diff --git a/bin/hardening.sh b/bin/hardening.sh index 3420aac..786f87a 100755 --- a/bin/hardening.sh +++ b/bin/hardening.sh @@ -29,6 +29,7 @@ BATCH_MODE='' SUMMARY_JSON='' ASK_LOGLEVEL='' ALLOW_UNSUPPORTED_DISTRIBUTION=0 +USED_VERSION="default" usage() { cat < + This option allows to run the scripts as defined for a specific CIS debian version. + Supported version are the folders listed in the "versions" folder. + examples: + --set-version debian_11 + --set-version ovh_legacy + --summary-json While performing system audit, this option sets LOGLEVEL to silent and only output a json summary at the end @@ -163,6 +171,10 @@ while [[ $# -gt 0 ]]; do ASK_LOGLEVEL=$2 shift ;; + --set-version) + USED_VERSION=$2 + shift + ;; --only) TEST_LIST[${#TEST_LIST[@]}]="$2" shift @@ -217,9 +229,20 @@ if [ "$ASK_LOGLEVEL" ]; then LOGLEVEL=$ASK_LOGLEVEL; fi # shellcheck source=../lib/constants.sh [ -r "${CIS_LIB_DIR}"/constants.sh ] && . "${CIS_LIB_DIR}"/constants.sh +# ensure the CIS version exists +does_file_exist "$CIS_VERSIONS_DIR/$USED_VERSION" +if [ "$FNRET" -ne 0 ]; then + echo "$USED_VERSION is not a valid version" + echo "Please use '--set-version' with one of $(ls "$CIS_VERSIONS_DIR" --hide=default -m)" + exit 1 +fi + # If we're on a unsupported platform and there is no flag --allow-unsupported-distribution # print warning, otherwise quit +# update path for the remaining of the script +CIS_CHECKS_DIR="$CIS_VERSIONS_DIR/$USED_VERSION" + if [ "$DISTRIBUTION" != "debian" ]; then echo "Your distribution has been identified as $DISTRIBUTION which is not debian" if [ "$ALLOW_UNSUPPORTED_DISTRIBUTION" -eq 0 ]; then diff --git a/bin/hardening/99.1.1.1_disable_cramfs.sh b/bin/hardening/99.1.1.1_disable_cramfs.sh deleted file mode 100755 index ebab0e8..0000000 --- a/bin/hardening/99.1.1.1_disable_cramfs.sh +++ /dev/null @@ -1,68 +0,0 @@ -#!/bin/bash - -# run-shellcheck -# -# CIS Debian Hardening Bonus Check -# - -# -# 99.1.1.1 Ensure mounting of cramfs filesystems is disabled (Not Scored) -# - -set -e # One error, it's over -set -u # One variable unset, it's over - -# shellcheck disable=2034 -HARDENING_LEVEL=2 -# shellcheck disable=2034 -DESCRIPTION="Disable mounting of cramfs filesystems." - -KERNEL_OPTION="CONFIG_CRAMFS" -MODULE_NAME="cramfs" - -# This function will be called if the script status is on enabled / audit mode -audit() { - is_kernel_option_enabled "$KERNEL_OPTION" "$MODULE_NAME" - if [ "$FNRET" = 0 ]; then # 0 means true in bash, so it IS activated - crit "$KERNEL_OPTION is enabled!" - else - ok "$KERNEL_OPTION is disabled" - fi - : -} - -# This function will be called if the script status is on enabled mode -apply() { - is_kernel_option_enabled "$KERNEL_OPTION" - if [ "$FNRET" = 0 ]; then # 0 means true in bash, so it IS activated - warn "I cannot fix $KERNEL_OPTION enabled, recompile your kernel please" - else - ok "$KERNEL_OPTION is disabled, nothing to do" - fi - : -} - -# This function will check config parameters required -check_config() { - : -} - -# Source Root Dir Parameter -if [ -r /etc/default/cis-hardening ]; then - # shellcheck source=../../debian/default - . /etc/default/cis-hardening -fi -if [ -z "$CIS_LIB_DIR" ]; then - echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." - echo "Cannot source CIS_LIB_DIR variable, aborting." - exit 128 -fi - -# Main function, will call the proper functions given the configuration (audit, enabled, disabled) -if [ -r "${CIS_LIB_DIR}"/main.sh ]; then - # shellcheck source=../../lib/main.sh - . "${CIS_LIB_DIR}"/main.sh -else - echo "Cannot find main.sh, have you correctly defined your root directory? Current value is $CIS_LIB_DIR in /etc/default/cis-hardening" - exit 128 -fi diff --git a/bin/hardening/99.5.4.5.1_acc_logindefs_sha512.sh b/bin/hardening/acc_logindefs_sha512.sh similarity index 96% rename from bin/hardening/99.5.4.5.1_acc_logindefs_sha512.sh rename to bin/hardening/acc_logindefs_sha512.sh index ce64104..263dccb 100755 --- a/bin/hardening/99.5.4.5.1_acc_logindefs_sha512.sh +++ b/bin/hardening/acc_logindefs_sha512.sh @@ -6,7 +6,7 @@ # # -# 99.5.4.5.1 Check that any password that will be created will use sha512crypt (or yescrypt for Debian 11+) +# Check that any password that will be created will use sha512crypt (or yescrypt for Debian 11+) # set -e # One error, it's over diff --git a/bin/hardening/5.3.4_acc_pam_sha512.sh b/bin/hardening/acc_pam_sha512.sh similarity index 98% rename from bin/hardening/5.3.4_acc_pam_sha512.sh rename to bin/hardening/acc_pam_sha512.sh index e04345e..e0b788a 100755 --- a/bin/hardening/5.3.4_acc_pam_sha512.sh +++ b/bin/hardening/acc_pam_sha512.sh @@ -6,7 +6,7 @@ # # -# 5.3.4 Ensure password hashing algorithm is SHA-512 (Scored) +# Ensure password hashing algorithm is SHA-512 (Scored) # set -e # One error, it's over diff --git a/bin/hardening/99.5.4.5.2_acc_shadow_sha512.sh b/bin/hardening/acc_shadow_sha512.sh similarity index 96% rename from bin/hardening/99.5.4.5.2_acc_shadow_sha512.sh rename to bin/hardening/acc_shadow_sha512.sh index 3c5974a..3519094 100755 --- a/bin/hardening/99.5.4.5.2_acc_shadow_sha512.sh +++ b/bin/hardening/acc_shadow_sha512.sh @@ -6,7 +6,7 @@ # # -# 99.5.4.5.2 Check that passwords in /etc/shadow are sha512crypt (or yescrypt for Debian 11+) hashed and salted +# Check that passwords in /etc/shadow are sha512crypt (or yescrypt for Debian 11+) hashed and salted # set -e # One error, it's over diff --git a/bin/hardening/99.1.3_acc_sudoers_no_all.sh b/bin/hardening/acc_sudoers_no_all.sh similarity index 97% rename from bin/hardening/99.1.3_acc_sudoers_no_all.sh rename to bin/hardening/acc_sudoers_no_all.sh index dfb80a1..26b9f7f 100755 --- a/bin/hardening/99.1.3_acc_sudoers_no_all.sh +++ b/bin/hardening/acc_sudoers_no_all.sh @@ -6,7 +6,7 @@ # # -# 99.1.3 Check there are no carte-blanche authorization in sudoers file(s). +# Check there are no carte-blanche authorization in sudoers file(s). # set -e # One error, it's over diff --git a/bin/hardening/4.1.1.4_audit_backlog_limit.sh b/bin/hardening/audit_backlog_limit.sh similarity index 98% rename from bin/hardening/4.1.1.4_audit_backlog_limit.sh rename to bin/hardening/audit_backlog_limit.sh index 924a8aa..2d95b0b 100755 --- a/bin/hardening/4.1.1.4_audit_backlog_limit.sh +++ b/bin/hardening/audit_backlog_limit.sh @@ -6,7 +6,7 @@ # # -# 4.1.1.4 Ensure audit_backlog_limit is sufficient (Scored) +# Ensure audit_backlog_limit is sufficient (Scored) # set -e # One error, it's over diff --git a/bin/hardening/4.1.1.3_audit_bootloader.sh b/bin/hardening/audit_bootloader.sh similarity index 97% rename from bin/hardening/4.1.1.3_audit_bootloader.sh rename to bin/hardening/audit_bootloader.sh index 22fd58a..acb56df 100755 --- a/bin/hardening/4.1.1.3_audit_bootloader.sh +++ b/bin/hardening/audit_bootloader.sh @@ -6,7 +6,7 @@ # # -# 4.1.1.3 Ensure auditing for processes that start prior to auditd is enabled (Scored) +# Ensure auditing for processes that start prior to auditd is enabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/4.1.2.1_audit_log_storage.sh b/bin/hardening/audit_log_storage.sh similarity index 97% rename from bin/hardening/4.1.2.1_audit_log_storage.sh rename to bin/hardening/audit_log_storage.sh index 0558302..75f5fdf 100755 --- a/bin/hardening/4.1.2.1_audit_log_storage.sh +++ b/bin/hardening/audit_log_storage.sh @@ -6,7 +6,7 @@ # # -# 4.1.2.1 Ensure audit log storage size is configured (Scored) +# Ensure audit log storage size is configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/1.5.1_bootloader_ownership.sh b/bin/hardening/bootloader_ownership.sh similarity index 97% rename from bin/hardening/1.5.1_bootloader_ownership.sh rename to bin/hardening/bootloader_ownership.sh index 1374a89..ce939f9 100755 --- a/bin/hardening/1.5.1_bootloader_ownership.sh +++ b/bin/hardening/bootloader_ownership.sh @@ -6,7 +6,7 @@ # # -# 1.5.1 Ensure permissions on bootloader config are configured (Scored) +# Ensure permissions on bootloader config are configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/1.5.2_bootloader_password.sh b/bin/hardening/bootloader_password.sh similarity index 97% rename from bin/hardening/1.5.2_bootloader_password.sh rename to bin/hardening/bootloader_password.sh index fd4a9ec..37182f8 100755 --- a/bin/hardening/1.5.2_bootloader_password.sh +++ b/bin/hardening/bootloader_password.sh @@ -6,7 +6,7 @@ # # -# 1.5.2 Ensure bootloader password is set (Scored) +# Ensure bootloader password is set (Scored) # set -e # One error, it's over diff --git a/bin/hardening/99.99_check_distribution.sh b/bin/hardening/check_distribution.sh similarity index 96% rename from bin/hardening/99.99_check_distribution.sh rename to bin/hardening/check_distribution.sh index 252e971..d4c7b2f 100755 --- a/bin/hardening/99.99_check_distribution.sh +++ b/bin/hardening/check_distribution.sh @@ -6,7 +6,7 @@ # # -# 99.99 Ensure that the distribution version is debian and that the version is 9 or 10 +# Ensure that the distribution version is debian and that the version is 9 or 10 # set -e # One error, it's over diff --git a/bin/hardening/6.2.17_check_duplicate_gid.sh b/bin/hardening/check_duplicate_gid.sh similarity index 97% rename from bin/hardening/6.2.17_check_duplicate_gid.sh rename to bin/hardening/check_duplicate_gid.sh index f20aa25..8480520 100755 --- a/bin/hardening/6.2.17_check_duplicate_gid.sh +++ b/bin/hardening/check_duplicate_gid.sh @@ -6,7 +6,7 @@ # # -# 6.2.17 Ensure no duplicate GIDs exist (Scored) +# Ensure no duplicate GIDs exist (Scored) # set -e # One error, it's over diff --git a/bin/hardening/6.2.19_check_duplicate_groupname.sh b/bin/hardening/check_duplicate_groupname.sh similarity index 97% rename from bin/hardening/6.2.19_check_duplicate_groupname.sh rename to bin/hardening/check_duplicate_groupname.sh index f24a059..bbda4cd 100755 --- a/bin/hardening/6.2.19_check_duplicate_groupname.sh +++ b/bin/hardening/check_duplicate_groupname.sh @@ -6,7 +6,7 @@ # # -# 6.2.19 Ensure no duplicate group names exist (Scored) +# Ensure no duplicate group names exist (Scored) # set -e # One error, it's over diff --git a/bin/hardening/6.2.16_check_duplicate_uid.sh b/bin/hardening/check_duplicate_uid.sh similarity index 98% rename from bin/hardening/6.2.16_check_duplicate_uid.sh rename to bin/hardening/check_duplicate_uid.sh index 2f6400c..4e795a2 100755 --- a/bin/hardening/6.2.16_check_duplicate_uid.sh +++ b/bin/hardening/check_duplicate_uid.sh @@ -6,7 +6,7 @@ # # -# 6.2.16 Ensure no duplicate UIDs exist (Scored) +# Ensure no duplicate UIDs exist (Scored) # set -e # One error, it's over diff --git a/bin/hardening/6.2.18_check_duplicate_username.sh b/bin/hardening/check_duplicate_username.sh similarity index 97% rename from bin/hardening/6.2.18_check_duplicate_username.sh rename to bin/hardening/check_duplicate_username.sh index 030b9e5..0a2f0fc 100755 --- a/bin/hardening/6.2.18_check_duplicate_username.sh +++ b/bin/hardening/check_duplicate_username.sh @@ -6,7 +6,7 @@ # # -# 6.2.18 Ensure no duplicate user names exist (Scored) +# Ensure no duplicate user names exist (Scored) # set -e # One error, it's over diff --git a/bin/hardening/6.2.8_check_user_dir_perm.sh b/bin/hardening/check_user_dir_perm.sh similarity index 98% rename from bin/hardening/6.2.8_check_user_dir_perm.sh rename to bin/hardening/check_user_dir_perm.sh index 2d83187..8099832 100755 --- a/bin/hardening/6.2.8_check_user_dir_perm.sh +++ b/bin/hardening/check_user_dir_perm.sh @@ -6,7 +6,7 @@ # # -# 6.2.8 Ensure users' home directories permissions are 750 or more restrictive (Scored +# Ensure users' home directories permissions are 750 or more restrictive (Scored # set -e # One error, it's over diff --git a/bin/hardening/6.2.10_check_user_dot_file_perm.sh b/bin/hardening/check_user_dot_file_perm.sh similarity index 97% rename from bin/hardening/6.2.10_check_user_dot_file_perm.sh rename to bin/hardening/check_user_dot_file_perm.sh index a8adfc7..baa504d 100755 --- a/bin/hardening/6.2.10_check_user_dot_file_perm.sh +++ b/bin/hardening/check_user_dot_file_perm.sh @@ -6,7 +6,7 @@ # # -# 6.2.10 Ensure users' dot files are not group or world writable (Scored) +# Ensure users' dot files are not group or world writable (Scored) # set -e # One error, it's over diff --git a/bin/hardening/2.2.1.3_configure_chrony.sh b/bin/hardening/configure_chrony.sh similarity index 97% rename from bin/hardening/2.2.1.3_configure_chrony.sh rename to bin/hardening/configure_chrony.sh index 2996e90..4e6a892 100755 --- a/bin/hardening/2.2.1.3_configure_chrony.sh +++ b/bin/hardening/configure_chrony.sh @@ -6,7 +6,7 @@ # # -# 2.2.1.3 Ensure chrony is configured (Scored) +# Ensure chrony is configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/4.3_configure_logrotate.sh b/bin/hardening/configure_logrotate.sh similarity index 96% rename from bin/hardening/4.3_configure_logrotate.sh rename to bin/hardening/configure_logrotate.sh index d109360..e3f4225 100755 --- a/bin/hardening/4.3_configure_logrotate.sh +++ b/bin/hardening/configure_logrotate.sh @@ -6,7 +6,7 @@ # # -# 4.3 Ensure logrotate is configured (Not Scored) +# Ensure logrotate is configured (Not Scored) # set -e # One error, it's over diff --git a/bin/hardening/2.2.1.4_configure_ntp.sh b/bin/hardening/configure_ntp.sh similarity index 98% rename from bin/hardening/2.2.1.4_configure_ntp.sh rename to bin/hardening/configure_ntp.sh index 5f2fe8d..fa772c0 100755 --- a/bin/hardening/2.2.1.4_configure_ntp.sh +++ b/bin/hardening/configure_ntp.sh @@ -6,7 +6,7 @@ # # -# 2.2.1.2 Ensure ntp is configured (Scored) +# Ensure ntp is configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/5.2.22_configure_ssh_max_startups.sh b/bin/hardening/configure_ssh_max_startups.sh similarity index 98% rename from bin/hardening/5.2.22_configure_ssh_max_startups.sh rename to bin/hardening/configure_ssh_max_startups.sh index 2fb8ed7..59e1048 100755 --- a/bin/hardening/5.2.22_configure_ssh_max_startups.sh +++ b/bin/hardening/configure_ssh_max_startups.sh @@ -6,7 +6,7 @@ # # -# 5.2.22 Ensure SSH MaxStartups is configured (Scored) +# Ensure SSH MaxStartups is configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/4.2.1.3_configure_syslog-ng.sh b/bin/hardening/configure_syslog-ng.sh similarity index 96% rename from bin/hardening/4.2.1.3_configure_syslog-ng.sh rename to bin/hardening/configure_syslog-ng.sh index 4833ee3..42db633 100755 --- a/bin/hardening/4.2.1.3_configure_syslog-ng.sh +++ b/bin/hardening/configure_syslog-ng.sh @@ -6,7 +6,7 @@ # # -# 4.2.1.3 Configure /etc/syslog-ng/syslog-ng.conf (Not Scored) +# Configure /etc/syslog-ng/syslog-ng.conf (Not Scored) # set -e # One error, it's over diff --git a/bin/hardening/2.2.1.2_configure_systemd-timesyncd.sh b/bin/hardening/configure_systemd-timesyncd.sh similarity index 95% rename from bin/hardening/2.2.1.2_configure_systemd-timesyncd.sh rename to bin/hardening/configure_systemd-timesyncd.sh index 6b8c15f..9a71aca 100755 --- a/bin/hardening/2.2.1.2_configure_systemd-timesyncd.sh +++ b/bin/hardening/configure_systemd-timesyncd.sh @@ -6,7 +6,7 @@ # # -# 2.2.1.2 Ensure systemd-timesyncd is configured (Not Scored) +# Ensure systemd-timesyncd is configured (Not Scored) # set -e # One error, it's over diff --git a/bin/hardening/5.1.7_cron_d_perm_ownership.sh b/bin/hardening/cron_d_perm_ownership.sh similarity index 97% rename from bin/hardening/5.1.7_cron_d_perm_ownership.sh rename to bin/hardening/cron_d_perm_ownership.sh index bb6e160..4346045 100755 --- a/bin/hardening/5.1.7_cron_d_perm_ownership.sh +++ b/bin/hardening/cron_d_perm_ownership.sh @@ -6,7 +6,7 @@ # # -# 5.1.7 Ensure permissions on /etc/cron.d are configured (Scored) +# Ensure permissions on /etc/cron.d are configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/5.1.4_cron_daily_perm_ownership.sh b/bin/hardening/cron_daily_perm_ownership.sh similarity index 97% rename from bin/hardening/5.1.4_cron_daily_perm_ownership.sh rename to bin/hardening/cron_daily_perm_ownership.sh index fa57556..7482e91 100755 --- a/bin/hardening/5.1.4_cron_daily_perm_ownership.sh +++ b/bin/hardening/cron_daily_perm_ownership.sh @@ -6,7 +6,7 @@ # # -# 5.1.4 Ensure permissions on /etc/cron.daily are configured (Scored) +# Ensure permissions on /etc/cron.daily are configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/5.1.3_cron_hourly_perm_ownership.sh b/bin/hardening/cron_hourly_perm_ownership.sh similarity index 97% rename from bin/hardening/5.1.3_cron_hourly_perm_ownership.sh rename to bin/hardening/cron_hourly_perm_ownership.sh index d4fbad6..17f2d12 100755 --- a/bin/hardening/5.1.3_cron_hourly_perm_ownership.sh +++ b/bin/hardening/cron_hourly_perm_ownership.sh @@ -6,7 +6,7 @@ # # -# 5.1.3 Ensure permissions on /etc/cron.hourly are configured (Scored) +# Ensure permissions on /etc/cron.hourly are configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/5.1.6_cron_monthly_perm_ownership.sh b/bin/hardening/cron_monthly_perm_ownership.sh similarity index 97% rename from bin/hardening/5.1.6_cron_monthly_perm_ownership.sh rename to bin/hardening/cron_monthly_perm_ownership.sh index 17367fc..4766fa8 100755 --- a/bin/hardening/5.1.6_cron_monthly_perm_ownership.sh +++ b/bin/hardening/cron_monthly_perm_ownership.sh @@ -6,7 +6,7 @@ # # -# 5.1.6 Ensure permissions on /etc/cron.monthly are configured (Scored) +# Ensure permissions on /etc/cron.monthly are configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/5.1.8_cron_users.sh b/bin/hardening/cron_users.sh similarity index 98% rename from bin/hardening/5.1.8_cron_users.sh rename to bin/hardening/cron_users.sh index 958d62c..ca202d9 100755 --- a/bin/hardening/5.1.8_cron_users.sh +++ b/bin/hardening/cron_users.sh @@ -6,7 +6,7 @@ # # -# 5.1.8 Ensure at/cron is restricted to authorized users (Scored) +# Ensure at/cron is restricted to authorized users (Scored) # set -e # One error, it's over diff --git a/bin/hardening/5.1.5_cron_weekly_perm_ownership.sh b/bin/hardening/cron_weekly_perm_ownership.sh similarity index 97% rename from bin/hardening/5.1.5_cron_weekly_perm_ownership.sh rename to bin/hardening/cron_weekly_perm_ownership.sh index 29aad24..50f2198 100755 --- a/bin/hardening/5.1.5_cron_weekly_perm_ownership.sh +++ b/bin/hardening/cron_weekly_perm_ownership.sh @@ -6,7 +6,7 @@ # # -# 5.1.5 Ensure permissions on /etc/cron.weekly are configured (Scored) +# Ensure permissions on /etc/cron.weekly are configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/5.1.2_crontab_perm_ownership.sh b/bin/hardening/crontab_perm_ownership.sh similarity index 97% rename from bin/hardening/5.1.2_crontab_perm_ownership.sh rename to bin/hardening/crontab_perm_ownership.sh index 419032b..d798dd4 100755 --- a/bin/hardening/5.1.2_crontab_perm_ownership.sh +++ b/bin/hardening/crontab_perm_ownership.sh @@ -6,7 +6,7 @@ # # -# 5.1.2 Ensure permissions on /etc/crontab are configured (Scored) +# Ensure permissions on /etc/crontab are configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/5.4.3_default_root_group.sh b/bin/hardening/default_root_group.sh similarity index 96% rename from bin/hardening/5.4.3_default_root_group.sh rename to bin/hardening/default_root_group.sh index f0d4e26..c7fe361 100755 --- a/bin/hardening/5.4.3_default_root_group.sh +++ b/bin/hardening/default_root_group.sh @@ -6,7 +6,7 @@ # # -# 5.4.3 Ensure default group for the root account is GID 0 (Scored) +# Ensure default group for the root account is GID 0 (Scored) # set -e # One error, it's over diff --git a/bin/hardening/5.4.5_default_timeout.sh b/bin/hardening/default_timeout.sh similarity index 98% rename from bin/hardening/5.4.5_default_timeout.sh rename to bin/hardening/default_timeout.sh index 6355ebc..4597d68 100755 --- a/bin/hardening/5.4.5_default_timeout.sh +++ b/bin/hardening/default_timeout.sh @@ -6,7 +6,7 @@ # # -# 5.4.4 Ensure default usershell timeout is 900 seconds or less +# Ensure default usershell timeout is 900 seconds or less # set -e # One error, it's over diff --git a/bin/hardening/5.4.4_default_umask.sh b/bin/hardening/default_umask.sh similarity index 98% rename from bin/hardening/5.4.4_default_umask.sh rename to bin/hardening/default_umask.sh index b0f9aa4..2ecdc92 100755 --- a/bin/hardening/5.4.4_default_umask.sh +++ b/bin/hardening/default_umask.sh @@ -6,7 +6,7 @@ # # -# 5.4.4 Ensure default user umask is 027 or more restrictive (Scored) +# Ensure default user umask is 027 or more restrictive (Scored) # set -e # One error, it's over diff --git a/bin/hardening/1.6.3.1_disable_apport.sh b/bin/hardening/disable_apport.sh similarity index 97% rename from bin/hardening/1.6.3.1_disable_apport.sh rename to bin/hardening/disable_apport.sh index d6b9ca6..ade9343 100755 --- a/bin/hardening/1.6.3.1_disable_apport.sh +++ b/bin/hardening/disable_apport.sh @@ -6,7 +6,7 @@ # # -# 1.6.3.1 Ensure apport is disabled (Scored) +# Ensure apport is disabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/1.1.22_disable_automounting.sh b/bin/hardening/disable_automounting.sh similarity index 97% rename from bin/hardening/1.1.22_disable_automounting.sh rename to bin/hardening/disable_automounting.sh index 42a4768..20082bc 100755 --- a/bin/hardening/1.1.22_disable_automounting.sh +++ b/bin/hardening/disable_automounting.sh @@ -6,7 +6,7 @@ # # -# 1.1.22 Disable Automounting (Scored) +# Disable Automounting (Scored) # set -e # One error, it's over diff --git a/bin/hardening/2.2.3_disable_avahi_server.sh b/bin/hardening/disable_avahi_server.sh similarity index 97% rename from bin/hardening/2.2.3_disable_avahi_server.sh rename to bin/hardening/disable_avahi_server.sh index 09322a3..9d0a349 100755 --- a/bin/hardening/2.2.3_disable_avahi_server.sh +++ b/bin/hardening/disable_avahi_server.sh @@ -6,7 +6,7 @@ # # -# 2.2.3 Ensure Avahi Server is not enabled (Scored) +# Ensure Avahi Server is not enabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/2.1.2_disable_bsd_inetd.sh b/bin/hardening/disable_bsd_inetd.sh similarity index 97% rename from bin/hardening/2.1.2_disable_bsd_inetd.sh rename to bin/hardening/disable_bsd_inetd.sh index cefc987..a3d669c 100755 --- a/bin/hardening/2.1.2_disable_bsd_inetd.sh +++ b/bin/hardening/disable_bsd_inetd.sh @@ -6,7 +6,7 @@ # # -# 2.1.2 Ensure bsd-inetd is not enabled (Scored) +# Ensure bsd-inetd is not enabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/1.1.1.8_disable_cramfs.sh b/bin/hardening/disable_cramfs.sh similarity index 97% rename from bin/hardening/1.1.1.8_disable_cramfs.sh rename to bin/hardening/disable_cramfs.sh index b1a489d..d057c62 100755 --- a/bin/hardening/1.1.1.8_disable_cramfs.sh +++ b/bin/hardening/disable_cramfs.sh @@ -6,7 +6,7 @@ # # -# 1.1.1.1 Ensure Mounting of cramfs filesystems is disabled (Scored) +# Ensure Mounting of cramfs filesystems is disabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/3.4.1_disable_dccp.sh b/bin/hardening/disable_dccp.sh