From b6965e73ec33e07c0ac938b87314cd65e59e3829 Mon Sep 17 00:00:00 2001 From: Damien Cavagnini Date: Wed, 25 Jun 2025 16:15:32 +0200 Subject: [PATCH] chore: remove CIS recommendation numbers from bin/hardening scripts --- bin/hardening/acc_logindefs_sha512.sh | 2 +- bin/hardening/acc_pam_sha512.sh | 2 +- bin/hardening/acc_shadow_sha512.sh | 2 +- bin/hardening/acc_sudoers_no_all.sh | 2 +- bin/hardening/audit_backlog_limit.sh | 2 +- bin/hardening/audit_bootloader.sh | 2 +- bin/hardening/audit_log_storage.sh | 2 +- bin/hardening/bootloader_ownership.sh | 2 +- bin/hardening/bootloader_password.sh | 2 +- bin/hardening/check_distribution.sh | 2 +- bin/hardening/check_duplicate_gid.sh | 2 +- bin/hardening/check_duplicate_groupname.sh | 2 +- bin/hardening/check_duplicate_uid.sh | 2 +- bin/hardening/check_duplicate_username.sh | 2 +- bin/hardening/check_user_dir_perm.sh | 2 +- bin/hardening/check_user_dot_file_perm.sh | 2 +- bin/hardening/configure_chrony.sh | 2 +- bin/hardening/configure_logrotate.sh | 2 +- bin/hardening/configure_ntp.sh | 2 +- bin/hardening/configure_ssh_max_startups.sh | 2 +- bin/hardening/configure_syslog-ng.sh | 2 +- bin/hardening/configure_systemd-timesyncd.sh | 2 +- bin/hardening/cron_d_perm_ownership.sh | 2 +- bin/hardening/cron_daily_perm_ownership.sh | 2 +- bin/hardening/cron_hourly_perm_ownership.sh | 2 +- bin/hardening/cron_monthly_perm_ownership.sh | 2 +- bin/hardening/cron_users.sh | 2 +- bin/hardening/cron_weekly_perm_ownership.sh | 2 +- bin/hardening/crontab_perm_ownership.sh | 2 +- bin/hardening/default_root_group.sh | 2 +- bin/hardening/default_timeout.sh | 2 +- bin/hardening/default_umask.sh | 2 +- bin/hardening/disable_apport.sh | 2 +- bin/hardening/disable_automounting.sh | 2 +- bin/hardening/disable_avahi_server.sh | 2 +- bin/hardening/disable_bsd_inetd.sh | 2 +- bin/hardening/disable_cramfs.sh | 2 +- bin/hardening/disable_dccp.sh | 2 +- bin/hardening/disable_dhcp.sh | 2 +- bin/hardening/disable_dns_server.sh | 2 +- bin/hardening/disable_freevxfs.sh | 2 +- bin/hardening/disable_ftp.sh | 2 +- bin/hardening/disable_hfs.sh | 2 +- bin/hardening/disable_hfsplus.sh | 2 +- bin/hardening/disable_http_proxy.sh | 2 +- bin/hardening/disable_http_server.sh | 2 +- bin/hardening/disable_icmp_redirect.sh | 2 +- bin/hardening/disable_imap_pop.sh | 2 +- bin/hardening/disable_ip_forwarding.sh | 2 +- bin/hardening/disable_ipv6.sh | 2 +- bin/hardening/disable_ipv6_router_advertisement.sh | 2 +- bin/hardening/disable_jffs2.sh | 2 +- bin/hardening/disable_ldap.sh | 2 +- bin/hardening/disable_ldap_client.sh | 2 +- bin/hardening/disable_nfs_rpc.sh | 2 +- bin/hardening/disable_nis.sh | 2 +- bin/hardening/disable_prelink.sh | 2 +- bin/hardening/disable_print_server.sh | 2 +- bin/hardening/disable_rds.sh | 2 +- bin/hardening/disable_root_login.sh | 2 +- bin/hardening/disable_rsh_client.sh | 2 +- bin/hardening/disable_rsync.sh | 2 +- bin/hardening/disable_samba.sh | 2 +- bin/hardening/disable_sctp.sh | 2 +- bin/hardening/disable_secure_icmp_redirect.sh | 2 +- bin/hardening/disable_send_packet_redirects.sh | 2 +- bin/hardening/disable_snmp_server.sh | 2 +- bin/hardening/disable_source_routed_packets.sh | 2 +- bin/hardening/disable_squashfs.sh | 2 +- bin/hardening/disable_ssh_allow_tcp_forwarding.sh | 2 +- bin/hardening/disable_sshd_hostbasedauthentication.sh | 2 +- bin/hardening/disable_sshd_permitemptypasswords.sh | 2 +- bin/hardening/disable_sshd_setenv.sh | 2 +- bin/hardening/disable_system_accounts.sh | 2 +- bin/hardening/disable_talk_client.sh | 2 +- bin/hardening/disable_telnet_client.sh | 2 +- bin/hardening/disable_telnet_server.sh | 2 +- bin/hardening/disable_tipc.sh | 2 +- bin/hardening/disable_udf.sh | 2 +- bin/hardening/disable_usb_devices.sh | 2 +- bin/hardening/disable_usb_storage.sh | 2 +- bin/hardening/disable_wireless.sh | 2 +- bin/hardening/disable_x11_forwarding.sh | 2 +- bin/hardening/disable_xinetd.sh | 2 +- bin/hardening/disable_xwindow_system.sh | 2 +- bin/hardening/enable_apparmor.sh | 2 +- bin/hardening/enable_auditd.sh | 2 +- bin/hardening/enable_auditd_kernel.sh | 2 +- bin/hardening/enable_bad_error_message_protection.sh | 2 +- bin/hardening/enable_cron.sh | 2 +- bin/hardening/enable_firewall.sh | 2 +- bin/hardening/enable_lockout_failed_password.sh | 2 +- bin/hardening/enable_nx_support.sh | 2 +- bin/hardening/enable_pwquality.sh | 2 +- bin/hardening/enable_randomized_vm_placement.sh | 2 +- bin/hardening/enable_source_route_validation.sh | 2 +- bin/hardening/enable_ssh_pam.sh | 2 +- bin/hardening/enable_sshd_ignorerhosts.sh | 2 +- bin/hardening/enable_syslog-ng.sh | 2 +- bin/hardening/enable_tcp_syn_cookies.sh | 2 +- bin/hardening/enforce_or_complain_apparmor.sh | 2 +- bin/hardening/enforcing_apparmor.sh | 2 +- bin/hardening/etc_group-_permissions.sh | 2 +- bin/hardening/etc_group_permissions.sh | 2 +- bin/hardening/etc_gshadow-_permissions.sh | 2 +- bin/hardening/etc_gshadow_permissions.sh | 2 +- bin/hardening/etc_issue_net_perms.sh | 2 +- bin/hardening/etc_issue_perms.sh | 2 +- bin/hardening/etc_passwd-_permissions.sh | 2 +- bin/hardening/etc_passwd_permissions.sh | 2 +- bin/hardening/etc_shadow-_permissions.sh | 2 +- bin/hardening/etc_shadow_permissions.sh | 2 +- bin/hardening/find_0_uid_non_root_account.sh | 2 +- bin/hardening/find_passwd_group_inconsistencies.sh | 2 +- bin/hardening/find_sgid_files.sh | 2 +- bin/hardening/find_suid_files.sh | 2 +- bin/hardening/find_ungrouped_files.sh | 2 +- bin/hardening/find_unowned_files.sh | 2 +- bin/hardening/find_user_forward_files.sh | 2 +- bin/hardening/find_user_netrc_files.sh | 2 +- bin/hardening/find_user_rhosts_files.sh | 2 +- bin/hardening/find_world_writable_file.sh | 2 +- bin/hardening/freeze_auditd_conf.sh | 2 +- bin/hardening/graphical_warning_banners.sh | 2 +- bin/hardening/halt_when_audit_log_full.sh | 2 +- bin/hardening/home_nodev.sh | 2 +- bin/hardening/home_nosuid.sh | 2 +- bin/hardening/home_partition.sh | 2 +- bin/hardening/hosts_allow.sh | 2 +- bin/hardening/hosts_allow_permissions.sh | 2 +- bin/hardening/hosts_deny.sh | 2 +- bin/hardening/hosts_deny_permissions.sh | 2 +- bin/hardening/ignore_broadcast_requests.sh | 2 +- bin/hardening/install_apparmor.sh | 2 +- bin/hardening/install_auditd.sh | 2 +- bin/hardening/install_sudo.sh | 2 +- bin/hardening/install_syslog-ng.sh | 2 +- bin/hardening/install_tcp_wrapper.sh | 2 +- bin/hardening/install_tripwire.sh | 2 +- bin/hardening/install_updates.sh | 2 +- bin/hardening/journald_compress.sh | 2 +- bin/hardening/journald_logs.sh | 2 +- bin/hardening/journald_write_persistent.sh | 2 +- bin/hardening/keep_all_audit_logs.sh | 2 +- bin/hardening/last_password_change_past.sh | 2 +- bin/hardening/limit_password_reuse.sh | 2 +- bin/hardening/limit_ssh_max_sessions.sh | 2 +- bin/hardening/lock_inactive_user_account.sh | 2 +- bin/hardening/log_martian_packets.sh | 2 +- bin/hardening/logfile_sudo.sh | 2 +- bin/hardening/logrotate_permissions.sh | 2 +- bin/hardening/logs_permissions.sh | 2 +- bin/hardening/motd_perms.sh | 2 +- bin/hardening/mta_localhost.sh | 2 +- bin/hardening/net_fw_default_policy_drop.sh | 2 +- bin/hardening/pty_sudo.sh | 2 +- bin/hardening/record_dac_edit.sh | 2 +- bin/hardening/record_date_time_edit.sh | 2 +- bin/hardening/record_failed_access_file.sh | 2 +- bin/hardening/record_file_deletions.sh | 2 +- bin/hardening/record_kernel_modules.sh | 2 +- bin/hardening/record_login_logout.sh | 2 +- bin/hardening/record_mac_edit.sh | 2 +- bin/hardening/record_network_edit.sh | 2 +- bin/hardening/record_privileged_commands.sh | 2 +- bin/hardening/record_session_init.sh | 2 +- bin/hardening/record_successful_mount.sh | 2 +- bin/hardening/record_sudo_usage.sh | 2 +- bin/hardening/record_sudoers_edit.sh | 2 +- bin/hardening/record_user_group_edit.sh | 2 +- bin/hardening/remote_syslog-ng_acl.sh | 2 +- bin/hardening/removable_device_nodev.sh | 2 +- bin/hardening/removable_device_noexec.sh | 2 +- bin/hardening/removable_device_nosuid.sh | 2 +- bin/hardening/remove_empty_password_field.sh | 2 +- bin/hardening/remove_legacy_group_entries.sh | 2 +- bin/hardening/remove_legacy_passwd_entries.sh | 2 +- bin/hardening/remove_legacy_shadow_entries.sh | 2 +- bin/hardening/remove_os_info_issue.sh | 2 +- bin/hardening/remove_os_info_issue_net.sh | 2 +- bin/hardening/remove_os_info_motd.sh | 2 +- bin/hardening/restrict_core_dumps.sh | 2 +- bin/hardening/restrict_fat.sh | 2 +- bin/hardening/restrict_su.sh | 2 +- bin/hardening/root_password.sh | 2 +- bin/hardening/run_shm_nodev.sh | 2 +- bin/hardening/run_shm_noexec.sh | 2 +- bin/hardening/run_shm_nosuid.sh | 2 +- bin/hardening/sanitize_root_path.sh | 2 +- bin/hardening/secure_tty.sh | 2 +- bin/hardening/set_password_exp_days.sh | 2 +- bin/hardening/set_password_exp_warning_days.sh | 2 +- bin/hardening/set_password_min_days_change.sh | 2 +- bin/hardening/set_perm_on_user_netrc.sh | 2 +- bin/hardening/shadow_group_empty.sh | 2 +- bin/hardening/ssh_auth_pubk_only.sh | 2 +- bin/hardening/ssh_banner.sh | 2 +- bin/hardening/ssh_cry_kex.sh | 2 +- bin/hardening/ssh_cry_mac.sh | 2 +- bin/hardening/ssh_cry_rekey.sh | 3 +-- bin/hardening/ssh_disable_features.sh | 2 +- bin/hardening/ssh_host_private_keys_perm_ownership.sh | 2 +- bin/hardening/ssh_host_public_keys_perm_ownership.sh | 2 +- bin/hardening/ssh_keys_from.sh | 2 +- bin/hardening/ssh_strict_modes.sh | 2 +- bin/hardening/ssh_sys_accept_env.sh | 2 +- bin/hardening/ssh_sys_no_legacy.sh | 2 +- bin/hardening/sshd_ciphers.sh | 2 +- bin/hardening/sshd_conf_perm_ownership.sh | 2 +- bin/hardening/sshd_idle_timeout.sh | 2 +- bin/hardening/sshd_limit_access.sh | 2 +- bin/hardening/sshd_login_grace_time.sh | 2 +- bin/hardening/sshd_loglevel.sh | 2 +- bin/hardening/sshd_maxauthtries.sh | 2 +- bin/hardening/sshd_protocol.sh | 2 +- bin/hardening/sticky_bit_world_writable_folder.sh | 2 +- bin/hardening/syslog-ng_remote_host.sh | 2 +- bin/hardening/syslog_ng_logfiles_perm.sh | 2 +- bin/hardening/tmp_nodev.sh | 2 +- bin/hardening/tmp_noexec.sh | 2 +- bin/hardening/tmp_nosuid.sh | 2 +- bin/hardening/tmp_partition.sh | 2 +- bin/hardening/tripwire_cron.sh | 2 +- bin/hardening/uninstall_nis.sh | 2 +- bin/hardening/use_time_sync.sh | 2 +- bin/hardening/users_homedir_exist.sh | 2 +- bin/hardening/users_homedir_ownership.sh | 2 +- bin/hardening/var_log_audit_nodev.sh | 2 +- bin/hardening/var_log_audit_noexec.sh | 2 +- bin/hardening/var_log_audit_nosuid.sh | 2 +- bin/hardening/var_log_audit_partition.sh | 2 +- bin/hardening/var_log_nodev.sh | 2 +- bin/hardening/var_log_noexec.sh | 2 +- bin/hardening/var_log_nosuid.sh | 2 +- bin/hardening/var_log_partition.sh | 2 +- bin/hardening/var_nodev.sh | 2 +- bin/hardening/var_nosuid.sh | 2 +- bin/hardening/var_partition.sh | 2 +- bin/hardening/var_tmp_nodev.sh | 2 +- bin/hardening/var_tmp_noexec.sh | 2 +- bin/hardening/var_tmp_nosuid.sh | 2 +- bin/hardening/var_tmp_partition.sh | 2 +- 242 files changed, 242 insertions(+), 243 deletions(-) diff --git a/bin/hardening/acc_logindefs_sha512.sh b/bin/hardening/acc_logindefs_sha512.sh index ce64104..263dccb 100755 --- a/bin/hardening/acc_logindefs_sha512.sh +++ b/bin/hardening/acc_logindefs_sha512.sh @@ -6,7 +6,7 @@ # # -# 99.5.4.5.1 Check that any password that will be created will use sha512crypt (or yescrypt for Debian 11+) +# Check that any password that will be created will use sha512crypt (or yescrypt for Debian 11+) # set -e # One error, it's over diff --git a/bin/hardening/acc_pam_sha512.sh b/bin/hardening/acc_pam_sha512.sh index e04345e..e0b788a 100755 --- a/bin/hardening/acc_pam_sha512.sh +++ b/bin/hardening/acc_pam_sha512.sh @@ -6,7 +6,7 @@ # # -# 5.3.4 Ensure password hashing algorithm is SHA-512 (Scored) +# Ensure password hashing algorithm is SHA-512 (Scored) # set -e # One error, it's over diff --git a/bin/hardening/acc_shadow_sha512.sh b/bin/hardening/acc_shadow_sha512.sh index 3c5974a..3519094 100755 --- a/bin/hardening/acc_shadow_sha512.sh +++ b/bin/hardening/acc_shadow_sha512.sh @@ -6,7 +6,7 @@ # # -# 99.5.4.5.2 Check that passwords in /etc/shadow are sha512crypt (or yescrypt for Debian 11+) hashed and salted +# Check that passwords in /etc/shadow are sha512crypt (or yescrypt for Debian 11+) hashed and salted # set -e # One error, it's over diff --git a/bin/hardening/acc_sudoers_no_all.sh b/bin/hardening/acc_sudoers_no_all.sh index dfb80a1..26b9f7f 100755 --- a/bin/hardening/acc_sudoers_no_all.sh +++ b/bin/hardening/acc_sudoers_no_all.sh @@ -6,7 +6,7 @@ # # -# 99.1.3 Check there are no carte-blanche authorization in sudoers file(s). +# Check there are no carte-blanche authorization in sudoers file(s). # set -e # One error, it's over diff --git a/bin/hardening/audit_backlog_limit.sh b/bin/hardening/audit_backlog_limit.sh