bin/hardening/disable_cramfs.sh
@ -6,7 +6,7 @@
 #

 #
-# 1.1.1.1 Ensure Mounting of cramfs filesystems is disabled (Scored)
+# Ensure Mounting of cramfs filesystems is disabled (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/disable_dccp.sh
+++ b/bin/hardening/disable_dccp.sh
@ -6,7 +6,7 @@
 #

 #
-# 3.4.1 Ensure DCCP is disabled (Not Scored)
+# Ensure DCCP is disabled (Not Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/disable_dhcp.sh
+++ b/bin/hardening/disable_dhcp.sh
@ -6,7 +6,7 @@
 #

 #
-# 2.2.5 Ensure DHCP Server is not enabled (Scored)
+# Ensure DHCP Server is not enabled (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/disable_dns_server.sh
+++ b/bin/hardening/disable_dns_server.sh
@ -6,7 +6,7 @@
 #

 #
-# 2.2.8 Ensure DNS Server is not enabled (Scored)
+# Ensure DNS Server is not enabled (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/disable_freevxfs.sh
+++ b/bin/hardening/disable_freevxfs.sh
@ -6,7 +6,7 @@
 #

 #
-# 1.1.1.1 Ensure Mounting of freevxfs filesystems is disabled (Scored)
+# Ensure Mounting of freevxfs filesystems is disabled (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/disable_ftp.sh
+++ b/bin/hardening/disable_ftp.sh
@ -6,7 +6,7 @@
 #

 #
-# 2.2.9 Ensure FTP Server is not enabled (Scored)
+# Ensure FTP Server is not enabled (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/disable_hfs.sh
+++ b/bin/hardening/disable_hfs.sh
@ -6,7 +6,7 @@
 #

 #
-# 1.1.1.3 Ensure mounting of hfs filesystems is disabled (Scored)
+# Ensure mounting of hfs filesystems is disabled (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/disable_hfsplus.sh
+++ b/bin/hardening/disable_hfsplus.sh
@ -6,7 +6,7 @@
 #

 #
-# 1.1.1.4 Ensure mounting of hfsplus filesystems is disabled (Scored)
+# Ensure mounting of hfsplus filesystems is disabled (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/disable_http_proxy.sh
+++ b/bin/hardening/disable_http_proxy.sh
@ -6,7 +6,7 @@
 #

 #
-# 2.2.13 Ensure HTTP Proxy Server is not enabled (Scored)
+# Ensure HTTP Proxy Server is not enabled (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/disable_http_server.sh
+++ b/bin/hardening/disable_http_server.sh
@ -6,7 +6,7 @@
 #

 #
-# 2.2.10 Ensure HTTP Server is not enabled (Scored)
+# Ensure HTTP Server is not enabled (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/disable_icmp_redirect.sh
+++ b/bin/hardening/disable_icmp_redirect.sh
@ -6,7 +6,7 @@
 #

 #
-# 3.3.2 Ensure ICMP redirects are not accepted (Scored)
+# Ensure ICMP redirects are not accepted (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/disable_imap_pop.sh
+++ b/bin/hardening/disable_imap_pop.sh
@ -6,7 +6,7 @@
 #

 #
-# 2.2.11 Ensure IMAP and POP server is not installed (Scored)
+# Ensure IMAP and POP server is not installed (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/disable_ip_forwarding.sh
+++ b/bin/hardening/disable_ip_forwarding.sh
@ -6,7 +6,7 @@
 #

 #
-# 3.2.2 Ensure IP forwarding is disabled (Scored)
+# Ensure IP forwarding is disabled (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/disable_ipv6.sh
+++ b/bin/hardening/disable_ipv6.sh
@ -6,7 +6,7 @@
 #

 #
-# 3.1.1 Disable IPv6 (Not Scored)
+# Disable IPv6 (Not Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/disable_ipv6_router_advertisement.sh
+++ b/bin/hardening/disable_ipv6_router_advertisement.sh
@ -6,7 +6,7 @@
 #

 #
-# 3.3.9 Ensure IPv6 router advertisements are not accepted (Scored)
+# Ensure IPv6 router advertisements are not accepted (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/disable_jffs2.sh
+++ b/bin/hardening/disable_jffs2.sh
@ -6,7 +6,7 @@
 #

 #
-# 1.1.1.2 Esnure mounting of jffs2 filesystems is disabled (Scored)
+# Esnure mounting of jffs2 filesystems is disabled (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/disable_ldap.sh
+++ b/bin/hardening/disable_ldap.sh
@ -6,7 +6,7 @@
 #