similarity index 98% rename from bin/hardening/3.4.1_disable_dccp.sh rename to bin/hardening/disable_dccp.sh index 218c429..f5c656a 100755 --- a/bin/hardening/3.4.1_disable_dccp.sh +++ b/bin/hardening/disable_dccp.sh @@ -6,7 +6,7 @@ # # -# 3.4.1 Ensure DCCP is disabled (Not Scored) +# Ensure DCCP is disabled (Not Scored) # set -e # One error, it's over diff --git a/bin/hardening/2.2.5_disable_dhcp.sh b/bin/hardening/disable_dhcp.sh similarity index 97% rename from bin/hardening/2.2.5_disable_dhcp.sh rename to bin/hardening/disable_dhcp.sh index f7b9fd1..0f58afa 100755 --- a/bin/hardening/2.2.5_disable_dhcp.sh +++ b/bin/hardening/disable_dhcp.sh @@ -6,7 +6,7 @@ # # -# 2.2.5 Ensure DHCP Server is not enabled (Scored) +# Ensure DHCP Server is not enabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/2.2.8_disable_dns_server.sh b/bin/hardening/disable_dns_server.sh similarity index 97% rename from bin/hardening/2.2.8_disable_dns_server.sh rename to bin/hardening/disable_dns_server.sh index f07bcb9..2156dcf 100755 --- a/bin/hardening/2.2.8_disable_dns_server.sh +++ b/bin/hardening/disable_dns_server.sh @@ -6,7 +6,7 @@ # # -# 2.2.8 Ensure DNS Server is not enabled (Scored) +# Ensure DNS Server is not enabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/1.1.1.1_disable_freevxfs.sh b/bin/hardening/disable_freevxfs.sh similarity index 97% rename from bin/hardening/1.1.1.1_disable_freevxfs.sh rename to bin/hardening/disable_freevxfs.sh index 92e3715..c243aaf 100755 --- a/bin/hardening/1.1.1.1_disable_freevxfs.sh +++ b/bin/hardening/disable_freevxfs.sh @@ -6,7 +6,7 @@ # # -# 1.1.1.1 Ensure Mounting of freevxfs filesystems is disabled (Scored) +# Ensure Mounting of freevxfs filesystems is disabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/2.2.9_disable_ftp.sh b/bin/hardening/disable_ftp.sh similarity index 97% rename from bin/hardening/2.2.9_disable_ftp.sh rename to bin/hardening/disable_ftp.sh index d184ac6..745b4b8 100755 --- a/bin/hardening/2.2.9_disable_ftp.sh +++ b/bin/hardening/disable_ftp.sh @@ -6,7 +6,7 @@ # # -# 2.2.9 Ensure FTP Server is not enabled (Scored) +# Ensure FTP Server is not enabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/1.1.1.3_disable_hfs.sh b/bin/hardening/disable_hfs.sh similarity index 97% rename from bin/hardening/1.1.1.3_disable_hfs.sh rename to bin/hardening/disable_hfs.sh index 9ad94bd..1cfc597 100755 --- a/bin/hardening/1.1.1.3_disable_hfs.sh +++ b/bin/hardening/disable_hfs.sh @@ -6,7 +6,7 @@ # # -# 1.1.1.3 Ensure mounting of hfs filesystems is disabled (Scored) +# Ensure mounting of hfs filesystems is disabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/1.1.1.4_disable_hfsplus.sh b/bin/hardening/disable_hfsplus.sh similarity index 97% rename from bin/hardening/1.1.1.4_disable_hfsplus.sh rename to bin/hardening/disable_hfsplus.sh index 6c1e6c2..eeb75d2 100755 --- a/bin/hardening/1.1.1.4_disable_hfsplus.sh +++ b/bin/hardening/disable_hfsplus.sh @@ -6,7 +6,7 @@ # # -# 1.1.1.4 Ensure mounting of hfsplus filesystems is disabled (Scored) +# Ensure mounting of hfsplus filesystems is disabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/2.2.13_disable_http_proxy.sh b/bin/hardening/disable_http_proxy.sh similarity index 96% rename from bin/hardening/2.2.13_disable_http_proxy.sh rename to bin/hardening/disable_http_proxy.sh index 85b0bb4..bc81b7f 100755 --- a/bin/hardening/2.2.13_disable_http_proxy.sh +++ b/bin/hardening/disable_http_proxy.sh @@ -6,7 +6,7 @@ # # -# 2.2.13 Ensure HTTP Proxy Server is not enabled (Scored) +# Ensure HTTP Proxy Server is not enabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/2.2.10_disable_http_server.sh b/bin/hardening/disable_http_server.sh similarity index 97% rename from bin/hardening/2.2.10_disable_http_server.sh rename to bin/hardening/disable_http_server.sh index 73ad084..2c313ab 100755 --- a/bin/hardening/2.2.10_disable_http_server.sh +++ b/bin/hardening/disable_http_server.sh @@ -6,7 +6,7 @@ # # -# 2.2.10 Ensure HTTP Server is not enabled (Scored) +# Ensure HTTP Server is not enabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/3.3.2_disable_icmp_redirect.sh b/bin/hardening/disable_icmp_redirect.sh similarity index 98% rename from bin/hardening/3.3.2_disable_icmp_redirect.sh rename to bin/hardening/disable_icmp_redirect.sh index 4bc28e6..644ef49 100755 --- a/bin/hardening/3.3.2_disable_icmp_redirect.sh +++ b/bin/hardening/disable_icmp_redirect.sh @@ -6,7 +6,7 @@ # # -# 3.3.2 Ensure ICMP redirects are not accepted (Scored) +# Ensure ICMP redirects are not accepted (Scored) # set -e # One error, it's over diff --git a/bin/hardening/2.2.11_disable_imap_pop.sh b/bin/hardening/disable_imap_pop.sh similarity index 97% rename from bin/hardening/2.2.11_disable_imap_pop.sh rename to bin/hardening/disable_imap_pop.sh index ae11bd4..4bd39b1 100755 --- a/bin/hardening/2.2.11_disable_imap_pop.sh +++ b/bin/hardening/disable_imap_pop.sh @@ -6,7 +6,7 @@ # # -# 2.2.11 Ensure IMAP and POP server is not installed (Scored) +# Ensure IMAP and POP server is not installed (Scored) # set -e # One error, it's over diff --git a/bin/hardening/3.2.2_disable_ip_forwarding.sh b/bin/hardening/disable_ip_forwarding.sh similarity index 98% rename from bin/hardening/3.2.2_disable_ip_forwarding.sh rename to bin/hardening/disable_ip_forwarding.sh index 6946314..f416907 100755 --- a/bin/hardening/3.2.2_disable_ip_forwarding.sh +++ b/bin/hardening/disable_ip_forwarding.sh @@ -6,7 +6,7 @@ # # -# 3.2.2 Ensure IP forwarding is disabled (Scored) +# Ensure IP forwarding is disabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/3.1.1_disable_ipv6.sh b/bin/hardening/disable_ipv6.sh similarity index 98% rename from bin/hardening/3.1.1_disable_ipv6.sh rename to bin/hardening/disable_ipv6.sh index 0ed8f3e..dcf7498 100755 --- a/bin/hardening/3.1.1_disable_ipv6.sh +++ b/bin/hardening/disable_ipv6.sh @@ -6,7 +6,7 @@ # # -# 3.1.1 Disable IPv6 (Not Scored) +# Disable IPv6 (Not Scored) # set -e # One error, it's over diff --git a/bin/hardening/3.3.9_disable_ipv6_router_advertisement.sh b/bin/hardening/disable_ipv6_router_advertisement.sh similarity index 97% rename from bin/hardening/3.3.9_disable_ipv6_router_advertisement.sh rename to bin/hardening/disable_ipv6_router_advertisement.sh index 18b46c0..8fba60c 100755 --- a/bin/hardening/3.3.9_disable_ipv6_router_advertisement.sh +++ b/bin/hardening/disable_ipv6_router_advertisement.sh @@ -6,7 +6,7 @@ # # -# 3.3.9 Ensure IPv6 router advertisements are not accepted (Scored) +# Ensure IPv6 router advertisements are not accepted (Scored) # set -e # One error, it's over diff --git a/bin/hardening/1.1.1.2_disable_jffs2.sh b/bin/hardening/disable_jffs2.sh similarity index 97% rename from bin/hardening/1.1.1.2_disable_jffs2.sh rename to bin/hardening/disable_jffs2.sh index 775a8b9..384b119 100755 --- a/bin/hardening/1.1.1.2_disable_jffs2.sh +++ b/bin/hardening/disable_jffs2.sh @@ -6,7 +6,7 @@ # # -# 1.1.1.2 Esnure mounting of jffs2 filesystems is disabled (Scored) +# Esnure mounting of jffs2 filesystems is disabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/2.2.6_disable_ldap.sh b/bin/hardening/disable_ldap.sh similarity index 97% rename from bin/hardening/2.2.6_disable_ldap.sh rename to bin/hardening/disable_ldap.sh index 568ef3c..5262212 100755 --- a/bin/hardening/2.2.6_disable_ldap.sh +++ b/bin/hardening/disable_ldap.sh @@ -6,7 +6,7 @@ # # -# 2.2.6 Ensure LDAP server is not enabled (Scored) +# Ensure LDAP server is not enabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/2.3.5_disable_ldap_client.sh b/bin/hardening/disable_ldap_client.sh similarity index 97% rename from bin/hardening/2.3.5_disable_ldap_client.sh rename to bin/hardening/disable_ldap_client.sh index d87c7fc..1a33bdf 100755 --- a/bin/hardening/2.3.5_disable_ldap_client.sh +++ b/bin/hardening/disable_ldap_client.sh @@ -6,7 +6,7 @@ # # -# 2.3.5 Ensure LDAP client is not installed (Scored) +# Ensure LDAP client is not installed (Scored) # set -e # One error, it's over diff --git a/bin/hardening/2.2.7_disable_nfs_rpc.sh b/bin/hardening/disable_nfs_rpc.sh similarity index 97% rename from bin/hardening/2.2.7_disable_nfs_rpc.sh rename to bin/hardening/disable_nfs_rpc.sh index 54f42ab..84ee4e2 100755 --- a/bin/hardening/2.2.7_disable_nfs_rpc.sh +++ b/bin/hardening/disable_nfs_rpc.sh @@ -6,7 +6,7 @@ # # -# 2.2.7 Ensure NFS and RPC are not enabled (Scored) +# Ensure NFS and RPC are not enabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/2.2.17_disable_nis.sh b/bin/hardening/disable_nis.sh similarity index 97% rename from bin/hardening/2.2.17_disable_nis.sh rename to bin/hardening/disable_nis.sh index e90f762..3c86b8d 100755 --- a/bin/hardening/2.2.17_disable_nis.sh +++ b/bin/hardening/disable_nis.sh @@ -6,7 +6,7 @@ # # -# 2.2.17 Ensure NIS Server is not enabled (Scored) +# Ensure NIS Server is not enabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/1.6.3_disable_prelink.sh b/bin/hardening/disable_prelink.sh similarity index 97% rename from bin/hardening/1.6.3_disable_prelink.sh rename to bin/hardening/disable_prelink.sh index 1efd568..badf388 100755 --- a/bin/hardening/1.6.3_disable_prelink.sh +++ b/bin/hardening/disable_prelink.sh @@ -6,7 +6,7 @@ # # -# 1.6.3 Ensure prelink is disabled (Scored) +# Ensure prelink is disabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/2.2.4_disable_print_server.sh b/bin/hardening/disable_print_server.sh similarity index 97% rename from bin/hardening/2.2.4_disable_print_server.sh rename to bin/hardening/disable_print_server.sh index cf3e2bf..51508e1 100755 --- a/bin/hardening/2.2.4_disable_print_server.sh +++ b/bin/hardening/disable_print_server.sh @@ -6,7 +6,7 @@ # # -# 2.2.4 Ensure CUPS is not enabled (Scored) +# Ensure CUPS is not enabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/3.4.3_disable_rds.sh b/bin/hardening/disable_rds.sh similarity index 98% rename from bin/hardening/3.4.3_disable_rds.sh rename to bin/hardening/disable_rds.sh index 03b37c7..cb73998 100755 --- a/bin/hardening/3.4.3_disable_rds.sh +++ b/bin/hardening/disable_rds.sh @@ -6,7 +6,7 @@ # # -# 3.4.3 Ensure SCTP is disabled (Not Scored) +# Ensure SCTP is disabled (Not Scored) # set -e # One error, it's over diff --git a/bin/hardening/5.2.10_disable_root_login.sh b/bin/hardening/disable_root_login.sh similarity index 98% rename from bin/hardening/5.2.10_disable_root_login.sh rename to bin/hardening/disable_root_login.sh index 04bf510..f8e3c7f 100755 --- a/bin/hardening/5.2.10_disable_root_login.sh +++ b/bin/hardening/disable_root_login.sh @@ -6,7 +6,7 @@ # # -# 5.2.10 Ensure SSH root login is disabled (Scored) +# Ensure SSH root login is disabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/2.3.2_disable_rsh_client.sh b/bin/hardening/disable_rsh_client.sh similarity index 97% rename from bin/hardening/2.3.2_disable_rsh_client.sh rename to bin/hardening/disable_rsh_client.sh index 030099a..72fb1f7 100755 --- a/bin/hardening/2.3.2_disable_rsh_client.sh +++ b/bin/hardening/disable_rsh_client.sh @@ -6,7 +6,7 @@ # # -# 2.3.2 Ensure rsh client is not installed (Scored) +# Ensure rsh client is not installed (Scored) # set -e # One error, it's over diff --git a/bin/hardening/2.2.16_disable_rsync.sh b/bin/hardening/disable_rsync.sh similarity index 97% rename from bin/hardening/2.2.16_disable_rsync.sh rename to bin/hardening/disable_rsync.sh index 64e4e1a..5b0a652 100755 --- a/bin/hardening/2.2.16_disable_rsync.sh +++ b/bin/hardening/disable_rsync.sh @@ -6,7 +6,7 @@ # # -# 2.2.16 Ensure rsync service is not enabled (Scored) +# Ensure rsync service is not enabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/2.2.12_disable_samba.sh b/bin/hardening/disable_samba.sh similarity index 97% rename from bin/hardening/2.2.12_disable_samba.sh rename to bin/hardening/disable_samba.sh index 3df06a0..bb955d2 100755 --- a/bin/hardening/2.2.12_disable_samba.sh +++ b/bin/hardening/disable_samba.sh @@ -6,7 +6,7 @@ # # -# 2.2.12 Ensure Samba is not enabled (Scored) +# Ensure Samba is not enabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/3.4.2_disable_sctp.sh b/bin/hardening/disable_sctp.sh similarity index 98% rename from bin/hardening/3.4.2_disable_sctp.sh rename to bin/hardening/disable_sctp.sh index 94f1b40..45f23ab 100755 --- a/bin/hardening/3.4.2_disable_sctp.sh +++ b/bin/hardening/disable_sctp.sh @@ -6,7 +6,7 @@ # # -# 3.4.2 Ensure SCTP is disabled (Not Scored) +# Ensure SCTP is disabled (Not Scored) # set -e # One error, it's over diff --git a/bin/hardening/3.3.3_disable_secure_icmp_redirect.sh b/bin/hardening/disable_secure_icmp_redirect.sh similarity index 97% rename from bin/hardening/3.3.3_disable_secure_icmp_redirect.sh rename to bin/hardening/disable_secure_icmp_redirect.sh index 5ae544f..0dc829a 100755 --- a/bin/hardening/3.3.3_disable_secure_icmp_redirect.sh +++ b/bin/hardening/disable_secure_icmp_redirect.sh @@ -6,7 +6,7 @@ # # -# 3.3.3 Ensure secure ICMP redirects are not accepted (Scored) +# Ensure secure ICMP redirects are not accepted (Scored) # set -e # One error, it's over diff --git a/bin/hardening/3.2.1_disable_send_packet_redirects.sh b/bin/hardening/disable_send_packet_redirects.sh similarity index 97% rename from bin/hardening/3.2.1_disable_send_packet_redirects.sh rename to bin/hardening/disable_send_packet_redirects.sh index ea6ca75..f3a89c8 100755 --- a/bin/hardening/3.2.1_disable_send_packet_redirects.sh +++ b/bin/hardening/disable_send_packet_redirects.sh @@ -6,7 +6,7 @@ # # -# 3.2.1 Ensure packet redirect sending is disabled (Scored) +# Ensure packet redirect sending is disabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/2.2.14_disable_snmp_server.sh b/bin/hardening/disable_snmp_server.sh similarity index 97% rename from bin/hardening/2.2.14_disable_snmp_server.sh rename to bin/hardening/disable_snmp_server.sh index 82d761a..5dfe886 100755 --- a/bin/hardening/2.2.14_disable_snmp_server.sh +++ b/bin/hardening/disable_snmp_server.sh @@ -6,7 +6,7 @@ # # -# 2.2.14 Ensure SNMP Server is not enabled (Scored) +# Ensure SNMP Server is not enabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/3.3.1_disable_source_routed_packets.sh b/bin/hardening/disable_source_routed_packets.sh similarity index 98% rename from bin/hardening/3.3.1_disable_source_routed_packets.sh rename to bin/hardening/disable_source_routed_packets.sh index fe4b0ac..7fa6756 100755 --- a/bin/hardening/3.3.1_disable_source_routed_packets.sh +++ b/bin/hardening/disable_source_routed_packets.sh @@ -6,7 +6,7 @@ # # -# 3.3.1 Ensure source routed packets are not accepted (Scored) +# Ensure source routed packets are not accepted (Scored) # set -e # One error, it's over diff --git a/bin/hardening/1.1.1.5_disable_squashfs.sh b/bin/hardening/disable_squashfs.sh similarity index 97% rename from bin/hardening/1.1.1.5_disable_squashfs.sh rename to bin/hardening/disable_squashfs.sh index 506cd6b..73dd94e 100755 --- a/bin/hardening/1.1.1.5_disable_squashfs.sh +++ b/bin/hardening/disable_squashfs.sh @@ -6,7 +6,7 @@ # # -# 1.1.1.5 Ensure mounting of squashfs filesystems is disabled (Scored) +# Ensure mounting of squashfs filesystems is disabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/5.2.21_disable_ssh_allow_tcp_forwarding.sh b/bin/hardening/disable_ssh_allow_tcp_forwarding.sh similarity index 98% rename from bin/hardening/5.2.21_disable_ssh_allow_tcp_forwarding.sh rename to bin/hardening/disable_ssh_allow_tcp_forwarding.sh index bcf6023..6725a96 100755 --- a/bin/hardening/5.2.21_disable_ssh_allow_tcp_forwarding.sh +++ b/bin/hardening/disable_ssh_allow_tcp_forwarding.sh @@ -6,7 +6,7 @@ # # -# 5.2.21 Ensure SSH AllowTCPForwarding is disabled (Scored) +# Ensure SSH AllowTCPForwarding is disabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/5.2.9_disable_sshd_hostbasedauthentication.sh b/bin/hardening/disable_sshd_hostbasedauthentication.sh similarity index 98% rename from bin/hardening/5.2.9_disable_sshd_hostbasedauthentication.sh rename to bin/hardening/disable_sshd_hostbasedauthentication.sh index 2eaa287..8e8cd68 100755 --- a/bin/hardening/5.2.9_disable_sshd_hostbasedauthentication.sh +++ b/bin/hardening/disable_sshd_hostbasedauthentication.sh @@ -6,7 +6,7 @@ # # -# 5.2.9 Ensure SSH HostbasedAuthentication is disabled (Scored) +# Ensure SSH HostbasedAuthentication is disabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/5.2.11_disable_sshd_permitemptypasswords.sh b/bin/hardening/disable_sshd_permitemptypasswords.sh similarity index 98% rename from bin/hardening/5.2.11_disable_sshd_permitemptypasswords.sh rename to bin/hardening/disable_sshd_permitemptypasswords.sh index d713552..c05c895 100755 --- a/bin/hardening/5.2.11_disable_sshd_permitemptypasswords.sh +++ b/bin/hardening/disable_sshd_permitemptypasswords.sh @@ -6,7 +6,7 @@ # # -# 5.2.11 Ensure SSH PermitEmptyPasswords is disabled (Scored) +# Ensure SSH PermitEmptyPasswords is disabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/5.2.12_disable_sshd_setenv.sh b/bin/hardening/disable_sshd_setenv.sh similarity index 98% rename from bin/hardening/5.2.12_disable_sshd_setenv.sh rename to bin/hardening/disable_sshd_setenv.sh index 0ba0879..615f81b 100755 --- a/bin/hardening/5.2.12_disable_sshd_setenv.sh +++ b/bin/hardening/disable_sshd_setenv.sh @@ -6,7 +6,7 @@ # # -# 5.2.12 Ensure SSH PermitUserEnvironment is disabled (Scored) +# Ensure SSH PermitUserEnvironment is disabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/5.4.2_disable_system_accounts.sh b/bin/hardening/disable_system_accounts.sh similarity index 98% rename from bin/hardening/5.4.2_disable_system_accounts.sh rename to bin/hardening/disable_system_accounts.sh index 439caba..db9d445 100755 --- a/bin/hardening/5.4.2_disable_system_accounts.sh +++ b/bin/hardening/disable_system_accounts.sh @@ -6,7 +6,7 @@ # # -# 5.4.2 Ensure system accounts are non-login (Scored) +# Ensure system accounts are non-login (Scored) # set -e # One error, it's over diff --git a/bin/hardening/2.3.3_disable_talk_client.sh b/bin/hardening/disable_talk_client.sh similarity index 97% rename from bin/hardening/2.3.3_disable_talk_client.sh rename to bin/hardening/disable_talk_client.sh index 5bb5b8c..d815cb2 100755 --- a/bin/hardening/2.3.3_disable_talk_client.sh +++ b/bin/hardening/disable_talk_client.sh @@ -6,7 +6,7 @@ # # -# 2.3.3 Ensure talk client is not installed (Scored) +# Ensure talk client is not installed (Scored) # set -e # One error, it's over diff --git a/bin/hardening/2.3.4_disable_telnet_client.sh b/bin/hardening/disable_telnet_client.sh similarity index 97% rename from bin/hardening/2.3.4_disable_telnet_client.sh rename to bin/hardening/disable_telnet_client.sh index 6fb5418..3a4d441 100755 --- a/bin/hardening/2.3.4_disable_telnet_client.sh +++ b/bin/hardening/disable_telnet_client.sh @@ -6,7 +6,7 @@ # # -# 2.3.4 Ensure telnet client is not installed (Scored) +# Ensure telnet client is not installed (Scored) # set -e # One error, it's over diff --git a/bin/hardening/99.2.2_disable_telnet_server.sh b/bin/hardening/disable_telnet_server.sh similarity index 98% rename from bin/hardening/99.2.2_disable_telnet_server.sh rename to bin/hardening/disable_telnet_server.sh index f804b39..882be70 100755 --- a/bin/hardening/99.2.2_disable_telnet_server.sh +++ b/bin/hardening/disable_telnet_server.sh @@ -6,7 +6,7 @@ # # -# 99.2.2 Ensure telnet server is not enabled (Scored) +# Ensure telnet server is not enabled (Scored) # # Note: this check is not anymore in CIS hardening but we decided to keep it anyway diff --git a/bin/hardening/3.4.4_disable_tipc.sh b/bin/hardening/disable_tipc.sh similarity index 98% rename from bin/hardening/3.4.4_disable_tipc.sh rename to bin/hardening/disable_tipc.sh index e49a878..9c729d9 100755 --- a/bin/hardening/3.4.4_disable_tipc.sh +++ b/bin/hardening/disable_tipc.sh @@ -6,7 +6,7 @@ # # -# 3.4.4 Ensure TIPC is disabled (Not Scored) +# Ensure TIPC is disabled (Not Scored) # set -e # One error, it's over diff --git a/bin/hardening/1.1.1.6_disable_udf.sh b/bin/hardening/disable_udf.sh similarity index 97% rename from bin/hardening/1.1.1.6_disable_udf.sh rename to bin/hardening/disable_udf.sh index 76944ff..6ef91d1 100755 --- a/bin/hardening/1.1.1.6_disable_udf.sh +++ b/bin/hardening/disable_udf.sh @@ -6,7 +6,7 @@ # # -# 1.1.1.6 Ensure mounting of udf filesystems is disabled (Scored) +# Ensure mounting of udf filesystems is disabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/99.1.1.23_disable_usb_devices.sh b/bin/hardening/disable_usb_devices.sh similarity index 99% rename from bin/hardening/99.1.1.23_disable_usb_devices.sh rename to bin/hardening/disable_usb_devices.sh index 000888b..23b8975 100755 --- a/bin/hardening/99.1.1.23_disable_usb_devices.sh +++ b/bin/hardening/disable_usb_devices.sh @@ -6,7 +6,7 @@ # # -# 99.1.1.23 Disable USB Devices +# Disable USB Devices # set -e # One error, it's over diff --git a/bin/hardening/1.1.23_disable_usb_storage.sh b/bin/hardening/disable_usb_storage.sh similarity index 98% rename from bin/hardening/1.1.23_disable_usb_storage.sh rename to bin/hardening/disable_usb_storage.sh index df7aa12..bdcdc2a 100755 --- a/bin/hardening/1.1.23_disable_usb_storage.sh +++ b/bin/hardening/disable_usb_storage.sh @@ -6,7 +6,7 @@ # # -# 1.1.23 Disable USB storage (Scored) +# Disable USB storage (Scored) # set -e # One error, it's over diff --git a/bin/hardening/3.1.2_disable_wireless.sh b/bin/hardening/disable_wireless.sh similarity index 96% rename from bin/hardening/3.1.2_disable_wireless.sh rename to bin/hardening/disable_wireless.sh index 5b656d0..1950f5a 100755 --- a/bin/hardening/3.1.2_disable_wireless.sh +++ b/bin/hardening/disable_wireless.sh @@ -6,7 +6,7 @@ # # -# 3.1.2 Ensure wireless interfaces are disabled (Not Scored) +# Ensure wireless interfaces are disabled (Not Scored) # set -e # One error, it's over diff --git a/bin/hardening/5.2.6_disable_x11_forwarding.sh b/bin/hardening/disable_x11_forwarding.sh similarity index 98% rename from bin/hardening/5.2.6_disable_x11_forwarding.sh rename to bin/hardening/disable_x11_forwarding.sh index e917ba0..419d6b1 100755 --- a/bin/hardening/5.2.6_disable_x11_forwarding.sh +++ b/bin/hardening/disable_x11_forwarding.sh @@ -6,7 +6,7 @@ # # -# 5.2.6 Ensure SSH X11 forwarding is disabled (Scored) +# Ensure SSH X11 forwarding is disabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/2.1.1_disable_xinetd.sh b/bin/hardening/disable_xinetd.sh similarity index 97% rename from bin/hardening/2.1.1_disable_xinetd.sh rename to bin/hardening/disable_xinetd.sh index 21dde81..f25e2ad 100755 --- a/bin/hardening/2.1.1_disable_xinetd.sh +++ b/bin/hardening/disable_xinetd.sh @@ -6,7 +6,7 @@ # # -# 2.1.1 Ensure xinetd is not enabled (Scored) +# Ensure xinetd is not enabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/2.2.2_disable_xwindow_system.sh b/bin/hardening/disable_xwindow_system.sh