index 924a8aa..2d95b0b 100755 --- a/bin/hardening/audit_backlog_limit.sh +++ b/bin/hardening/audit_backlog_limit.sh @@ -6,7 +6,7 @@ # # -# 4.1.1.4 Ensure audit_backlog_limit is sufficient (Scored) +# Ensure audit_backlog_limit is sufficient (Scored) # set -e # One error, it's over diff --git a/bin/hardening/audit_bootloader.sh b/bin/hardening/audit_bootloader.sh index 22fd58a..acb56df 100755 --- a/bin/hardening/audit_bootloader.sh +++ b/bin/hardening/audit_bootloader.sh @@ -6,7 +6,7 @@ # # -# 4.1.1.3 Ensure auditing for processes that start prior to auditd is enabled (Scored) +# Ensure auditing for processes that start prior to auditd is enabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/audit_log_storage.sh b/bin/hardening/audit_log_storage.sh index 0558302..75f5fdf 100755 --- a/bin/hardening/audit_log_storage.sh +++ b/bin/hardening/audit_log_storage.sh @@ -6,7 +6,7 @@ # # -# 4.1.2.1 Ensure audit log storage size is configured (Scored) +# Ensure audit log storage size is configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/bootloader_ownership.sh b/bin/hardening/bootloader_ownership.sh index 1374a89..ce939f9 100755 --- a/bin/hardening/bootloader_ownership.sh +++ b/bin/hardening/bootloader_ownership.sh @@ -6,7 +6,7 @@ # # -# 1.5.1 Ensure permissions on bootloader config are configured (Scored) +# Ensure permissions on bootloader config are configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/bootloader_password.sh b/bin/hardening/bootloader_password.sh index fd4a9ec..37182f8 100755 --- a/bin/hardening/bootloader_password.sh +++ b/bin/hardening/bootloader_password.sh @@ -6,7 +6,7 @@ # # -# 1.5.2 Ensure bootloader password is set (Scored) +# Ensure bootloader password is set (Scored) # set -e # One error, it's over diff --git a/bin/hardening/check_distribution.sh b/bin/hardening/check_distribution.sh index 252e971..d4c7b2f 100755 --- a/bin/hardening/check_distribution.sh +++ b/bin/hardening/check_distribution.sh @@ -6,7 +6,7 @@ # # -# 99.99 Ensure that the distribution version is debian and that the version is 9 or 10 +# Ensure that the distribution version is debian and that the version is 9 or 10 # set -e # One error, it's over diff --git a/bin/hardening/check_duplicate_gid.sh b/bin/hardening/check_duplicate_gid.sh index f20aa25..8480520 100755 --- a/bin/hardening/check_duplicate_gid.sh +++ b/bin/hardening/check_duplicate_gid.sh @@ -6,7 +6,7 @@ # # -# 6.2.17 Ensure no duplicate GIDs exist (Scored) +# Ensure no duplicate GIDs exist (Scored) # set -e # One error, it's over diff --git a/bin/hardening/check_duplicate_groupname.sh b/bin/hardening/check_duplicate_groupname.sh index f24a059..bbda4cd 100755 --- a/bin/hardening/check_duplicate_groupname.sh +++ b/bin/hardening/check_duplicate_groupname.sh @@ -6,7 +6,7 @@ # # -# 6.2.19 Ensure no duplicate group names exist (Scored) +# Ensure no duplicate group names exist (Scored) # set -e # One error, it's over diff --git a/bin/hardening/check_duplicate_uid.sh b/bin/hardening/check_duplicate_uid.sh index 2f6400c..4e795a2 100755 --- a/bin/hardening/check_duplicate_uid.sh +++ b/bin/hardening/check_duplicate_uid.sh @@ -6,7 +6,7 @@ # # -# 6.2.16 Ensure no duplicate UIDs exist (Scored) +# Ensure no duplicate UIDs exist (Scored) # set -e # One error, it's over diff --git a/bin/hardening/check_duplicate_username.sh b/bin/hardening/check_duplicate_username.sh index 030b9e5..0a2f0fc 100755 --- a/bin/hardening/check_duplicate_username.sh +++ b/bin/hardening/check_duplicate_username.sh @@ -6,7 +6,7 @@ # # -# 6.2.18 Ensure no duplicate user names exist (Scored) +# Ensure no duplicate user names exist (Scored) # set -e # One error, it's over diff --git a/bin/hardening/check_user_dir_perm.sh b/bin/hardening/check_user_dir_perm.sh index 2d83187..8099832 100755 --- a/bin/hardening/check_user_dir_perm.sh +++ b/bin/hardening/check_user_dir_perm.sh @@ -6,7 +6,7 @@ # # -# 6.2.8 Ensure users' home directories permissions are 750 or more restrictive (Scored +# Ensure users' home directories permissions are 750 or more restrictive (Scored # set -e # One error, it's over diff --git a/bin/hardening/check_user_dot_file_perm.sh b/bin/hardening/check_user_dot_file_perm.sh index a8adfc7..baa504d 100755 --- a/bin/hardening/check_user_dot_file_perm.sh +++ b/bin/hardening/check_user_dot_file_perm.sh @@ -6,7 +6,7 @@ # # -# 6.2.10 Ensure users' dot files are not group or world writable (Scored) +# Ensure users' dot files are not group or world writable (Scored) # set -e # One error, it's over diff --git a/bin/hardening/configure_chrony.sh b/bin/hardening/configure_chrony.sh index 2996e90..4e6a892 100755 --- a/bin/hardening/configure_chrony.sh +++ b/bin/hardening/configure_chrony.sh @@ -6,7 +6,7 @@ # # -# 2.2.1.3 Ensure chrony is configured (Scored) +# Ensure chrony is configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/configure_logrotate.sh b/bin/hardening/configure_logrotate.sh index d109360..e3f4225 100755 --- a/bin/hardening/configure_logrotate.sh +++ b/bin/hardening/configure_logrotate.sh @@ -6,7 +6,7 @@ # # -# 4.3 Ensure logrotate is configured (Not Scored) +# Ensure logrotate is configured (Not Scored) # set -e # One error, it's over diff --git a/bin/hardening/configure_ntp.sh b/bin/hardening/configure_ntp.sh index 5f2fe8d..fa772c0 100755 --- a/bin/hardening/configure_ntp.sh +++ b/bin/hardening/configure_ntp.sh @@ -6,7 +6,7 @@ # # -# 2.2.1.2 Ensure ntp is configured (Scored) +# Ensure ntp is configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/configure_ssh_max_startups.sh b/bin/hardening/configure_ssh_max_startups.sh index 2fb8ed7..59e1048 100755 --- a/bin/hardening/configure_ssh_max_startups.sh +++ b/bin/hardening/configure_ssh_max_startups.sh @@ -6,7 +6,7 @@ # # -# 5.2.22 Ensure SSH MaxStartups is configured (Scored) +# Ensure SSH MaxStartups is configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/configure_syslog-ng.sh b/bin/hardening/configure_syslog-ng.sh index 4833ee3..42db633 100755 --- a/bin/hardening/configure_syslog-ng.sh +++ b/bin/hardening/configure_syslog-ng.sh @@ -6,7 +6,7 @@ # # -# 4.2.1.3 Configure /etc/syslog-ng/syslog-ng.conf (Not Scored) +# Configure /etc/syslog-ng/syslog-ng.conf (Not Scored) # set -e # One error, it's over diff --git a/bin/hardening/configure_systemd-timesyncd.sh b/bin/hardening/configure_systemd-timesyncd.sh index 6b8c15f..9a71aca 100755 --- a/bin/hardening/configure_systemd-timesyncd.sh +++ b/bin/hardening/configure_systemd-timesyncd.sh @@ -6,7 +6,7 @@ # # -# 2.2.1.2 Ensure systemd-timesyncd is configured (Not Scored) +# Ensure systemd-timesyncd is configured (Not Scored) # set -e # One error, it's over diff --git a/bin/hardening/cron_d_perm_ownership.sh b/bin/hardening/cron_d_perm_ownership.sh index bb6e160..4346045 100755 --- a/bin/hardening/cron_d_perm_ownership.sh +++ b/bin/hardening/cron_d_perm_ownership.sh @@ -6,7 +6,7 @@ # # -# 5.1.7 Ensure permissions on /etc/cron.d are configured (Scored) +# Ensure permissions on /etc/cron.d are configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/cron_daily_perm_ownership.sh b/bin/hardening/cron_daily_perm_ownership.sh index fa57556..7482e91 100755 --- a/bin/hardening/cron_daily_perm_ownership.sh +++ b/bin/hardening/cron_daily_perm_ownership.sh @@ -6,7 +6,7 @@ # # -# 5.1.4 Ensure permissions on /etc/cron.daily are configured (Scored) +# Ensure permissions on /etc/cron.daily are configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/cron_hourly_perm_ownership.sh b/bin/hardening/cron_hourly_perm_ownership.sh index d4fbad6..17f2d12 100755 --- a/bin/hardening/cron_hourly_perm_ownership.sh +++ b/bin/hardening/cron_hourly_perm_ownership.sh @@ -6,7 +6,7 @@ # # -# 5.1.3 Ensure permissions on /etc/cron.hourly are configured (Scored) +# Ensure permissions on /etc/cron.hourly are configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/cron_monthly_perm_ownership.sh b/bin/hardening/cron_monthly_perm_ownership.sh index 17367fc..4766fa8 100755 --- a/bin/hardening/cron_monthly_perm_ownership.sh +++ b/bin/hardening/cron_monthly_perm_ownership.sh @@ -6,7 +6,7 @@ # # -# 5.1.6 Ensure permissions on /etc/cron.monthly are configured (Scored) +# Ensure permissions on /etc/cron.monthly are configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/cron_users.sh b/bin/hardening/cron_users.sh index 958d62c..ca202d9 100755 --- a/bin/hardening/cron_users.sh +++ b/bin/hardening/cron_users.sh @@ -6,7 +6,7 @@ # # -# 5.1.8 Ensure at/cron is restricted to authorized users (Scored) +# Ensure at/cron is restricted to authorized users (Scored) # set -e # One error, it's over diff --git a/bin/hardening/cron_weekly_perm_ownership.sh b/bin/hardening/cron_weekly_perm_ownership.sh index 29aad24..50f2198 100755 --- a/bin/hardening/cron_weekly_perm_ownership.sh +++ b/bin/hardening/cron_weekly_perm_ownership.sh @@ -6,7 +6,7 @@ # # -# 5.1.5 Ensure permissions on /etc/cron.weekly are configured (Scored) +# Ensure permissions on /etc/cron.weekly are configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/crontab_perm_ownership.sh b/bin/hardening/crontab_perm_ownership.sh index 419032b..d798dd4 100755 --- a/bin/hardening/crontab_perm_ownership.sh +++ b/bin/hardening/crontab_perm_ownership.sh @@ -6,7 +6,7 @@ # # -# 5.1.2 Ensure permissions on /etc/crontab are configured (Scored) +# Ensure permissions on /etc/crontab are configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/default_root_group.sh b/bin/hardening/default_root_group.sh index f0d4e26..c7fe361 100755 --- a/bin/hardening/default_root_group.sh +++ b/bin/hardening/default_root_group.sh @@ -6,7 +6,7 @@ # # -# 5.4.3 Ensure default group for the root account is GID 0 (Scored) +# Ensure default group for the root account is GID 0 (Scored) # set -e # One error, it's over diff --git a/bin/hardening/default_timeout.sh b/bin/hardening/default_timeout.sh index 6355ebc..4597d68 100755 --- a/bin/hardening/default_timeout.sh +++ b/bin/hardening/default_timeout.sh @@ -6,7 +6,7 @@ # # -# 5.4.4 Ensure default usershell timeout is 900 seconds or less +# Ensure default usershell timeout is 900 seconds or less # set -e # One error, it's over diff --git a/bin/hardening/default_umask.sh b/bin/hardening/default_umask.sh index b0f9aa4..2ecdc92 100755 --- a/bin/hardening/default_umask.sh +++ b/bin/hardening/default_umask.sh @@ -6,7 +6,7 @@ # # -# 5.4.4 Ensure default user umask is 027 or more restrictive (Scored) +# Ensure default user umask is 027 or more restrictive (Scored) # set -e # One error, it's over diff --git a/bin/hardening/disable_apport.sh b/bin/hardening/disable_apport.sh index d6b9ca6..ade9343 100755 --- a/bin/hardening/disable_apport.sh +++ b/bin/hardening/disable_apport.sh @@ -6,7 +6,7 @@ # # -# 1.6.3.1 Ensure apport is disabled (Scored) +# Ensure apport is disabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/disable_automounting.sh b/bin/hardening/disable_automounting.sh index 42a4768..20082bc 100755 --- a/bin/hardening/disable_automounting.sh +++ b/bin/hardening/disable_automounting.sh @@ -6,7 +6,7 @@ # # -# 1.1.22 Disable Automounting (Scored) +# Disable Automounting (Scored) # set -e # One error, it's over diff --git a/bin/hardening/disable_avahi_server.sh b/bin/hardening/disable_avahi_server.sh index 09322a3..9d0a349 100755 --- a/bin/hardening/disable_avahi_server.sh +++ b/bin/hardening/disable_avahi_server.sh @@ -6,7 +6,7 @@ # # -# 2.2.3 Ensure Avahi Server is not enabled (Scored) +# Ensure Avahi Server is not enabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/disable_bsd_inetd.sh b/bin/hardening/disable_bsd_inetd.sh index cefc987..a3d669c 100755 --- a/bin/hardening/disable_bsd_inetd.sh +++ b/bin/hardening/disable_bsd_inetd.sh @@ -6,7 +6,7 @@ # # -# 2.1.2 Ensure bsd-inetd is not enabled (Scored) +# Ensure bsd-inetd is not enabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/disable_cramfs.sh b/bin/hardening/disable_cramfs.sh index b1a489d..d057c62 100755 --- a/bin/hardening/disable_cramfs.sh +++ b/bin/hardening/disable_cramfs.sh @@ -6,7 +6,7 @@ # # -# 1.1.1.1 Ensure Mounting of cramfs filesystems is disabled (Scored) +# Ensure Mounting of cramfs filesystems is disabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/disable_dccp.sh b/bin/hardening/disable_dccp.sh index 218c429..f5c656a 100755 --- a/bin/hardening/disable_dccp.sh +++ b/bin/hardening/disable_dccp.sh @@ -6,7 +6,7 @@ # # -# 3.4.1 Ensure DCCP is disabled (Not Scored) +# Ensure DCCP is disabled (Not Scored) # set -e # One error, it's over diff --git a/bin/hardening/disable_dhcp.sh b/bin/hardening/disable_dhcp.sh index f7b9fd1..0f58afa 100755 --- a/bin/hardening/disable_dhcp.sh +++ b/bin/hardening/disable_dhcp.sh @@ -6,7 +6,7 @@ # # -# 2.2.5 