 #
-# 2.2.6 Ensure LDAP server is not enabled (Scored)
+# Ensure LDAP server is not enabled (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/disable_ldap_client.sh
+++ b/bin/hardening/disable_ldap_client.sh
@ -6,7 +6,7 @@
 #

 #
-# 2.3.5 Ensure LDAP client is not installed (Scored)
+# Ensure LDAP client is not installed (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/disable_nfs_rpc.sh
+++ b/bin/hardening/disable_nfs_rpc.sh
@ -6,7 +6,7 @@
 #

 #
-# 2.2.7 Ensure NFS and RPC are not enabled (Scored)
+# Ensure NFS and RPC are not enabled (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/disable_nis.sh
+++ b/bin/hardening/disable_nis.sh
@ -6,7 +6,7 @@
 #

 #
-# 2.2.17 Ensure NIS Server is not enabled (Scored)
+# Ensure NIS Server is not enabled (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/disable_prelink.sh
+++ b/bin/hardening/disable_prelink.sh
@ -6,7 +6,7 @@
 #

 #
-# 1.6.3 Ensure prelink is disabled (Scored)
+# Ensure prelink is disabled (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/disable_print_server.sh
+++ b/bin/hardening/disable_print_server.sh
@ -6,7 +6,7 @@
 #

 #
-# 2.2.4 Ensure CUPS is not enabled (Scored)
+# Ensure CUPS is not enabled (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/disable_rds.sh
+++ b/bin/hardening/disable_rds.sh
@ -6,7 +6,7 @@
 #

 #
-# 3.4.3 Ensure SCTP is disabled (Not Scored)
+# Ensure SCTP is disabled (Not Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/disable_root_login.sh
+++ b/bin/hardening/disable_root_login.sh
@ -6,7 +6,7 @@
 #

 #
-# 5.2.10 Ensure SSH root login is disabled (Scored)
+# Ensure SSH root login is disabled (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/disable_rsh_client.sh
+++ b/bin/hardening/disable_rsh_client.sh
@ -6,7 +6,7 @@
 #

 #
-# 2.3.2 Ensure rsh client is not installed (Scored)
+# Ensure rsh client is not installed (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/disable_rsync.sh
+++ b/bin/hardening/disable_rsync.sh
@ -6,7 +6,7 @@
 #

 #
-# 2.2.16 Ensure rsync service is not enabled (Scored)
+# Ensure rsync service is not enabled (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/disable_samba.sh
+++ b/bin/hardening/disable_samba.sh
@ -6,7 +6,7 @@
 #

 #
-# 2.2.12 Ensure Samba is not enabled (Scored)
+# Ensure Samba is not enabled (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/disable_sctp.sh
+++ b/bin/hardening/disable_sctp.sh
@ -6,7 +6,7 @@
 #

 #
-# 3.4.2 Ensure SCTP is disabled (Not Scored)
+# Ensure SCTP is disabled (Not Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/disable_secure_icmp_redirect.sh
+++ b/bin/hardening/disable_secure_icmp_redirect.sh
@ -6,7 +6,7 @@
 #

 #
-# 3.3.3 Ensure secure ICMP redirects are not accepted (Scored)
+# Ensure secure ICMP redirects are not accepted (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/disable_send_packet_redirects.sh
+++ b/bin/hardening/disable_send_packet_redirects.sh
@ -6,7 +6,7 @@
 #

 #
-# 3.2.1 Ensure packet redirect sending is disabled (Scored)
+# Ensure packet redirect sending is disabled (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/disable_snmp_server.sh
+++ b/bin/hardening/disable_snmp_server.sh
@ -6,7 +6,7 @@
 #

 #
-# 2.2.14 Ensure SNMP Server is not enabled (Scored)
+# Ensure SNMP Server is not enabled (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/disable_source_routed_packets.sh
+++ b/bin/hardening/disable_source_routed_packets.sh
@ -6,7 +6,7 @@
 #

 #
-# 3.3.1 Ensure source routed packets are not accepted (Scored)
+# Ensure source routed packets are not accepted (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/disable_squashfs.sh
+++ b/bin/hardening/disable_squashfs.sh
@ -6,7 +6,7 @@
 #

 #
-# 1.1.1.5 Ensure mounting of squashfs filesystems is disabled (Scored)
+# Ensure mounting of squashfs filesystems is disabled (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/disable_ssh_allow_tcp_forwarding.sh
+++ b/bin/hardening/disable_ssh_allow_tcp_forwarding.sh
@ -6,7 +6,7 @@
 #