similarity index 97% rename from bin/hardening/2.2.2_disable_xwindow_system.sh rename to bin/hardening/disable_xwindow_system.sh index ed36027..a0acc80 100755 --- a/bin/hardening/2.2.2_disable_xwindow_system.sh +++ b/bin/hardening/disable_xwindow_system.sh @@ -6,7 +6,7 @@ # # -# 2.2.2 Ensure the X Window system is not installed (Scored) +# Ensure the X Window system is not installed (Scored) # set -e # One error, it's over diff --git a/bin/hardening/1.7.1.2_enable_apparmor.sh b/bin/hardening/enable_apparmor.sh similarity index 97% rename from bin/hardening/1.7.1.2_enable_apparmor.sh rename to bin/hardening/enable_apparmor.sh index 9794104..cde992e 100755 --- a/bin/hardening/1.7.1.2_enable_apparmor.sh +++ b/bin/hardening/enable_apparmor.sh @@ -6,7 +6,7 @@ # # -# 1.7.2.2 Ensure AppArmor is enabled in the bootloader configuration (Scored) +# Ensure AppArmor is enabled in the bootloader configuration (Scored) # set -e # One error, it's over diff --git a/bin/hardening/4.1.1.2_enable_auditd.sh b/bin/hardening/enable_auditd.sh similarity index 97% rename from bin/hardening/4.1.1.2_enable_auditd.sh rename to bin/hardening/enable_auditd.sh index 2edfbb8..2f9df99 100755 --- a/bin/hardening/4.1.1.2_enable_auditd.sh +++ b/bin/hardening/enable_auditd.sh @@ -6,7 +6,7 @@ # # -# 4.1.1.2 Ensure auditd service is enabled (Scored) +# Ensure auditd service is enabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/99.4.0_enable_auditd_kernel.sh b/bin/hardening/enable_auditd_kernel.sh similarity index 96% rename from bin/hardening/99.4.0_enable_auditd_kernel.sh rename to bin/hardening/enable_auditd_kernel.sh index 828f185..f7936b8 100755 --- a/bin/hardening/99.4.0_enable_auditd_kernel.sh +++ b/bin/hardening/enable_auditd_kernel.sh @@ -6,7 +6,7 @@ # # -# 99.4.0 Ensure CONFIG_AUDIT is enabled in your running kernel +# Ensure CONFIG_AUDIT is enabled in your running kernel # set -e # One error, it's over diff --git a/bin/hardening/3.3.6_enable_bad_error_message_protection.sh b/bin/hardening/enable_bad_error_message_protection.sh similarity index 97% rename from bin/hardening/3.3.6_enable_bad_error_message_protection.sh rename to bin/hardening/enable_bad_error_message_protection.sh index 43e6c59..aa6d379 100755 --- a/bin/hardening/3.3.6_enable_bad_error_message_protection.sh +++ b/bin/hardening/enable_bad_error_message_protection.sh @@ -6,7 +6,7 @@ # # -# 3.3.6 Ensure bogus ICMP responses are ignored (Scored) +# Ensure bogus ICMP responses are ignored (Scored) # set -e # One error, it's over diff --git a/bin/hardening/5.1.1_enable_cron.sh b/bin/hardening/enable_cron.sh similarity index 97% rename from bin/hardening/5.1.1_enable_cron.sh rename to bin/hardening/enable_cron.sh index a716cbf..37d1c97 100755 --- a/bin/hardening/5.1.1_enable_cron.sh +++ b/bin/hardening/enable_cron.sh @@ -6,7 +6,7 @@ # # -# 5.1.1 Ensure cron daemon is enabled (Scored) +# Ensure cron daemon is enabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/3.5.1.1_enable_firewall.sh b/bin/hardening/enable_firewall.sh similarity index 98% rename from bin/hardening/3.5.1.1_enable_firewall.sh rename to bin/hardening/enable_firewall.sh index 1163387..235f289 100755 --- a/bin/hardening/3.5.1.1_enable_firewall.sh +++ b/bin/hardening/enable_firewall.sh @@ -6,7 +6,7 @@ # # -# 3.5.1.1 Ensure Firewall is active (Scored) +# Ensure Firewall is active (Scored) # set -e # One error, it's over diff --git a/bin/hardening/5.3.2_enable_lockout_failed_password.sh b/bin/hardening/enable_lockout_failed_password.sh similarity index 97% rename from bin/hardening/5.3.2_enable_lockout_failed_password.sh rename to bin/hardening/enable_lockout_failed_password.sh index 763e197..d8dabf5 100755 --- a/bin/hardening/5.3.2_enable_lockout_failed_password.sh +++ b/bin/hardening/enable_lockout_failed_password.sh @@ -6,7 +6,7 @@ # # -# 5.3.2 Ensure lockout for failed password attempts is configured (Scored) +# Ensure lockout for failed password attempts is configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/1.6.1_enable_nx_support.sh b/bin/hardening/enable_nx_support.sh similarity index 98% rename from bin/hardening/1.6.1_enable_nx_support.sh rename to bin/hardening/enable_nx_support.sh index b202d6d..f03fa1f 100755 --- a/bin/hardening/1.6.1_enable_nx_support.sh +++ b/bin/hardening/enable_nx_support.sh @@ -6,7 +6,7 @@ # # -# 1.6.1 Ensure XD/NX support is enabled (Not Scored) +# Ensure XD/NX support is enabled (Not Scored) # set -e # One error, it's over diff --git a/bin/hardening/5.3.1_enable_pwquality.sh b/bin/hardening/enable_pwquality.sh similarity index 98% rename from bin/hardening/5.3.1_enable_pwquality.sh rename to bin/hardening/enable_pwquality.sh index b1121bb..e0916f2 100755 --- a/bin/hardening/5.3.1_enable_pwquality.sh +++ b/bin/hardening/enable_pwquality.sh @@ -6,7 +6,7 @@ # # -# 5.3.1 Ensure password creation requirements are configured (Scored) +# Ensure password creation requirements are configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/1.6.2_enable_randomized_vm_placement.sh b/bin/hardening/enable_randomized_vm_placement.sh similarity index 96% rename from bin/hardening/1.6.2_enable_randomized_vm_placement.sh rename to bin/hardening/enable_randomized_vm_placement.sh index 9551ff1..1bea5eb 100755 --- a/bin/hardening/1.6.2_enable_randomized_vm_placement.sh +++ b/bin/hardening/enable_randomized_vm_placement.sh @@ -6,7 +6,7 @@ # # -# 1.6.2 Ensure address space layout randomization (ASLR) is enabled (Scored) +# Ensure address space layout randomization (ASLR) is enabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/3.3.7_enable_source_route_validation.sh b/bin/hardening/enable_source_route_validation.sh similarity index 97% rename from bin/hardening/3.3.7_enable_source_route_validation.sh rename to bin/hardening/enable_source_route_validation.sh index 2e50d5e..ebbf801 100755 --- a/bin/hardening/3.3.7_enable_source_route_validation.sh +++ b/bin/hardening/enable_source_route_validation.sh @@ -6,7 +6,7 @@ # # -# 3.3.7 Ensure Reverse Path Filtering is enabled (Scored) +# Ensure Reverse Path Filtering is enabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/5.2.20_enable_ssh_pam.sh b/bin/hardening/enable_ssh_pam.sh similarity index 98% rename from bin/hardening/5.2.20_enable_ssh_pam.sh rename to bin/hardening/enable_ssh_pam.sh index ffb5563..4230d06 100755 --- a/bin/hardening/5.2.20_enable_ssh_pam.sh +++ b/bin/hardening/enable_ssh_pam.sh @@ -6,7 +6,7 @@ # # -# 5.2.20 Ensure SSH PAM is enabled (Scored) +# Ensure SSH PAM is enabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/5.2.8_enable_sshd_ignorerhosts.sh b/bin/hardening/enable_sshd_ignorerhosts.sh similarity index 98% rename from bin/hardening/5.2.8_enable_sshd_ignorerhosts.sh rename to bin/hardening/enable_sshd_ignorerhosts.sh index aa82cf9..586b9bf 100755 --- a/bin/hardening/5.2.8_enable_sshd_ignorerhosts.sh +++ b/bin/hardening/enable_sshd_ignorerhosts.sh @@ -6,7 +6,7 @@ # # -# 5.2.8 Ensure SSH IgnoreRhosts is enabled (Scored) +# Ensure SSH IgnoreRhosts is enabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/4.2.1.2_enable_syslog-ng.sh b/bin/hardening/enable_syslog-ng.sh similarity index 97% rename from bin/hardening/4.2.1.2_enable_syslog-ng.sh rename to bin/hardening/enable_syslog-ng.sh index 4a0dc4e..3800458 100755 --- a/bin/hardening/4.2.1.2_enable_syslog-ng.sh +++ b/bin/hardening/enable_syslog-ng.sh @@ -6,7 +6,7 @@ # # -# 4.2.1.2 Ensure syslog-ng service is enabled (Scored) +# Ensure syslog-ng service is enabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/3.3.8_enable_tcp_syn_cookies.sh b/bin/hardening/enable_tcp_syn_cookies.sh similarity index 98% rename from bin/hardening/3.3.8_enable_tcp_syn_cookies.sh rename to bin/hardening/enable_tcp_syn_cookies.sh index 16038e3..ae8e02b 100755 --- a/bin/hardening/3.3.8_enable_tcp_syn_cookies.sh +++ b/bin/hardening/enable_tcp_syn_cookies.sh @@ -6,7 +6,7 @@ # # -# 3.3.8 Ensure TCP SYN Cookies is enabled (Scored) +# Ensure TCP SYN Cookies is enabled (Scored) # set -e # One error, it's over diff --git a/bin/hardening/1.7.1.3_enforce_or_complain_apparmor.sh b/bin/hardening/enforce_or_complain_apparmor.sh similarity index 96% rename from bin/hardening/1.7.1.3_enforce_or_complain_apparmor.sh rename to bin/hardening/enforce_or_complain_apparmor.sh index 003728a..548dc42 100755 --- a/bin/hardening/1.7.1.3_enforce_or_complain_apparmor.sh +++ b/bin/hardening/enforce_or_complain_apparmor.sh @@ -6,7 +6,7 @@ # # -# 1.7.1.3 Ensure all AppArmor profiles are in enforce or complain mode (Scored) +# Ensure all AppArmor profiles are in enforce or complain mode (Scored) # set -e # One error, it's over diff --git a/bin/hardening/1.7.1.4_enforcing_apparmor.sh b/bin/hardening/enforcing_apparmor.sh similarity index 98% rename from bin/hardening/1.7.1.4_enforcing_apparmor.sh rename to bin/hardening/enforcing_apparmor.sh index f1cb847..1827123 100755 --- a/bin/hardening/1.7.1.4_enforcing_apparmor.sh +++ b/bin/hardening/enforcing_apparmor.sh @@ -6,7 +6,7 @@ # # -# 1.7.1.4 Ensure all AppArmor profiles are enforcing (Scored) +# Ensure all AppArmor profiles are enforcing (Scored) # set -e # One error, it's over diff --git a/bin/hardening/6.1.8_etc_group-_permissions.sh b/bin/hardening/etc_group-_permissions.sh similarity index 97% rename from bin/hardening/6.1.8_etc_group-_permissions.sh rename to bin/hardening/etc_group-_permissions.sh index b14e447..620c6e9 100755 --- a/bin/hardening/6.1.8_etc_group-_permissions.sh +++ b/bin/hardening/etc_group-_permissions.sh @@ -6,7 +6,7 @@ # # -# 6.1.8 Ensure permissions on /etc/group- are configured (Scored) +# Ensure permissions on /etc/group- are configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/6.1.5_etc_group_permissions.sh b/bin/hardening/etc_group_permissions.sh similarity index 97% rename from bin/hardening/6.1.5_etc_group_permissions.sh rename to bin/hardening/etc_group_permissions.sh index 175e430..bc63654 100755 --- a/bin/hardening/6.1.5_etc_group_permissions.sh +++ b/bin/hardening/etc_group_permissions.sh @@ -6,7 +6,7 @@ # # -# 6.1.5 Ensure permissions on /etc/group are configured (Scored) +# Ensure permissions on /etc/group are configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/6.1.3_etc_gshadow-_permissions.sh b/bin/hardening/etc_gshadow-_permissions.sh similarity index 97% rename from bin/hardening/6.1.3_etc_gshadow-_permissions.sh rename to bin/hardening/etc_gshadow-_permissions.sh index 6cc781d..60cec64 100755 --- a/bin/hardening/6.1.3_etc_gshadow-_permissions.sh +++ b/bin/hardening/etc_gshadow-_permissions.sh @@ -6,7 +6,7 @@ # # -# 6.1.3 Ensure permissions on /etc/gshadow- are configured (Scored) +# Ensure permissions on /etc/gshadow- are configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/6.1.9_etc_gshadow_permissions.sh b/bin/hardening/etc_gshadow_permissions.sh similarity index 97% rename from bin/hardening/6.1.9_etc_gshadow_permissions.sh rename to bin/hardening/etc_gshadow_permissions.sh index 856f9e5..9df82e6 100755 --- a/bin/hardening/6.1.9_etc_gshadow_permissions.sh +++ b/bin/hardening/etc_gshadow_permissions.sh @@ -6,7 +6,7 @@ # # -# 6.1.9 Ensure permissions on /etc/gshadow are configured (Scored) +# Ensure permissions on /etc/gshadow are configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/1.8.1.6_etc_issue_net_perms.sh b/bin/hardening/etc_issue_net_perms.sh similarity index 97% rename from bin/hardening/1.8.1.6_etc_issue_net_perms.sh rename to bin/hardening/etc_issue_net_perms.sh index 87c73d7..be2771a 100755 --- a/bin/hardening/1.8.1.6_etc_issue_net_perms.sh +++ b/bin/hardening/etc_issue_net_perms.sh @@ -6,7 +6,7 @@ # # -# 1.8.1.6 Ensure permissions on /etc/issue.net are configured (Scored) +# Ensure permissions on /etc/issue.net are configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/1.8.1.5_etc_issue_perms.sh b/bin/hardening/etc_issue_perms.sh similarity index 97% rename from bin/hardening/1.8.1.5_etc_issue_perms.sh rename to bin/hardening/etc_issue_perms.sh index cacebea..832d061 100755 --- a/bin/hardening/1.8.1.5_etc_issue_perms.sh +++ b/bin/hardening/etc_issue_perms.sh @@ -6,7 +6,7 @@ # # -# 1.8.1.5 Ensure permissions on /etc/issue are configured (Scored) +# Ensure permissions on /etc/issue are configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/6.1.6_etc_passwd-_permissions.sh b/bin/hardening/etc_passwd-_permissions.sh similarity index 97% rename from bin/hardening/6.1.6_etc_passwd-_permissions.sh rename to bin/hardening/etc_passwd-_permissions.sh index 781b9ff..fc1df8f 100755 --- a/bin/hardening/6.1.6_etc_passwd-_permissions.sh +++ b/bin/hardening/etc_passwd-_permissions.sh @@ -6,7 +6,7 @@ # # -# 6.1.6 Ensure permissions on /etc/passwd- are configured (Scored) +# Ensure permissions on /etc/passwd- are configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/6.1.2_etc_passwd_permissions.sh b/bin/hardening/etc_passwd_permissions.sh similarity index 97% rename from bin/hardening/6.1.2_etc_passwd_permissions.sh rename to bin/hardening/etc_passwd_permissions.sh index 5bba2f9..0b02b7c 100755 --- a/bin/hardening/6.1.2_etc_passwd_permissions.sh +++ b/bin/hardening/etc_passwd_permissions.sh @@ -6,7 +6,7 @@ # # -# 6.1.2 Ensure permissions on /etc/passwd are configured (Scored) +# Ensure permissions on /etc/passwd are configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/6.1.7_etc_shadow-_permissions.sh b/bin/hardening/etc_shadow-_permissions.sh similarity index 97% rename from bin/hardening/6.1.7_etc_shadow-_permissions.sh rename to bin/hardening/etc_shadow-_permissions.sh index a67e59e..1a7f993 100755 --- a/bin/hardening/6.1.7_etc_shadow-_permissions.sh +++ b/bin/hardening/etc_shadow-_permissions.sh @@ -6,7 +6,7 @@ # # -# 6.1.7 Ensure permissions on /etc/shadow- are configured (Scored) +# Ensure permissions on /etc/shadow- are configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/6.1.4_etc_shadow_permissions.sh b/bin/hardening/etc_shadow_permissions.sh similarity index 97% rename from bin/hardening/6.1.4_etc_shadow_permissions.sh rename to bin/hardening/etc_shadow_permissions.sh index 46f0369..a582e39 100755 --- a/bin/hardening/6.1.4_etc_shadow_permissions.sh +++ b/bin/hardening/etc_shadow_permissions.sh @@ -6,7 +6,7 @@ # # -# 6.1.4 Ensure permissions on /etc/shadow are configured (Scored) +# Ensure permissions on /etc/shadow are configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/6.2.6_find_0_uid_non_root_account.sh b/bin/hardening/find_0_uid_non_root_account.sh similarity index 97% rename from bin/hardening/6.2.6_find_0_uid_non_root_account.sh rename to bin/hardening/find_0_uid_non_root_account.sh index 3666a62..e5f0e40 100755 --- a/bin/hardening/6.2.6_find_0_uid_non_root_account.sh +++ b/bin/hardening/find_0_uid_non_root_account.sh @@ -6,7 +6,7 @@ # # -# 6.2.6 Ensure root is the only UID 0 account (Scored) +# Ensure root is the only UID 0 account (Scored) # set -e # One error, it's over diff --git a/bin/hardening/6.2.15_find_passwd_group_inconsistencies.sh b/bin/hardening/find_passwd_group_inconsistencies.sh similarity index 96% rename from bin/hardening/6.2.15_find_passwd_group_inconsistencies.sh rename to bin/hardening/find_passwd_group_inconsistencies.sh index cee6691..0799f54 100755 --- a/bin/hardening/6.2.15_find_passwd_group_inconsistencies.sh +++ b/bin/hardening/find_passwd_group_inconsistencies.sh @@ -6,7 +6,7 @@ # # -# 6.2.15 Ensure all groups in /etc/passwd exist in /etc/group (Scored) +# Ensure all groups in /etc/passwd exist in /etc/group (Scored) # set -e # One error, it's over diff --git a/bin/hardening/6.1.14_find_sgid_files.sh b/bin/hardening/find_sgid_files.sh similarity index 98% rename from bin/hardening/6.1.14_find_sgid_files.sh rename to bin/hardening/find_sgid_files.sh index f16106e..c44eb2d 100755 --- a/bin/hardening/6.1.14_find_sgid_files.sh +++ b/bin/hardening/find_sgid_files.sh @@ -6,7 +6,7 @@ # # -# 6.1.14 Audit SGID executables (Not Scored) +# Audit SGID executables (Not Scored) # set -e # One error, it's over diff --git a/bin/hardening/6.1.13_find_suid_files.sh b/bin/hardening/find_suid_files.sh similarity index 98% rename from bin/hardening/6.1.13_find_suid_files.sh rename to bin/hardening/find_suid_files.sh index 820a6bb..07a30ac 100755 --- a/bin/hardening/6.1.13_find_suid_files.sh +++ b/bin/hardening/find_suid_files.sh @@ -6,7 +6,7 @@ # # -# 6.1.13 Audit SUID executables (Not Scored) +# Audit SUID executables (Not Scored) # set -e # One error, it's over diff --git a/bin/hardening/6.1.12_find_ungrouped_files.sh b/bin/hardening/find_ungrouped_files.sh similarity index 98% rename from bin/hardening/6.1.12_find_ungrouped_files.sh rename to bin/hardening/find_ungrouped_files.sh index 81a20c8..dbb989c 100755 --- a/bin/hardening/6.1.12_find_ungrouped_files.sh +++ b/bin/hardening/find_ungrouped_files.sh @@ -6,7 +6,7 @@ # # -# 6.1.12 Ensure no ungrouped files or directories exist (Scored) +# Ensure no ungrouped files or directories exist (Scored) # set -e # One error, it's over diff --git a/bin/hardening/6.1.11_find_unowned_files.sh b/bin/hardening/find_unowned_files.sh similarity index 98% rename from bin/hardening/6.1.11_find_unowned_files.sh rename to bin/hardening/find_unowned_files.sh index 2173e44..7bdc456 100755 --- a/bin/hardening/6.1.11_find_unowned_files.sh +++ b/bin/hardening/find_unowned_files.sh @@ -6,7 +6,7 @@ # # -# 6.1.11 Ensure no unowned files or directories exist (Scored) +# Ensure no unowned files or directories exist (Scored) # set -e # One error, it's over diff --git a/bin/hardening/6.2.11_find_user_forward_files.sh b/bin/hardening/find_user_forward_files.sh similarity index 97% rename from bin/hardening/6.2.11_find_user_forward_files.sh rename to bin/hardening/find_user_forward_files.sh index 5f23d16..e7eccdc 100755 --- a/bin/hardening/6.2.11_find_user_forward_files.sh +++ b/bin/hardening/find_user_forward_files.sh @@ -6,7 +6,7 @@ # # -# 6.2.11 Ensure no users have .forward files (Scored) +# Ensure no users have .forward files (Scored) # set -e # One error, it's over diff --git a/bin/hardening/6.2.12_find_user_netrc_files.sh b/bin/hardening/find_user_netrc_files.sh similarity index 97% rename from bin/hardening/6.2.12_find_user_netrc_files.sh rename to bin/hardening/find_user_netrc_files.sh index e146e4b..75193ef 100755 --- a/bin/hardening/6.2.12_find_user_netrc_files.sh +++ b/bin/hardening/find_user_netrc_files.sh @@ -6,7 +6,7 @@ # # -# 6.2.12 Ensure no users have .netrc files (Scored) +# Ensure no users have .netrc files (Scored) # set -e # One error, it's over diff --git a/bin/hardening/6.2.14_find_user_rhosts_files.sh b/bin/hardening/find_user_rhosts_files.sh similarity index 97% rename from bin/hardening/6.2.14_find_user_rhosts_files.sh rename to bin/hardening/find_user_rhosts_files.sh index b915875..c6a4b03 100755 --- a/bin/hardening/6.2.14_find_user_rhosts_files.sh +++ b/bin/hardening/find_user_rhosts_files.sh @@ -6,7 +6,7 @@ # # -# 6.2.14 Ensure no users have .rhosts files (Scored) +# Ensure no users have .rhosts files (Scored) # set -e # One error, it's over diff --git a/bin/hardening/6.1.10_find_world_writable_file.sh b/bin/hardening/find_world_writable_file.sh similarity index 98% rename from bin/hardening/6.1.10_find_world_writable_file.sh rename to bin/hardening/find_world_writable_file.sh index 1722630..b8323c0 100755 --- a/bin/hardening/6.1.10_find_world_writable_file.sh +++ b/bin/hardening/find_world_writable_file.sh @@ -6,7 +6,7 @@ # # -# 6.1.10 Ensure no world writable files exist (Scored) +# Ensure no world writable files exist (Scored) # set -e # One error, it's over diff --git a/bin/hardening/4.1.17_freeze_auditd_conf.sh b/bin/hardening/freeze_auditd_conf.sh similarity index 97% rename from bin/hardening/4.1.17_freeze_auditd_conf.sh rename to bin/hardening/freeze_auditd_conf.sh index 3416cbb..6ec1a7f 100755 --- a/bin/hardening/4.1.17_freeze_auditd_conf.sh +++ b/bin/hardening/freeze_auditd_conf.sh @@ -6,7 +6,7 @@ # # -# 4.1.17 Ensure the audit configuration is immutable (Scored) +# Ensure the audit configuration is immutable (Scored) # set -e # One error, it's over diff --git a/bin/hardening/1.8.2_graphical_warning_banners.sh b/bin/hardening/graphical_warning_banners.sh similarity index 95% rename from bin/hardening/1.8.2_graphical_warning_banners.sh rename to bin/hardening/graphical_warning_banners.sh index ea0e842..ce89444 100755 --- a/bin/hardening/1.8.2_graphical_warning_banners.sh +++ b/bin/hardening/graphical_warning_banners.sh @@ -6,7 +6,7 @@ # # -# 1.8.2 Ensure GDM login banner is configured (Scored) +# Ensure GDM login banner is configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/4.1.2.2_halt_when_audit_log_full.sh b/bin/hardening/halt_when_audit_log_full.sh similarity index 97% rename from bin/hardening/4.1.2.2_halt_when_audit_log_full.sh rename to bin/hardening/halt_when_audit_log_full.sh index 0196d79..5de3b43 100755 --- a/bin/hardening/4.1.2.2_halt_when_audit_log_full.sh +++ b/bin/hardening/halt_when_audit_log_full.sh @@ -6,7 +6,7 @@ # # -# 4.1.2.2 Ensure system is disabled when audit logs are full (Scored) +# Ensure system is disabled when audit logs are full (Scored) # set -e # One error, it's over diff --git a/bin/hardening/1.1.14_home_nodev.sh b/bin/hardening/home_nodev.sh similarity index 98% rename from bin/hardening/1.1.14_home_nodev.sh rename to bin/hardening/home_nodev.sh index 7139a67..f3fbafd 100755 --- a/bin/hardening/1.1.14_home_nodev.sh +++ b/bin/hardening/home_nodev.sh @@ -6,7 +6,7 @@ # # -# 1.1.14 Ensure nodev Option set on /home (Scored) +# Ensure nodev Option set on /home (Scored) # set -e # One error, it's over diff --git a/bin/hardening/1.1.14.1_home_nosuid.sh b/bin/hardening/home_nosuid.sh similarity index 97% rename from bin/hardening/1.1.14.1_home_nosuid.sh rename to bin/hardening/home_nosuid.sh index 90a0a80..b45e49e 100755 --- a/bin/hardening/1.1.14.1_home_nosuid.sh +++ b/bin/hardening/home_nosuid.sh @@ -6,7 +6,7 @@ # # -# 1.1.14.1 Ensure nosuid option set on /home partition (Scored) +# Ensure nosuid option set on /home partition (Scored) # set -e # One error, it's over diff --git a/bin/hardening/1.1.13_home_partition.sh b/bin/hardening/home_partition.sh similarity index 97% rename from bin/hardening/1.1.13_home_partition.sh rename to bin/hardening/home_partition.sh index 49faeb8..8e88ee4 100755 --- a/bin/hardening/1.1.13_home_partition.sh +++ b/bin/hardening/home_partition.sh @@ -6,7 +6,7 @@ # # -# 1.1.13 Ensure separate partition exists for /home (Scored) +# Ensure separate partition exists for /home (Scored) # set -e # One error, it's over diff --git a/bin/hardening/99.3.3.2_hosts_allow.sh b/bin/hardening/hosts_allow.sh similarity index 96% rename from bin/hardening/99.3.3.2_hosts_allow.sh rename to bin/hardening/hosts_allow.sh index c56515b..49894e0 100755 --- a/bin/hardening/99.3.3.2_hosts_allow.sh +++ b/bin/hardening/hosts_allow.sh @@ -6,7 +6,7 @@ # # -# 99.3.3.2 