Ensure DHCP Server is not enabled (Scored) +# Ensure DHCP Server is not enabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/disable_dns_server.sh b/bin/hardening/disable_dns_server.sh index f07bcb9..2156dcf 100755 --- a/bin/hardening/disable_dns_server.sh +++ b/bin/hardening/disable_dns_server.sh @@ -6,7 +6,7 @@ # # -# 2.2.8 Ensure DNS Server is not enabled (Scored) +# Ensure DNS Server is not enabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/disable_freevxfs.sh b/bin/hardening/disable_freevxfs.sh index 92e3715..c243aaf 100755 --- a/bin/hardening/disable_freevxfs.sh +++ b/bin/hardening/disable_freevxfs.sh @@ -6,7 +6,7 @@ # # -# 1.1.1.1 Ensure Mounting of freevxfs filesystems is disabled (Scored) +# Ensure Mounting of freevxfs filesystems is disabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/disable_ftp.sh b/bin/hardening/disable_ftp.sh index d184ac6..745b4b8 100755 --- a/bin/hardening/disable_ftp.sh +++ b/bin/hardening/disable_ftp.sh @@ -6,7 +6,7 @@ # # -# 2.2.9 Ensure FTP Server is not enabled (Scored) +# Ensure FTP Server is not enabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/disable_hfs.sh b/bin/hardening/disable_hfs.sh index 9ad94bd..1cfc597 100755 --- a/bin/hardening/disable_hfs.sh +++ b/bin/hardening/disable_hfs.sh @@ -6,7 +6,7 @@ # # -# 1.1.1.3 Ensure mounting of hfs filesystems is disabled (Scored) +# Ensure mounting of hfs filesystems is disabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/disable_hfsplus.sh b/bin/hardening/disable_hfsplus.sh index 6c1e6c2..eeb75d2 100755 --- a/bin/hardening/disable_hfsplus.sh +++ b/bin/hardening/disable_hfsplus.sh @@ -6,7 +6,7 @@ # # -# 1.1.1.4 Ensure mounting of hfsplus filesystems is disabled (Scored) +# Ensure mounting of hfsplus filesystems is disabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/disable_http_proxy.sh b/bin/hardening/disable_http_proxy.sh index 85b0bb4..bc81b7f 100755 --- a/bin/hardening/disable_http_proxy.sh +++ b/bin/hardening/disable_http_proxy.sh @@ -6,7 +6,7 @@ # # -# 2.2.13 Ensure HTTP Proxy Server is not enabled (Scored) +# Ensure HTTP Proxy Server is not enabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/disable_http_server.sh b/bin/hardening/disable_http_server.sh index 73ad084..2c313ab 100755 --- a/bin/hardening/disable_http_server.sh +++ b/bin/hardening/disable_http_server.sh @@ -6,7 +6,7 @@ # # -# 2.2.10 Ensure HTTP Server is not enabled (Scored) +# Ensure HTTP Server is not enabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/disable_icmp_redirect.sh b/bin/hardening/disable_icmp_redirect.sh index 4bc28e6..644ef49 100755 --- a/bin/hardening/disable_icmp_redirect.sh +++ b/bin/hardening/disable_icmp_redirect.sh @@ -6,7 +6,7 @@ # # -# 3.3.2 Ensure ICMP redirects are not accepted (Scored) +# Ensure ICMP redirects are not accepted (Scored) # set -e # One error, it's over diff --git a/bin/hardening/disable_imap_pop.sh b/bin/hardening/disable_imap_pop.sh index ae11bd4..4bd39b1 100755 --- a/bin/hardening/disable_imap_pop.sh +++ b/bin/hardening/disable_imap_pop.sh @@ -6,7 +6,7 @@ # # -# 2.2.11 Ensure IMAP and POP server is not installed (Scored) +# Ensure IMAP and POP server is not installed (Scored) # set -e # One error, it's over diff --git a/bin/hardening/disable_ip_forwarding.sh b/bin/hardening/disable_ip_forwarding.sh index 6946314..f416907 100755 --- a/bin/hardening/disable_ip_forwarding.sh +++ b/bin/hardening/disable_ip_forwarding.sh @@ -6,7 +6,7 @@ # # -# 3.2.2 Ensure IP forwarding is disabled (Scored) +# Ensure IP forwarding is disabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/disable_ipv6.sh b/bin/hardening/disable_ipv6.sh index 0ed8f3e..dcf7498 100755 --- a/bin/hardening/disable_ipv6.sh +++ b/bin/hardening/disable_ipv6.sh @@ -6,7 +6,7 @@ # # -# 3.1.1 Disable IPv6 (Not Scored) +# Disable IPv6 (Not Scored) # set -e # One error, it's over diff --git a/bin/hardening/disable_ipv6_router_advertisement.sh b/bin/hardening/disable_ipv6_router_advertisement.sh index 18b46c0..8fba60c 100755 --- a/bin/hardening/disable_ipv6_router_advertisement.sh +++ b/bin/hardening/disable_ipv6_router_advertisement.sh @@ -6,7 +6,7 @@ # # -# 3.3.9 Ensure IPv6 router advertisements are not accepted (Scored) +# Ensure IPv6 router advertisements are not accepted (Scored) # set -e # One error, it's over diff --git a/bin/hardening/disable_jffs2.sh b/bin/hardening/disable_jffs2.sh index 775a8b9..384b119 100755 --- a/bin/hardening/disable_jffs2.sh +++ b/bin/hardening/disable_jffs2.sh @@ -6,7 +6,7 @@ # # -# 1.1.1.2 Esnure mounting of jffs2 filesystems is disabled (Scored) +# Esnure mounting of jffs2 filesystems is disabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/disable_ldap.sh b/bin/hardening/disable_ldap.sh index 568ef3c..5262212 100755 --- a/bin/hardening/disable_ldap.sh +++ b/bin/hardening/disable_ldap.sh @@ -6,7 +6,7 @@ # # -# 2.2.6 Ensure LDAP server is not enabled (Scored) +# Ensure LDAP server is not enabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/disable_ldap_client.sh b/bin/hardening/disable_ldap_client.sh index d87c7fc..1a33bdf 100755 --- a/bin/hardening/disable_ldap_client.sh +++ b/bin/hardening/disable_ldap_client.sh @@ -6,7 +6,7 @@ # # -# 2.3.5 Ensure LDAP client is not installed (Scored) +# Ensure LDAP client is not installed (Scored) # set -e # One error, it's over diff --git a/bin/hardening/disable_nfs_rpc.sh b/bin/hardening/disable_nfs_rpc.sh index 54f42ab..84ee4e2 100755 --- a/bin/hardening/disable_nfs_rpc.sh +++ b/bin/hardening/disable_nfs_rpc.sh @@ -6,7 +6,7 @@ # # -# 2.2.7 Ensure NFS and RPC are not enabled (Scored) +# Ensure NFS and RPC are not enabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/disable_nis.sh b/bin/hardening/disable_nis.sh index e90f762..3c86b8d 100755 --- a/bin/hardening/disable_nis.sh +++ b/bin/hardening/disable_nis.sh @@ -6,7 +6,7 @@ # # -# 2.2.17 Ensure NIS Server is not enabled (Scored) +# Ensure NIS Server is not enabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/disable_prelink.sh b/bin/hardening/disable_prelink.sh index 1efd568..badf388 100755 --- a/bin/hardening/disable_prelink.sh +++ b/bin/hardening/disable_prelink.sh @@ -6,7 +6,7 @@ # # -# 1.6.3 Ensure prelink is disabled (Scored) +# Ensure prelink is disabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/disable_print_server.sh b/bin/hardening/disable_print_server.sh index cf3e2bf..51508e1 100755 --- a/bin/hardening/disable_print_server.sh +++ b/bin/hardening/disable_print_server.sh @@ -6,7 +6,7 @@ # # -# 2.2.4 Ensure CUPS is not enabled (Scored) +# Ensure CUPS is not enabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/disable_rds.sh b/bin/hardening/disable_rds.sh index 03b37c7..cb73998 100755 --- a/bin/hardening/disable_rds.sh +++ b/bin/hardening/disable_rds.sh @@ -6,7 +6,7 @@ # # -# 3.4.3 Ensure SCTP is disabled (Not Scored) +# Ensure SCTP is disabled (Not Scored) # set -e # One error, it's over diff --git a/bin/hardening/disable_root_login.sh b/bin/hardening/disable_root_login.sh index 04bf510..f8e3c7f 100755 --- a/bin/hardening/disable_root_login.sh +++ b/bin/hardening/disable_root_login.sh @@ -6,7 +6,7 @@ # # -# 5.2.10 Ensure SSH root login is disabled (Scored) +# Ensure SSH root login is disabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/disable_rsh_client.sh b/bin/hardening/disable_rsh_client.sh index 030099a..72fb1f7 100755 --- a/bin/hardening/disable_rsh_client.sh +++ b/bin/hardening/disable_rsh_client.sh @@ -6,7 +6,7 @@ # # -# 2.3.2 Ensure rsh client is not installed (Scored) +# Ensure rsh client is not installed (Scored) # set -e # One error, it's over diff --git a/bin/hardening/disable_rsync.sh b/bin/hardening/disable_rsync.sh index 64e4e1a..5b0a652 100755 --- a/bin/hardening/disable_rsync.sh +++ b/bin/hardening/disable_rsync.sh @@ -6,7 +6,7 @@ # # -# 2.2.16 Ensure rsync service is not enabled (Scored) +# Ensure rsync service is not enabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/disable_samba.sh b/bin/hardening/disable_samba.sh index 3df06a0..bb955d2 100755 --- a/bin/hardening/disable_samba.sh +++ b/bin/hardening/disable_samba.sh @@ -6,7 +6,7 @@ # # -# 2.2.12 Ensure Samba is not enabled (Scored) +# Ensure Samba is not enabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/disable_sctp.sh b/bin/hardening/disable_sctp.sh index 94f1b40..45f23ab 100755 --- a/bin/hardening/disable_sctp.sh +++ b/bin/hardening/disable_sctp.sh @@ -6,7 +6,7 @@ # # -# 3.4.2 Ensure SCTP is disabled (Not Scored) +# Ensure SCTP is disabled (Not Scored) # set -e # One error, it's over diff --git a/bin/hardening/disable_secure_icmp_redirect.sh b/bin/hardening/disable_secure_icmp_redirect.sh index 5ae544f..0dc829a 100755 --- a/bin/hardening/disable_secure_icmp_redirect.sh +++ b/bin/hardening/disable_secure_icmp_redirect.sh @@ -6,7 +6,7 @@ # # -# 3.3.3 Ensure secure ICMP redirects are not accepted (Scored) +# Ensure secure ICMP redirects are not accepted (Scored) # set -e # One error, it's over diff --git a/bin/hardening/disable_send_packet_redirects.sh b/bin/hardening/disable_send_packet_redirects.sh index ea6ca75..f3a89c8 100755 --- a/bin/hardening/disable_send_packet_redirects.sh +++ b/bin/hardening/disable_send_packet_redirects.sh @@ -6,7 +6,7 @@ # # -# 3.2.1 Ensure packet redirect sending is disabled (Scored) +# Ensure packet redirect sending is disabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/disable_snmp_server.sh b/bin/hardening/disable_snmp_server.sh index 82d761a..5dfe886 100755 --- a/bin/hardening/disable_snmp_server.sh +++ b/bin/hardening/disable_snmp_server.sh @@ -6,7 +6,7 @@ # # -# 2.2.14 Ensure SNMP Server is not enabled (Scored) +# Ensure SNMP Server is not enabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/disable_source_routed_packets.sh b/bin/hardening/disable_source_routed_packets.sh index fe4b0ac..7fa6756 100755 --- a/bin/hardening/disable_source_routed_packets.sh +++ b/bin/hardening/disable_source_routed_packets.sh @@ -6,7 +6,7 @@ # # -# 3.3.1 Ensure source routed packets are not accepted (Scored) +# Ensure source routed packets are not accepted (Scored) # set -e # One error, it's over diff --git a/bin/hardening/disable_squashfs.sh b/bin/hardening/disable_squashfs.sh index 506cd6b..73dd94e 100755 --- a/bin/hardening/disable_squashfs.sh +++ b/bin/hardening/disable_squashfs.sh @@ -6,7 +6,7 @@ # # -# 1.1.1.5 Ensure mounting of squashfs filesystems is disabled (Scored) +# Ensure mounting of squashfs filesystems is disabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/disable_ssh_allow_tcp_forwarding.sh b/bin/hardening/disable_ssh_allow_tcp_forwarding.sh index bcf6023..6725a96 100755 --- a/bin/hardening/disable_ssh_allow_tcp_forwarding.sh +++ b/bin/hardening/disable_ssh_allow_tcp_forwarding.sh @@ -6,7 +6,7 @@ # # -# 5.2.21 Ensure SSH AllowTCPForwarding is disabled (Scored) +# Ensure SSH AllowTCPForwarding is disabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/disable_sshd_hostbasedauthentication.sh b/bin/hardening/disable_sshd_hostbasedauthentication.sh index 2eaa287..8e8cd68 100755 --- a/bin/hardening/disable_sshd_hostbasedauthentication.sh +++ b/bin/hardening/disable_sshd_hostbasedauthentication.sh @@ -6,7 +6,7 @@ # # -# 5.2.9 Ensure SSH HostbasedAuthentication is disabled (Scored) +# Ensure SSH HostbasedAuthentication is disabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/disable_sshd_permitemptypasswords.sh b/bin/hardening/disable_sshd_permitemptypasswords.sh index d713552..c05c895 100755 --- a/bin/hardening/disable_sshd_permitemptypasswords.sh +++ b/bin/hardening/disable_sshd_permitemptypasswords.sh @@ -6,7 +6,7 @@ # # -# 5.2.11 Ensure SSH PermitEmptyPasswords is disabled (Scored) +# Ensure SSH PermitEmptyPasswords is disabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/disable_sshd_setenv.sh b/bin/hardening/disable_sshd_setenv.sh index 0ba0879..615f81b 100755 --- a/bin/hardening/disable_sshd_setenv.sh +++ b/bin/hardening/disable_sshd_setenv.sh @@ -6,7 +6,7 @@ # # -# 5.2.12 Ensure SSH PermitUserEnvironment is disabled (Scored) +# Ensure SSH PermitUserEnvironment is disabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/disable_system_accounts.sh b/bin/hardening/disable_system_accounts.sh index 439caba..db9d445 100755 --- a/bin/hardening/disable_system_accounts.sh +++ b/bin/hardening/disable_system_accounts.sh @@ -6,7 +6,7 @@ # # -# 5.4.2 Ensure system accounts are non-login (Scored) +# Ensure system accounts are non-login (Scored) # set -e # One error, it's over diff --git a/bin/hardening/disable_talk_client.sh b/bin/hardening/disable_talk_client.sh index 5bb5b8c..d815cb2 100755 --- a/bin/hardening/disable_talk_client.sh +++ b/bin/hardening/disable_talk_client.sh @@ -6,7 +6,7 @@ # # -# 