 #
-# 5.2.21 Ensure SSH AllowTCPForwarding is disabled (Scored)
+# Ensure SSH AllowTCPForwarding is disabled (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/disable_sshd_hostbasedauthentication.sh
+++ b/bin/hardening/disable_sshd_hostbasedauthentication.sh
@ -6,7 +6,7 @@
 #

 #
-# 5.2.9 Ensure SSH HostbasedAuthentication is disabled (Scored)
+# Ensure SSH HostbasedAuthentication is disabled (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/disable_sshd_permitemptypasswords.sh
+++ b/bin/hardening/disable_sshd_permitemptypasswords.sh
@ -6,7 +6,7 @@
 #

 #
-# 5.2.11 Ensure SSH PermitEmptyPasswords is disabled (Scored)
+# Ensure SSH PermitEmptyPasswords is disabled (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/disable_sshd_setenv.sh
+++ b/bin/hardening/disable_sshd_setenv.sh
@ -6,7 +6,7 @@
 #

 #
-# 5.2.12 Ensure SSH PermitUserEnvironment is disabled (Scored)
+# Ensure SSH PermitUserEnvironment is disabled (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/disable_system_accounts.sh
+++ b/bin/hardening/disable_system_accounts.sh
@ -6,7 +6,7 @@
 #

 #
-# 5.4.2 Ensure system accounts are non-login (Scored)
+# Ensure system accounts are non-login (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/disable_talk_client.sh
+++ b/bin/hardening/disable_talk_client.sh
@ -6,7 +6,7 @@
 #

 #
-# 2.3.3 Ensure talk client is not installed (Scored)
+# Ensure talk client is not installed (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/disable_telnet_client.sh
+++ b/bin/hardening/disable_telnet_client.sh
@ -6,7 +6,7 @@
 #

 #
-# 2.3.4 Ensure telnet client is not installed (Scored)
+# Ensure telnet client is not installed (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/disable_telnet_server.sh
+++ b/bin/hardening/disable_telnet_server.sh
@ -6,7 +6,7 @@
 #

 #
-# 99.2.2 Ensure telnet server is not enabled (Scored)
+# Ensure telnet server is not enabled (Scored)
 #

 # Note: this check is not anymore in CIS hardening but we decided to keep it anyway
--- a/bin/hardening/disable_tipc.sh
+++ b/bin/hardening/disable_tipc.sh
@ -6,7 +6,7 @@
 #

 #
-# 3.4.4 Ensure TIPC is disabled (Not Scored)
+# Ensure TIPC is disabled (Not Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/disable_udf.sh
+++ b/bin/hardening/disable_udf.sh
@ -6,7 +6,7 @@
 #

 #
-# 1.1.1.6 Ensure mounting of udf filesystems is disabled (Scored)
+# Ensure mounting of udf filesystems is disabled (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/disable_usb_devices.sh
+++ b/bin/hardening/disable_usb_devices.sh
@ -6,7 +6,7 @@
 #

 #
-# 99.1.1.23 Disable USB Devices
+# Disable USB Devices
 #

 set -e # One error, it's over
--- a/bin/hardening/disable_usb_storage.sh
+++ b/bin/hardening/disable_usb_storage.sh
@ -6,7 +6,7 @@
 #

 #
-# 1.1.23 Disable USB storage (Scored)
+# Disable USB storage (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/disable_wireless.sh
+++ b/bin/hardening/disable_wireless.sh
@ -6,7 +6,7 @@
 #

 #
-# 3.1.2 Ensure wireless interfaces are disabled (Not Scored)
+# Ensure wireless interfaces are disabled (Not Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/disable_x11_forwarding.sh
+++ b/bin/hardening/disable_x11_forwarding.sh
@ -6,7 +6,7 @@
 #

 #
-# 5.2.6 Ensure SSH X11 forwarding is disabled (Scored)
+# Ensure SSH X11 forwarding is disabled (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/disable_xinetd.sh
+++ b/bin/hardening/disable_xinetd.sh
@ -6,7 +6,7 @@
 #

 #
-# 2.1.1 Ensure xinetd is not enabled (Scored)
+# Ensure xinetd is not enabled (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/disable_xwindow_system.sh
+++ b/bin/hardening/disable_xwindow_system.sh
@ -6,7 +6,7 @@
 #