Ensure /etc/hosts.allow is configured (Not Scored) +# Ensure /etc/hosts.allow is configured (Not Scored) # set -e # One error, it's over diff --git a/bin/hardening/99.3.3.4_hosts_allow_permissions.sh b/bin/hardening/hosts_allow_permissions.sh similarity index 97% rename from bin/hardening/99.3.3.4_hosts_allow_permissions.sh rename to bin/hardening/hosts_allow_permissions.sh index b7befb0..a5901b6 100755 --- a/bin/hardening/99.3.3.4_hosts_allow_permissions.sh +++ b/bin/hardening/hosts_allow_permissions.sh @@ -6,7 +6,7 @@ # # -# 99.3.3.4 Ensure permissions on /etc/hosts.allow are configured (Scored) +# Ensure permissions on /etc/hosts.allow are configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/99.3.3.3_hosts_deny.sh b/bin/hardening/hosts_deny.sh similarity index 97% rename from bin/hardening/99.3.3.3_hosts_deny.sh rename to bin/hardening/hosts_deny.sh index 0a5438a..4540e68 100755 --- a/bin/hardening/99.3.3.3_hosts_deny.sh +++ b/bin/hardening/hosts_deny.sh @@ -6,7 +6,7 @@ # # -# 99.3.3.3 Ensure /etc/hosts.deny is configured (Not Scored) +# Ensure /etc/hosts.deny is configured (Not Scored) # set -e # One error, it's over diff --git a/bin/hardening/99.3.3.5_hosts_deny_permissions.sh b/bin/hardening/hosts_deny_permissions.sh similarity index 97% rename from bin/hardening/99.3.3.5_hosts_deny_permissions.sh rename to bin/hardening/hosts_deny_permissions.sh index 7b27c3a..c7945dc 100755 --- a/bin/hardening/99.3.3.5_hosts_deny_permissions.sh +++ b/bin/hardening/hosts_deny_permissions.sh @@ -6,7 +6,7 @@ # # -# 99.3.3.5 Verify permissions on /etc/hosts.deny (Scored) +# Verify permissions on /etc/hosts.deny (Scored) # set -e # One error, it's over diff --git a/bin/hardening/3.3.5_ignore_broadcast_requests.sh b/bin/hardening/ignore_broadcast_requests.sh similarity index 97% rename from bin/hardening/3.3.5_ignore_broadcast_requests.sh rename to bin/hardening/ignore_broadcast_requests.sh index 2ca57bb..d7ca70d 100755 --- a/bin/hardening/3.3.5_ignore_broadcast_requests.sh +++ b/bin/hardening/ignore_broadcast_requests.sh @@ -6,7 +6,7 @@ # # -# 3.3.5 Ensure broadcast ICMP requests are ignored (Scored) +# Ensure broadcast ICMP requests are ignored (Scored) # set -e # One error, it's over diff --git a/bin/hardening/1.7.1.1_install_apparmor.sh b/bin/hardening/install_apparmor.sh similarity index 97% rename from bin/hardening/1.7.1.1_install_apparmor.sh rename to bin/hardening/install_apparmor.sh index faccba1..5f6568d 100755 --- a/bin/hardening/1.7.1.1_install_apparmor.sh +++ b/bin/hardening/install_apparmor.sh @@ -6,7 +6,7 @@ # # -# 1.7.1.1 Ensure AppArmor is installed (Scored) +# Ensure AppArmor is installed (Scored) # set -e # One error, it's over diff --git a/bin/hardening/4.1.1.1_install_auditd.sh b/bin/hardening/install_auditd.sh similarity index 97% rename from bin/hardening/4.1.1.1_install_auditd.sh rename to bin/hardening/install_auditd.sh index 6447356..234c8b0 100755 --- a/bin/hardening/4.1.1.1_install_auditd.sh +++ b/bin/hardening/install_auditd.sh @@ -6,7 +6,7 @@ # # -# 4.1.1.1 Ensure auditing is installed (Scored) +# Ensure auditing is installed (Scored) # set -e # One error, it's over diff --git a/bin/hardening/1.3.1_install_sudo.sh b/bin/hardening/install_sudo.sh similarity index 97% rename from bin/hardening/1.3.1_install_sudo.sh rename to bin/hardening/install_sudo.sh index 61635de..e403bda 100755 --- a/bin/hardening/1.3.1_install_sudo.sh +++ b/bin/hardening/install_sudo.sh @@ -6,7 +6,7 @@ # # -# 1.3.1 Ensure sudo is installed (Scored) +# Ensure sudo is installed (Scored) # set -e # One error, it's over diff --git a/bin/hardening/4.2.1.1_install_syslog-ng.sh b/bin/hardening/install_syslog-ng.sh similarity index 97% rename from bin/hardening/4.2.1.1_install_syslog-ng.sh rename to bin/hardening/install_syslog-ng.sh index 1cb6ebb..00fef7c 100755 --- a/bin/hardening/4.2.1.1_install_syslog-ng.sh +++ b/bin/hardening/install_syslog-ng.sh @@ -6,7 +6,7 @@ # # -# 4.2.1.1 Ensure syslog-ng is installed (Scored) +# Ensure syslog-ng is installed (Scored) # set -e # One error, it's over diff --git a/bin/hardening/99.3.3.1_install_tcp_wrapper.sh b/bin/hardening/install_tcp_wrapper.sh similarity index 96% rename from bin/hardening/99.3.3.1_install_tcp_wrapper.sh rename to bin/hardening/install_tcp_wrapper.sh index 87247be..a69cd2f 100755 --- a/bin/hardening/99.3.3.1_install_tcp_wrapper.sh +++ b/bin/hardening/install_tcp_wrapper.sh @@ -6,7 +6,7 @@ # # -# 99.3.3.1 Ensure TCP Wrappers is installed (Scored) +# Ensure TCP Wrappers is installed (Scored) # set -e # One error, it's over diff --git a/bin/hardening/1.4.1_install_tripwire.sh b/bin/hardening/install_tripwire.sh similarity index 97% rename from bin/hardening/1.4.1_install_tripwire.sh rename to bin/hardening/install_tripwire.sh index b2ed7e3..75ccb89 100755 --- a/bin/hardening/1.4.1_install_tripwire.sh +++ b/bin/hardening/install_tripwire.sh @@ -6,7 +6,7 @@ # # -# 1.4.1 Ensure tripwire is installed (Scored) +# Ensure tripwire is installed (Scored) # set -e # One error, it's over diff --git a/bin/hardening/1.9_install_updates.sh b/bin/hardening/install_updates.sh similarity index 95% rename from bin/hardening/1.9_install_updates.sh rename to bin/hardening/install_updates.sh index 8ee1147..b10bc9d 100755 --- a/bin/hardening/1.9_install_updates.sh +++ b/bin/hardening/install_updates.sh @@ -6,7 +6,7 @@ # # -# 1.9 Ensure updates, patches and additional security software are installed (Not Scored) +# Ensure updates, patches and additional security software are installed (Not Scored) # set -e # One error, it's over diff --git a/bin/hardening/4.2.2.2_journald_compress.sh b/bin/hardening/journald_compress.sh similarity index 97% rename from bin/hardening/4.2.2.2_journald_compress.sh rename to bin/hardening/journald_compress.sh index 7057fc3..ada79d7 100755 --- a/bin/hardening/4.2.2.2_journald_compress.sh +++ b/bin/hardening/journald_compress.sh @@ -6,7 +6,7 @@ # # -# 4.2.2.2 Ensure journald is configured to compress large files (Scored) +# Ensure journald is configured to compress large files (Scored) # set -e # One error, it's over diff --git a/bin/hardening/4.2.2.1_journald_logs.sh b/bin/hardening/journald_logs.sh similarity index 97% rename from bin/hardening/4.2.2.1_journald_logs.sh rename to bin/hardening/journald_logs.sh index bef7332..50c9fc5 100755 --- a/bin/hardening/4.2.2.1_journald_logs.sh +++ b/bin/hardening/journald_logs.sh @@ -6,7 +6,7 @@ # # -# 4.2.2.1 Ensure journald is configured to send logs to syslog-ng (Scored) +# Ensure journald is configured to send logs to syslog-ng (Scored) # set -e # One error, it's over diff --git a/bin/hardening/4.2.2.3_journald_write_persistent.sh b/bin/hardening/journald_write_persistent.sh similarity index 97% rename from bin/hardening/4.2.2.3_journald_write_persistent.sh rename to bin/hardening/journald_write_persistent.sh index 46ba769..173e793 100755 --- a/bin/hardening/4.2.2.3_journald_write_persistent.sh +++ b/bin/hardening/journald_write_persistent.sh @@ -6,7 +6,7 @@ # # -# 4.2.2.3 Ensure journald is configured to write logfiles to persistent disk (Scored) +# Ensure journald is configured to write logfiles to persistent disk (Scored) # set -e # One error, it's over diff --git a/bin/hardening/4.1.2.3_keep_all_audit_logs.sh b/bin/hardening/keep_all_audit_logs.sh similarity index 97% rename from bin/hardening/4.1.2.3_keep_all_audit_logs.sh rename to bin/hardening/keep_all_audit_logs.sh index 764595b..e3194ee 100755 --- a/bin/hardening/4.1.2.3_keep_all_audit_logs.sh +++ b/bin/hardening/keep_all_audit_logs.sh @@ -6,7 +6,7 @@ # # -# 4.1.2.3 Ensure audit logs are not automatically deleted (Scored) +# Ensure audit logs are not automatically deleted (Scored) # set -e # One error, it's over diff --git a/bin/hardening/5.4.1.5_last_password_change_past.sh b/bin/hardening/last_password_change_past.sh similarity index 94% rename from bin/hardening/5.4.1.5_last_password_change_past.sh rename to bin/hardening/last_password_change_past.sh index 3beefc2..a5bb051 100755 --- a/bin/hardening/5.4.1.5_last_password_change_past.sh +++ b/bin/hardening/last_password_change_past.sh @@ -6,7 +6,7 @@ # # -# 5.4.1.5 Ensure all users last password change date is in the past (Scored) +# Ensure all users last password change date is in the past (Scored) # set -e # One error, it's over diff --git a/bin/hardening/5.3.3_limit_password_reuse.sh b/bin/hardening/limit_password_reuse.sh similarity index 97% rename from bin/hardening/5.3.3_limit_password_reuse.sh rename to bin/hardening/limit_password_reuse.sh index 13c646c..9b4fbc4 100755 --- a/bin/hardening/5.3.3_limit_password_reuse.sh +++ b/bin/hardening/limit_password_reuse.sh @@ -6,7 +6,7 @@ # # -# 5.3.3 Ensure password reuse is limited (Scored) +# Ensure password reuse is limited (Scored) # set -e # One error, it's over diff --git a/bin/hardening/5.2.23_limit_ssh_max_sessions.sh b/bin/hardening/limit_ssh_max_sessions.sh similarity index 98% rename from bin/hardening/5.2.23_limit_ssh_max_sessions.sh rename to bin/hardening/limit_ssh_max_sessions.sh index c094c13..58bb347 100755 --- a/bin/hardening/5.2.23_limit_ssh_max_sessions.sh +++ b/bin/hardening/limit_ssh_max_sessions.sh @@ -6,7 +6,7 @@ # # -# 5.2.23 Ensure SSH MaxSessions is limited (Scored) +# Ensure SSH MaxSessions is limited (Scored) # set -e # One error, it's over diff --git a/bin/hardening/5.4.1.4_lock_inactive_user_account.sh b/bin/hardening/lock_inactive_user_account.sh similarity index 96% rename from bin/hardening/5.4.1.4_lock_inactive_user_account.sh rename to bin/hardening/lock_inactive_user_account.sh index 87cb2bc..d72f5b5 100755 --- a/bin/hardening/5.4.1.4_lock_inactive_user_account.sh +++ b/bin/hardening/lock_inactive_user_account.sh @@ -6,7 +6,7 @@ # # -# 5.4.1.4 Ensure inactive password lock is 30 days or less (Scored) +# Ensure inactive password lock is 30 days or less (Scored) # set -e # One error, it's over diff --git a/bin/hardening/3.3.4_log_martian_packets.sh b/bin/hardening/log_martian_packets.sh similarity index 98% rename from bin/hardening/3.3.4_log_martian_packets.sh rename to bin/hardening/log_martian_packets.sh index 28ff74e..5002fdc 100755 --- a/bin/hardening/3.3.4_log_martian_packets.sh +++ b/bin/hardening/log_martian_packets.sh @@ -6,7 +6,7 @@ # # -# 3.3.4 Ensure suspicious packets are logged (Scored) +# Ensure suspicious packets are logged (Scored) # set -e # One error, it's over diff --git a/bin/hardening/1.3.3_logfile_sudo.sh b/bin/hardening/logfile_sudo.sh similarity index 97% rename from bin/hardening/1.3.3_logfile_sudo.sh rename to bin/hardening/logfile_sudo.sh index dc5c9ac..fa9166d 100755 --- a/bin/hardening/1.3.3_logfile_sudo.sh +++ b/bin/hardening/logfile_sudo.sh @@ -6,7 +6,7 @@ # # -# 1.3.3 Ensure sudo log file exists (Scored) +# Ensure sudo log file exists (Scored) # set -e # One error, it's over diff --git a/bin/hardening/4.4_logrotate_permissions.sh b/bin/hardening/logrotate_permissions.sh similarity index 97% rename from bin/hardening/4.4_logrotate_permissions.sh rename to bin/hardening/logrotate_permissions.sh index 2de14e7..3ec096a 100755 --- a/bin/hardening/4.4_logrotate_permissions.sh +++ b/bin/hardening/logrotate_permissions.sh @@ -6,7 +6,7 @@ # # -# 4.4 Ensure logrotate assigns approriate permissions (Scored) +# Ensure logrotate assigns approriate permissions (Scored) # set -e # One error, it's over diff --git a/bin/hardening/4.2.3_logs_permissions.sh b/bin/hardening/logs_permissions.sh similarity index 97% rename from bin/hardening/4.2.3_logs_permissions.sh rename to bin/hardening/logs_permissions.sh index 7702004..67a7d38 100755 --- a/bin/hardening/4.2.3_logs_permissions.sh +++ b/bin/hardening/logs_permissions.sh @@ -6,7 +6,7 @@ # # -# 4.2.3 Ensure permissions on all logfiles are configured (Scored) +# Ensure permissions on all logfiles are configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/1.8.1.4_motd_perms.sh b/bin/hardening/motd_perms.sh similarity index 97% rename from bin/hardening/1.8.1.4_motd_perms.sh rename to bin/hardening/motd_perms.sh index 8a7539a..3a25ff9 100755 --- a/bin/hardening/1.8.1.4_motd_perms.sh +++ b/bin/hardening/motd_perms.sh @@ -6,7 +6,7 @@ # # -# 1.8.1.4 Ensure permissions on /etc/motd are configured (Scored) +# Ensure permissions on /etc/motd are configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/2.2.15_mta_localhost.sh b/bin/hardening/mta_localhost.sh similarity index 97% rename from bin/hardening/2.2.15_mta_localhost.sh rename to bin/hardening/mta_localhost.sh index 6a8d4f3..60538b1 100755 --- a/bin/hardening/2.2.15_mta_localhost.sh +++ b/bin/hardening/mta_localhost.sh @@ -6,7 +6,7 @@ # # -# 2.2.15 Ensure Mail Transfer Agent is configured for Local-Only Mode (Scored) +# Ensure Mail Transfer Agent is configured for Local-Only Mode (Scored) # set -e # One error, it's over diff --git a/bin/hardening/3.5.4.1.1_net_fw_default_policy_drop.sh b/bin/hardening/net_fw_default_policy_drop.sh similarity index 97% rename from bin/hardening/3.5.4.1.1_net_fw_default_policy_drop.sh rename to bin/hardening/net_fw_default_policy_drop.sh index ca76aeb..0f4f71a 100755 --- a/bin/hardening/3.5.4.1.1_net_fw_default_policy_drop.sh +++ b/bin/hardening/net_fw_default_policy_drop.sh @@ -6,7 +6,7 @@ # # -# 3.5.4.1.1 Ensure default deny firewall policy (Scored) +# Ensure default deny firewall policy (Scored) # set -e # One error, it's over diff --git a/bin/hardening/1.3.2_pty_sudo.sh b/bin/hardening/pty_sudo.sh similarity index 97% rename from bin/hardening/1.3.2_pty_sudo.sh rename to bin/hardening/pty_sudo.sh index f0511d1..dd8b8d0 100755 --- a/bin/hardening/1.3.2_pty_sudo.sh +++ b/bin/hardening/pty_sudo.sh @@ -6,7 +6,7 @@ # # -# 1.3.2 Ensure sudo commands use pty (Scored) +# Ensure sudo commands use pty (Scored) # set -e # One error, it's over diff --git a/bin/hardening/4.1.9_record_dac_edit.sh b/bin/hardening/record_dac_edit.sh similarity index 97% rename from bin/hardening/4.1.9_record_dac_edit.sh rename to bin/hardening/record_dac_edit.sh index 8f9af05..b086c2d 100755 --- a/bin/hardening/4.1.9_record_dac_edit.sh +++ b/bin/hardening/record_dac_edit.sh @@ -6,7 +6,7 @@ # # -# 4.1.9 Ensure discretionary access control permission modification events are collected (Scored) +# Ensure discretionary access control permission modification events are collected (Scored) # set -e # One error, it's over diff --git a/bin/hardening/4.1.3_record_date_time_edit.sh b/bin/hardening/record_date_time_edit.sh similarity index 97% rename from bin/hardening/4.1.3_record_date_time_edit.sh rename to bin/hardening/record_date_time_edit.sh index f4c498f..59a7d8e 100755 --- a/bin/hardening/4.1.3_record_date_time_edit.sh +++ b/bin/hardening/record_date_time_edit.sh @@ -6,7 +6,7 @@ # # -# 4.1.3 Ensure events that modify date and time information are collected (Scored) +# Ensure events that modify date and time information are collected (Scored) # set -e # One error, it's over diff --git a/bin/hardening/4.1.10_record_failed_access_file.sh b/bin/hardening/record_failed_access_file.sh similarity index 97% rename from bin/hardening/4.1.10_record_failed_access_file.sh rename to bin/hardening/record_failed_access_file.sh index 328f0ef..a20ff1b 100755 --- a/bin/hardening/4.1.10_record_failed_access_file.sh +++ b/bin/hardening/record_failed_access_file.sh @@ -6,7 +6,7 @@ # # -# 4.1.10 Ensure unsuccessful unauthorized file access attempts are collected (Scored) +# Ensure unsuccessful unauthorized file access attempts are collected (Scored) # set -e # One error, it's over diff --git a/bin/hardening/4.1.13_record_file_deletions.sh b/bin/hardening/record_file_deletions.sh similarity index 97% rename from bin/hardening/4.1.13_record_file_deletions.sh rename to bin/hardening/record_file_deletions.sh index aa60273..2114468 100755 --- a/bin/hardening/4.1.13_record_file_deletions.sh +++ b/bin/hardening/record_file_deletions.sh @@ -6,7 +6,7 @@ # # -# 4.1.13 Ensure file deletion events by users are collected (Scored) +# Ensure file deletion events by users are collected (Scored) # set -e # One error, it's over diff --git a/bin/hardening/4.1.16_record_kernel_modules.sh b/bin/hardening/record_kernel_modules.sh similarity index 97% rename from bin/hardening/4.1.16_record_kernel_modules.sh rename to bin/hardening/record_kernel_modules.sh index b9699c0..f3f6ebc 100755 --- a/bin/hardening/4.1.16_record_kernel_modules.sh +++ b/bin/hardening/record_kernel_modules.sh @@ -6,7 +6,7 @@ # # -# 4.1.16 Ensure kernel module loading and unloading is collected (Scored) +# Ensure kernel module loading and unloading is collected (Scored) # set -e # One error, it's over diff --git a/bin/hardening/4.1.7_record_login_logout.sh b/bin/hardening/record_login_logout.sh similarity index 98% rename from bin/hardening/4.1.7_record_login_logout.sh rename to bin/hardening/record_login_logout.sh index 420b944..afb1c5f 100755 --- a/bin/hardening/4.1.7_record_login_logout.sh +++ b/bin/hardening/record_login_logout.sh @@ -6,7 +6,7 @@ # # -# 4.1.7 Ensure login and logout events are collected (Scored) +# Ensure login and logout events are collected (Scored) # set -e # One error, it's over diff --git a/bin/hardening/4.1.6_record_mac_edit.sh b/bin/hardening/record_mac_edit.sh similarity index 96% rename from bin/hardening/4.1.6_record_mac_edit.sh rename to bin/hardening/record_mac_edit.sh index e61e10b..8630183 100755 --- a/bin/hardening/4.1.6_record_mac_edit.sh +++ b/bin/hardening/record_mac_edit.sh @@ -6,7 +6,7 @@ # # -# 4.1.6 Ensure that events that modify the system's Mandatory Access Controls are collected (Scored) +# Ensure that events that modify the system's Mandatory Access Controls are collected (Scored) # set -e # One error, it's over diff --git a/bin/hardening/4.1.5_record_network_edit.sh b/bin/hardening/record_network_edit.sh similarity index 97% rename from bin/hardening/4.1.5_record_network_edit.sh rename to bin/hardening/record_network_edit.sh index da8b78c..d212f1a 100755 --- a/bin/hardening/4.1.5_record_network_edit.sh +++ b/bin/hardening/record_network_edit.sh @@ -6,7 +6,7 @@ # # -# 4.1.5 Ensure events that modify the system's network environment are collected (Scored) +# Ensure events that modify the system's network environment are collected (Scored) # set -e # One error, it's over diff --git a/bin/hardening/4.1.11_record_privileged_commands.sh b/bin/hardening/record_privileged_commands.sh similarity index 98% rename from bin/hardening/4.1.11_record_privileged_commands.sh rename to bin/hardening/record_privileged_commands.sh index d91e2e2..3799349 100755 --- a/bin/hardening/4.1.11_record_privileged_commands.sh +++ b/bin/hardening/record_privileged_commands.sh @@ -6,7 +6,7 @@ # # -# 4.1.11 Ensure use of privileged commands is collected (Scored) +# Ensure use of privileged commands is collected (Scored) # set -e # One error, it's over diff --git a/bin/hardening/4.1.8_record_session_init.sh b/bin/hardening/record_session_init.sh similarity index 97% rename from bin/hardening/4.1.8_record_session_init.sh rename to bin/hardening/record_session_init.sh index 45d8650..8b49b73 100755 --- a/bin/hardening/4.1.8_record_session_init.sh +++ b/bin/hardening/record_session_init.sh @@ -6,7 +6,7 @@ # # -# 4.1.8 Ensure session initiation information is collected (Scored) +# Ensure session initiation information is collected (Scored) # set -e # One error, it's over diff --git a/bin/hardening/4.1.12_record_successful_mount.sh b/bin/hardening/record_successful_mount.sh similarity index 97% rename from bin/hardening/4.1.12_record_successful_mount.sh rename to bin/hardening/record_successful_mount.sh index 445adde..efa3303 100755 --- a/bin/hardening/4.1.12_record_successful_mount.sh +++ b/bin/hardening/record_successful_mount.sh @@ -6,7 +6,7 @@ # # -# 4.1.12 Ensure successful file system mounts are collected (Scored) +# Ensure successful file system mounts are collected (Scored) # set -e # One error, it's over diff --git a/bin/hardening/4.1.15_record_sudo_usage.sh b/bin/hardening/record_sudo_usage.sh similarity index 97% rename from bin/hardening/4.1.15_record_sudo_usage.sh rename to bin/hardening/record_sudo_usage.sh index e66982a..488d5e7 100755 --- a/bin/hardening/4.1.15_record_sudo_usage.sh +++ b/bin/hardening/record_sudo_usage.sh @@ -6,7 +6,7 @@ # # -# 4.1.15 Ensure system administrator actions (sudolog) are collected (Scored) +# Ensure system administrator actions (sudolog) are collected (Scored) # set -e # One error, it's over diff --git a/bin/hardening/4.1.14_record_sudoers_edit.sh b/bin/hardening/record_sudoers_edit.sh similarity index 97% rename from bin/hardening/4.1.14_record_sudoers_edit.sh rename to bin/hardening/record_sudoers_edit.sh index f000b45..73b5c4e 100755 --- a/bin/hardening/4.1.14_record_sudoers_edit.sh +++ b/bin/hardening/record_sudoers_edit.sh @@ -6,7 +6,7 @@ # # -# 4.1.14 Ensure changes to system administration scope (sudoers) is collected (Scored) +# Ensure changes to system administration scope (sudoers) is collected (Scored) # set -e # One error, it's over diff --git a/bin/hardening/4.1.4_record_user_group_edit.sh b/bin/hardening/record_user_group_edit.sh similarity index 97% rename from bin/hardening/4.1.4_record_user_group_edit.sh rename to bin/hardening/record_user_group_edit.sh index f170a7e..28f89d4 100755 --- a/bin/hardening/4.1.4_record_user_group_edit.sh +++ b/bin/hardening/record_user_group_edit.sh @@ -6,7 +6,7 @@ # # -# 4.1.4 Ensure events that modify user/group information are collected (Scored) +# Ensure events that modify user/group information are collected (Scored) # set -e # One error, it's over diff --git a/bin/hardening/4.2.1.6_remote_syslog-ng_acl.sh b/bin/hardening/remote_syslog-ng_acl.sh similarity index 97% rename from bin/hardening/4.2.1.6_remote_syslog-ng_acl.sh rename to bin/hardening/remote_syslog-ng_acl.sh index fcdabda..34715b2 100755 --- a/bin/hardening/4.2.1.6_remote_syslog-ng_acl.sh +++ b/bin/hardening/remote_syslog-ng_acl.sh @@ -6,7 +6,7 @@ # # -# 4.2.1.6 Ensure remote syslog-ng messages are only accepted on designated log hosts. (Not Scored) +# Ensure remote syslog-ng messages are only accepted on designated log hosts. (Not Scored) # set -e # One error, it's over diff --git a/bin/hardening/1.1.18_removable_device_nodev.sh b/bin/hardening/removable_device_nodev.sh similarity index 96% rename from bin/hardening/1.1.18_removable_device_nodev.sh rename to bin/hardening/removable_device_nodev.sh index 9c20af7..748e312 100755 --- a/bin/hardening/1.1.18_removable_device_nodev.sh +++ b/bin/hardening/removable_device_nodev.sh @@ -6,7 +6,7 @@ # # -# 1.1.18 Ensure nodev option set on removable media partition (Not Scored) +# Ensure nodev option set on removable media partition (Not Scored) # set -e # One error, it's over diff --git a/bin/hardening/1.1.20_removable_device_noexec.sh b/bin/hardening/removable_device_noexec.sh similarity index 96% rename from