2.3.3 Ensure talk client is not installed (Scored) +# Ensure talk client is not installed (Scored) # set -e # One error, it's over diff --git a/bin/hardening/disable_telnet_client.sh b/bin/hardening/disable_telnet_client.sh index 6fb5418..3a4d441 100755 --- a/bin/hardening/disable_telnet_client.sh +++ b/bin/hardening/disable_telnet_client.sh @@ -6,7 +6,7 @@ # # -# 2.3.4 Ensure telnet client is not installed (Scored) +# Ensure telnet client is not installed (Scored) # set -e # One error, it's over diff --git a/bin/hardening/disable_telnet_server.sh b/bin/hardening/disable_telnet_server.sh index f804b39..882be70 100755 --- a/bin/hardening/disable_telnet_server.sh +++ b/bin/hardening/disable_telnet_server.sh @@ -6,7 +6,7 @@ # # -# 99.2.2 Ensure telnet server is not enabled (Scored) +# Ensure telnet server is not enabled (Scored) # # Note: this check is not anymore in CIS hardening but we decided to keep it anyway diff --git a/bin/hardening/disable_tipc.sh b/bin/hardening/disable_tipc.sh index e49a878..9c729d9 100755 --- a/bin/hardening/disable_tipc.sh +++ b/bin/hardening/disable_tipc.sh @@ -6,7 +6,7 @@ # # -# 3.4.4 Ensure TIPC is disabled (Not Scored) +# Ensure TIPC is disabled (Not Scored) # set -e # One error, it's over diff --git a/bin/hardening/disable_udf.sh b/bin/hardening/disable_udf.sh index 76944ff..6ef91d1 100755 --- a/bin/hardening/disable_udf.sh +++ b/bin/hardening/disable_udf.sh @@ -6,7 +6,7 @@ # # -# 1.1.1.6 Ensure mounting of udf filesystems is disabled (Scored) +# Ensure mounting of udf filesystems is disabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/disable_usb_devices.sh b/bin/hardening/disable_usb_devices.sh index 000888b..23b8975 100755 --- a/bin/hardening/disable_usb_devices.sh +++ b/bin/hardening/disable_usb_devices.sh @@ -6,7 +6,7 @@ # # -# 99.1.1.23 Disable USB Devices +# Disable USB Devices # set -e # One error, it's over diff --git a/bin/hardening/disable_usb_storage.sh b/bin/hardening/disable_usb_storage.sh index df7aa12..bdcdc2a 100755 --- a/bin/hardening/disable_usb_storage.sh +++ b/bin/hardening/disable_usb_storage.sh @@ -6,7 +6,7 @@ # # -# 1.1.23 Disable USB storage (Scored) +# Disable USB storage (Scored) # set -e # One error, it's over diff --git a/bin/hardening/disable_wireless.sh b/bin/hardening/disable_wireless.sh index 5b656d0..1950f5a 100755 --- a/bin/hardening/disable_wireless.sh +++ b/bin/hardening/disable_wireless.sh @@ -6,7 +6,7 @@ # # -# 3.1.2 Ensure wireless interfaces are disabled (Not Scored) +# Ensure wireless interfaces are disabled (Not Scored) # set -e # One error, it's over diff --git a/bin/hardening/disable_x11_forwarding.sh b/bin/hardening/disable_x11_forwarding.sh index e917ba0..419d6b1 100755 --- a/bin/hardening/disable_x11_forwarding.sh +++ b/bin/hardening/disable_x11_forwarding.sh @@ -6,7 +6,7 @@ # # -# 5.2.6 Ensure SSH X11 forwarding is disabled (Scored) +# Ensure SSH X11 forwarding is disabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/disable_xinetd.sh b/bin/hardening/disable_xinetd.sh index 21dde81..f25e2ad 100755 --- a/bin/hardening/disable_xinetd.sh +++ b/bin/hardening/disable_xinetd.sh @@ -6,7 +6,7 @@ # # -# 2.1.1 Ensure xinetd is not enabled (Scored) +# Ensure xinetd is not enabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/disable_xwindow_system.sh b/bin/hardening/disable_xwindow_system.sh index ed36027..a0acc80 100755 --- a/bin/hardening/disable_xwindow_system.sh +++ b/bin/hardening/disable_xwindow_system.sh @@ -6,7 +6,7 @@ # # -# 2.2.2 Ensure the X Window system is not installed (Scored) +# Ensure the X Window system is not installed (Scored) # set -e # One error, it's over diff --git a/bin/hardening/enable_apparmor.sh b/bin/hardening/enable_apparmor.sh index 9794104..cde992e 100755 --- a/bin/hardening/enable_apparmor.sh +++ b/bin/hardening/enable_apparmor.sh @@ -6,7 +6,7 @@ # # -# 1.7.2.2 Ensure AppArmor is enabled in the bootloader configuration (Scored) +# Ensure AppArmor is enabled in the bootloader configuration (Scored) # set -e # One error, it's over diff --git a/bin/hardening/enable_auditd.sh b/bin/hardening/enable_auditd.sh index 2edfbb8..2f9df99 100755 --- a/bin/hardening/enable_auditd.sh +++ b/bin/hardening/enable_auditd.sh @@ -6,7 +6,7 @@ # # -# 4.1.1.2 Ensure auditd service is enabled (Scored) +# Ensure auditd service is enabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/enable_auditd_kernel.sh b/bin/hardening/enable_auditd_kernel.sh index 828f185..f7936b8 100755 --- a/bin/hardening/enable_auditd_kernel.sh +++ b/bin/hardening/enable_auditd_kernel.sh @@ -6,7 +6,7 @@ # # -# 99.4.0 Ensure CONFIG_AUDIT is enabled in your running kernel +# Ensure CONFIG_AUDIT is enabled in your running kernel # set -e # One error, it's over diff --git a/bin/hardening/enable_bad_error_message_protection.sh b/bin/hardening/enable_bad_error_message_protection.sh index 43e6c59..aa6d379 100755 --- a/bin/hardening/enable_bad_error_message_protection.sh +++ b/bin/hardening/enable_bad_error_message_protection.sh @@ -6,7 +6,7 @@ # # -# 3.3.6 Ensure bogus ICMP responses are ignored (Scored) +# Ensure bogus ICMP responses are ignored (Scored) # set -e # One error, it's over diff --git a/bin/hardening/enable_cron.sh b/bin/hardening/enable_cron.sh index a716cbf..37d1c97 100755 --- a/bin/hardening/enable_cron.sh +++ b/bin/hardening/enable_cron.sh @@ -6,7 +6,7 @@ # # -# 5.1.1 Ensure cron daemon is enabled (Scored) +# Ensure cron daemon is enabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/enable_firewall.sh b/bin/hardening/enable_firewall.sh index 1163387..235f289 100755 --- a/bin/hardening/enable_firewall.sh +++ b/bin/hardening/enable_firewall.sh @@ -6,7 +6,7 @@ # # -# 3.5.1.1 Ensure Firewall is active (Scored) +# Ensure Firewall is active (Scored) # set -e # One error, it's over diff --git a/bin/hardening/enable_lockout_failed_password.sh b/bin/hardening/enable_lockout_failed_password.sh index 763e197..d8dabf5 100755 --- a/bin/hardening/enable_lockout_failed_password.sh +++ b/bin/hardening/enable_lockout_failed_password.sh @@ -6,7 +6,7 @@ # # -# 5.3.2 Ensure lockout for failed password attempts is configured (Scored) +# Ensure lockout for failed password attempts is configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/enable_nx_support.sh b/bin/hardening/enable_nx_support.sh index b202d6d..f03fa1f 100755 --- a/bin/hardening/enable_nx_support.sh +++ b/bin/hardening/enable_nx_support.sh @@ -6,7 +6,7 @@ # # -# 1.6.1 Ensure XD/NX support is enabled (Not Scored) +# Ensure XD/NX support is enabled (Not Scored) # set -e # One error, it's over diff --git a/bin/hardening/enable_pwquality.sh b/bin/hardening/enable_pwquality.sh index b1121bb..e0916f2 100755 --- a/bin/hardening/enable_pwquality.sh +++ b/bin/hardening/enable_pwquality.sh @@ -6,7 +6,7 @@ # # -# 5.3.1 Ensure password creation requirements are configured (Scored) +# Ensure password creation requirements are configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/enable_randomized_vm_placement.sh b/bin/hardening/enable_randomized_vm_placement.sh index 9551ff1..1bea5eb 100755 --- a/bin/hardening/enable_randomized_vm_placement.sh +++ b/bin/hardening/enable_randomized_vm_placement.sh @@ -6,7 +6,7 @@ # # -# 1.6.2 Ensure address space layout randomization (ASLR) is enabled (Scored) +# Ensure address space layout randomization (ASLR) is enabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/enable_source_route_validation.sh b/bin/hardening/enable_source_route_validation.sh index 2e50d5e..ebbf801 100755 --- a/bin/hardening/enable_source_route_validation.sh +++ b/bin/hardening/enable_source_route_validation.sh @@ -6,7 +6,7 @@ # # -# 3.3.7 Ensure Reverse Path Filtering is enabled (Scored) +# Ensure Reverse Path Filtering is enabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/enable_ssh_pam.sh b/bin/hardening/enable_ssh_pam.sh index ffb5563..4230d06 100755 --- a/bin/hardening/enable_ssh_pam.sh +++ b/bin/hardening/enable_ssh_pam.sh @@ -6,7 +6,7 @@ # # -# 5.2.20 Ensure SSH PAM is enabled (Scored) +# Ensure SSH PAM is enabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/enable_sshd_ignorerhosts.sh b/bin/hardening/enable_sshd_ignorerhosts.sh index aa82cf9..586b9bf 100755 --- a/bin/hardening/enable_sshd_ignorerhosts.sh +++ b/bin/hardening/enable_sshd_ignorerhosts.sh @@ -6,7 +6,7 @@ # # -# 5.2.8 Ensure SSH IgnoreRhosts is enabled (Scored) +# Ensure SSH IgnoreRhosts is enabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/enable_syslog-ng.sh b/bin/hardening/enable_syslog-ng.sh index 4a0dc4e..3800458 100755 --- a/bin/hardening/enable_syslog-ng.sh +++ b/bin/hardening/enable_syslog-ng.sh @@ -6,7 +6,7 @@ # # -# 4.2.1.2 Ensure syslog-ng service is enabled (Scored) +# Ensure syslog-ng service is enabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/enable_tcp_syn_cookies.sh b/bin/hardening/enable_tcp_syn_cookies.sh index 16038e3..ae8e02b 100755 --- a/bin/hardening/enable_tcp_syn_cookies.sh +++ b/bin/hardening/enable_tcp_syn_cookies.sh @@ -6,7 +6,7 @@ # # -# 3.3.8 Ensure TCP SYN Cookies is enabled (Scored) +# Ensure TCP SYN Cookies is enabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/enforce_or_complain_apparmor.sh b/bin/hardening/enforce_or_complain_apparmor.sh index 003728a..548dc42 100755 --- a/bin/hardening/enforce_or_complain_apparmor.sh +++ b/bin/hardening/enforce_or_complain_apparmor.sh @@ -6,7 +6,7 @@ # # -# 1.7.1.3 Ensure all AppArmor profiles are in enforce or complain mode (Scored) +# Ensure all AppArmor profiles are in enforce or complain mode (Scored) # set -e # One error, it's over diff --git a/bin/hardening/enforcing_apparmor.sh b/bin/hardening/enforcing_apparmor.sh index f1cb847..1827123 100755 --- a/bin/hardening/enforcing_apparmor.sh +++ b/bin/hardening/enforcing_apparmor.sh @@ -6,7 +6,7 @@ # # -# 1.7.1.4 Ensure all AppArmor profiles are enforcing (Scored) +# Ensure all AppArmor profiles are enforcing (Scored) # set -e # One error, it's over diff --git a/bin/hardening/etc_group-_permissions.sh b/bin/hardening/etc_group-_permissions.sh index b14e447..620c6e9 100755 --- a/bin/hardening/etc_group-_permissions.sh +++ b/bin/hardening/etc_group-_permissions.sh @@ -6,7 +6,7 @@ # # -# 6.1.8 Ensure permissions on /etc/group- are configured (Scored) +# Ensure permissions on /etc/group- are configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/etc_group_permissions.sh b/bin/hardening/etc_group_permissions.sh index 175e430..bc63654 100755 --- a/bin/hardening/etc_group_permissions.sh +++ b/bin/hardening/etc_group_permissions.sh @@ -6,7 +6,7 @@ # # -# 6.1.5 Ensure permissions on /etc/group are configured (Scored) +# Ensure permissions on /etc/group are configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/etc_gshadow-_permissions.sh b/bin/hardening/etc_gshadow-_permissions.sh index 6cc781d..60cec64 100755 --- a/bin/hardening/etc_gshadow-_permissions.sh +++ b/bin/hardening/etc_gshadow-_permissions.sh @@ -6,7 +6,7 @@ # # -# 6.1.3 Ensure permissions on /etc/gshadow- are configured (Scored) +# Ensure permissions on /etc/gshadow- are configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/etc_gshadow_permissions.sh b/bin/hardening/etc_gshadow_permissions.sh index 856f9e5..9df82e6 100755 --- a/bin/hardening/etc_gshadow_permissions.sh +++ b/bin/hardening/etc_gshadow_permissions.sh @@ -6,7 +6,7 @@ # # -# 6.1.9 Ensure permissions on /etc/gshadow are configured (Scored) +# Ensure permissions on /etc/gshadow are configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/etc_issue_net_perms.sh b/bin/hardening/etc_issue_net_perms.sh index 87c73d7..be2771a 100755 --- a/bin/hardening/etc_issue_net_perms.sh +++ b/bin/hardening/etc_issue_net_perms.sh @@ -6,7 +6,7 @@ # # -# 1.8.1.6 Ensure permissions on /etc/issue.net are configured (Scored) +# Ensure permissions on /etc/issue.net are configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/etc_issue_perms.sh b/bin/hardening/etc_issue_perms.sh index cacebea..832d061 100755 --- a/bin/hardening/etc_issue_perms.sh +++ b/bin/hardening/etc_issue_perms.sh @@ -6,7 +6,7 @@ # # -# 1.8.1.5 Ensure permissions on /etc/issue are configured (Scored) +# Ensure permissions on /etc/issue are configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/etc_passwd-_permissions.sh b/bin/hardening/etc_passwd-_permissions.sh index 781b9ff..fc1df8f 100755 --- a/bin/hardening/etc_passwd-_permissions.sh +++ b/bin/hardening/etc_passwd-_permissions.sh @@ -6,7 +6,7 @@ # # -# 6.1.6 Ensure permissions on /etc/passwd- are configured (Scored) +# Ensure permissions on /etc/passwd- are configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/etc_passwd_permissions.sh b/bin/hardening/etc_passwd_permissions.sh index 5bba2f9..0b02b7c 