 #
-# 2.2.2 Ensure the X Window system is not installed (Scored)
+# Ensure the X Window system is not installed (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/enable_apparmor.sh
+++ b/bin/hardening/enable_apparmor.sh
@ -6,7 +6,7 @@
 #

 #
-# 1.7.2.2 Ensure AppArmor is enabled in the bootloader configuration (Scored)
+# Ensure AppArmor is enabled in the bootloader configuration (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/enable_auditd.sh
+++ b/bin/hardening/enable_auditd.sh
@ -6,7 +6,7 @@
 #

 #
-# 4.1.1.2 Ensure auditd service is enabled (Scored)
+# Ensure auditd service is enabled (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/enable_auditd_kernel.sh
+++ b/bin/hardening/enable_auditd_kernel.sh
@ -6,7 +6,7 @@
 #

 #
-# 99.4.0 Ensure CONFIG_AUDIT is enabled in your running kernel
+# Ensure CONFIG_AUDIT is enabled in your running kernel
 #

 set -e # One error, it's over
--- a/bin/hardening/enable_bad_error_message_protection.sh
+++ b/bin/hardening/enable_bad_error_message_protection.sh
@ -6,7 +6,7 @@
 #

 #
-# 3.3.6 Ensure bogus ICMP responses are ignored (Scored)
+# Ensure bogus ICMP responses are ignored (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/enable_cron.sh
+++ b/bin/hardening/enable_cron.sh
@ -6,7 +6,7 @@
 #

 #
-# 5.1.1 Ensure cron daemon is enabled (Scored)
+# Ensure cron daemon is enabled (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/enable_firewall.sh
+++ b/bin/hardening/enable_firewall.sh
@ -6,7 +6,7 @@
 #

 #
-# 3.5.1.1 Ensure Firewall is active (Scored)
+# Ensure Firewall is active (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/enable_lockout_failed_password.sh
+++ b/bin/hardening/enable_lockout_failed_password.sh
@ -6,7 +6,7 @@
 #

 #
-# 5.3.2 Ensure lockout for failed password attempts is configured (Scored)
+# Ensure lockout for failed password attempts is configured (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/enable_nx_support.sh
+++ b/bin/hardening/enable_nx_support.sh
@ -6,7 +6,7 @@
 #

 #
-# 1.6.1 Ensure XD/NX support is enabled (Not Scored)
+# Ensure XD/NX support is enabled (Not Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/enable_pwquality.sh
+++ b/bin/hardening/enable_pwquality.sh
@ -6,7 +6,7 @@
 #

 #
-# 5.3.1 Ensure password creation requirements are configured (Scored)
+# Ensure password creation requirements are configured (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/enable_randomized_vm_placement.sh
+++ b/bin/hardening/enable_randomized_vm_placement.sh
@ -6,7 +6,7 @@
 #

 #
-# 1.6.2 Ensure address space layout randomization (ASLR) is enabled (Scored)
+# Ensure address space layout randomization (ASLR) is enabled (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/enable_source_route_validation.sh
+++ b/bin/hardening/enable_source_route_validation.sh
@ -6,7 +6,7 @@
 #

 #
-# 3.3.7 Ensure Reverse Path Filtering is enabled (Scored)
+# Ensure Reverse Path Filtering is enabled (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/enable_ssh_pam.sh
+++ b/bin/hardening/enable_ssh_pam.sh
@ -6,7 +6,7 @@
 #

 #
-# 5.2.20 Ensure SSH PAM is enabled (Scored)
+# Ensure SSH PAM is enabled (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/enable_sshd_ignorerhosts.sh
+++ b/bin/hardening/enable_sshd_ignorerhosts.sh
@ -6,7 +6,7 @@
 #

 #
-# 5.2.8 Ensure SSH IgnoreRhosts is enabled (Scored)
+# Ensure SSH IgnoreRhosts is enabled (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/enable_syslog-ng.sh
+++ b/bin/hardening/enable_syslog-ng.sh
@ -6,7 +6,7 @@
 #

 #
-# 4.2.1.2 Ensure syslog-ng service is enabled (Scored)
+# Ensure syslog-ng service is enabled (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/enable_tcp_syn_cookies.sh
+++ b/bin/hardening/enable_tcp_syn_cookies.sh
@ -6,7 +6,7 @@
 #

 #
-# 3.3.8 Ensure TCP SYN Cookies is enabled (Scored)
+# Ensure TCP SYN Cookies is enabled (Scored)
 #

 set -e # One error, it's over
--- a/Show More
+++ b/Show More