bin/hardening/1.1.20_removable_device_noexec.sh rename to bin/hardening/removable_device_noexec.sh index 1983acf..656671a 100755 --- a/bin/hardening/1.1.20_removable_device_noexec.sh +++ b/bin/hardening/removable_device_noexec.sh @@ -6,7 +6,7 @@ # # -# 1.1.20 Ensure noexec option set on removable media partition (Not Scored) +# Ensure noexec option set on removable media partition (Not Scored) # set -e # One error, it's over diff --git a/bin/hardening/1.1.19_removable_device_nosuid.sh b/bin/hardening/removable_device_nosuid.sh similarity index 96% rename from bin/hardening/1.1.19_removable_device_nosuid.sh rename to bin/hardening/removable_device_nosuid.sh index 9597381..5230ba6 100755 --- a/bin/hardening/1.1.19_removable_device_nosuid.sh +++ b/bin/hardening/removable_device_nosuid.sh @@ -6,7 +6,7 @@ # # -# 1.1.19 Ensure nosuid option set on removable media partitions (Not Scored) +# Ensure nosuid option set on removable media partitions (Not Scored) # set -e # One error, it's over diff --git a/bin/hardening/6.2.1_remove_empty_password_field.sh b/bin/hardening/remove_empty_password_field.sh similarity index 97% rename from bin/hardening/6.2.1_remove_empty_password_field.sh rename to bin/hardening/remove_empty_password_field.sh index 2e85e16..82856bf 100755 --- a/bin/hardening/6.2.1_remove_empty_password_field.sh +++ b/bin/hardening/remove_empty_password_field.sh @@ -6,7 +6,7 @@ # # -# 6.2.1 Ensure Password Fields are Not Empty (Scored) +# Ensure Password Fields are Not Empty (Scored) # set -e # One error, it's over diff --git a/bin/hardening/6.2.5_remove_legacy_group_entries.sh b/bin/hardening/remove_legacy_group_entries.sh similarity index 96% rename from bin/hardening/6.2.5_remove_legacy_group_entries.sh rename to bin/hardening/remove_legacy_group_entries.sh index 1ae12fd..991891f 100755 --- a/bin/hardening/6.2.5_remove_legacy_group_entries.sh +++ b/bin/hardening/remove_legacy_group_entries.sh @@ -6,7 +6,7 @@ # # -# 6.2.5 Ensure no legacy "+" entries exist in /etc/group (Scored) +# Ensure no legacy "+" entries exist in /etc/group (Scored) # set -e # One error, it's over diff --git a/bin/hardening/6.2.2_remove_legacy_passwd_entries.sh b/bin/hardening/remove_legacy_passwd_entries.sh similarity index 96% rename from bin/hardening/6.2.2_remove_legacy_passwd_entries.sh rename to bin/hardening/remove_legacy_passwd_entries.sh index fef016d..6f27dc9 100755 --- a/bin/hardening/6.2.2_remove_legacy_passwd_entries.sh +++ b/bin/hardening/remove_legacy_passwd_entries.sh @@ -6,7 +6,7 @@ # # -# 6.2.2 Ensure no legacy "+" entries exist in /etc/passwd (Scored) +# Ensure no legacy "+" entries exist in /etc/passwd (Scored) # set -e # One error, it's over diff --git a/bin/hardening/6.2.4_remove_legacy_shadow_entries.sh b/bin/hardening/remove_legacy_shadow_entries.sh similarity index 96% rename from bin/hardening/6.2.4_remove_legacy_shadow_entries.sh rename to bin/hardening/remove_legacy_shadow_entries.sh index a7a71ac..ac8b8df 100755 --- a/bin/hardening/6.2.4_remove_legacy_shadow_entries.sh +++ b/bin/hardening/remove_legacy_shadow_entries.sh @@ -6,7 +6,7 @@ # # -# 6.2.4 Ensure no legacy "+" entries exist in /etc/shadow (Scored) +# Ensure no legacy "+" entries exist in /etc/shadow (Scored) # set -e # One error, it's over diff --git a/bin/hardening/1.8.1.2_remove_os_info_issue.sh b/bin/hardening/remove_os_info_issue.sh similarity index 95% rename from bin/hardening/1.8.1.2_remove_os_info_issue.sh rename to bin/hardening/remove_os_info_issue.sh index 5173e78..070935c 100755 --- a/bin/hardening/1.8.1.2_remove_os_info_issue.sh +++ b/bin/hardening/remove_os_info_issue.sh @@ -6,7 +6,7 @@ # # -# 1.8.1.2 Ensure local login warning banner is configured properly (Scored) +# Ensure local login warning banner is configured properly (Scored) # set -e # One error, it's over diff --git a/bin/hardening/1.8.1.3_remove_os_info_issue_net.sh b/bin/hardening/remove_os_info_issue_net.sh similarity index 95% rename from bin/hardening/1.8.1.3_remove_os_info_issue_net.sh rename to bin/hardening/remove_os_info_issue_net.sh index 0ab5c02..5a325d6 100755 --- a/bin/hardening/1.8.1.3_remove_os_info_issue_net.sh +++ b/bin/hardening/remove_os_info_issue_net.sh @@ -6,7 +6,7 @@ # # -# 1.8.1.3 Ensure remote login warning banner is configured properly (Scored) +# Ensure remote login warning banner is configured properly (Scored) # set -e # One error, it's over diff --git a/bin/hardening/1.8.1.1_remove_os_info_motd.sh b/bin/hardening/remove_os_info_motd.sh similarity index 96% rename from bin/hardening/1.8.1.1_remove_os_info_motd.sh rename to bin/hardening/remove_os_info_motd.sh index 0911ac5..7fbee9c 100755 --- a/bin/hardening/1.8.1.1_remove_os_info_motd.sh +++ b/bin/hardening/remove_os_info_motd.sh @@ -6,7 +6,7 @@ # # -# 1.8.1.1 Ensure message of the day is configured properly (Scored) +# Ensure message of the day is configured properly (Scored) # set -e # One error, it's over diff --git a/bin/hardening/1.6.4_restrict_core_dumps.sh b/bin/hardening/restrict_core_dumps.sh similarity index 98% rename from bin/hardening/1.6.4_restrict_core_dumps.sh rename to bin/hardening/restrict_core_dumps.sh index 19ae0ac..15f83af 100755 --- a/bin/hardening/1.6.4_restrict_core_dumps.sh +++ b/bin/hardening/restrict_core_dumps.sh @@ -6,7 +6,7 @@ # # -# 1.6.4 Ensure core dumps are restricted (Scored) +# Ensure core dumps are restricted (Scored) # set -e # One error, it's over diff --git a/bin/hardening/1.1.1.7_restrict_fat.sh b/bin/hardening/restrict_fat.sh similarity index 96% rename from bin/hardening/1.1.1.7_restrict_fat.sh rename to bin/hardening/restrict_fat.sh index d442dd3..7aa3148 100755 --- a/bin/hardening/1.1.1.7_restrict_fat.sh +++ b/bin/hardening/restrict_fat.sh @@ -6,7 +6,7 @@ # # -# 1.1.1.7 Ensure mounting of FAT filesystems is limited (Not Scored) +# Ensure mounting of FAT filesystems is limited (Not Scored) # set -e # One error, it's over diff --git a/bin/hardening/5.6_restrict_su.sh b/bin/hardening/restrict_su.sh similarity index 97% rename from bin/hardening/5.6_restrict_su.sh rename to bin/hardening/restrict_su.sh index 60a5423..9dd4a37 100755 --- a/bin/hardening/5.6_restrict_su.sh +++ b/bin/hardening/restrict_su.sh @@ -6,7 +6,7 @@ # # -# 5.6 Ensure access to the su command is restricted (Scored) +# Ensure access to the su command is restricted (Scored) # set -e # One error, it's over diff --git a/bin/hardening/1.5.3_root_password.sh b/bin/hardening/root_password.sh similarity index 96% rename from bin/hardening/1.5.3_root_password.sh rename to bin/hardening/root_password.sh index f98896d..e54f537 100755 --- a/bin/hardening/1.5.3_root_password.sh +++ b/bin/hardening/root_password.sh @@ -6,7 +6,7 @@ # # -# 1.5.3 Ensure authentication required for single user mode (Scored) +# Ensure authentication required for single user mode (Scored) # set -e # One error, it's over diff --git a/bin/hardening/1.1.15_run_shm_nodev.sh b/bin/hardening/run_shm_nodev.sh similarity index 97% rename from bin/hardening/1.1.15_run_shm_nodev.sh rename to bin/hardening/run_shm_nodev.sh index 4554d10..3101359 100755 --- a/bin/hardening/1.1.15_run_shm_nodev.sh +++ b/bin/hardening/run_shm_nodev.sh @@ -6,7 +6,7 @@ # # -# 1.1.15 Ensure nodev option set on /dev/shm partition (Scored) +# Ensure nodev option set on /dev/shm partition (Scored) # set -e # One error, it's over diff --git a/bin/hardening/1.1.17_run_shm_noexec.sh b/bin/hardening/run_shm_noexec.sh similarity index 97% rename from bin/hardening/1.1.17_run_shm_noexec.sh rename to bin/hardening/run_shm_noexec.sh index a6f24a6..8c11879 100755 --- a/bin/hardening/1.1.17_run_shm_noexec.sh +++ b/bin/hardening/run_shm_noexec.sh @@ -6,7 +6,7 @@ # # -# 1.1.17 Ensure noexec option set on /run/shm partition (Scored) +# Ensure noexec option set on /run/shm partition (Scored) # set -e # One error, it's over diff --git a/bin/hardening/1.1.16_run_shm_nosuid.sh b/bin/hardening/run_shm_nosuid.sh similarity index 97% rename from bin/hardening/1.1.16_run_shm_nosuid.sh rename to bin/hardening/run_shm_nosuid.sh index 927cc56..febcee7 100755 --- a/bin/hardening/1.1.16_run_shm_nosuid.sh +++ b/bin/hardening/run_shm_nosuid.sh @@ -6,7 +6,7 @@ # # -# 1.1.16 Ensure nosuid option set on /run/shm partition (Scored) +# Ensure nosuid option set on /run/shm partition (Scored) # set -e # One error, it's over diff --git a/bin/hardening/6.2.7_sanitize_root_path.sh b/bin/hardening/sanitize_root_path.sh similarity index 98% rename from bin/hardening/6.2.7_sanitize_root_path.sh rename to bin/hardening/sanitize_root_path.sh index fd4b056..0c0e936 100755 --- a/bin/hardening/6.2.7_sanitize_root_path.sh +++ b/bin/hardening/sanitize_root_path.sh @@ -6,7 +6,7 @@ # # -# 6.2.7 Ensure root PATH Integrity (Scored) +# Ensure root PATH Integrity (Scored) # # set path to the $PATH environnement variable if path is not defined diff --git a/bin/hardening/5.5_secure_tty.sh b/bin/hardening/secure_tty.sh similarity index 95% rename from bin/hardening/5.5_secure_tty.sh rename to bin/hardening/secure_tty.sh index 006d670..0326530 100755 --- a/bin/hardening/5.5_secure_tty.sh +++ b/bin/hardening/secure_tty.sh @@ -6,7 +6,7 @@ # # -# 5.5 Ensure root login is restricted to system console (Not Scored) +# Ensure root login is restricted to system console (Not Scored) # set -e # One error, it's over diff --git a/bin/hardening/5.4.1.1_set_password_exp_days.sh b/bin/hardening/set_password_exp_days.sh similarity index 97% rename from bin/hardening/5.4.1.1_set_password_exp_days.sh rename to bin/hardening/set_password_exp_days.sh index dcefdf8..6a60635 100755 --- a/bin/hardening/5.4.1.1_set_password_exp_days.sh +++ b/bin/hardening/set_password_exp_days.sh @@ -6,7 +6,7 @@ # # -# 5.4.1.1 Ensure password expiration is 365 days or less (Scored) +# Ensure password expiration is 365 days or less (Scored) # set -e # One error, it's over diff --git a/bin/hardening/5.4.1.3_set_password_exp_warning_days.sh b/bin/hardening/set_password_exp_warning_days.sh similarity index 97% rename from bin/hardening/5.4.1.3_set_password_exp_warning_days.sh rename to bin/hardening/set_password_exp_warning_days.sh index f991a37..f2db5f4 100755 --- a/bin/hardening/5.4.1.3_set_password_exp_warning_days.sh +++ b/bin/hardening/set_password_exp_warning_days.sh @@ -6,7 +6,7 @@ # # -# 5.4.1.3 Ensure password expiration warning days is 7 or more (Scored) +# Ensure password expiration warning days is 7 or more (Scored) # set -e # One error, it's over diff --git a/bin/hardening/5.4.1.2_set_password_min_days_change.sh b/bin/hardening/set_password_min_days_change.sh similarity index 97% rename from bin/hardening/5.4.1.2_set_password_min_days_change.sh rename to bin/hardening/set_password_min_days_change.sh index 9980d12..8db5acc 100755 --- a/bin/hardening/5.4.1.2_set_password_min_days_change.sh +++ b/bin/hardening/set_password_min_days_change.sh @@ -6,7 +6,7 @@ # # -# 5.4.1.2 Ensure minimum days between password changes is 7 or more (Scored) +# Ensure minimum days between password changes is 7 or more (Scored) # set -e # One error, it's over diff --git a/bin/hardening/6.2.13_set_perm_on_user_netrc.sh b/bin/hardening/set_perm_on_user_netrc.sh similarity index 97% rename from bin/hardening/6.2.13_set_perm_on_user_netrc.sh rename to bin/hardening/set_perm_on_user_netrc.sh index 7eddd0c..88c8875 100755 --- a/bin/hardening/6.2.13_set_perm_on_user_netrc.sh +++ b/bin/hardening/set_perm_on_user_netrc.sh @@ -6,7 +6,7 @@ # # -# 6.2.13 Ensure users' .netrc Files are not group or world accessible (Scored) +# Ensure users' .netrc Files are not group or world accessible (Scored) # set -e # One error, it's over diff --git a/bin/hardening/6.2.20_shadow_group_empty.sh b/bin/hardening/shadow_group_empty.sh similarity index 97% rename from bin/hardening/6.2.20_shadow_group_empty.sh rename to bin/hardening/shadow_group_empty.sh index 8b6cb44..6d9541b 100755 --- a/bin/hardening/6.2.20_shadow_group_empty.sh +++ b/bin/hardening/shadow_group_empty.sh @@ -6,7 +6,7 @@ # # -# 6.2.20 Ensure shadow group is empty (Scored) +# Ensure shadow group is empty (Scored) # set -e # One error, it's over diff --git a/bin/hardening/99.5.2.1_ssh_auth_pubk_only.sh b/bin/hardening/ssh_auth_pubk_only.sh similarity index 97% rename from bin/hardening/99.5.2.1_ssh_auth_pubk_only.sh rename to bin/hardening/ssh_auth_pubk_only.sh index 802046f..9115c7c 100755 --- a/bin/hardening/99.5.2.1_ssh_auth_pubk_only.sh +++ b/bin/hardening/ssh_auth_pubk_only.sh @@ -6,7 +6,7 @@ # # -# 99.5.2.1 Ensure that sshd only allows authentication through public key. +# Ensure that sshd only allows authentication through public key. # set -e # One error, it's over diff --git a/bin/hardening/5.2.19_ssh_banner.sh b/bin/hardening/ssh_banner.sh similarity index 98% rename from bin/hardening/5.2.19_ssh_banner.sh rename to bin/hardening/ssh_banner.sh index cdbcb55..de86b29 100755 --- a/bin/hardening/5.2.19_ssh_banner.sh +++ b/bin/hardening/ssh_banner.sh @@ -6,7 +6,7 @@ # # -# 5.2.19 Ensure SSH warning banner is configured (Scored) +# Ensure SSH warning banner is configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/5.2.15_ssh_cry_kex.sh b/bin/hardening/ssh_cry_kex.sh similarity index 98% rename from bin/hardening/5.2.15_ssh_cry_kex.sh rename to bin/hardening/ssh_cry_kex.sh index 9bddbe1..272f1b3 100755 --- a/bin/hardening/5.2.15_ssh_cry_kex.sh +++ b/bin/hardening/ssh_cry_kex.sh @@ -6,7 +6,7 @@ # # -# 5.2.15 Ensure only strong Key Exchange algorithms are used (Scored) +# Ensure only strong Key Exchange algorithms are used (Scored) # set -e # One error, it's over diff --git a/bin/hardening/5.2.14_ssh_cry_mac.sh b/bin/hardening/ssh_cry_mac.sh similarity index 98% rename from bin/hardening/5.2.14_ssh_cry_mac.sh rename to bin/hardening/ssh_cry_mac.sh index be415bd..904d94e 100755 --- a/bin/hardening/5.2.14_ssh_cry_mac.sh +++ b/bin/hardening/ssh_cry_mac.sh @@ -6,7 +6,7 @@ # # -# 5.2.14 Ensure only strong MAC algorithms are used (Scored) +# Ensure only strong MAC algorithms are used (Scored) # set -e # One error, it's over diff --git a/bin/hardening/99.5.2.2_ssh_cry_rekey.sh b/bin/hardening/ssh_cry_rekey.sh similarity index 97% rename from bin/hardening/99.5.2.2_ssh_cry_rekey.sh rename to bin/hardening/ssh_cry_rekey.sh index 782dcef..d70642c 100755 --- a/bin/hardening/99.5.2.2_ssh_cry_rekey.sh +++ b/bin/hardening/ssh_cry_rekey.sh @@ -1,13 +1,12 @@ #!/bin/bash # run-shellcheck - # # Legacy CIS Debian Hardening # # -# 99.5.2.2 Checking rekey limit for time (6 hours) or volume (512Mio) whichever comes first. +# Checking rekey limit for time (6 hours) or volume (512Mio) whichever comes first. # set -e # One error, it's over diff --git a/bin/hardening/99.5.2.3_ssh_disable_features.sh b/bin/hardening/ssh_disable_features.sh similarity index 97% rename from bin/hardening/99.5.2.3_ssh_disable_features.sh rename to bin/hardening/ssh_disable_features.sh index e6e22be..145a897 100755 --- a/bin/hardening/99.5.2.3_ssh_disable_features.sh +++ b/bin/hardening/ssh_disable_features.sh @@ -6,7 +6,7 @@ # # -# 99.5.2.3 Check all special features in sshd_config are disabled +# Check all special features in sshd_config are disabled # set -e # One error, it's over diff --git a/bin/hardening/5.2.2_ssh_host_private_keys_perm_ownership.sh b/bin/hardening/ssh_host_private_keys_perm_ownership.sh similarity index 97% rename from bin/hardening/5.2.2_ssh_host_private_keys_perm_ownership.sh rename to bin/hardening/ssh_host_private_keys_perm_ownership.sh index 7ee3d36..17e78f5 100755 --- a/bin/hardening/5.2.2_ssh_host_private_keys_perm_ownership.sh +++ b/bin/hardening/ssh_host_private_keys_perm_ownership.sh @@ -6,7 +6,7 @@ # # -# 5.2.2 Ensure permissions on SSH private host key files are configured (Scored) +# Ensure permissions on SSH private host key files are configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/5.2.3_ssh_host_public_keys_perm_ownership.sh b/bin/hardening/ssh_host_public_keys_perm_ownership.sh similarity index 97% rename from bin/hardening/5.2.3_ssh_host_public_keys_perm_ownership.sh rename to bin/hardening/ssh_host_public_keys_perm_ownership.sh index 743157c..a856325 100755 --- a/bin/hardening/5.2.3_ssh_host_public_keys_perm_ownership.sh +++ b/bin/hardening/ssh_host_public_keys_perm_ownership.sh @@ -6,7 +6,7 @@ # # -# 5.2.3 Ensure permissions on SSH public host key files are configured (Scored) +# Ensure permissions on SSH public host key files are configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/99.5.2.4_ssh_keys_from.sh b/bin/hardening/ssh_keys_from.sh similarity index 98% rename from bin/hardening/99.5.2.4_ssh_keys_from.sh rename to bin/hardening/ssh_keys_from.sh index 75ebe0b..177c870 100755 --- a/bin/hardening/99.5.2.4_ssh_keys_from.sh +++ b/bin/hardening/ssh_keys_from.sh @@ -6,7 +6,7 @@ # # -# 99.5.2.4 Check field in ssh authorized keys files for users with login shell, and bastions IP if available. +# Check field in ssh authorized keys files for users with login shell, and bastions IP if available. # set -e # One error, it is over diff --git a/bin/hardening/99.5.2.5_ssh_strict_modes.sh b/bin/hardening/ssh_strict_modes.sh similarity index 96% rename from bin/hardening/99.5.2.5_ssh_strict_modes.sh rename to bin/hardening/ssh_strict_modes.sh index d0bdfe9..84b8937 100755 --- a/bin/hardening/99.5.2.5_ssh_strict_modes.sh +++ b/bin/hardening/ssh_strict_modes.sh @@ -6,7 +6,7 @@ # # -# 99.5.2.5 Ensure home directory and ssh sensitive files are verified (not publicly readable) before connecting. +# Ensure home directory and ssh sensitive files are verified (not publicly readable) before connecting. # set -e # One error, it's over diff --git a/bin/hardening/99.5.2.6_ssh_sys_accept_env.sh b/bin/hardening/ssh_sys_accept_env.sh similarity index 97% rename from bin/hardening/99.5.2.6_ssh_sys_accept_env.sh rename to bin/hardening/ssh_sys_accept_env.sh index cac69a0..695ea19 100755 --- a/bin/hardening/99.5.2.6_ssh_sys_accept_env.sh +++ b/bin/hardening/ssh_sys_accept_env.sh @@ -6,7 +6,7 @@ # # -# 99.5.2.6 Restrict which user's variables are accepted by ssh daemon +# Restrict which user's variables are accepted by ssh daemon # set -e # One error, it's over diff --git a/bin/hardening/99.5.2.7_ssh_sys_no_legacy.sh b/bin/hardening/ssh_sys_no_legacy.sh similarity index 95% rename from bin/hardening/99.5.2.7_ssh_sys_no_legacy.sh rename to bin/hardening/ssh_sys_no_legacy.sh index a7a9774..7b7bfac 100755 --- a/bin/hardening/99.5.2.7_ssh_sys_no_legacy.sh +++ b/bin/hardening/ssh_sys_no_legacy.sh @@ -6,7 +6,7 @@ # # -# 99.5.2.7 Ensure that legacy services rlogin, rlogind and rcp are disabled and not installed +# Ensure that legacy services rlogin, rlogind and rcp are disabled and not installed # set -e # One error, it's over diff --git a/bin/hardening/5.2.13_sshd_ciphers.sh b/bin/hardening/sshd_ciphers.sh similarity index 98% rename from bin/hardening/5.2.13_sshd_ciphers.sh rename to bin/hardening/sshd_ciphers.sh index d849432..6e3183e 100755 --- a/bin/hardening/5.2.13_sshd_ciphers.sh +++ b/bin/hardening/sshd_ciphers.sh @@ -6,7 +6,7 @@ # # -# 5.2.13 Ensure only strong ciphers are used (Scored) +# Ensure only strong ciphers are used (Scored) # set -e # One error, it's over diff --git a/bin/hardening/5.2.1_sshd_conf_perm_ownership.sh b/bin/hardening/sshd_conf_perm_ownership.sh similarity index 97% rename from bin/hardening/5.2.1_sshd_conf_perm_ownership.sh rename to bin/hardening/sshd_conf_perm_ownership.sh index cd69858..45a776d 100755 --- a/bin/hardening/5.2.1_sshd_conf_perm_ownership.sh +++ b/bin/hardening/sshd_conf_perm_ownership.sh @@ -6,7 +6,7 @@ # # -# 5.2.1 Ensure permissions on /etc/ssh/sshd_config are configured (Scored) +# Ensure permissions on /etc/ssh/sshd_config are configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/5.2.16_sshd_idle_timeout.sh b/bin/hardening/sshd_idle_timeout.sh similarity index 98% rename from bin/hardening/5.2.16_sshd_idle_timeout.sh rename to bin/hardening/sshd_idle_timeout.sh index d6619d4..2f3f0ec 100755 --- a/bin/hardening/5.2.16_sshd_idle_timeout.sh +++ b/bin/hardening/sshd_idle_timeout.sh @@ -6,7 +6,7 @@ # # -# 5.2.16 Ensure SSH Idle Timeout Interval is configured (Scored) +# Ensure SSH Idle Timeout Interval is configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/5.2.18_sshd_limit_access.sh b/bin/hardening/sshd_limit_access.sh similarity index 98% rename from bin/hardening/5.2.18_sshd_limit_access.sh rename to bin/hardening/sshd_limit_access.sh index 60d5e8c..8717b2f 100755 --- a/bin/hardening/5.2.18_sshd_limit_access.sh +++ b/bin/hardening/sshd_limit_access.sh @@ -6,7 +6,7 @@ # # -# 5.2.18 Ensure SSH access is limited (Scored) +# Ensure SSH access is limited (Scored) # set -e # One error, it's over diff --git a/bin/hardening/5.2.17_sshd_login_grace_time.sh b/bin/hardening/sshd_login_grace_time.sh similarity index 97% rename from bin/hardening/5.2.17_sshd_login_grace_time.sh rename to bin/hardening/sshd_login_grace_time.sh index e807579..3ae46fb 100755 --- a/bin/hardening/5.2.17_sshd_login_grace_time.sh +++ b/bin/hardening/sshd_login_grace_time.sh @@ -6,7 +6,7 @@ # # -# 5.2.17 Ensure SSH LoginGraceTime is set to one minute or less (Scored) +# Ensure SSH LoginGraceTime is set to one minute or less (Scored) # set -e # One error, it's over diff --git a/bin/hardening/5.2.5_sshd_loglevel.sh b/bin/hardening/sshd_loglevel.sh similarity index 98% rename from bin/hardening/5.2.5_sshd_loglevel.sh rename to bin/hardening/sshd_loglevel.sh index 7e2f56f..d13f340 100755 --- a/bin/hardening/5.2.5_sshd_loglevel.sh +++ b/bin/hardening/sshd_loglevel.sh @@ -6,7 +6,7 @@ # # -# 5.2.5 Ensure SSH LogLevel is appropriate (Scored) +# Ensure SSH LogLevel is appropriate (Scored) # set -e # One error, it's over diff --git a/bin/hardening/5.2.7_sshd_maxauthtries.sh b/bin/hardening/sshd_maxauthtries.sh similarity index 98% rename from bin/hardening/5.2.7_sshd_maxauthtries.sh rename to bin/hardening/sshd_maxauthtries.sh index 5ed868d..4f52ee7 100755 --- a/bin/hardening/5.2.7_sshd_maxauthtries.sh +++ b/bin/hardening/sshd_maxauthtries.sh @@ -6,7 +6,7 @@ # # -# 5.2.7 Ensure SSH MaxAuthTries is set to 4 or less (Scored) +# Ensure SSH MaxAuthTries is set to 4 or less (Scored) # set -e # One error, it's over diff --git a/bin/hardening/5.2.4_sshd_protocol.sh b/bin/hardening/sshd_protocol.sh similarity index 98% rename from bin/hardening/5.2.4_sshd_protocol.sh rename to bin/hardening/sshd_protocol.sh index 1be613b..4202575 100755 --- a/bin/hardening/5.2.4_sshd_protocol.sh +++ b/bin/hardening/sshd_protocol.sh @@ -6,7 +6,7 @@ # # -# 5.2.4 Ensure SSH Protocol is set to 2 (Scored) +# Ensure SSH Protocol is set to 2 (Scored) # set -e # One error, it's over diff --git a/bin/hardening/1.1.21_sticky_bit_world_writable_folder.sh b/bin/hardening/sticky_bit_world_writable_folder.sh similarity index 97% rename from bin/hardening/1.1.21_sticky_bit_world_writable_folder.sh rename to