100755 --- a/bin/hardening/etc_passwd_permissions.sh +++ b/bin/hardening/etc_passwd_permissions.sh @@ -6,7 +6,7 @@ # # -# 6.1.2 Ensure permissions on /etc/passwd are configured (Scored) +# Ensure permissions on /etc/passwd are configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/etc_shadow-_permissions.sh b/bin/hardening/etc_shadow-_permissions.sh index a67e59e..1a7f993 100755 --- a/bin/hardening/etc_shadow-_permissions.sh +++ b/bin/hardening/etc_shadow-_permissions.sh @@ -6,7 +6,7 @@ # # -# 6.1.7 Ensure permissions on /etc/shadow- are configured (Scored) +# Ensure permissions on /etc/shadow- are configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/etc_shadow_permissions.sh b/bin/hardening/etc_shadow_permissions.sh index 46f0369..a582e39 100755 --- a/bin/hardening/etc_shadow_permissions.sh +++ b/bin/hardening/etc_shadow_permissions.sh @@ -6,7 +6,7 @@ # # -# 6.1.4 Ensure permissions on /etc/shadow are configured (Scored) +# Ensure permissions on /etc/shadow are configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/find_0_uid_non_root_account.sh b/bin/hardening/find_0_uid_non_root_account.sh index 3666a62..e5f0e40 100755 --- a/bin/hardening/find_0_uid_non_root_account.sh +++ b/bin/hardening/find_0_uid_non_root_account.sh @@ -6,7 +6,7 @@ # # -# 6.2.6 Ensure root is the only UID 0 account (Scored) +# Ensure root is the only UID 0 account (Scored) # set -e # One error, it's over diff --git a/bin/hardening/find_passwd_group_inconsistencies.sh b/bin/hardening/find_passwd_group_inconsistencies.sh index cee6691..0799f54 100755 --- a/bin/hardening/find_passwd_group_inconsistencies.sh +++ b/bin/hardening/find_passwd_group_inconsistencies.sh @@ -6,7 +6,7 @@ # # -# 6.2.15 Ensure all groups in /etc/passwd exist in /etc/group (Scored) +# Ensure all groups in /etc/passwd exist in /etc/group (Scored) # set -e # One error, it's over diff --git a/bin/hardening/find_sgid_files.sh b/bin/hardening/find_sgid_files.sh index f16106e..c44eb2d 100755 --- a/bin/hardening/find_sgid_files.sh +++ b/bin/hardening/find_sgid_files.sh @@ -6,7 +6,7 @@ # # -# 6.1.14 Audit SGID executables (Not Scored) +# Audit SGID executables (Not Scored) # set -e # One error, it's over diff --git a/bin/hardening/find_suid_files.sh b/bin/hardening/find_suid_files.sh index 820a6bb..07a30ac 100755 --- a/bin/hardening/find_suid_files.sh +++ b/bin/hardening/find_suid_files.sh @@ -6,7 +6,7 @@ # # -# 6.1.13 Audit SUID executables (Not Scored) +# Audit SUID executables (Not Scored) # set -e # One error, it's over diff --git a/bin/hardening/find_ungrouped_files.sh b/bin/hardening/find_ungrouped_files.sh index 81a20c8..dbb989c 100755 --- a/bin/hardening/find_ungrouped_files.sh +++ b/bin/hardening/find_ungrouped_files.sh @@ -6,7 +6,7 @@ # # -# 6.1.12 Ensure no ungrouped files or directories exist (Scored) +# Ensure no ungrouped files or directories exist (Scored) # set -e # One error, it's over diff --git a/bin/hardening/find_unowned_files.sh b/bin/hardening/find_unowned_files.sh index 2173e44..7bdc456 100755 --- a/bin/hardening/find_unowned_files.sh +++ b/bin/hardening/find_unowned_files.sh @@ -6,7 +6,7 @@ # # -# 6.1.11 Ensure no unowned files or directories exist (Scored) +# Ensure no unowned files or directories exist (Scored) # set -e # One error, it's over diff --git a/bin/hardening/find_user_forward_files.sh b/bin/hardening/find_user_forward_files.sh index 5f23d16..e7eccdc 100755 --- a/bin/hardening/find_user_forward_files.sh +++ b/bin/hardening/find_user_forward_files.sh @@ -6,7 +6,7 @@ # # -# 6.2.11 Ensure no users have .forward files (Scored) +# Ensure no users have .forward files (Scored) # set -e # One error, it's over diff --git a/bin/hardening/find_user_netrc_files.sh b/bin/hardening/find_user_netrc_files.sh index e146e4b..75193ef 100755 --- a/bin/hardening/find_user_netrc_files.sh +++ b/bin/hardening/find_user_netrc_files.sh @@ -6,7 +6,7 @@ # # -# 6.2.12 Ensure no users have .netrc files (Scored) +# Ensure no users have .netrc files (Scored) # set -e # One error, it's over diff --git a/bin/hardening/find_user_rhosts_files.sh b/bin/hardening/find_user_rhosts_files.sh index b915875..c6a4b03 100755 --- a/bin/hardening/find_user_rhosts_files.sh +++ b/bin/hardening/find_user_rhosts_files.sh @@ -6,7 +6,7 @@ # # -# 6.2.14 Ensure no users have .rhosts files (Scored) +# Ensure no users have .rhosts files (Scored) # set -e # One error, it's over diff --git a/bin/hardening/find_world_writable_file.sh b/bin/hardening/find_world_writable_file.sh index 1722630..b8323c0 100755 --- a/bin/hardening/find_world_writable_file.sh +++ b/bin/hardening/find_world_writable_file.sh @@ -6,7 +6,7 @@ # # -# 6.1.10 Ensure no world writable files exist (Scored) +# Ensure no world writable files exist (Scored) # set -e # One error, it's over diff --git a/bin/hardening/freeze_auditd_conf.sh b/bin/hardening/freeze_auditd_conf.sh index 3416cbb..6ec1a7f 100755 --- a/bin/hardening/freeze_auditd_conf.sh +++ b/bin/hardening/freeze_auditd_conf.sh @@ -6,7 +6,7 @@ # # -# 4.1.17 Ensure the audit configuration is immutable (Scored) +# Ensure the audit configuration is immutable (Scored) # set -e # One error, it's over diff --git a/bin/hardening/graphical_warning_banners.sh b/bin/hardening/graphical_warning_banners.sh index ea0e842..ce89444 100755 --- a/bin/hardening/graphical_warning_banners.sh +++ b/bin/hardening/graphical_warning_banners.sh @@ -6,7 +6,7 @@ # # -# 1.8.2 Ensure GDM login banner is configured (Scored) +# Ensure GDM login banner is configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/halt_when_audit_log_full.sh b/bin/hardening/halt_when_audit_log_full.sh index 0196d79..5de3b43 100755 --- a/bin/hardening/halt_when_audit_log_full.sh +++ b/bin/hardening/halt_when_audit_log_full.sh @@ -6,7 +6,7 @@ # # -# 4.1.2.2 Ensure system is disabled when audit logs are full (Scored) +# Ensure system is disabled when audit logs are full (Scored) # set -e # One error, it's over diff --git a/bin/hardening/home_nodev.sh b/bin/hardening/home_nodev.sh index 7139a67..f3fbafd 100755 --- a/bin/hardening/home_nodev.sh +++ b/bin/hardening/home_nodev.sh @@ -6,7 +6,7 @@ # # -# 1.1.14 Ensure nodev Option set on /home (Scored) +# Ensure nodev Option set on /home (Scored) # set -e # One error, it's over diff --git a/bin/hardening/home_nosuid.sh b/bin/hardening/home_nosuid.sh index 90a0a80..b45e49e 100755 --- a/bin/hardening/home_nosuid.sh +++ b/bin/hardening/home_nosuid.sh @@ -6,7 +6,7 @@ # # -# 1.1.14.1 Ensure nosuid option set on /home partition (Scored) +# Ensure nosuid option set on /home partition (Scored) # set -e # One error, it's over diff --git a/bin/hardening/home_partition.sh b/bin/hardening/home_partition.sh index 49faeb8..8e88ee4 100755 --- a/bin/hardening/home_partition.sh +++ b/bin/hardening/home_partition.sh @@ -6,7 +6,7 @@ # # -# 1.1.13 Ensure separate partition exists for /home (Scored) +# Ensure separate partition exists for /home (Scored) # set -e # One error, it's over diff --git a/bin/hardening/hosts_allow.sh b/bin/hardening/hosts_allow.sh index c56515b..49894e0 100755 --- a/bin/hardening/hosts_allow.sh +++ b/bin/hardening/hosts_allow.sh @@ -6,7 +6,7 @@ # # -# 99.3.3.2 Ensure /etc/hosts.allow is configured (Not Scored) +# Ensure /etc/hosts.allow is configured (Not Scored) # set -e # One error, it's over diff --git a/bin/hardening/hosts_allow_permissions.sh b/bin/hardening/hosts_allow_permissions.sh index b7befb0..a5901b6 100755 --- a/bin/hardening/hosts_allow_permissions.sh +++ b/bin/hardening/hosts_allow_permissions.sh @@ -6,7 +6,7 @@ # # -# 99.3.3.4 Ensure permissions on /etc/hosts.allow are configured (Scored) +# Ensure permissions on /etc/hosts.allow are configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/hosts_deny.sh b/bin/hardening/hosts_deny.sh index 0a5438a..4540e68 100755 --- a/bin/hardening/hosts_deny.sh +++ b/bin/hardening/hosts_deny.sh @@ -6,7 +6,7 @@ # # -# 99.3.3.3 Ensure /etc/hosts.deny is configured (Not Scored) +# Ensure /etc/hosts.deny is configured (Not Scored) # set -e # One error, it's over diff --git a/bin/hardening/hosts_deny_permissions.sh b/bin/hardening/hosts_deny_permissions.sh index 7b27c3a..c7945dc 100755 --- a/bin/hardening/hosts_deny_permissions.sh +++ b/bin/hardening/hosts_deny_permissions.sh @@ -6,7 +6,7 @@ # # -# 99.3.3.5 Verify permissions on /etc/hosts.deny (Scored) +# Verify permissions on /etc/hosts.deny (Scored) # set -e # One error, it's over diff --git a/bin/hardening/ignore_broadcast_requests.sh b/bin/hardening/ignore_broadcast_requests.sh index 2ca57bb..d7ca70d 100755 --- a/bin/hardening/ignore_broadcast_requests.sh +++ b/bin/hardening/ignore_broadcast_requests.sh @@ -6,7 +6,7 @@ # # -# 3.3.5 Ensure broadcast ICMP requests are ignored (Scored) +# Ensure broadcast ICMP requests are ignored (Scored) # set -e # One error, it's over diff --git a/bin/hardening/install_apparmor.sh b/bin/hardening/install_apparmor.sh index faccba1..5f6568d 100755 --- a/bin/hardening/install_apparmor.sh +++ b/bin/hardening/install_apparmor.sh @@ -6,7 +6,7 @@ # # -# 1.7.1.1 Ensure AppArmor is installed (Scored) +# Ensure AppArmor is installed (Scored) # set -e # One error, it's over diff --git a/bin/hardening/install_auditd.sh b/bin/hardening/install_auditd.sh index 6447356..234c8b0 100755 --- a/bin/hardening/install_auditd.sh +++ b/bin/hardening/install_auditd.sh @@ -6,7 +6,7 @@ # # -# 4.1.1.1 Ensure auditing is installed (Scored) +# Ensure auditing is installed (Scored) # set -e # One error, it's over diff --git a/bin/hardening/install_sudo.sh b/bin/hardening/install_sudo.sh index 61635de..e403bda 100755 --- a/bin/hardening/install_sudo.sh +++ b/bin/hardening/install_sudo.sh @@ -6,7 +6,7 @@ # # -# 1.3.1 Ensure sudo is installed (Scored) +# Ensure sudo is installed (Scored) # set -e # One error, it's over diff --git a/bin/hardening/install_syslog-ng.sh b/bin/hardening/install_syslog-ng.sh index 1cb6ebb..00fef7c 100755 --- a/bin/hardening/install_syslog-ng.sh +++ b/bin/hardening/install_syslog-ng.sh @@ -6,7 +6,7 @@ # # -# 4.2.1.1 Ensure syslog-ng is installed (Scored) +# Ensure syslog-ng is installed (Scored) # set -e # One error, it's over diff --git a/bin/hardening/install_tcp_wrapper.sh b/bin/hardening/install_tcp_wrapper.sh index 87247be..a69cd2f 100755 --- a/bin/hardening/install_tcp_wrapper.sh +++ b/bin/hardening/install_tcp_wrapper.sh @@ -6,7 +6,7 @@ # # -# 99.3.3.1 Ensure TCP Wrappers is installed (Scored) +# Ensure TCP Wrappers is installed (Scored) # set -e # One error, it's over diff --git a/bin/hardening/install_tripwire.sh b/bin/hardening/install_tripwire.sh index b2ed7e3..75ccb89 100755 --- a/bin/hardening/install_tripwire.sh +++ b/bin/hardening/install_tripwire.sh @@ -6,7 +6,7 @@ # # -# 1.4.1 Ensure tripwire is installed (Scored) +# Ensure tripwire is installed (Scored) # set -e # One error, it's over diff --git a/bin/hardening/install_updates.sh b/bin/hardening/install_updates.sh index 8ee1147..b10bc9d 100755 --- a/bin/hardening/install_updates.sh +++ b/bin/hardening/install_updates.sh @@ -6,7 +6,7 @@ # # -# 1.9 Ensure updates, patches and additional security software are installed (Not Scored) +# Ensure updates, patches and additional security software are installed (Not Scored) # set -e # One error, it's over diff --git a/bin/hardening/journald_compress.sh b/bin/hardening/journald_compress.sh index 7057fc3..ada79d7 100755 --- a/bin/hardening/journald_compress.sh +++ b/bin/hardening/journald_compress.sh @@ -6,7 +6,7 @@ # # -# 4.2.2.2 Ensure journald is configured to compress large files (Scored) +# Ensure journald is configured to compress large files (Scored) # set -e # One error, it's over diff --git a/bin/hardening/journald_logs.sh b/bin/hardening/journald_logs.sh index bef7332..50c9fc5 100755 --- a/bin/hardening/journald_logs.sh +++ b/bin/hardening/journald_logs.sh @@ -6,7 +6,7 @@ # # -# 4.2.2.1 Ensure journald is configured to send logs to syslog-ng (Scored) +# Ensure journald is configured to send logs to syslog-ng (Scored) # set -e # One error, it's over diff --git a/bin/hardening/journald_write_persistent.sh b/bin/hardening/journald_write_persistent.sh index 46ba769..173e793 100755 --- a/bin/hardening/journald_write_persistent.sh +++ b/bin/hardening/journald_write_persistent.sh @@ -6,7 +6,7 @@ # # -# 4.2.2.3 Ensure journald is configured to write logfiles to persistent disk (Scored) +# Ensure journald is configured to write logfiles to persistent disk (Scored) # set -e # One error, it's over diff --git a/bin/hardening/keep_all_audit_logs.sh b/bin/hardening/keep_all_audit_logs.sh index 764595b..e3194ee 100755 --- a/bin/hardening/keep_all_audit_logs.sh +++ b/bin/hardening/keep_all_audit_logs.sh @@ -6,7 +6,7 @@ # # -# 