bin/hardening/sticky_bit_world_writable_folder.sh index a7d4146..69633c3 100755 --- a/bin/hardening/1.1.21_sticky_bit_world_writable_folder.sh +++ b/bin/hardening/sticky_bit_world_writable_folder.sh @@ -6,7 +6,7 @@ # # -# 1.1.21 Ensure sticky bit is set on all world-writable directories (Scored) +# Ensure sticky bit is set on all world-writable directories (Scored) # set -e # One error, it's over diff --git a/bin/hardening/4.2.1.5_syslog-ng_remote_host.sh b/bin/hardening/syslog-ng_remote_host.sh similarity index 97% rename from bin/hardening/4.2.1.5_syslog-ng_remote_host.sh rename to bin/hardening/syslog-ng_remote_host.sh index 195724b..1233587 100755 --- a/bin/hardening/4.2.1.5_syslog-ng_remote_host.sh +++ b/bin/hardening/syslog-ng_remote_host.sh @@ -6,7 +6,7 @@ # # -# 4.2.1.5 Ensure syslog-ng is configured to send logs to a remote log host (Scored) +# Ensure syslog-ng is configured to send logs to a remote log host (Scored) # set -e # One error, it's over diff --git a/bin/hardening/4.2.1.4_syslog_ng_logfiles_perm.sh b/bin/hardening/syslog_ng_logfiles_perm.sh similarity index 98% rename from bin/hardening/4.2.1.4_syslog_ng_logfiles_perm.sh rename to bin/hardening/syslog_ng_logfiles_perm.sh index b9efcc4..f634799 100755 --- a/bin/hardening/4.2.1.4_syslog_ng_logfiles_perm.sh +++ b/bin/hardening/syslog_ng_logfiles_perm.sh @@ -6,7 +6,7 @@ # # -# 4.2.1.4 Create and Set Permissions on syslog-ng Log Files (Scored) +# Create and Set Permissions on syslog-ng Log Files (Scored) # set -e # One error, it's over diff --git a/bin/hardening/1.1.3_tmp_nodev.sh b/bin/hardening/tmp_nodev.sh similarity index 97% rename from bin/hardening/1.1.3_tmp_nodev.sh rename to bin/hardening/tmp_nodev.sh index edfd187..89685c1 100755 --- a/bin/hardening/1.1.3_tmp_nodev.sh +++ b/bin/hardening/tmp_nodev.sh @@ -6,7 +6,7 @@ # # -# 1.1.3 Ensure nodev option set for /tmp Partition (Scored) +# Ensure nodev option set for /tmp Partition (Scored) # set -e # One error, it's over diff --git a/bin/hardening/1.1.5_tmp_noexec.sh b/bin/hardening/tmp_noexec.sh similarity index 97% rename from bin/hardening/1.1.5_tmp_noexec.sh rename to bin/hardening/tmp_noexec.sh index 8fa1c58..d4a9fba 100755 --- a/bin/hardening/1.1.5_tmp_noexec.sh +++ b/bin/hardening/tmp_noexec.sh @@ -6,7 +6,7 @@ # # -# 1.1.5 Ensure noexec option set for /tmp Partition (Scored) +# Ensure noexec option set for /tmp Partition (Scored) # set -e # One error, it's over diff --git a/bin/hardening/1.1.4_tmp_nosuid.sh b/bin/hardening/tmp_nosuid.sh similarity index 97% rename from bin/hardening/1.1.4_tmp_nosuid.sh rename to bin/hardening/tmp_nosuid.sh index 3450e4b..6d77720 100755 --- a/bin/hardening/1.1.4_tmp_nosuid.sh +++ b/bin/hardening/tmp_nosuid.sh @@ -6,7 +6,7 @@ # # -# 1.1.4 Ensure nosuid option set for /tmp Partition (Scored) +# Ensure nosuid option set for /tmp Partition (Scored) # set -e # One error, it's over diff --git a/bin/hardening/1.1.2_tmp_partition.sh b/bin/hardening/tmp_partition.sh similarity index 97% rename from bin/hardening/1.1.2_tmp_partition.sh rename to bin/hardening/tmp_partition.sh index 3da15f5..e4f969d 100755 --- a/bin/hardening/1.1.2_tmp_partition.sh +++ b/bin/hardening/tmp_partition.sh @@ -6,7 +6,7 @@ # # -# 1.1.2 Ensure /tmp is configured (Scored) +# Ensure /tmp is configured (Scored) # set -e # One error, it's over diff --git a/bin/hardening/1.4.2_tripwire_cron.sh b/bin/hardening/tripwire_cron.sh similarity index 97% rename from bin/hardening/1.4.2_tripwire_cron.sh rename to bin/hardening/tripwire_cron.sh index 7c76f27..71ac779 100755 --- a/bin/hardening/1.4.2_tripwire_cron.sh +++ b/bin/hardening/tripwire_cron.sh @@ -6,7 +6,7 @@ # # -# 1.4.2 Ensure filesysteme integrity is regularly checked (Scored) +# Ensure filesysteme integrity is regularly checked (Scored) # set -e # One error, it's over diff --git a/bin/hardening/2.3.1_disable_nis.sh b/bin/hardening/uninstall_nis.sh similarity index 97% rename from bin/hardening/2.3.1_disable_nis.sh rename to bin/hardening/uninstall_nis.sh index 10b5f90..6855942 100755 --- a/bin/hardening/2.3.1_disable_nis.sh +++ b/bin/hardening/uninstall_nis.sh @@ -6,7 +6,7 @@ # # -# 2.3.1 Ensure NIS client is not installed (Scored) +# Ensure NIS client is not installed (Scored) # set -e # One error, it's over diff --git a/bin/hardening/2.2.1.1_use_time_sync.sh b/bin/hardening/use_time_sync.sh similarity index 96% rename from bin/hardening/2.2.1.1_use_time_sync.sh rename to bin/hardening/use_time_sync.sh index 13ac264..6adb0f9 100755 --- a/bin/hardening/2.2.1.1_use_time_sync.sh +++ b/bin/hardening/use_time_sync.sh @@ -6,7 +6,7 @@ # # -# 2.2.1.1 Ensure time synchronization is in use (Not Scored) +# Ensure time synchronization is in use (Not Scored) # set -e # One error, it's over diff --git a/bin/hardening/6.2.3_users_homedir_exist.sh b/bin/hardening/users_homedir_exist.sh similarity index 97% rename from bin/hardening/6.2.3_users_homedir_exist.sh rename to bin/hardening/users_homedir_exist.sh index 7830ef1..dc27fd4 100755 --- a/bin/hardening/6.2.3_users_homedir_exist.sh +++ b/bin/hardening/users_homedir_exist.sh @@ -6,7 +6,7 @@ # # -# 6.2.3 Ensure all users' home directories exist (Scored) +# Ensure all users' home directories exist (Scored) # set -e # One error, it's over diff --git a/bin/hardening/6.2.9_users_homedir_ownership.sh b/bin/hardening/users_homedir_ownership.sh similarity index 97% rename from bin/hardening/6.2.9_users_homedir_ownership.sh rename to bin/hardening/users_homedir_ownership.sh index 3beeebe..03de948 100755 --- a/bin/hardening/6.2.9_users_homedir_ownership.sh +++ b/bin/hardening/users_homedir_ownership.sh @@ -6,7 +6,7 @@ # # -# 6.2.9 Ensure users own their home directories (Scored) +# Ensure users own their home directories (Scored) # set -e # One error, it's over diff --git a/bin/hardening/1.1.12.3_var_log_audit_nodev.sh b/bin/hardening/var_log_audit_nodev.sh similarity index 97% rename from bin/hardening/1.1.12.3_var_log_audit_nodev.sh rename to bin/hardening/var_log_audit_nodev.sh index ce0ca18..1b14d5d 100755 --- a/bin/hardening/1.1.12.3_var_log_audit_nodev.sh +++ b/bin/hardening/var_log_audit_nodev.sh @@ -6,7 +6,7 @@ # # -# 1.1.12.3 Ensure nodev option set on /var/log/audit partition (Scored) +# Ensure nodev option set on /var/log/audit partition (Scored) # set -e # One error, it's over diff --git a/bin/hardening/1.1.12.1_var_log_audit_noexec.sh b/bin/hardening/var_log_audit_noexec.sh similarity index 97% rename from bin/hardening/1.1.12.1_var_log_audit_noexec.sh rename to bin/hardening/var_log_audit_noexec.sh index 25e2a7c..ed14fe4 100755 --- a/bin/hardening/1.1.12.1_var_log_audit_noexec.sh +++ b/bin/hardening/var_log_audit_noexec.sh @@ -6,7 +6,7 @@ # # -# 1.1.12.1 Ensure noexec option set on /var/log/audit partition (Scored) +# Ensure noexec option set on /var/log/audit partition (Scored) # set -e # One error, it's over diff --git a/bin/hardening/1.1.12.2_var_log_audit_nosuid.sh b/bin/hardening/var_log_audit_nosuid.sh similarity index 97% rename from bin/hardening/1.1.12.2_var_log_audit_nosuid.sh rename to bin/hardening/var_log_audit_nosuid.sh index a69c1ed..93306d4 100755 --- a/bin/hardening/1.1.12.2_var_log_audit_nosuid.sh +++ b/bin/hardening/var_log_audit_nosuid.sh @@ -6,7 +6,7 @@ # # -# 1.1.12.2 Ensure nosuid option set on /var/log/audit partition (Scored) +# Ensure nosuid option set on /var/log/audit partition (Scored) # set -e # One error, it's over diff --git a/bin/hardening/1.1.12_var_log_audit_partition.sh b/bin/hardening/var_log_audit_partition.sh similarity index 96% rename from bin/hardening/1.1.12_var_log_audit_partition.sh rename to bin/hardening/var_log_audit_partition.sh index cfc5ed0..efdb71d 100755 --- a/bin/hardening/1.1.12_var_log_audit_partition.sh +++ b/bin/hardening/var_log_audit_partition.sh @@ -6,7 +6,7 @@ # # -# 1.1.12 Ensure separate partition exists for /var/log/audit (Scored) +# Ensure separate partition exists for /var/log/audit (Scored) # set -e # One error, it's over diff --git a/bin/hardening/1.1.11.3_var_log_nodev.sh b/bin/hardening/var_log_nodev.sh similarity index 97% rename from bin/hardening/1.1.11.3_var_log_nodev.sh rename to bin/hardening/var_log_nodev.sh index 821df1b..86c75f6 100755 --- a/bin/hardening/1.1.11.3_var_log_nodev.sh +++ b/bin/hardening/var_log_nodev.sh @@ -6,7 +6,7 @@ # # -# 1.1.11.3 ensure nodev option set on /var/log partition (Scored) +# ensure nodev option set on /var/log partition (Scored) # set -e # One error, it's over diff --git a/bin/hardening/1.1.11.1_var_log_noexec.sh b/bin/hardening/var_log_noexec.sh similarity index 97% rename from bin/hardening/1.1.11.1_var_log_noexec.sh rename to bin/hardening/var_log_noexec.sh index e82fe95..812f1c1 100755 --- a/bin/hardening/1.1.11.1_var_log_noexec.sh +++ b/bin/hardening/var_log_noexec.sh @@ -6,7 +6,7 @@ # # -# 1.1.11.1 Ensure noexec option set on /var/log partition (Scored) +# Ensure noexec option set on /var/log partition (Scored) # set -e # One error, it's over diff --git a/bin/hardening/1.1.11.2_var_log_nosuid.sh b/bin/hardening/var_log_nosuid.sh similarity index 97% rename from bin/hardening/1.1.11.2_var_log_nosuid.sh rename to bin/hardening/var_log_nosuid.sh index 16c11af..f806c8f 100755 --- a/bin/hardening/1.1.11.2_var_log_nosuid.sh +++ b/bin/hardening/var_log_nosuid.sh @@ -6,7 +6,7 @@ # # -# 1.1.11.2 Ensure nosuid option set on /var/log partition (Scored) +# Ensure nosuid option set on /var/log partition (Scored) # set -e # One error, it's over diff --git a/bin/hardening/1.1.11_var_log_partition.sh b/bin/hardening/var_log_partition.sh similarity index 96% rename from bin/hardening/1.1.11_var_log_partition.sh rename to bin/hardening/var_log_partition.sh index b3c1819..baac60f 100755 --- a/bin/hardening/1.1.11_var_log_partition.sh +++ b/bin/hardening/var_log_partition.sh @@ -6,7 +6,7 @@ # # -# 1.1.11 Ensure separate partition exists for /var/log (Scored) +# Ensure separate partition exists for /var/log (Scored) # set -e # One error, it's over diff --git a/bin/hardening/1.1.6.1_var_nodev.sh b/bin/hardening/var_nodev.sh similarity index 97% rename from bin/hardening/1.1.6.1_var_nodev.sh rename to bin/hardening/var_nodev.sh index 45c92ef..4f54df4 100755 --- a/bin/hardening/1.1.6.1_var_nodev.sh +++ b/bin/hardening/var_nodev.sh @@ -6,7 +6,7 @@ # # -# 1.1.6.1 Ensure nodev option set for /var Partition (Scored) +# Ensure nodev option set for /var Partition (Scored) # set -e # One error, it's over diff --git a/bin/hardening/1.1.6.2_var_nosuid.sh b/bin/hardening/var_nosuid.sh similarity index 97% rename from bin/hardening/1.1.6.2_var_nosuid.sh rename to bin/hardening/var_nosuid.sh index 7a3f02c..9ace1ff 100755 --- a/bin/hardening/1.1.6.2_var_nosuid.sh +++ b/bin/hardening/var_nosuid.sh @@ -6,7 +6,7 @@ # # -# 1.1.6.2 Ensure nosuid option set for /var Partition (Scored) +# Ensure nosuid option set for /var Partition (Scored) # set -e # One error, it's over diff --git a/bin/hardening/1.1.6_var_partition.sh b/bin/hardening/var_partition.sh similarity index 97% rename from bin/hardening/1.1.6_var_partition.sh rename to bin/hardening/var_partition.sh index bb97a55..5ab6ee3 100755 --- a/bin/hardening/1.1.6_var_partition.sh +++ b/bin/hardening/var_partition.sh @@ -6,7 +6,7 @@ # # -# 1.1.6 Ensure separate partition exists for /var (Scored) +# Ensure separate partition exists for /var (Scored) # set -e # One error, it's over diff --git a/bin/hardening/1.1.8_var_tmp_nodev.sh b/bin/hardening/var_tmp_nodev.sh similarity index 97% rename from bin/hardening/1.1.8_var_tmp_nodev.sh rename to bin/hardening/var_tmp_nodev.sh index 84aae2a..6ba1429 100755 --- a/bin/hardening/1.1.8_var_tmp_nodev.sh +++ b/bin/hardening/var_tmp_nodev.sh @@ -6,7 +6,7 @@ # # -# 1.1.8 Ensure nodev option set on /var/tmp partition (Scored) +# Ensure nodev option set on /var/tmp partition (Scored) # set -e # One error, it's over diff --git a/bin/hardening/1.1.10_var_tmp_noexec.sh b/bin/hardening/var_tmp_noexec.sh similarity index 97% rename from bin/hardening/1.1.10_var_tmp_noexec.sh rename to bin/hardening/var_tmp_noexec.sh index 04e6853..9eeb6cf 100755 --- a/bin/hardening/1.1.10_var_tmp_noexec.sh +++ b/bin/hardening/var_tmp_noexec.sh @@ -6,7 +6,7 @@ # # -# 1.1.10 Ensure noexec option set on /var/tmp partition (Scored) +# Ensure noexec option set on /var/tmp partition (Scored) # set -e # One error, it's over diff --git a/bin/hardening/1.1.9_var_tmp_nosuid.sh b/bin/hardening/var_tmp_nosuid.sh similarity index 97% rename from bin/hardening/1.1.9_var_tmp_nosuid.sh rename to bin/hardening/var_tmp_nosuid.sh index 8f586c1..f9c1a61 100755 --- a/bin/hardening/1.1.9_var_tmp_nosuid.sh +++ b/bin/hardening/var_tmp_nosuid.sh @@ -6,7 +6,7 @@ # # -# 1.1.9 Ensure nosuid option set on /var/tmp partition (Scored) +# Ensure nosuid option set on /var/tmp partition (Scored) # set -e # One error, it's over diff --git a/bin/hardening/1.1.7_var_tmp_partition.sh b/bin/hardening/var_tmp_partition.sh similarity index 97% rename from bin/hardening/1.1.7_var_tmp_partition.sh rename to bin/hardening/var_tmp_partition.sh index 1655613..a63ed99 100755 --- a/bin/hardening/1.1.7_var_tmp_partition.sh +++ b/bin/hardening/var_tmp_partition.sh @@ -6,7 +6,7 @@ # # -# 1.1.7 Ensure separate partition exists for /var/tmp (Scored) +# Ensure separate partition exists for /var/tmp (Scored) # set -e # One error, it's over diff --git a/debian/default b/debian/default index 488eb02..8b35518 100644 --- a/debian/default +++ b/debian/default @@ -5,3 +5,4 @@ CIS_LIB_DIR='/opt/cis-hardening/lib' CIS_CHECKS_DIR="/opt/cis-hardening/bin/hardening" CIS_CONF_DIR='/opt/cis-hardening/etc' CIS_TMP_DIR='/opt/cis-hardening/tmp' +CIS_VERSIONS_DIR='/opt/cis-hardening/versions' diff --git a/lib/main.sh b/lib/main.sh index 0047d45..fbb6dd3 100644 --- a/lib/main.sh +++ b/lib/main.sh @@ -1,6 +1,7 @@ # shellcheck shell=bash # run-shellcheck +SCRIPT_FULL_PATH=$(realpath -s "$0") LONG_SCRIPT_NAME=$(basename "$0") SCRIPT_NAME=${LONG_SCRIPT_NAME%.sh} # Variable initialization, to avoid crash @@ -71,18 +72,40 @@ done info "Working on $SCRIPT_NAME" info "[DESCRIPTION] $DESCRIPTION" +# check if the script is a link +# if a file, script is executed from "bin/hardening", create a cfg file (if not already exists) +# if a link, script is executed from "version"/X", create a link, or update it if already exits +if [ -L "${SCRIPT_FULL_PATH}" ]; then + # script is a link + script_real_path=$(readlink -f "${SCRIPT_FULL_PATH}") + script_real_name=$(basename "$script_real_path") + cfg_file=$(basename -s .sh "$script_real_path").cfg + cfg_link="$SCRIPT_NAME".cfg +else + # script is a file + script_real_name=$LONG_SCRIPT_NAME + cfg_file="$SCRIPT_NAME".cfg + cfg_link="" +fi + # Source specific configuration file -if ! [ -r "${CIS_CONF_DIR}"/conf.d/"$SCRIPT_NAME".cfg ]; then +if ! [ -r "${CIS_CONF_DIR}"/conf.d/"$cfg_file" ]; then # If it doesn't exist, create it with default values - echo "# Configuration for $SCRIPT_NAME, created from default values on $(date)" >"${CIS_CONF_DIR}"/conf.d/"$SCRIPT_NAME".cfg + echo "# Configuration for $script_real_name, created from default values on $(date)" >"${CIS_CONF_DIR}"/conf.d/"$cfg_file" # If create_config is a defined function, execute it. # Otherwise, just disable the test by default. if type -t create_config | grep -qw function; then - create_config >>"${CIS_CONF_DIR}"/conf.d/"$SCRIPT_NAME".cfg + create_config >>"${CIS_CONF_DIR}"/conf.d/"$cfg_file" else - echo "status=audit" >>"${CIS_CONF_DIR}"/conf.d/"$SCRIPT_NAME".cfg + echo "status=audit" >>"${CIS_CONF_DIR}"/conf.d/"$cfg_file" fi +fi +if [ -n "$cfg_link" ]; then + if [ -f "${CIS_CONF_DIR}"/conf.d/"$cfg_link" ]; then + rm -f "${CIS_CONF_DIR}"/conf.d/"$cfg_link" + fi + ln -fs "${CIS_CONF_DIR}"/conf.d/"$cfg_file" "${CIS_CONF_DIR}"/conf.d/"$cfg_link" fi if [ "$forcedstatus" = "createconfig" ]; then diff --git a/tests/hardening/99.1.1.1_disable_cramfs.sh b/tests/hardening/99.1.1.1_disable_cramfs.sh deleted file mode 100644 index 23e8ccd..0000000 --- a/tests/hardening/99.1.1.1_disable_cramfs.sh +++ /dev/null @@ -1,20 +0,0 @@ -# shellcheck shell=bash -# run-shellcheck -test_audit() { - if [ -f "/.dockerenv" ]; then - skip "SKIPPED on docker" - else - describe Running on blank host - register_test retvalshouldbe 0 - dismiss_count_for_test - # shellcheck disable=2154 - run blank "${CIS_CHECKS_DIR}/${script}.sh" --audit-all - fi - - ################################################################## - # For this test, we only check that it runs properly on a blank # - # host, and we check root/sudo consistency. But, we don't test # - # the apply function because it can't be automated or it is very # - # long to test and not very useful. # - ################################################################## -} diff --git a/tests/hardening/99.5.4.5.1_acc_logindefs_sha512.sh b/tests/hardening/acc_logindefs_sha512.sh similarity index 100% rename from tests/hardening/99.5.4.5.1_acc_logindefs_sha512.sh rename to tests/hardening/acc_logindefs_sha512.sh diff --git a/tests/hardening/5.3.4_acc_pam_sha512.sh b/tests/hardening/acc_pam_sha512.sh similarity index 100% rename from tests/hardening/5.3.4_acc_pam_sha512.sh rename to tests/hardening/acc_pam_sha512.sh diff --git a/tests/hardening/99.5.4.5.2_acc_shadow_sha512.sh b/tests/hardening/acc_shadow_sha512.sh similarity index 100% rename from tests/hardening/99.5.4.5.2_acc_shadow_sha512.sh rename to tests/hardening/acc_shadow_sha512.sh diff --git a/tests/hardening/99.1.3_acc_sudoers_no_all.sh b/tests/hardening/acc_sudoers_no_all.sh similarity index 100% rename from tests/hardening/99.1.3_acc_sudoers_no_all.sh rename to tests/hardening/acc_sudoers_no_all.sh diff --git a/tests/hardening/1.5.1_bootloader_ownership.sh b/tests/hardening/audit_backlog_limit.sh similarity index 100% rename from tests/hardening/1.5.1_bootloader_ownership.sh rename to tests/hardening/audit_backlog_limit.sh diff --git a/tests/hardening/1.5.2_bootloader_password.sh b/tests/hardening/audit_bootloader.sh similarity index 100% rename from tests/hardening/1.5.2_bootloader_password.sh rename to tests/hardening/audit_bootloader.sh diff --git a/tests/hardening/4.1.2.1_audit_log_storage.sh b/tests/hardening/audit_log_storage.sh similarity index 100% rename from tests/hardening/4.1.2.1_audit_log_storage.sh rename to tests/hardening/audit_log_storage.sh diff --git a/tests/hardening/1.5.3_root_password.sh b/tests/hardening/bootloader_ownership.sh similarity index 100% rename from tests/hardening/1.5.3_root_password.sh rename to tests/hardening/bootloader_ownership.sh diff --git a/tests/hardening/1.6.1_enable_nx_support.sh b/tests/hardening/bootloader_password.sh similarity index 100% rename from tests/hardening/1.6.1_enable_nx_support.sh rename to tests/hardening/bootloader_password.sh diff --git a/tests/hardening/1.1.10_var_tmp_noexec.sh b/tests/hardening/check_distribution.sh similarity index 100% rename from tests/hardening/1.1.10_var_tmp_noexec.sh rename to tests/hardening/check_distribution.sh diff --git a/tests/hardening/6.2.17_check_duplicate_gid.sh b/tests/hardening/check_duplicate_gid.sh similarity index 100% rename from tests/hardening/6.2.17_check_duplicate_gid.sh rename to tests/hardening/check_duplicate_gid.sh diff --git a/tests/hardening/6.2.19_check_duplicate_groupname.sh b/tests/hardening/check_duplicate_groupname.sh similarity index 100% rename from tests/hardening/6.2.19_check_duplicate_groupname.sh rename to tests/hardening/check_duplicate_groupname.sh diff --git a/tests/hardening/6.2.16_check_duplicate_uid.sh b/tests/hardening/check_duplicate_uid.sh similarity index 100% rename from tests/hardening/6.2.16_check_duplicate_uid.sh rename to tests/hardening/check_duplicate_uid.sh diff --git a/tests/hardening/6.2.18_check_duplicate_username.sh b/tests/hardening/check_duplicate_username.sh similarity index 100% rename from tests/hardening/6.2.18_check_duplicate_username.sh rename to tests/hardening/check_duplicate_username.sh diff --git a/tests/hardening/6.2.8_check_user_dir_perm.sh b/tests/hardening/check_user_dir_perm.sh similarity index 100% rename from tests/hardening/6.2.8_check_user_dir_perm.sh rename to tests/hardening/check_user_dir_perm.sh diff --git a/tests/hardening/6.2.10_check_user_dot_file_perm.sh b/tests/hardening/check_user_dot_file_perm.sh similarity index 100% rename from tests/hardening/6.2.10_check_user_dot_file_perm.sh rename to tests/hardening/check_user_dot_file_perm.sh diff --git a/tests/hardening/1.8.1.1_remove_os_info_motd.sh b/tests/hardening/configure_chrony.sh similarity index 100% rename from tests/hardening/1.8.1.1_remove_os_info_motd.sh rename to tests/hardening/configure_chrony.sh diff --git a/tests/hardening/1.8.1.2_remove_os_info_issue.sh b/tests/hardening/configure_logrotate.sh similarity index 100% rename from tests/hardening/1.8.1.2_remove_os_info_issue.sh rename to tests/hardening/configure_logrotate.sh diff --git a/tests/hardening/1.8.1.3_remove_os_info_issue_net.sh b/tests/hardening/configure_ntp.sh similarity index 100% rename from tests/hardening/1.8.1.3_remove_os_info_issue_net.sh rename to tests/hardening/configure_ntp.sh diff --git a/tests/hardening/5.2.22_configure_ssh_max_startups.sh b/tests/hardening/configure_ssh_max_startups.sh similarity index 100% rename from tests/hardening/5.2.22_configure_ssh_max_startups.sh rename to tests/hardening/configure_ssh_max_startups.sh diff --git a/tests/hardening/1.8.2_graphical_warning_banners.sh b/tests/hardening/configure_syslog-ng.sh similarity index 100% rename from tests/hardening/1.8.2_graphical_warning_banners.sh rename to tests/hardening/configure_syslog-ng.sh diff --git a/tests/hardening/2.2.1.2_configure_systemd-timesyncd.sh b/tests/hardening/configure_systemd-timesyncd.sh similarity index 100% rename from tests/hardening/2.2.1.2_configure_systemd-timesyncd.sh rename to tests/hardening/configure_systemd-timesyncd.sh diff --git a/tests/hardening/5.1.7_cron_d_perm_ownership.sh b/tests/hardening/cron_d_perm_ownership.sh similarity index 100% rename from tests/hardening/5.1.7_cron_d_perm_ownership.sh rename to tests/hardening/cron_d_perm_ownership.sh diff --git a/tests/hardening/5.1.4_cron_daily_perm_ownership.sh b/tests/hardening/cron_daily_perm_ownership.sh similarity index 100% rename from tests/hardening/5.1.4_cron_daily_perm_ownership.sh rename to tests/hardening/cron_daily_perm_ownership.sh diff --git a/tests/hardening/5.1.3_cron_hourly_perm_ownership.sh b/tests/hardening/cron_hourly_perm_ownership.sh similarity index 100% rename from tests/hardening/5.1.3_cron_hourly_perm_ownership.sh rename to tests/hardening/cron_hourly_perm_ownership.sh diff --git a/tests/hardening/5.1.6_cron_monthly_perm_ownership.sh b/tests/hardening/cron_monthly_perm_ownership.sh similarity index 100% rename from tests/hardening/5.1.6_cron_monthly_perm_ownership.sh rename to tests/hardening/cron_monthly_perm_ownership.sh diff --git a/tests/hardening/5.1.8_cron_users.sh b/tests/hardening/cron_users.sh similarity index 100% rename from tests/hardening/5.1.8_cron_users.sh rename to tests/hardening/cron_users.sh diff --git a/tests/hardening/5.1.5_cron_weekly_perm_ownership.sh b/tests/hardening/cron_weekly_perm_ownership.sh similarity index 100% rename from tests/hardening/5.1.5_cron_weekly_perm_ownership.sh rename to tests/hardening/cron_weekly_perm_ownership.sh diff --git a/tests/hardening/5.1.2_crontab_perm_ownership.sh b/tests/hardening/crontab_perm_ownership.sh similarity index 100% rename from tests/hardening/5.1.2_crontab_perm_ownership.sh rename to tests/hardening/crontab_perm_ownership.sh diff --git a/tests/hardening/5.4.3_default_root_group.sh b/tests/hardening/default_root_group.sh similarity index 100% rename from tests/hardening/5.4.3_default_root_group.sh rename to tests/hardening/default_root_group.sh diff --git a/tests/hardening/5.4.5_default_timeout.sh b/tests/hardening/default_timeout.sh similarity index 100% rename from tests/hardening/5.4.5_default_timeout.sh rename to tests/hardening/default_timeout.sh diff --git a/tests/hardening/5.4.4_default_umask.sh b/tests/hardening/default_umask.sh similarity index 100% rename from tests/hardening/5.4.4_default_umask.sh rename to tests/hardening/default_umask.sh diff --git a/tests/hardening/1.1.11.1_var_log_noexec.sh b/tests/hardening/disable_apport.sh similarity index 100% rename from tests/hardening/1.1.11.1_var_log_noexec.sh rename to tests/hardening/disable_apport.sh diff --git a/tests/hardening/1.1.11.2_var_log_nosuid.sh b/tests/hardening/disable_automounting.sh similarity index 100% rename from tests/hardening/1.1.11.2_var_log_nosuid.sh rename to tests/hardening/disable_automounting.sh diff --git a/tests/hardening/1.1.11.3_var_log_nodev.sh b/tests/hardening/disable_avahi_server.sh similarity index 100% rename from tests/hardening/1.1.11.3_var_log_nodev.sh rename to tests/hardening/disable_avahi_server.sh diff --git a/tests/hardening/1.1.11_var_log_partition.sh b/tests/hardening/disable_bsd_inetd.sh similarity index 100% rename from tests/hardening/1.1.11_var_log_partition.sh rename to tests/hardening/disable_bsd_inetd.sh diff --git a/tests/hardening/1.1.1.1_disable_freevxfs.sh b/tests/hardening/disable_cramfs.sh similarity index 100% rename from tests/hardening/1.1.1.1_disable_freevxfs.sh rename to tests/hardening/disable_cramfs.sh diff --git a/tests/hardening/1.1.1.2_disable_jffs2.sh b/tests/hardening/disable_dccp.sh similarity index 100% rename from tests/hardening/1.1.1.2_disable_jffs2.sh rename to tests/hardening/disable_dccp.sh diff --git a/tests/hardening/1.1.12.1_var_log_audit_noexec.sh b/tests/hardening/disable_dhcp.sh similarity index 100% rename from tests/hardening/1.1.12.1_var_log_audit_noexec.sh rename to tests/hardening/disable_dhcp.sh diff --git a/tests/hardening/1.1.12.2_var_log_audit_nosuid.sh b/tests/hardening/disable_dns_server.sh similarity index 100% rename from tests/hardening/1.1.12.2_var_log_audit_nosuid.sh rename to tests/hardening/disable_dns_server.sh diff --git a/tests/hardening/1.1.1.3_disable_hfs.sh b/tests/hardening/disable_freevxfs.sh similarity index 100% rename from tests/hardening/1.1.1.3_disable_hfs.sh rename to tests/hardening/disable_freevxfs.sh diff --git a/tests/hardening/1.1.12.3_var_log_audit_nodev.sh b/tests/hardening/disable_ftp.sh similarity index 100% rename from tests/hardening/1.1.12.3_var_log_audit_nodev.sh rename to tests/hardening/disable_ftp.sh diff --git a/tests/hardening/1.1.1.4_disable_hfsplus.sh b/tests/hardening/disable_hfs.sh similarity index 100% rename from tests/hardening/1.1.1.4_disable_hfsplus.sh rename to tests/hardening/disable_hfs.sh diff --git a/tests/hardening/1.1.1.5_disable_squashfs.sh b/tests/hardening/disable_hfsplus.sh similarity index 100% rename from tests/hardening/1.1.1.5_disable_squashfs.sh rename to tests/hardening/disable_hfsplus.sh diff --git a/tests/hardening/1.1.12_var_log_audit_partition.sh b/tests/hardening/disable_http_proxy.sh similarity index 100% rename from tests/hardening/1.1.12_var_log_audit_partition.sh rename to tests/hardening/disable_http_proxy.sh diff --git a/tests/hardening/1.1.13_home_partition.sh b/tests/hardening/disable_http_server.sh similarity index 100% rename from tests/hardening/1.1.13_home_partition.sh rename to tests/hardening/disable_http_server.sh diff --git a/tests/hardening/3.3.2_disable_icmp_redirect.sh b/tests/hardening/disable_icmp_redirect.sh similarity index 100% rename from tests/hardening/3.3.2_disable_icmp_redirect.sh rename to tests/hardening/disable_icmp_redirect.sh diff --git a/tests/hardening/1.1.14.1_home_nosuid.sh b/tests/hardening/disable_imap_pop.sh similarity index 100% rename from tests/hardening/1.1.14.1_home_nosuid.sh rename to tests/hardening/disable_imap_pop.sh diff --git a/tests/hardening/3.2.2_disable_ip_forwarding.sh b/tests/hardening/disable_ip_forwarding.sh similarity index 100% rename from tests/hardening/3.2.2_disable_ip_forwarding.sh rename to tests/hardening/disable_ip_forwarding.sh diff --git a/tests/hardening/3.1.1_disable_ipv6.sh b/tests/hardening/disable_ipv6.sh similarity index 100% rename from tests/hardening/3.1.1_disable_ipv6.sh rename to tests/hardening/disable_ipv6.sh diff --git a/tests/hardening/3.3.9_disable_ipv6_router_advertisement.sh b/tests/hardening/disable_ipv6_router_advertisement.sh similarity index 100% rename from tests/hardening/3.3.9_disable_ipv6_router_advertisement.sh rename to tests/hardening/disable_ipv6_router_advertisement.sh diff --git a/tests/hardening/1.1.1.6_disable_udf.sh b/tests/hardening/disable_jffs2.sh similarity index 100% rename from tests/hardening/1.1.1.6_disable_udf.sh rename to tests/hardening/disable_jffs2.sh diff --git a/tests/hardening/1.1.14_home_nodev.sh b/tests/hardening/disable_ldap.sh similarity index 100% rename from tests/hardening/1.1.14_home_nodev.sh rename to tests/hardening/disable_ldap.sh diff --git a/tests/hardening/1.1.18_removable_device_nodev.sh b/tests/hardening/disable_ldap_client.sh similarity index 100% rename from tests/hardening/1.1.18_removable_device_nodev.sh rename to tests/hardening/disable_ldap_client.sh diff --git a/tests/hardening/1.1.19_removable_device_nosuid.sh b/tests/hardening/disable_nfs_rpc.sh similarity index 100% rename from tests/hardening/1.1.19_removable_device_nosuid.sh rename to tests/hardening/disable_nfs_rpc.sh diff --git a/tests/hardening/1.1.20_removable_device_noexec.sh b/tests/hardening/disable_nis.sh similarity index 100% rename from tests/hardening/1.1.20_removable_device_noexec.sh rename to tests/hardening/disable_nis.sh diff --git a/tests/hardening/1.1.22_disable_automounting.sh b/tests/hardening/disable_prelink.sh similarity index 100% rename from tests/hardening/1.1.22_disable_automounting.sh rename to tests/hardening/disable_prelink.sh diff --git a/tests/hardening/1.1.2_tmp_partition.sh b/tests/hardening/disable_print_server.sh similarity index 100% rename from tests/hardening/1.1.2_tmp_partition.sh rename to tests/hardening/disable_print_server.sh diff --git a/tests/hardening/1.1.1.7_restrict_fat.sh b/tests/hardening/disable_rds.sh similarity index 100% rename from tests/hardening/1.1.1.7_restrict_fat.sh rename to tests/hardening/disable_rds.sh diff --git a/tests/hardening/5.2.10_disable_root_login.sh b/tests/hardening/disable_root_login.sh similarity index 100% rename from tests/hardening/5.2.10_disable_root_login.sh rename to tests/hardening/disable_root_login.sh diff --git a/tests/hardening/1.1.3_tmp_nodev.sh b/tests/hardening/disable_rsh_client.sh similarity index 100% rename from tests/hardening/1.1.3_tmp_nodev.sh rename to tests/hardening/disable_rsh_client.sh diff --git a/tests/hardening/2.2.1.3_configure_chrony.sh b/tests/hardening/disable_rsync.sh similarity index 100% rename from tests/hardening/2.2.1.3_configure_chrony.sh rename to tests/hardening/disable_rsync.sh diff --git a/tests/hardening/1.1.4_tmp_nosuid.sh b/tests/hardening/disable_samba.sh similarity index 100% rename from tests/hardening/1.1.4_tmp_nosuid.sh rename to tests/hardening/disable_samba.sh diff --git a/tests/hardening/1.1.1.8_disable_cramfs.sh b/tests/hardening/disable_sctp.sh similarity index 100% rename from tests/hardening/1.1.1.8_disable_cramfs.sh rename to tests/hardening/disable_sctp.sh diff --git a/tests/hardening/3.3.3_disable_secure_icmp_redirect.sh b/tests/hardening/disable_secure_icmp_redirect.sh similarity index 100% rename from tests/hardening/3.3.3_disable_secure_icmp_redirect.sh rename to tests/hardening/disable_secure_icmp_redirect.sh diff --git a/tests/hardening/3.2.1_disable_send_packet_redirects.sh b/tests/hardening/disable_send_packet_redirects.sh similarity index 100% rename from tests/hardening/3.2.1_disable_send_packet_redirects.sh rename to tests/hardening/disable_send_packet_redirects.sh diff --git a/tests/hardening/1.1.5_tmp_noexec.sh b/tests/hardening/disable_snmp_server.sh similarity index 100% rename from tests/hardening/1.1.5_tmp_noexec.sh rename to tests/hardening/disable_snmp_server.sh diff --git a/tests/hardening/3.3.1_disable_source_routed_packets.sh b/tests/hardening/disable_source_routed_packets.sh similarity index 100% rename from tests/hardening/3.3.1_disable_source_routed_packets.sh rename to tests/hardening/disable_source_routed_packets.sh diff --git a/tests/hardening/3.4.1_disable_dccp.sh b/tests/hardening/disable_squashfs.sh similarity index 100% rename from tests/hardening/3.4.1_disable_dccp.sh rename to tests/hardening/disable_squashfs.sh diff --git a/tests/hardening/5.2.21_disable_ssh_allow_tcp_forwarding.sh b/tests/hardening/disable_ssh_allow_tcp_forwarding.sh similarity index 100% rename from tests/hardening/5.2.21_disable_ssh_allow_tcp_forwarding.sh rename to tests/hardening/disable_ssh_allow_tcp_forwarding.sh diff --git a/tests/hardening/5.2.9_disable_sshd_hostbasedauthentication.sh b/tests/hardening/disable_sshd_hostbasedauthentication.sh similarity index 100% rename from tests/hardening/5.2.9_disable_sshd_hostbasedauthentication.sh rename to tests/hardening/disable_sshd_hostbasedauthentication.sh diff --git a/tests/hardening/5.2.11_disable_sshd_permitemptypasswords.sh b/tests/hardening/disable_sshd_permitemptypasswords.sh similarity index 100% rename from tests/hardening/5.2.11_disable_sshd_permitemptypasswords.sh rename to tests/hardening/disable_sshd_permitemptypasswords.sh diff --git a/tests/hardening/5.2.12_disable_sshd_setenv.sh b/tests/hardening/disable_sshd_setenv.sh similarity index 100% rename from tests/hardening/5.2.12_disable_sshd_setenv.sh rename to tests/hardening/disable_sshd_setenv.sh diff --git a/tests/hardening/5.4.2_disable_system_accounts.sh b/tests/hardening/disable_system_accounts.sh similarity index 100% rename from tests/hardening/5.4.2_disable_system_accounts.sh rename to tests/hardening/disable_system_accounts.sh diff --git a/tests/hardening/1.1.6.1_var_nodev.sh b/tests/hardening/disable_talk_client.sh similarity index 100% rename from tests/hardening/1.1.6.1_var_nodev.sh rename to tests/hardening/disable_talk_client.sh diff --git a/tests/hardening/1.1.6.2_var_nosuid.sh b/tests/hardening/disable_telnet_client.sh similarity index 100% rename from tests/hardening/1.1.6.2_var_nosuid.sh rename to tests/hardening/disable_telnet_client.sh diff --git a/tests/hardening/1.1.6_var_partition.sh b/tests/hardening/disable_telnet_server.sh similarity index 100% rename from tests/hardening/1.1.6_var_partition.sh rename to tests/hardening/disable_telnet_server.sh diff --git a/tests/hardening/3.4.2_disable_sctp.sh b/tests/hardening/disable_tipc.sh similarity index 100% rename from tests/hardening/3.4.2_disable_sctp.sh rename to tests/hardening/disable_tipc.sh diff --git a/tests/hardening/3.4.3_disable_rds.sh b/tests/hardening/disable_udf.sh similarity index 100% rename from tests/hardening/3.4.3_disable_rds.sh rename to tests/hardening/disable_udf.sh diff --git a/tests/hardening/99.1.1.23_disable_usb_devices.sh b/tests/hardening/disable_usb_devices.sh similarity index 100% rename from tests/hardening/99.1.1.23_disable_usb_devices.sh rename to tests/hardening/disable_usb_devices.sh diff --git a/tests/hardening/1.1.23_disable_usb_storage.sh b/tests/hardening/disable_usb_storage.sh similarity index 100% rename from tests/hardening/1.1.23_disable_usb_storage.sh rename to tests/hardening/disable_usb_storage.sh diff --git a/tests/hardening/2.2.1.4_configure_ntp.sh b/tests/hardening/disable_wireless.sh similarity index 100% rename from tests/hardening/2.2.1.4_configure_ntp.sh rename to tests/hardening/disable_wireless.sh diff --git a/tests/hardening/5.2.6_disable_x11_forwarding.sh b/tests/hardening/disable_x11_forwarding.sh similarity index 100% rename from tests/hardening/5.2.6_disable_x11_forwarding.sh rename to tests/hardening/disable_x11_forwarding.sh diff --git a/tests/hardening/1.1.7_var_tmp_partition.sh b/tests/hardening/disable_xinetd.sh similarity index 100% rename from tests/hardening/1.1.7_var_tmp_partition.sh rename to tests/hardening/disable_xinetd.sh diff --git a/tests/hardening/1.1.8_var_tmp_nodev.sh b/tests/hardening/disable_xwindow_system.sh similarity index 100% rename from tests/hardening/1.1.8_var_tmp_nodev.sh rename to tests/hardening/disable_xwindow_system.sh diff --git a/tests/hardening/1.7.1.2_enable_apparmor.sh b/tests/hardening/enable_apparmor.sh similarity index 100% rename from tests/hardening/1.7.1.2_enable_apparmor.sh rename to tests/hardening/enable_apparmor.sh diff --git a/tests/hardening/4.1.1.2_enable_auditd.sh b/tests/hardening/enable_auditd.sh similarity index 100% rename from tests/hardening/4.1.1.2_enable_auditd.sh rename to tests/hardening/enable_auditd.sh diff --git a/tests/hardening/4.1.1.3_audit_bootloader.sh b/tests/hardening/enable_auditd_kernel.sh similarity index 100% rename from tests/hardening/4.1.1.3_audit_bootloader.sh rename to tests/hardening/enable_auditd_kernel.sh diff --git a/tests/hardening/3.3.6_enable_bad_error_message_protection.sh b/tests/hardening/enable_bad_error_message_protection.sh similarity index 100% rename from tests/hardening/3.3.6_enable_bad_error_message_protection.sh rename to tests/hardening/enable_bad_error_message_protection.sh diff --git a/tests/hardening/2.2.15_mta_localhost.sh b/tests/hardening/enable_cron.sh similarity index 100% rename from tests/hardening/2.2.15_mta_localhost.sh rename to tests/hardening/enable_cron.sh diff --git a/tests/hardening/3.5.1.1_enable_firewall.sh b/tests/hardening/enable_firewall.sh similarity index 100% rename from tests/hardening/3.5.1.1_enable_firewall.sh rename to tests/hardening/enable_firewall.sh diff --git a/tests/hardening/5.3.2_enable_lockout_failed_password.sh b/tests/hardening/enable_lockout_failed_password.sh similarity index 100% rename from tests/hardening/5.3.2_enable_lockout_failed_password.sh rename to tests/hardening/enable_lockout_failed_password.sh diff --git a/tests/hardening/4.1.1.4_audit_backlog_limit.sh b/tests/hardening/enable_nx_support.sh similarity index 100% rename from tests/hardening/4.1.1.4_audit_backlog_limit.sh rename to tests/hardening/enable_nx_support.sh diff --git a/tests/hardening/5.3.1_enable_pwquality.sh b/tests/hardening/enable_pwquality.sh similarity index 100% rename from tests/hardening/5.3.1_enable_pwquality.sh rename to tests/hardening/enable_pwquality.sh diff --git a/tests/hardening/1.1.9_var_tmp_nosuid.sh b/tests/hardening/enable_randomized_vm_placement.sh similarity index 100% rename from tests/hardening/1.1.9_var_tmp_nosuid.sh rename to tests/hardening/enable_randomized_vm_placement.sh diff --git a/tests/hardening/3.3.7_enable_source_route_validation.sh b/tests/hardening/enable_source_route_validation.sh similarity index 100% rename from tests/hardening/3.3.7_enable_source_route_validation.sh rename to tests/hardening/enable_source_route_validation.sh diff --git a/tests/hardening/5.2.20_enable_ssh_pam.sh b/tests/hardening/enable_ssh_pam.sh similarity index 100% rename from tests/hardening/5.2.20_enable_ssh_pam.sh rename to tests/hardening/enable_ssh_pam.sh diff --git a/tests/hardening/5.2.8_enable_sshd_ignorerhosts.sh b/tests/hardening/enable_sshd_ignorerhosts.sh similarity index 100% rename from tests/hardening/5.2.8_enable_sshd_ignorerhosts.sh rename to tests/hardening/enable_sshd_ignorerhosts.sh diff --git a/tests/hardening/1.4.1_install_tripwire.sh b/tests/hardening/enable_syslog-ng.sh similarity index 100% rename from tests/hardening/1.4.1_install_tripwire.sh rename to tests/hardening/enable_syslog-ng.sh diff --git a/tests/hardening/3.3.8_enable_tcp_syn_cookies.sh b/tests/hardening/enable_tcp_syn_cookies.sh similarity index 100% rename from tests/hardening/3.3.8_enable_tcp_syn_cookies.sh rename to tests/hardening/enable_tcp_syn_cookies.sh diff --git a/tests/hardening/1.7.1.3_enforce_or_complain_apparmor.sh b/tests/hardening/enforce_or_complain_apparmor.sh similarity index 100% rename from tests/hardening/1.7.1.3_enforce_or_complain_apparmor.sh rename to tests/hardening/enforce_or_complain_apparmor.sh diff --git a/tests/hardening/1.7.1.4_enforcing_apparmor.sh b/tests/hardening/enforcing_apparmor.sh similarity index 100% rename from tests/hardening/1.7.1.4_enforcing_apparmor.sh rename to tests/hardening/enforcing_apparmor.sh diff --git a/tests/hardening/6.1.8_etc_group-_permissions.sh b/tests/hardening/etc_group-_permissions.sh similarity index 100% rename from tests/hardening/6.1.8_etc_group-_permissions.sh rename to tests/hardening/etc_group-_permissions.sh diff --git a/tests/hardening/6.1.5_etc_group_permissions.sh b/tests/hardening/etc_group_permissions.sh similarity index 100% rename from tests/hardening/6.1.5_etc_group_permissions.sh rename to tests/hardening/etc_group_permissions.sh diff --git a/tests/hardening/6.1.3_etc_gshadow-_permissions.sh b/tests/hardening/etc_gshadow-_permissions.sh similarity index 100% rename from tests/hardening/6.1.3_etc_gshadow-_permissions.sh rename to tests/hardening/etc_gshadow-_permissions.sh diff --git a/tests/hardening/6.1.9_etc_gshadow_permissions.sh b/tests/hardening/etc_gshadow_permissions.sh similarity index 100% rename from tests/hardening/6.1.9_etc_gshadow_permissions.sh rename to tests/hardening/etc_gshadow_permissions.sh diff --git a/tests/hardening/1.8.1.6_etc_issue_net_perms.sh b/tests/hardening/etc_issue_net_perms.sh similarity index 100% rename from tests/hardening/1.8.1.6_etc_issue_net_perms.sh rename to tests/hardening/etc_issue_net_perms.sh diff --git a/tests/hardening/1.8.1.5_etc_issue_perms.sh b/tests/hardening/etc_issue_perms.sh similarity index 100% rename from tests/hardening/1.8.1.5_etc_issue_perms.sh rename to tests/hardening/etc_issue_perms.sh diff --git a/tests/hardening/6.1.6_etc_passwd-_permissions.sh b/tests/hardening/etc_passwd-_permissions.sh similarity index 100% rename from tests/hardening/6.1.6_etc_passwd-_permissions.sh rename to tests/hardening/etc_passwd-_permissions.sh diff --git a/tests/hardening/6.1.2_etc_passwd_permissions.sh b/tests/hardening/etc_passwd_permissions.sh similarity index 100% rename from tests/hardening/6.1.2_etc_passwd_permissions.sh rename to tests/hardening/etc_passwd_permissions.sh diff --git a/tests/hardening/6.1.7_etc_shadow-_permissions.sh b/tests/hardening/etc_shadow-_permissions.sh similarity index 100% rename from tests/hardening/6.1.7_etc_shadow-_permissions.sh rename to tests/hardening/etc_shadow-_permissions.sh diff --git a/tests/hardening/6.1.4_etc_shadow_permissions.sh b/tests/hardening/etc_shadow_permissions.sh similarity index 100% rename from tests/hardening/6.1.4_etc_shadow_permissions.sh rename to tests/hardening/etc_shadow_permissions.sh diff --git a/tests/hardening/6.2.6_find_0_uid_non_root_account.sh b/tests/hardening/find_0_uid_non_root_account.sh similarity index 100% rename from tests/hardening/6.2.6_find_0_uid_non_root_account.sh rename to tests/hardening/find_0_uid_non_root_account.sh diff --git a/tests/hardening/6.2.15_find_passwd_group_inconsistencies.sh b/tests/hardening/find_passwd_group_inconsistencies.sh similarity index 100% rename from tests/hardening/6.2.15_find_passwd_group_inconsistencies.sh rename to tests/hardening/find_passwd_group_inconsistencies.sh diff --git a/tests/hardening/6.1.14_find_sgid_files.sh b/tests/hardening/find_sgid_files.sh similarity index 100% rename from tests/hardening/6.1.14_find_sgid_files.sh rename to tests/hardening/find_sgid_files.sh diff --git a/tests/hardening/6.1.13_find_suid_files.sh b/tests/hardening/find_suid_files.sh similarity index 100% rename from tests/hardening/6.1.13_find_suid_files.sh rename to tests/hardening/find_suid_files.sh diff --git a/tests/hardening/6.1.12_find_ungrouped_files.sh b/tests/hardening/find_ungrouped_files.sh similarity index 79% rename from tests/hardening/6.1.12_find_ungrouped_files.sh rename to tests/hardening/find_ungrouped_files.sh index 6747c45..7bb1d73 100644 --- a/tests/hardening/6.1.12_find_ungrouped_files.sh +++ b/tests/hardening/find_ungrouped_files.sh @@ -4,8 +4,9 @@ test_audit() { describe Running void to generate the conf file that will later be edited # shellcheck disable=2154 "${CIS_CHECKS_DIR}/${script}.sh" || true + sed -i '/^EXCLUDED/d' "${CIS_CONF_DIR}/conf.d/${script}.cfg" # shellcheck disable=2016 - echo 'EXCLUDED="$EXCLUDED ^/home/secaudit/6.1.12/.*"' >>"${CIS_CONF_DIR}/conf.d/${script}.cfg" + echo 'EXCLUDED="^/proc|^/home/secaudit/6.1.12/.*"' >>"${CIS_CONF_DIR}/conf.d/${script}.cfg" mkdir /home/secaudit/6.1.12/ touch /home/secaudit/6.1.12/test chown 1200:1200 /home/secaudit/6.1.12/test @@ -25,17 +26,20 @@ test_audit() { run noncompliant "${CIS_CHECKS_DIR}/${script}.sh" --audit-all describe Tests failing with find ignore flag + sed -i '/^FIND_IGNORE_NOSUCHFILE_ERR/d' "${CIS_CONF_DIR}/conf.d/${script}.cfg" echo 'FIND_IGNORE_NOSUCHFILE_ERR=true' >>"${CIS_CONF_DIR}/conf.d/${script}.cfg" register_test retvalshouldbe 1 register_test contain "Some ungrouped files are present" run noncompliant "${CIS_CHECKS_DIR}/${script}.sh" --audit-all describe correcting situation - sed -i 's/audit/enabled/' "${CIS_CONF_DIR}/conf.d/${script}.cfg" + sed -i '/^status/s/audit/enabled/' "${CIS_CONF_DIR}/conf.d/${script}.cfg" "${CIS_CHECKS_DIR}/${script}.sh" --apply || true describe Checking resolved state register_test retvalshouldbe 0 register_test contain "No ungrouped files found" run resolved "${CIS_CHECKS_DIR}/${script}.sh" --audit-all + + rm -rf /home/secaudit/6.1.12/ /home/secaudit/ungrouped } diff --git a/tests/hardening/6.1.11_find_unowned_files.sh b/tests/hardening/find_unowned_files.sh similarity index 78% rename from tests/hardening/6.1.11_find_unowned_files.sh rename to tests/hardening/find_unowned_files.sh index 5480388..a925735 100644 --- a/tests/hardening/6.1.11_find_unowned_files.sh +++ b/tests/hardening/find_unowned_files.sh @@ -4,8 +4,9 @@ test_audit() { describe Running void to generate the conf file that will later be edited # shellcheck disable=2154 "${CIS_CHECKS_DIR}/${script}.sh" || true + sed -i '/^EXCLUDED/d' "${CIS_CONF_DIR}/conf.d/${script}.cfg" # shellcheck disable=2016 - echo 'EXCLUDED="$EXCLUDED ^/home/secaudit/6.1.11/.