4.1.2.3 Ensure audit logs are not automatically deleted (Scored) +# Ensure audit logs are not automatically deleted (Scored) # set -e # One error, it's over diff --git a/bin/hardening/last_password_change_past.sh b/bin/hardening/last_password_change_past.sh index 3beefc2..a5bb051 100755 --- a/bin/hardening/last_password_change_past.sh +++ b/bin/hardening/last_password_change_past.sh @@ -6,7 +6,7 @@ # # -# 5.4.1.5 Ensure all users last password change date is in the past (Scored) +# Ensure all users last password change date is in the past (Scored) # set -e # One error, it's over diff --git a/bin/hardening/limit_password_reuse.sh b/bin/hardening/limit_password_reuse.sh index 13c646c..9b4fbc4 100755 --- a/bin/hardening/limit_password_reuse.sh +++ b/bin/hardening/limit_password_reuse.sh @@ -6,7 +6,7 @@ # # -# 5.3.3 Ensure password reuse is limited (Scored) +# Ensure password reuse is limited (Scored) # set -e # One error, it's over diff --git a/bin/hardening/limit_ssh_max_sessions.sh b/bin/hardening/limit_ssh_max_sessions.sh index c094c13..58bb347 100755 --- a/bin/hardening/limit_ssh_max_sessions.sh +++ b/bin/hardening/limit_ssh_max_sessions.sh @@ -6,7 +6,7 @@ # # -# 5.2.23 Ensure SSH MaxSessions is limited (Scored) +# Ensure SSH MaxSessions is limited (Scored) # set -e # One error, it's over diff --git a/bin/hardening/lock_inactive_user_account.sh b/bin/hardening/lock_inactive_user_account.sh index 87cb2bc..d72f5b5 100755 --- a/bin/hardening/lock_inactive_user_account.sh +++ b/bin/hardening/lock_inactive_user_account.sh @@ -6,7 +6,7 @@ # # -# 5.4.1.4 Ensure inactive password lock is 30 days or less (Scored) +# Ensure inactive password lock is 30 days or less (Scored) # set -e # One error, it's over diff --git a/bin/hardening/log_martian_packets.sh b/bin/hardening/log_martian_packets.sh index 28ff74e..5002fdc 100755 --- a/bin/hardening/log_martian_packets.sh +++ b/bin/hardening/log_martian_packets.sh @@ -6,7 +6,7 @@ # # -# 3.3.4 Ensure suspicious packets are logged (Scored) +# Ensure suspicious packets are logged (Scored) # set -e # One error, it's over diff --git a/bin/hardening/logfile_sudo.sh b/bin/hardening/logfile_sudo.sh index dc5c9ac..fa9166d 100755 --- a/bin/hardening/logfile_sudo.sh +++ b/bin/hardening/logfile_sudo.sh @@ -6,7 +6,7 @@ # # -# 1.3.3 Ensure sudo log file exists (Scored) +# Ensure sudo log file exists (Scored) # set -e # One error, it's over diff --git a/bin/hardening/logrotate_permissions.sh b/bin/hardening/logrotate_permissions.sh index 2de14e7..3ec096a 100755 --- a/bin/hardening/logrotate_permissions.sh +++ b/bin/hardening/logrotate_permissions.sh @@ -6,7 +6,7 @@ # # -# 4.4 Ensure logrotate assigns approriate permissions (Scored) +# Ensure logrotate assigns approriate permissions (Scored) # set -e # One error, it's over diff --git a/bin/hardening/logs_permissions.sh b/bin/hardening/logs_permissions.sh index 7702004..67a7d38 100755 --- a/bin/hardening/logs_permissions.sh +++ b/bin/hardening/logs_permissions.sh @@ -6,7 +6,7 @@ # # -# 4.2.3 Ensure permissions on all logfiles are configured (Scored) +# Ensure permissions on all logfiles are configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/motd_perms.sh b/bin/hardening/motd_perms.sh index 8a7539a..3a25ff9 100755 --- a/bin/hardening/motd_perms.sh +++ b/bin/hardening/motd_perms.sh @@ -6,7 +6,7 @@ # # -# 1.8.1.4 Ensure permissions on /etc/motd are configured (Scored) +# Ensure permissions on /etc/motd are configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/mta_localhost.sh b/bin/hardening/mta_localhost.sh index 6a8d4f3..60538b1 100755 --- a/bin/hardening/mta_localhost.sh +++ b/bin/hardening/mta_localhost.sh @@ -6,7 +6,7 @@ # # -# 2.2.15 Ensure Mail Transfer Agent is configured for Local-Only Mode (Scored) +# Ensure Mail Transfer Agent is configured for Local-Only Mode (Scored) # set -e # One error, it's over diff --git a/bin/hardening/net_fw_default_policy_drop.sh b/bin/hardening/net_fw_default_policy_drop.sh index ca76aeb..0f4f71a 100755 --- a/bin/hardening/net_fw_default_policy_drop.sh +++ b/bin/hardening/net_fw_default_policy_drop.sh @@ -6,7 +6,7 @@ # # -# 3.5.4.1.1 Ensure default deny firewall policy (Scored) +# Ensure default deny firewall policy (Scored) # set -e # One error, it's over diff --git a/bin/hardening/pty_sudo.sh b/bin/hardening/pty_sudo.sh index f0511d1..dd8b8d0 100755 --- a/bin/hardening/pty_sudo.sh +++ b/bin/hardening/pty_sudo.sh @@ -6,7 +6,7 @@ # # -# 1.3.2 Ensure sudo commands use pty (Scored) +# Ensure sudo commands use pty (Scored) # set -e # One error, it's over diff --git a/bin/hardening/record_dac_edit.sh b/bin/hardening/record_dac_edit.sh index 8f9af05..b086c2d 100755 --- a/bin/hardening/record_dac_edit.sh +++ b/bin/hardening/record_dac_edit.sh @@ -6,7 +6,7 @@ # # -# 4.1.9 Ensure discretionary access control permission modification events are collected (Scored) +# Ensure discretionary access control permission modification events are collected (Scored) # set -e # One error, it's over diff --git a/bin/hardening/record_date_time_edit.sh b/bin/hardening/record_date_time_edit.sh index f4c498f..59a7d8e 100755 --- a/bin/hardening/record_date_time_edit.sh +++ b/bin/hardening/record_date_time_edit.sh @@ -6,7 +6,7 @@ # # -# 4.1.3 Ensure events that modify date and time information are collected (Scored) +# Ensure events that modify date and time information are collected (Scored) # set -e # One error, it's over diff --git a/bin/hardening/record_failed_access_file.sh b/bin/hardening/record_failed_access_file.sh index 328f0ef..a20ff1b 100755 --- a/bin/hardening/record_failed_access_file.sh +++ b/bin/hardening/record_failed_access_file.sh @@ -6,7 +6,7 @@ # # -# 4.1.10 Ensure unsuccessful unauthorized file access attempts are collected (Scored) +# Ensure unsuccessful unauthorized file access attempts are collected (Scored) # set -e # One error, it's over diff --git a/bin/hardening/record_file_deletions.sh b/bin/hardening/record_file_deletions.sh index aa60273..2114468 100755 --- a/bin/hardening/record_file_deletions.sh +++ b/bin/hardening/record_file_deletions.sh @@ -6,7 +6,7 @@ # # -# 4.1.13 Ensure file deletion events by users are collected (Scored) +# Ensure file deletion events by users are collected (Scored) # set -e # One error, it's over diff --git a/bin/hardening/record_kernel_modules.sh b/bin/hardening/record_kernel_modules.sh index b9699c0..f3f6ebc 100755 --- a/bin/hardening/record_kernel_modules.sh +++ b/bin/hardening/record_kernel_modules.sh @@ -6,7 +6,7 @@ # # -# 4.1.16 Ensure kernel module loading and unloading is collected (Scored) +# Ensure kernel module loading and unloading is collected (Scored) # set -e # One error, it's over diff --git a/bin/hardening/record_login_logout.sh b/bin/hardening/record_login_logout.sh index 420b944..afb1c5f 100755 --- a/bin/hardening/record_login_logout.sh +++ b/bin/hardening/record_login_logout.sh @@ -6,7 +6,7 @@ # # -# 4.1.7 Ensure login and logout events are collected (Scored) +# Ensure login and logout events are collected (Scored) # set -e # One error, it's over diff --git a/bin/hardening/record_mac_edit.sh b/bin/hardening/record_mac_edit.sh index e61e10b..8630183 100755 --- a/bin/hardening/record_mac_edit.sh +++ b/bin/hardening/record_mac_edit.sh @@ -6,7 +6,7 @@ # # -# 4.1.6 Ensure that events that modify the system's Mandatory Access Controls are collected (Scored) +# Ensure that events that modify the system's Mandatory Access Controls are collected (Scored) # set -e # One error, it's over diff --git a/bin/hardening/record_network_edit.sh b/bin/hardening/record_network_edit.sh index da8b78c..d212f1a 100755 --- a/bin/hardening/record_network_edit.sh +++ b/bin/hardening/record_network_edit.sh @@ -6,7 +6,7 @@ # # -# 4.1.5 Ensure events that modify the system's network environment are collected (Scored) +# Ensure events that modify the system's network environment are collected (Scored) # set -e # One error, it's over diff --git a/bin/hardening/record_privileged_commands.sh b/bin/hardening/record_privileged_commands.sh index d91e2e2..3799349 100755 --- a/bin/hardening/record_privileged_commands.sh +++ b/bin/hardening/record_privileged_commands.sh @@ -6,7 +6,7 @@ # # -# 4.1.11 Ensure use of privileged commands is collected (Scored) +# Ensure use of privileged commands is collected (Scored) # set -e # One error, it's over diff --git a/bin/hardening/record_session_init.sh b/bin/hardening/record_session_init.sh index 45d8650..8b49b73 100755 --- a/bin/hardening/record_session_init.sh +++ b/bin/hardening/record_session_init.sh @@ -6,7 +6,7 @@ # # -# 4.1.8 Ensure session initiation information is collected (Scored) +# Ensure session initiation information is collected (Scored) # set -e # One error, it's over diff --git a/bin/hardening/record_successful_mount.sh b/bin/hardening/record_successful_mount.sh index 445adde..efa3303 100755 --- a/bin/hardening/record_successful_mount.sh +++ b/bin/hardening/record_successful_mount.sh @@ -6,7 +6,7 @@ # # -# 4.1.12 Ensure successful file system mounts are collected (Scored) +# Ensure successful file system mounts are collected (Scored) # set -e # One error, it's over diff --git a/bin/hardening/record_sudo_usage.sh b/bin/hardening/record_sudo_usage.sh index e66982a..488d5e7 100755 --- a/bin/hardening/record_sudo_usage.sh +++ b/bin/hardening/record_sudo_usage.sh @@ -6,7 +6,7 @@ # # -# 4.1.15 Ensure system administrator actions (sudolog) are collected (Scored) +# Ensure system administrator actions (sudolog) are collected (Scored) # set -e # One error, it's over diff --git a/bin/hardening/record_sudoers_edit.sh b/bin/hardening/record_sudoers_edit.sh index f000b45..73b5c4e 100755 --- a/bin/hardening/record_sudoers_edit.sh +++ b/bin/hardening/record_sudoers_edit.sh @@ -6,7 +6,7 @@ # # -# 4.1.14 Ensure changes to system administration scope (sudoers) is collected (Scored) +# Ensure changes to system administration scope (sudoers) is collected (Scored) # set -e # One error, it's over diff --git a/bin/hardening/record_user_group_edit.sh b/bin/hardening/record_user_group_edit.sh index f170a7e..28f89d4 100755 --- a/bin/hardening/record_user_group_edit.sh +++ b/bin/hardening/record_user_group_edit.sh @@ -6,7 +6,7 @@ # # -# 4.1.4 Ensure events that modify user/group information are collected (Scored) +# Ensure events that modify user/group information are collected (Scored) # set -e # One error, it's over diff --git a/bin/hardening/remote_syslog-ng_acl.sh b/bin/hardening/remote_syslog-ng_acl.sh index fcdabda..34715b2 100755 --- a/bin/hardening/remote_syslog-ng_acl.sh +++ b/bin/hardening/remote_syslog-ng_acl.sh @@ -6,7 +6,7 @@ # # -# 4.2.1.6 Ensure remote syslog-ng messages are only accepted on designated log hosts. (Not Scored) +# Ensure remote syslog-ng messages are only accepted on designated log hosts. (Not Scored) # set -e # One error, it's over diff --git a/bin/hardening/removable_device_nodev.sh b/bin/hardening/removable_device_nodev.sh index 9c20af7..748e312 100755 --- a/bin/hardening/removable_device_nodev.sh +++ b/bin/hardening/removable_device_nodev.sh @@ -6,7 +6,7 @@ # # -# 1.1.18 Ensure nodev option set on removable media partition (Not Scored) +# Ensure nodev option set on removable media partition (Not Scored) # set -e # One error, it's over diff --git a/bin/hardening/removable_device_noexec.sh b/bin/hardening/removable_device_noexec.sh index 1983acf..656671a 100755 --- a/bin/hardening/removable_device_noexec.sh +++ b/bin/hardening/removable_device_noexec.sh @@ -6,7 +6,7 @@ # # -# 1.1.20 Ensure noexec option set on removable media partition (Not Scored) +# Ensure noexec option set on removable media partition (Not Scored) # set -e # One error, it's over diff --git a/bin/hardening/removable_device_nosuid.sh b/bin/hardening/removable_device_nosuid.sh index 9597381..5230ba6 100755 --- a/bin/hardening/removable_device_nosuid.sh +++ b/bin/hardening/removable_device_nosuid.sh @@ -6,7 +6,7 @@ # # -# 1.1.19 Ensure nosuid option set on removable media partitions (Not Scored) +# Ensure nosuid option set on removable media partitions (Not Scored) # set -e # One error, it's over diff --git a/bin/hardening/remove_empty_password_field.sh b/bin/hardening/remove_empty_password_field.sh index 2e85e16..82856bf 100755 --- a/bin/hardening/remove_empty_password_field.sh +++ b/bin/hardening/remove_empty_password_field.sh @@ -6,7 +6,7 @@ # # -# 6.2.1 Ensure Password Fields are Not Empty (Scored) +# Ensure Password Fields are Not Empty (Scored) # set -e # One error, it's over diff --git a/bin/hardening/remove_legacy_group_entries.sh b/bin/hardening/remove_legacy_group_entries.sh index 1ae12fd..991891f 100755 --- a/bin/hardening/remove_legacy_group_entries.sh +++ b/bin/hardening/remove_legacy_group_entries.sh @@ -6,7 +6,7 @@ # # -# 6.2.5 Ensure no legacy "+" entries exist in /etc/group (Scored) +# Ensure no legacy "+" entries exist in /etc/group (Scored) # set -e # One error, it's over diff --git a/bin/hardening/remove_legacy_passwd_entries.sh b/bin/hardening/remove_legacy_passwd_entries.sh index fef016d..6f27dc9 100755 --- a/bin/hardening/remove_legacy_passwd_entries.sh +++ b/bin/hardening/remove_legacy_passwd_entries.sh @@ -6,7 +6,7 @@ # # -# 6.2.2 Ensure no legacy "+" entries exist in /etc/passwd (Scored) +# Ensure no legacy "+" entries exist in /etc/passwd (Scored) # set -e # One error, it's over diff --git a/bin/hardening/remove_legacy_shadow_entries.sh b/bin/hardening/remove_legacy_shadow_entries.sh index a7a71ac..ac8b8df 100755 --- a/bin/hardening/remove_legacy_shadow_entries.sh +++ b/bin/hardening/remove_legacy_shadow_entries.sh @@ -6,7 +6,7 @@ # # -# 6.2.4 Ensure no legacy "+" entries exist in /etc/shadow (Scored) +# Ensure no legacy "+" entries exist in /etc/shadow (Scored) # set -e # One error, it's over diff --git a/bin/hardening/remove_os_info_issue.sh b/bin/hardening/remove_os_info_issue.sh index 5173e78..070935c 100755 --- a/bin/hardening/remove_os_info_issue.sh +++ b/bin/hardening/remove_os_info_issue.sh @@ -6,7 +6,7 @@ # # -# 1.8.1.2 Ensure local login warning banner is configured properly (Scored) +# Ensure local login warning banner is configured properly (Scored) # set -e # One error, it's over diff --git a/bin/hardening/remove_os_info_issue_net.sh b/bin/hardening/remove_os_info_issue_net.sh index 0ab5c02..5a325d6 100755 --- a/bin/hardening/remove_os_info_issue_net.sh +++ b/bin/hardening/remove_os_info_issue_net.sh @@ -6,7 +6,7 @@ # # -# 1.8.1.3 Ensure remote login warning banner is configured properly (Scored) +# Ensure remote login warning banner is configured properly (Scored) # set -e # One error, it's over diff --git a/bin/hardening/remove_os_info_motd.sh b/bin/hardening/remove_os_info_motd.sh index 0911ac5..7fbee9c 100755 --- a/bin/hardening/remove_os_info_motd.sh +++ b/bin/hardening/remove_os_info_motd.sh @@ -6,7 +6,7 @@ # # -# 1.8.1.1 Ensure message of the day is configured properly (Scored) +# Ensure message of the day is configured properly (Scored) # set -e # One error, it's over diff --git a/bin/hardening/restrict_core_dumps.sh b/bin/hardening/restrict_core_dumps.sh index 19ae0ac..15f83af 100755 --- a/bin/hardening/restrict_core_dumps.sh +++ b/bin/hardening/restrict_core_dumps.sh @@ -6,7 +6,7 @@ # # -# 1.6.4 Ensure core dumps are restricted (Scored) +# Ensure core dumps are restricted (Scored) # set -e # One error, it's over diff --git a/bin/hardening/restrict_fat.sh b/bin/hardening/restrict_fat.sh index d442dd3..7aa3148 100755 --- a/bin/hardening/restrict_fat.sh +++ b/bin/hardening/restrict_fat.sh @@ -6,7 +6,7 @@ # # -# 1.1.1.7 Ensure mounting of FAT filesystems is limited (Not Scored) +# Ensure mounting of FAT filesystems is limited (Not Scored) # set -e # One error, it's over diff --git a/bin/hardening/restrict_su.sh b/bin/hardening/restrict_su.sh index 60a5423..9dd4a37 100755 --- a/bin/hardening/restrict_su.sh +++ b/bin/hardening/restrict_su.sh @@ -6,7 +6,7 @@ # # -# 5.6 Ensure access to the su command is restricted (Scored) +# Ensure access to the su command is restricted (Scored) # set -e # One error, it's over diff --git a/bin/hardening/root_password.sh b/bin/hardening/root_password.sh index f98896d..e54f537 100755 --- a/bin/hardening/root_password.sh +++ b/bin/hardening/root_password.sh @@ -6,7 +6,7 @@ # # -# 1.5.3 Ensure authentication required for single user mode (Scored) +# Ensure authentication required for single user mode (Scored) # set -e # One error, it's over diff --git a/bin/hardening/run_shm_nodev.sh b/bin/hardening/run_shm_nodev.sh index 4554d10..3101359 100755 --- a/bin/hardening/run_shm_nodev.sh +++ b/bin/hardening/run_shm_nodev.sh @@ -6,7 +6,7 @@ # # -# 1.1.15 Ensure nodev option set on /dev/shm partition (Scored) +# Ensure nodev option set on /dev/shm partition (Scored) # set -e # One error, it's over diff --git a/bin/hardening/run_shm_noexec.sh b/bin/hardening/run_shm_noexec.sh index a6f24a6..8c11879 100755 --- a/bin/hardening/run_shm_noexec.sh +++ b/bin/hardening/run_shm_noexec.sh @@ -6,7 +6,7 @@ # # -# 1.1.17 Ensure noexec option set on /run/shm partition (Scored) +# Ensure noexec option set on /run/shm partition (Scored) # set -e # One error, it's over diff --git a/bin/hardening/run_shm_nosuid.sh b/bin/hardening/run_shm_nosuid.sh index 927cc56..febcee7 100755 --- a/bin/hardening/run_shm_nosuid.sh +++ b/bin/hardening/run_shm_nosuid.sh @@ -6,7 +6,7 @@ # # -# 1.1.16 Ensure nosuid option set on /run/shm partition (Scored) +# Ensure nosuid option set on /run/shm partition (Scored) # set -e # One error, it's over diff --git a/bin/hardening/sanitize_root_path.sh b/bin/hardening/sanitize_root_path.sh index fd4b056..0c0e936 100755 --- a/bin/hardening/sanitize_root_path.sh +++ b/bin/hardening/sanitize_root_path.sh @@ -6,7 +6,7 @@ # # -# 6.2.7 Ensure root PATH Integrity (Scored) +# Ensure root PATH Integrity (Scored) # # set path to the $PATH environnement variable if path is not defined diff --git a/bin/hardening/secure_tty.sh b/bin/hardening/secure_tty.sh index 006d670..0326530 100755 --- a/bin/hardening/secure_tty.sh +++ b/bin/hardening/secure_tty.sh @@ -6,7 +6,7 @@ # # -# 5.5 Ensure root login is restricted to system console (Not Scored) +# Ensure root login is restricted to system console (Not Scored) # set -e # One error, it's over diff --git a/bin/hardening/set_password_exp_days.sh b/bin/hardening/set_password_exp_days.sh index dcefdf8..6a60635 100755 --- a/bin/hardening/set_password_exp_days.sh +++ b/bin/hardening/set_password_exp_days.sh @@ -6,7 +6,7 @@ # # -# 5.4.1.1 Ensure password expiration is 365 days or less (Scored) +# Ensure password expiration is 365 days or less (Scored) # set -e # One error, it's over diff --git a/bin/hardening/set_password_exp_warning_days.sh b/bin/hardening/set_password_exp_warning_days.sh index f991a37..f2db5f4 100755 --- a/bin/hardening/set_password_exp_warning_days.sh +++ b/bin/hardening/set_password_exp_warning_days.sh @@ -6,7 +6,7 @@ # # -# 5.4.1.3 Ensure password expiration warning days is 7 or more (Scored) +# Ensure password expiration warning days is 7 or more (Scored) # set -e # One error, it's over diff --git a/bin/hardening/set_password_min_days_change.sh b/bin/hardening/set_password_min_days_change.sh index 9980d12..8db5acc 100755 --- a/bin/hardening/set_password_min_days_change.sh +++ b/bin/hardening/set_password_min_days_change.sh @@ -6,7 +6,7 @@ # # -# 5.4.1.2 Ensure minimum days between password changes is 7 or more (Scored) +# Ensure minimum days between password changes is 7 or more (Scored) # set -e # One error, it's over diff --git a/bin/hardening/set_perm_on_user_netrc.sh b/bin/hardening/set_perm_on_user_netrc.sh index 7eddd0c..88c8875 100755 --- a/bin/hardening/set_perm_on_user_netrc.sh +++ b/bin/hardening/set_perm_on_user_netrc.sh @@ -6,7 +6,7 @@ # # -# 6.2.13 Ensure users' .netrc Files are not group or world accessible (Scored) +# Ensure users' .netrc Files are not group or world accessible (Scored) # set -e # One error, it's over diff --git a/bin/hardening/shadow_group_empty.sh b/bin/hardening/shadow_group_empty.sh index 8b6cb44..6d9541b 100755 --- a/bin/hardening/shadow_group_empty.sh +++ b/bin/hardening/shadow_group_empty.sh @@ -6,7 +6,7 @@ # # -# 6.2.20 Ensure shadow group is empty (Scored) +# Ensure shadow group is empty (Scored) # set -e # One error, it's over diff --git a/bin/hardening/ssh_auth_pubk_only.sh b/bin/hardening/ssh_auth_pubk_only.sh index 802046f..9115c7c 100755 --- a/bin/hardening/ssh_auth_pubk_only.sh +++ b/bin/hardening/ssh_auth_pubk_only.sh @@ -6,7 +6,7 @@ # # -# 99.5.2.1 Ensure that sshd only allows authentication through public key. +# Ensure that sshd only allows authentication through public key. # set -e # One error, it's over diff --git a/bin/hardening/ssh_banner.sh b/bin/hardening/ssh_banner.sh index cdbcb55..de86b29 100755 --- a/bin/hardening/ssh_banner.sh +++ b/bin/hardening/ssh_banner.sh @@ -6,7 +6,7 @@ # # -# 5.2.19 Ensure SSH warning banner is configured (Scored) +# Ensure SSH warning banner is configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/ssh_cry_kex.sh b/bin/hardening/ssh_cry_kex.sh index 9bddbe1..272f1b3 100755 --- a/bin/hardening/ssh_cry_kex.sh +++ b/bin/hardening/ssh_cry_kex.sh @@ -6,7 +6,7 @@ # # -# 5.2.15 Ensure only strong Key Exchange algorithms are used (Scored) +# Ensure only strong Key Exchange algorithms are used (Scored) # set -e # One error, it's over diff --git a/bin/hardening/ssh_cry_mac.sh b/bin/hardening/ssh_cry_mac.sh index be415bd..904d94e 100755 --- a/bin/hardening/ssh_cry_mac.sh +++ b/bin/hardening/ssh_cry_mac.sh @@ -6,7 +6,7 @@ # # -# 5.2.14 Ensure only strong MAC algorithms are used (Scored) +# Ensure only strong MAC algorithms are used (Scored) # set -e # One error, it's over diff --git a/bin/hardening/ssh_cry_rekey.sh b/bin/hardening/ssh_cry_rekey.sh index 782dcef..d70642c 100755 --- a/bin/hardening/ssh_cry_rekey.sh +++ b/bin/hardening/ssh_cry_rekey.sh @@ -1,13 +1,12 @@ #!/bin/bash # run-shellcheck - # # Legacy CIS Debian Hardening # # -# 99.5.2.2 Checking rekey limit for time (6 hours) or volume (512Mio) whichever comes first. +# Checking rekey limit for time (6 hours) or volume (512Mio) whichever comes first. # set -e # One error, it's over diff --git a/bin/hardening/ssh_disable_features.sh b/bin/hardening/ssh_disable_features.sh index e6e22be..145a897 100755 --- a/bin/hardening/ssh_disable_features.sh +++ b/bin/hardening/ssh_disable_features.sh @@ -6,7 +6,7 @@ # # -# 99.5.2.3 Check all special features in sshd_config are disabled +# Check all special features in sshd_config are disabled # set -e # One error, it's over diff --git a/bin/hardening/ssh_host_private_keys_perm_ownership.sh b/bin/hardening/ssh_host_private_keys_perm_ownership.sh index 7ee3d36..17e78f5 100755 --- a/bin/hardening/ssh_host_private_keys_perm_ownership.sh +++ b/bin/hardening/ssh_host_private_keys_perm_ownership.sh @@ -6,7 +6,7 @@ # # -# 5.2.2 Ensure permissions on SSH private host key files are configured (Scored) +# Ensure permissions on SSH private host key files are configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/ssh_host_public_keys_perm_ownership.sh b/bin/hardening/ssh_host_public_keys_perm_ownership.sh index 743157c..a856325 100755 --- a/bin/hardening/ssh_host_public_keys_perm_ownership.sh +++ b/bin/hardening/ssh_host_public_keys_perm_ownership.sh @@ -6,7 +6,7 @@ # # -# 5.2.3 Ensure permissions on SSH public host key files are configured (Scored) +# Ensure permissions on SSH public host key files are configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/ssh_keys_from.sh b/bin/hardening/ssh_keys_from.sh index 75ebe0b..177c870 100755 --- a/bin/hardening/ssh_keys_from.sh +++ b/bin/hardening/ssh_keys_from.sh @@ -6,7 +6,7 @@ # # -# 99.5.2.4 Check field in ssh authorized keys files for users with login shell, and bastions IP if available. +# Check field in ssh authorized keys files for users with login shell, and bastions IP if available. # set -e # One error, it is over diff --git a/bin/hardening/ssh_strict_modes.sh b/bin/hardening/ssh_strict_modes.sh index d0bdfe9..84b8937 100755 --- a/bin/hardening/ssh_strict_modes.sh +++ b/bin/hardening/ssh_strict_modes.sh @@ -6,7 +6,7 @@ # # -# 99.5.2.5 Ensure home directory and ssh sensitive files are verified (not publicly readable) before connecting. +# Ensure home directory and ssh sensitive files are verified (not publicly readable) before connecting. # set -e # One error, it's over diff --git a/bin/hardening/ssh_sys_accept_env.sh b/bin/hardening/ssh_sys_accept_env.sh index cac69a0..695ea19 100755 --- a/bin/hardening/ssh_sys_accept_env.sh +++ b/bin/hardening/ssh_sys_accept_env.sh @@ -6,7 +6,7 @@ # # -# 99.5.2.6 Restrict which user's variables are accepted by ssh daemon +# Restrict which user's variables are accepted by ssh daemon # set -e # One error, it's over diff --git a/bin/hardening/ssh_sys_no_legacy.sh b/bin/hardening/ssh_sys_no_legacy.sh index a7a9774..7b7bfac 100755 --- a/bin/hardening/ssh_sys_no_legacy.sh +++ b/bin/hardening/ssh_sys_no_legacy.sh @@ -6,7 +6,7 @@ # # -# 99.5.2.7 Ensure that legacy services rlogin, rlogind and rcp are disabled and not installed +# Ensure that legacy services rlogin, rlogind and rcp are disabled and not installed # set -e # One error, it's over diff --git a/bin/hardening/sshd_ciphers.sh b/bin/hardening/sshd_ciphers.sh index d849432..6e3183e 100755 --- a/bin/hardening/sshd_ciphers.sh +++ b/bin/hardening/sshd_ciphers.sh @@ -6,7 +6,7 @@ # # -# 5.2.13 Ensure only strong ciphers are used (Scored) +# Ensure only strong ciphers are used (Scored) # set -e # One error, it's over diff --git a/bin/hardening/sshd_conf_perm_ownership.sh b/bin/hardening/sshd_conf_perm_ownership.sh index cd69858..45a776d 100755 --- a/bin/hardening/sshd_conf_perm_ownership.sh +++ b/bin/hardening/sshd_conf_perm_ownership.sh @@ -6,7 +6,7 @@ # # -# 5.2.1 Ensure permissions on /etc/ssh/sshd_config are configured (Scored) +# Ensure permissions on /etc/ssh/sshd_config are configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/sshd_idle_timeout.sh b/bin/hardening/sshd_idle_timeout.sh index d6619d4..2f3f0ec 100755 --- a/bin/hardening/sshd_idle_timeout.sh +++ b/bin/hardening/sshd_idle_timeout.sh @@ -6,7 +6,7 @@ # # -# 5.2.16 Ensure SSH Idle Timeout Interval is configured (Scored) +# Ensure SSH Idle Timeout Interval is configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/sshd_limit_access.sh b/bin/hardening/sshd_limit_access.sh index 60d5e8c..8717b2f 100755 --- a/bin/hardening/sshd_limit_access.sh +++ b/bin/hardening/sshd_limit_access.sh @@ -6,7 +6,7 @@ # # -# 5.2.18 Ensure SSH access is limited (Scored) +# Ensure SSH access is limited (Scored) # set -e # One error, it's over diff --git a/bin/hardening/sshd_login_grace_time.sh b/bin/hardening/sshd_login_grace_time.sh index e807579..3ae46fb 100755 --- a/bin/hardening/sshd_login_grace_time.sh +++ b/bin/hardening/sshd_login_grace_time.sh @@ -6,7 +6,7 @@ # # -# 5.2.17 Ensure SSH LoginGraceTime is set to one minute or less (Scored) +# Ensure SSH LoginGraceTime is set to one minute or less (Scored) # set -e # One error, it's over diff --git a/bin/hardening/sshd_loglevel.sh b/bin/hardening/sshd_loglevel.sh index 7e2f56f..d13f340 100755 --- a/bin/hardening/sshd_loglevel.sh +++ b/bin/hardening/sshd_loglevel.sh @@ -6,7 +6,7 @@ # # -# 5.2.5 Ensure SSH LogLevel is appropriate (Scored) +# Ensure SSH LogLevel is appropriate (Scored) # set -e # One error, it's over diff --git a/bin/hardening/sshd_maxauthtries.sh b/bin/hardening/sshd_maxauthtries.sh index 5ed868d..4f52ee7 100755 --- a/bin/hardening/sshd_maxauthtries.sh +++ b/bin/hardening/sshd_maxauthtries.sh @@ -6,7 +6,7 @@ # # -# 5.2.7 Ensure SSH MaxAuthTries is set to 4 or less (Scored) +# Ensure SSH MaxAuthTries is set to 4 or less (Scored) # set -e # One error, it's over diff --git a/bin/hardening/sshd_protocol.sh b/bin/hardening/sshd_protocol.sh index 1be613b..4202575 100755 --- a/bin/hardening/sshd_protocol.sh +++ b/bin/hardening/sshd_protocol.sh @@ -6,7 +6,7 @@ # # -# 5.2.4 Ensure SSH Protocol is set to 2 (Scored) +# Ensure SSH Protocol is set to 2 (Scored) # set -e # One error, it's over diff --git a/bin/hardening/sticky_bit_world_writable_folder.sh b/bin/hardening/sticky_bit_world_writable_folder.sh index a7d4146..69633c3 100755 --- a/bin/hardening/sticky_bit_world_writable_folder.sh +++ b/bin/hardening/sticky_bit_world_writable_folder.sh @@ -6,7 +6,7 @@ # # -# 1.1.21 Ensure sticky bit is set on all world-writable directories (Scored) +# Ensure sticky bit is set on all world-writable directories (Scored) # set -e # One error, it's over diff --git a/bin/hardening/syslog-ng_remote_host.sh b/bin/hardening/syslog-ng_remote_host.sh index 195724b..1233587 100755 --- a/bin/hardening/syslog-ng_remote_host.sh +++ b/bin/hardening/syslog-ng_remote_host.sh @@ -6,7 +6,7 @@ # # -# 4.2.1.5 Ensure syslog-ng is configured to send logs to a remote log host (Scored) +# Ensure syslog-ng is configured to send logs to a remote log host (Scored) # set -e # One error, it's over diff --git a/bin/hardening/syslog_ng_logfiles_perm.sh b/bin/hardening/syslog_ng_logfiles_perm.sh index b9efcc4..f634799 100755 --- a/bin/hardening/syslog_ng_logfiles_perm.sh +++ b/bin/hardening/syslog_ng_logfiles_perm.sh @@ -6,7 +6,7 @@ # # -# 4.2.1.4 Create and Set Permissions on syslog-ng Log Files (Scored) +# Create and Set Permissions on syslog-ng Log Files (Scored) # set -e # One error, it's over diff --git a/bin/hardening/tmp_nodev.sh b/bin/hardening/tmp_nodev.sh index edfd187..89685c1 100755 --- a/bin/hardening/tmp_nodev.sh +++ b/bin/hardening/tmp_nodev.sh @@ -6,7 +6,7 @@ # # -# 1.1.3 Ensure nodev option set for /tmp Partition (Scored) +# Ensure nodev option set for /tmp Partition (Scored) # set -e # One error, it's over diff --git a/bin/hardening/tmp_noexec.sh b/bin/hardening/tmp_noexec.sh index 8fa1c58..d4a9fba 100755 --- a/bin/hardening/tmp_noexec.sh +++ b/bin/hardening/tmp_noexec.sh @@ -6,7 +6,7 @@ # # -# 1.1.5 Ensure noexec option set for /tmp Partition (Scored) +# Ensure noexec option set for /tmp Partition (Scored) # set -e # One error, it's over diff --git a/bin/hardening/tmp_nosuid.sh b/bin/hardening/tmp_nosuid.sh index 3450e4b..6d77720 100755 --- a/bin/hardening/tmp_nosuid.sh +++ b/bin/hardening/tmp_nosuid.sh @@ -6,7 +6,7 @@ # # -# 1.1.4 Ensure nosuid option set for /tmp Partition (Scored) +# Ensure nosuid option set for /tmp Partition (Scored) # set -e # One error, it's over diff --git a/bin/hardening/tmp_partition.sh b/bin/hardening/tmp_partition.sh index 3da15f5..e4f969d 100755 --- a/bin/hardening/tmp_partition.sh +++ b/bin/hardening/tmp_partition.sh @@ -6,7 +6,7 @@ # # -# 1.1.2 Ensure /tmp is configured (Scored) +# Ensure /tmp is configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/tripwire_cron.sh b/bin/hardening/tripwire_cron.sh index 7c76f27..71ac779 100755 --- a/bin/hardening/tripwire_cron.sh +++ b/bin/hardening/tripwire_cron.sh @@ -6,7 +6,7 @@ # # -# 1.4.2 Ensure filesysteme integrity is regularly checked (Scored) +# Ensure filesysteme integrity is regularly checked (Scored) # set -e # One error, it's over diff --git a/bin/hardening/uninstall_nis.sh b/bin/hardening/uninstall_nis.sh index 10b5f90..6855942 100755 --- a/bin/hardening/uninstall_nis.sh +++ b/bin/hardening/uninstall_nis.sh @@ -6,7 +6,7 @@ # # -# 2.3.1 Ensure NIS client is not installed (Scored) +# Ensure NIS client is not installed (Scored) # set -e # One error, it's over diff --git a/bin/hardening/use_time_sync.sh b/bin/hardening/use_time_sync.sh index 13ac264..6adb0f9 100755 --- a/bin/hardening/use_time_sync.sh +++ b/bin/hardening/use_time_sync.sh @@ -6,7 +6,7 @@ # # -# 2.2.1.1 Ensure time synchronization is in use (Not Scored) +# Ensure time synchronization is in use (Not Scored) # set -e # One error, it's over diff --git a/bin/hardening/users_homedir_exist.sh b/bin/hardening/users_homedir_exist.sh index 7830ef1..dc27fd4 100755 --- a/bin/hardening/users_homedir_exist.sh +++ b/bin/hardening/users_homedir_exist.sh @@ -6,7 +6,7 @@ # # -# 6.2.3 Ensure all users' home directories exist (Scored) +# Ensure all users' home directories exist (Scored) # set -e # One error, it's over diff --git a/bin/hardening/users_homedir_ownership.sh b/bin/hardening/users_homedir_ownership.sh index 3beeebe..03de948 100755 --- a/bin/hardening/users_homedir_ownership.sh +++ b/bin/hardening/users_homedir_ownership.sh @@ -6,7 +6,7 @@ # # -# 6.2.9 Ensure users own their home directories (Scored) +# Ensure users own their home directories (Scored) # set -e # One error, it's over diff --git a/bin/hardening/var_log_audit_nodev.sh b/bin/hardening/var_log_audit_nodev.sh index ce0ca18..1b14d5d 100755 --- a/bin/hardening/var_log_audit_nodev.sh +++ b/bin/hardening/var_log_audit_nodev.sh @@ -6,7 +6,7 @@ # # -# 1.1.12.3 Ensure nodev option set on /var/log/audit partition (Scored) +# Ensure nodev option set on /var/log/audit partition (Scored) # set -e # One error, it's over diff --git a/bin/hardening/var_log_audit_noexec.sh b/bin/hardening/var_log_audit_noexec.sh index 25e2a7c..ed14fe4 100755 --- a/bin/hardening/var_log_audit_noexec.sh +++ b/bin/hardening/var_log_audit_noexec.sh @@ -6,7 +6,7 @@ # # -# 1.1.12.1 Ensure noexec option set on /var/log/audit partition (Scored) +# Ensure noexec option set on /var/log/audit partition (Scored) # set -e # One error, it's over diff --git a/bin/hardening/var_log_audit_nosuid.sh b/bin/hardening/var_log_audit_nosuid.sh index a69c1ed..93306d4 100755 --- a/bin/hardening/var_log_audit_nosuid.sh +++ b/bin/hardening/var_log_audit_nosuid.sh @@ -6,7 +6,7 @@ # # -# 1.1.12.2 Ensure nosuid option set on /var/log/audit partition (Scored) +# Ensure nosuid option set on /var/log/audit partition (Scored) # set -e # One error, it's over diff --git a/bin/hardening/var_log_audit_partition.sh b/bin/hardening/var_log_audit_partition.sh index cfc5ed0..efdb71d 100755 --- a/bin/hardening/var_log_audit_partition.sh +++ b/bin/hardening/var_log_audit_partition.sh @@ -6,7 +6,7 @@ # # -# 1.1.12 Ensure separate partition exists for /var/log/audit (Scored) +# Ensure separate partition exists for /var/log/audit (Scored) # set -e # One error, it's over diff --git a/bin/hardening/var_log_nodev.sh b/bin/hardening/var_log_nodev.sh index 821df1b..86c75f6 100755 --- a/bin/hardening/var_log_nodev.sh +++ b/bin/hardening/var_log_nodev.sh @@ -6,7 +6,7 @@ # # -# 1.1.11.3 ensure nodev option set on /var/log partition (Scored) +# ensure nodev option set on /var/log partition (Scored) # set -e # One error, it's over diff --git a/bin/hardening/var_log_noexec.sh b/bin/hardening/var_log_noexec.sh index e82fe95..812f1c1 100755 --- a/bin/hardening/var_log_noexec.sh +++ b/bin/hardening/var_log_noexec.sh @@ -6,7 +6,7 @@ # # -# 1.1.11.1 Ensure noexec option set on /var/log partition (Scored) +# Ensure noexec option set on /var/log partition (Scored) # set -e # One error, it's over diff --git a/bin/hardening/var_log_nosuid.sh b/bin/hardening/var_log_nosuid.sh index 16c11af..f806c8f 100755 --- a/bin/hardening/var_log_nosuid.sh +++ b/bin/hardening/var_log_nosuid.sh @@ -6,7 +6,7 @@ # # -# 1.1.11.2 Ensure nosuid option set on /var/log partition (Scored) +# Ensure nosuid option set on /var/log partition (Scored) # set -e # One error, it's over diff --git a/bin/hardening/var_log_partition.sh b/bin/hardening/var_log_partition.sh index b3c1819..baac60f 100755 --- a/bin/hardening/var_log_partition.sh +++ b/bin/hardening/var_log_partition.sh @@ -6,7 +6,7 @@ # # -# 1.1.11 Ensure separate partition exists for /var/log (Scored) +# Ensure separate partition exists for /var/log (Scored) # set -e # One error, it's over diff --git a/bin/hardening/var_nodev.sh b/bin/hardening/var_nodev.sh index 45c92ef..4f54df4 100755 --- a/bin/hardening/var_nodev.sh +++ b/bin/hardening/var_nodev.sh @@ -6,7 +6,7 @@ # # -# 1.1.6.1 Ensure nodev option set for /var Partition (Scored) +# Ensure nodev option set for /var Partition (Scored) # set -e # One error, it's over diff --git a/bin/hardening/var_nosuid.sh b/bin/hardening/var_nosuid.sh index 7a3f02c..9ace1ff 100755 --- a/bin/hardening/var_nosuid.sh +++ b/bin/hardening/var_nosuid.sh @@ -6,7 +6,7 @@ # # -# 1.1.6.2 Ensure nosuid option set for /var Partition (Scored) +# Ensure nosuid option set for /var Partition (Scored) # set -e # One error, it's over diff --git a/bin/hardening/var_partition.sh b/bin/hardening/var_partition.sh index bb97a55..5ab6ee3 100755 --- a/bin/hardening/var_partition.sh +++ b/bin/hardening/var_partition.sh @@ -6,7 +6,7 @@ # # -# 1.1.6 Ensure separate partition exists for /var (Scored) +# Ensure separate partition exists for /var (Scored) # set -e # One error, it's over diff --git a/bin/hardening/var_tmp_nodev.sh b/bin/hardening/var_tmp_nodev.sh index 84aae2a..6ba1429 100755 --- a/bin/hardening/var_tmp_nodev.sh +++ b/bin/hardening/var_tmp_nodev.sh @@ -6,7 +6,7 @@ # # -# 1.1.8 Ensure nodev option set on /var/tmp partition (Scored) +# Ensure nodev option set on /var/tmp partition (Scored) # set -e # One error, it's over diff --git a/bin/hardening/var_tmp_noexec.sh b/bin/hardening/var_tmp_noexec.sh index 04e6853..9eeb6cf 100755 --- a/bin/hardening/var_tmp_noexec.sh +++ b/bin/hardening/var_tmp_noexec.sh @@ -6,7 +6,7 @@ # # -# 1.1.10 Ensure noexec option set on /var/tmp partition (Scored) +# Ensure noexec option set on /var/tmp partition (Scored) # set -e # One error, it's over diff --git a/bin/hardening/var_tmp_nosuid.sh b/bin/hardening/var_tmp_nosuid.sh index 8f586c1..f9c1a61 100755 --- a/bin/hardening/var_tmp_nosuid.sh +++ b/bin/hardening/var_tmp_nosuid.sh @@ -6,7 +6,7 @@ # # -# 1.1.9 Ensure nosuid option set on /var/tmp partition (Scored) +# Ensure nosuid option set on /var/tmp partition (Scored) # set -e # One error, it's over diff --git a/bin/hardening/var_tmp_partition.sh b/bin/hardening/var_tmp_partition.sh index 1655613..a63ed99 100755 --- a/bin/hardening/var_tmp_partition.sh +++ b/bin/hardening/var_tmp_partition.sh @@ -6,7 +6,7 @@ # # -# 1.1.7 Ensure separate partition exists for /var/tmp (Scored) +# Ensure separate partition exists for /var/tmp (Scored) # set -e # One error, it's over