*"' >>"${CIS_CONF_DIR}/conf.d/${script}.cfg" + echo 'EXCLUDED="/proc|^/home/secaudit/6.1.11/.*"' >>"${CIS_CONF_DIR}/conf.d/${script}.cfg" mkdir /home/secaudit/6.1.11/ touch /home/secaudit/6.1.11/test chown 1200 /home/secaudit/6.1.11/test @@ -25,17 +26,20 @@ test_audit() { run noncompliant "${CIS_CHECKS_DIR}/${script}.sh" --audit-all describe Tests failing with find ignore flag + sed -i '/^FIND_IGNORE_NOSUCHFILE_ERR/d' "${CIS_CONF_DIR}/conf.d/${script}.cfg" echo 'FIND_IGNORE_NOSUCHFILE_ERR=true' >>"${CIS_CONF_DIR}/conf.d/${script}.cfg" register_test retvalshouldbe 1 register_test contain "Some unowned files are present" run noncompliant "${CIS_CHECKS_DIR}/${script}.sh" --audit-all describe correcting situation - sed -i 's/audit/enabled/' "${CIS_CONF_DIR}/conf.d/${script}.cfg" + sed -i '/^status/s/audit/enabled/' "${CIS_CONF_DIR}/conf.d/${script}.cfg" "${CIS_CHECKS_DIR}/${script}.sh" || true describe Checking resolved state register_test retvalshouldbe 0 register_test contain "No unowned files found" run resolved "${CIS_CHECKS_DIR}/${script}.sh" --audit-all + + rm -rf /home/secaudit/6.1.11 /home/secaudit/unowned } diff --git a/tests/hardening/6.2.11_find_user_forward_files.sh b/tests/hardening/find_user_forward_files.sh similarity index 100% rename from tests/hardening/6.2.11_find_user_forward_files.sh rename to tests/hardening/find_user_forward_files.sh diff --git a/tests/hardening/6.2.12_find_user_netrc_files.sh b/tests/hardening/find_user_netrc_files.sh similarity index 100% rename from tests/hardening/6.2.12_find_user_netrc_files.sh rename to tests/hardening/find_user_netrc_files.sh diff --git a/tests/hardening/6.2.14_find_user_rhosts_files.sh b/tests/hardening/find_user_rhosts_files.sh similarity index 100% rename from tests/hardening/6.2.14_find_user_rhosts_files.sh rename to tests/hardening/find_user_rhosts_files.sh diff --git a/tests/hardening/6.1.10_find_world_writable_file.sh b/tests/hardening/find_world_writable_file.sh similarity index 100% rename from tests/hardening/6.1.10_find_world_writable_file.sh rename to tests/hardening/find_world_writable_file.sh diff --git a/tests/hardening/4.1.17_freeze_auditd_conf.sh b/tests/hardening/freeze_auditd_conf.sh similarity index 100% rename from tests/hardening/4.1.17_freeze_auditd_conf.sh rename to tests/hardening/freeze_auditd_conf.sh diff --git a/tests/hardening/2.2.16_disable_rsync.sh b/tests/hardening/graphical_warning_banners.sh similarity index 100% rename from tests/hardening/2.2.16_disable_rsync.sh rename to tests/hardening/graphical_warning_banners.sh diff --git a/tests/hardening/4.1.2.2_halt_when_audit_log_full.sh b/tests/hardening/halt_when_audit_log_full.sh similarity index 100% rename from tests/hardening/4.1.2.2_halt_when_audit_log_full.sh rename to tests/hardening/halt_when_audit_log_full.sh diff --git a/tests/hardening/1.6.2_enable_randomized_vm_placement.sh b/tests/hardening/home_nodev.sh similarity index 100% rename from tests/hardening/1.6.2_enable_randomized_vm_placement.sh rename to tests/hardening/home_nodev.sh diff --git a/tests/hardening/1.6.3.1_disable_apport.sh b/tests/hardening/home_nosuid.sh similarity index 100% rename from tests/hardening/1.6.3.1_disable_apport.sh rename to tests/hardening/home_nosuid.sh diff --git a/tests/hardening/1.6.3_disable_prelink.sh b/tests/hardening/home_partition.sh similarity index 100% rename from tests/hardening/1.6.3_disable_prelink.sh rename to tests/hardening/home_partition.sh diff --git a/tests/hardening/3.1.2_disable_wireless.sh b/tests/hardening/hosts_allow.sh similarity index 100% rename from tests/hardening/3.1.2_disable_wireless.sh rename to tests/hardening/hosts_allow.sh diff --git a/tests/hardening/4.2.1.3_configure_syslog-ng.sh b/tests/hardening/hosts_allow_permissions.sh similarity index 100% rename from tests/hardening/4.2.1.3_configure_syslog-ng.sh rename to tests/hardening/hosts_allow_permissions.sh diff --git a/tests/hardening/4.2.1.4_syslog_ng_logfiles_perm.sh b/tests/hardening/hosts_deny.sh similarity index 100% rename from tests/hardening/4.2.1.4_syslog_ng_logfiles_perm.sh rename to tests/hardening/hosts_deny.sh diff --git a/tests/hardening/4.2.3_logs_permissions.sh b/tests/hardening/hosts_deny_permissions.sh similarity index 100% rename from tests/hardening/4.2.3_logs_permissions.sh rename to tests/hardening/hosts_deny_permissions.sh diff --git a/tests/hardening/3.3.5_ignore_broadcast_requests.sh b/tests/hardening/ignore_broadcast_requests.sh similarity index 100% rename from tests/hardening/3.3.5_ignore_broadcast_requests.sh rename to tests/hardening/ignore_broadcast_requests.sh diff --git a/tests/hardening/1.7.1.1_install_apparmor.sh b/tests/hardening/install_apparmor.sh similarity index 100% rename from tests/hardening/1.7.1.1_install_apparmor.sh rename to tests/hardening/install_apparmor.sh diff --git a/tests/hardening/1.9_install_updates.sh b/tests/hardening/install_auditd.sh similarity index 100% rename from tests/hardening/1.9_install_updates.sh rename to tests/hardening/install_auditd.sh diff --git a/tests/hardening/1.3.1_install_sudo.sh b/tests/hardening/install_sudo.sh similarity index 100% rename from tests/hardening/1.3.1_install_sudo.sh rename to tests/hardening/install_sudo.sh diff --git a/tests/hardening/2.1.1_disable_xinetd.sh b/tests/hardening/install_syslog-ng.sh similarity index 100% rename from tests/hardening/2.1.1_disable_xinetd.sh rename to tests/hardening/install_syslog-ng.sh diff --git a/tests/hardening/4.3_configure_logrotate.sh b/tests/hardening/install_tcp_wrapper.sh similarity index 100% rename from tests/hardening/4.3_configure_logrotate.sh rename to tests/hardening/install_tcp_wrapper.sh diff --git a/tests/hardening/2.1.2_disable_bsd_inetd.sh b/tests/hardening/install_tripwire.sh similarity index 100% rename from tests/hardening/2.1.2_disable_bsd_inetd.sh rename to tests/hardening/install_tripwire.sh diff --git a/tests/hardening/2.2.10_disable_http_server.sh b/tests/hardening/install_updates.sh similarity index 100% rename from tests/hardening/2.2.10_disable_http_server.sh rename to tests/hardening/install_updates.sh diff --git a/tests/hardening/4.2.2.2_journald_compress.sh b/tests/hardening/journald_compress.sh similarity index 100% rename from tests/hardening/4.2.2.2_journald_compress.sh rename to tests/hardening/journald_compress.sh diff --git a/tests/hardening/4.2.2.1_journald_logs.sh b/tests/hardening/journald_logs.sh similarity index 100% rename from tests/hardening/4.2.2.1_journald_logs.sh rename to tests/hardening/journald_logs.sh diff --git a/tests/hardening/4.2.2.3_journald_write_persistent.sh b/tests/hardening/journald_write_persistent.sh similarity index 100% rename from tests/hardening/4.2.2.3_journald_write_persistent.sh rename to tests/hardening/journald_write_persistent.sh diff --git a/tests/hardening/4.1.2.3_keep_all_audit_logs.sh b/tests/hardening/keep_all_audit_logs.sh similarity index 100% rename from tests/hardening/4.1.2.3_keep_all_audit_logs.sh rename to tests/hardening/keep_all_audit_logs.sh diff --git a/tests/hardening/5.1.1_enable_cron.sh b/tests/hardening/last_password_change_past.sh similarity index 100% rename from tests/hardening/5.1.1_enable_cron.sh rename to tests/hardening/last_password_change_past.sh diff --git a/tests/hardening/5.3.3_limit_password_reuse.sh b/tests/hardening/limit_password_reuse.sh similarity index 100% rename from tests/hardening/5.3.3_limit_password_reuse.sh rename to tests/hardening/limit_password_reuse.sh diff --git a/tests/hardening/5.2.23_limit_ssh_max_sessions.sh b/tests/hardening/limit_ssh_max_sessions.sh similarity index 100% rename from tests/hardening/5.2.23_limit_ssh_max_sessions.sh rename to tests/hardening/limit_ssh_max_sessions.sh diff --git a/tests/hardening/5.4.1.4_lock_inactive_user_account.sh b/tests/hardening/lock_inactive_user_account.sh similarity index 100% rename from tests/hardening/5.4.1.4_lock_inactive_user_account.sh rename to tests/hardening/lock_inactive_user_account.sh diff --git a/tests/hardening/3.3.4_log_martian_packets.sh b/tests/hardening/log_martian_packets.sh similarity index 100% rename from tests/hardening/3.3.4_log_martian_packets.sh rename to tests/hardening/log_martian_packets.sh diff --git a/tests/hardening/1.3.3_logfile_sudo.sh b/tests/hardening/logfile_sudo.sh similarity index 100% rename from tests/hardening/1.3.3_logfile_sudo.sh rename to tests/hardening/logfile_sudo.sh diff --git a/tests/hardening/4.4_logrotate_permissions.sh b/tests/hardening/logrotate_permissions.sh similarity index 100% rename from tests/hardening/4.4_logrotate_permissions.sh rename to tests/hardening/logrotate_permissions.sh diff --git a/tests/hardening/5.4.1.5_last_password_change_past.sh b/tests/hardening/logs_permissions.sh similarity index 100% rename from tests/hardening/5.4.1.5_last_password_change_past.sh rename to tests/hardening/logs_permissions.sh diff --git a/tests/hardening/1.8.1.4_motd_perms.sh b/tests/hardening/motd_perms.sh similarity index 100% rename from tests/hardening/1.8.1.4_motd_perms.sh rename to tests/hardening/motd_perms.sh diff --git a/tests/hardening/5.5_secure_tty.sh b/tests/hardening/mta_localhost.sh similarity index 100% rename from tests/hardening/5.5_secure_tty.sh rename to tests/hardening/mta_localhost.sh diff --git a/tests/hardening/3.5.4.1.1_net_fw_default_policy_drop.sh b/tests/hardening/net_fw_default_policy_drop.sh similarity index 100% rename from tests/hardening/3.5.4.1.1_net_fw_default_policy_drop.sh rename to tests/hardening/net_fw_default_policy_drop.sh diff --git a/tests/hardening/1.3.2_pty_sudo.sh b/tests/hardening/pty_sudo.sh similarity index 100% rename from tests/hardening/1.3.2_pty_sudo.sh rename to tests/hardening/pty_sudo.sh diff --git a/tests/hardening/4.1.9_record_dac_edit.sh b/tests/hardening/record_dac_edit.sh similarity index 100% rename from tests/hardening/4.1.9_record_dac_edit.sh rename to tests/hardening/record_dac_edit.sh diff --git a/tests/hardening/4.1.3_record_date_time_edit.sh b/tests/hardening/record_date_time_edit.sh similarity index 100% rename from tests/hardening/4.1.3_record_date_time_edit.sh rename to tests/hardening/record_date_time_edit.sh diff --git a/tests/hardening/4.1.10_record_failed_access_file.sh b/tests/hardening/record_failed_access_file.sh similarity index 100% rename from tests/hardening/4.1.10_record_failed_access_file.sh rename to tests/hardening/record_failed_access_file.sh diff --git a/tests/hardening/4.1.13_record_file_deletions.sh b/tests/hardening/record_file_deletions.sh similarity index 100% rename from tests/hardening/4.1.13_record_file_deletions.sh rename to tests/hardening/record_file_deletions.sh diff --git a/tests/hardening/4.1.16_record_kernel_modules.sh b/tests/hardening/record_kernel_modules.sh similarity index 100% rename from tests/hardening/4.1.16_record_kernel_modules.sh rename to tests/hardening/record_kernel_modules.sh diff --git a/tests/hardening/4.1.7_record_login_logout.sh b/tests/hardening/record_login_logout.sh similarity index 100% rename from tests/hardening/4.1.7_record_login_logout.sh rename to tests/hardening/record_login_logout.sh diff --git a/tests/hardening/4.1.6_record_mac_edit.sh b/tests/hardening/record_mac_edit.sh similarity index 100% rename from tests/hardening/4.1.6_record_mac_edit.sh rename to tests/hardening/record_mac_edit.sh diff --git a/tests/hardening/4.1.5_record_network_edit.sh b/tests/hardening/record_network_edit.sh similarity index 100% rename from tests/hardening/4.1.5_record_network_edit.sh rename to tests/hardening/record_network_edit.sh diff --git a/tests/hardening/4.1.11_record_privileged_commands.sh b/tests/hardening/record_privileged_commands.sh similarity index 100% rename from tests/hardening/4.1.11_record_privileged_commands.sh rename to tests/hardening/record_privileged_commands.sh diff --git a/tests/hardening/4.1.8_record_session_init.sh b/tests/hardening/record_session_init.sh similarity index 100% rename from tests/hardening/4.1.8_record_session_init.sh rename to tests/hardening/record_session_init.sh diff --git a/tests/hardening/4.1.12_record_successful_mount.sh b/tests/hardening/record_successful_mount.sh similarity index 100% rename from tests/hardening/4.1.12_record_successful_mount.sh rename to tests/hardening/record_successful_mount.sh diff --git a/tests/hardening/4.1.15_record_sudo_usage.sh b/tests/hardening/record_sudo_usage.sh similarity index 100% rename from tests/hardening/4.1.15_record_sudo_usage.sh rename to tests/hardening/record_sudo_usage.sh diff --git a/tests/hardening/4.1.14_record_sudoers_edit.sh b/tests/hardening/record_sudoers_edit.sh similarity index 100% rename from tests/hardening/4.1.14_record_sudoers_edit.sh rename to tests/hardening/record_sudoers_edit.sh diff --git a/tests/hardening/4.1.4_record_user_group_edit.sh b/tests/hardening/record_user_group_edit.sh similarity index 100% rename from tests/hardening/4.1.4_record_user_group_edit.sh rename to tests/hardening/record_user_group_edit.sh diff --git a/tests/hardening/4.2.1.6_remote_syslog-ng_acl.sh b/tests/hardening/remote_syslog-ng_acl.sh similarity index 100% rename from tests/hardening/4.2.1.6_remote_syslog-ng_acl.sh rename to tests/hardening/remote_syslog-ng_acl.sh diff --git a/tests/hardening/2.2.11_disable_imap_pop.sh b/tests/hardening/removable_device_nodev.sh similarity index 100% rename from tests/hardening/2.2.11_disable_imap_pop.sh rename to tests/hardening/removable_device_nodev.sh diff --git a/tests/hardening/2.2.12_disable_samba.sh b/tests/hardening/removable_device_noexec.sh similarity index 100% rename from tests/hardening/2.2.12_disable_samba.sh rename to tests/hardening/removable_device_noexec.sh diff --git a/tests/hardening/2.2.13_disable_http_proxy.sh b/tests/hardening/removable_device_nosuid.sh similarity index 100% rename from tests/hardening/2.2.13_disable_http_proxy.sh rename to tests/hardening/removable_device_nosuid.sh diff --git a/tests/hardening/6.2.1_remove_empty_password_field.sh b/tests/hardening/remove_empty_password_field.sh similarity index 100% rename from tests/hardening/6.2.1_remove_empty_password_field.sh rename to tests/hardening/remove_empty_password_field.sh diff --git a/tests/hardening/6.2.5_remove_legacy_group_entries.sh b/tests/hardening/remove_legacy_group_entries.sh similarity index 100% rename from tests/hardening/6.2.5_remove_legacy_group_entries.sh rename to tests/hardening/remove_legacy_group_entries.sh diff --git a/tests/hardening/6.2.2_remove_legacy_passwd_entries.sh b/tests/hardening/remove_legacy_passwd_entries.sh similarity index 100% rename from tests/hardening/6.2.2_remove_legacy_passwd_entries.sh rename to tests/hardening/remove_legacy_passwd_entries.sh diff --git a/tests/hardening/6.2.4_remove_legacy_shadow_entries.sh b/tests/hardening/remove_legacy_shadow_entries.sh similarity index 100% rename from tests/hardening/6.2.4_remove_legacy_shadow_entries.sh rename to tests/hardening/remove_legacy_shadow_entries.sh diff --git a/tests/hardening/99.3.3.1_install_tcp_wrapper.sh b/tests/hardening/remove_os_info_issue.sh similarity index 100% rename from tests/hardening/99.3.3.1_install_tcp_wrapper.sh rename to tests/hardening/remove_os_info_issue.sh diff --git a/tests/hardening/99.3.3.2_hosts_allow.sh b/tests/hardening/remove_os_info_issue_net.sh similarity index 100% rename from tests/hardening/99.3.3.2_hosts_allow.sh rename to tests/hardening/remove_os_info_issue_net.sh diff --git a/tests/hardening/99.3.3.3_hosts_deny.sh b/tests/hardening/remove_os_info_motd.sh similarity index 100% rename from tests/hardening/99.3.3.3_hosts_deny.sh rename to tests/hardening/remove_os_info_motd.sh diff --git a/tests/hardening/1.6.4_restrict_core_dumps.sh b/tests/hardening/restrict_core_dumps.sh similarity index 100% rename from tests/hardening/1.6.4_restrict_core_dumps.sh rename to tests/hardening/restrict_core_dumps.sh diff --git a/tests/hardening/3.4.4_disable_tipc.sh b/tests/hardening/restrict_fat.sh similarity index 100% rename from tests/hardening/3.4.4_disable_tipc.sh rename to tests/hardening/restrict_fat.sh diff --git a/tests/hardening/5.6_restrict_su.sh b/tests/hardening/restrict_su.sh similarity index 100% rename from tests/hardening/5.6_restrict_su.sh rename to tests/hardening/restrict_su.sh diff --git a/tests/hardening/99.4.0_enable_auditd_kernel.sh b/tests/hardening/root_password.sh similarity index 100% rename from tests/hardening/99.4.0_enable_auditd_kernel.sh rename to tests/hardening/root_password.sh diff --git a/tests/hardening/1.1.15_run_shm_nodev.sh b/tests/hardening/run_shm_nodev.sh similarity index 100% rename from tests/hardening/1.1.15_run_shm_nodev.sh rename to tests/hardening/run_shm_nodev.sh diff --git a/tests/hardening/1.1.16_run_shm_nosuid.sh b/tests/hardening/run_shm_noexec.sh similarity index 100% rename from tests/hardening/1.1.16_run_shm_nosuid.sh rename to tests/hardening/run_shm_noexec.sh diff --git a/tests/hardening/1.1.17_run_shm_noexec.sh b/tests/hardening/run_shm_nosuid.sh similarity index 100% rename from tests/hardening/1.1.17_run_shm_noexec.sh rename to tests/hardening/run_shm_nosuid.sh diff --git a/tests/hardening/6.2.7_sanitize_root_path.sh b/tests/hardening/sanitize_root_path.sh similarity index 100% rename from tests/hardening/6.2.7_sanitize_root_path.sh rename to tests/hardening/sanitize_root_path.sh diff --git a/tests/hardening/99.3.3.4_hosts_allow_permissions.sh b/tests/hardening/secure_tty.sh similarity index 100% rename from tests/hardening/99.3.3.4_hosts_allow_permissions.sh rename to tests/hardening/secure_tty.sh diff --git a/tests/hardening/5.4.1.1_set_password_exp_days.sh b/tests/hardening/set_password_exp_days.sh similarity index 100% rename from tests/hardening/5.4.1.1_set_password_exp_days.sh rename to tests/hardening/set_password_exp_days.sh diff --git a/tests/hardening/5.4.1.3_set_password_exp_warning_days.sh b/tests/hardening/set_password_exp_warning_days.sh similarity index 100% rename from tests/hardening/5.4.1.3_set_password_exp_warning_days.sh rename to tests/hardening/set_password_exp_warning_days.sh diff --git a/tests/hardening/5.4.1.2_set_password_min_days_change.sh b/tests/hardening/set_password_min_days_change.sh similarity index 100% rename from tests/hardening/5.4.1.2_set_password_min_days_change.sh rename to tests/hardening/set_password_min_days_change.sh diff --git a/tests/hardening/6.2.13_set_perm_on_user_netrc.sh b/tests/hardening/set_perm_on_user_netrc.sh similarity index 100% rename from tests/hardening/6.2.13_set_perm_on_user_netrc.sh rename to tests/hardening/set_perm_on_user_netrc.sh diff --git a/tests/hardening/6.2.20_shadow_group_empty.sh b/tests/hardening/shadow_group_empty.sh similarity index 100% rename from tests/hardening/6.2.20_shadow_group_empty.sh rename to tests/hardening/shadow_group_empty.sh diff --git a/tests/hardening/99.5.2.1_ssh_auth_pubk_only.sh b/tests/hardening/ssh_auth_pubk_only.sh similarity index 100% rename from tests/hardening/99.5.2.1_ssh_auth_pubk_only.sh rename to tests/hardening/ssh_auth_pubk_only.sh diff --git a/tests/hardening/5.2.19_ssh_banner.sh b/tests/hardening/ssh_banner.sh similarity index 100% rename from tests/hardening/5.2.19_ssh_banner.sh rename to tests/hardening/ssh_banner.sh diff --git a/tests/hardening/5.2.15_ssh_cry_kex.sh b/tests/hardening/ssh_cry_kex.sh similarity index 100% rename from tests/hardening/5.2.15_ssh_cry_kex.sh rename to tests/hardening/ssh_cry_kex.sh diff --git a/tests/hardening/5.2.14_ssh_cry_mac.sh b/tests/hardening/ssh_cry_mac.sh similarity index 100% rename from tests/hardening/5.2.14_ssh_cry_mac.sh rename to tests/hardening/ssh_cry_mac.sh diff --git a/tests/hardening/99.5.2.2_ssh_cry_rekey.sh b/tests/hardening/ssh_cry_rekey.sh similarity index 100% rename from tests/hardening/99.5.2.2_ssh_cry_rekey.sh rename to tests/hardening/ssh_cry_rekey.sh diff --git a/tests/hardening/99.5.2.3_ssh_disable_features.sh b/tests/hardening/ssh_disable_features.sh similarity index 100% rename from tests/hardening/99.5.2.3_ssh_disable_features.sh rename to tests/hardening/ssh_disable_features.sh diff --git a/tests/hardening/5.2.2_ssh_host_private_keys_perm_ownership.sh b/tests/hardening/ssh_host_private_keys_perm_ownership.sh similarity index 100% rename from tests/hardening/5.2.2_ssh_host_private_keys_perm_ownership.sh rename to tests/hardening/ssh_host_private_keys_perm_ownership.sh diff --git a/tests/hardening/5.2.3_ssh_host_public_keys_perm_ownership.sh b/tests/hardening/ssh_host_public_keys_perm_ownership.sh similarity index 100% rename from tests/hardening/5.2.3_ssh_host_public_keys_perm_ownership.sh rename to tests/hardening/ssh_host_public_keys_perm_ownership.sh diff --git a/tests/hardening/99.5.2.4_ssh_keys_from.sh b/tests/hardening/ssh_keys_from.sh similarity index 100% rename from tests/hardening/99.5.2.4_ssh_keys_from.sh rename to tests/hardening/ssh_keys_from.sh diff --git a/tests/hardening/99.5.2.5_ssh_strict_modes.sh b/tests/hardening/ssh_strict_modes.sh similarity index 100% rename from tests/hardening/99.5.2.5_ssh_strict_modes.sh rename to tests/hardening/ssh_strict_modes.sh diff --git a/tests/hardening/99.5.2.6_ssh_sys_accept_env.sh b/tests/hardening/ssh_sys_accept_env.sh similarity index 100% rename from tests/hardening/99.5.2.6_ssh_sys_accept_env.sh rename to tests/hardening/ssh_sys_accept_env.sh diff --git a/tests/hardening/99.5.2.7_ssh_sys_no_legacy.sh b/tests/hardening/ssh_sys_no_legacy.sh similarity index 100% rename from tests/hardening/99.5.2.7_ssh_sys_no_legacy.sh rename to tests/hardening/ssh_sys_no_legacy.sh diff --git a/tests/hardening/5.2.13_sshd_ciphers.sh b/tests/hardening/sshd_ciphers.sh similarity index 100% rename from tests/hardening/5.2.13_sshd_ciphers.sh rename to tests/hardening/sshd_ciphers.sh diff --git a/tests/hardening/5.2.1_sshd_conf_perm_ownership.sh b/tests/hardening/sshd_conf_perm_ownership.sh similarity index 100% rename from tests/hardening/5.2.1_sshd_conf_perm_ownership.sh rename to tests/hardening/sshd_conf_perm_ownership.sh diff --git a/tests/hardening/5.2.16_sshd_idle_timeout.sh b/tests/hardening/sshd_idle_timeout.sh similarity index 100% rename from tests/hardening/5.2.16_sshd_idle_timeout.sh rename to tests/hardening/sshd_idle_timeout.sh diff --git a/tests/hardening/5.2.18_sshd_limit_access.sh b/tests/hardening/sshd_limit_access.sh similarity index 100% rename from tests/hardening/5.2.18_sshd_limit_access.sh rename to tests/hardening/sshd_limit_access.sh diff --git a/tests/hardening/5.2.17_sshd_login_grace_time.sh b/tests/hardening/sshd_login_grace_time.sh similarity index 100% rename from tests/hardening/5.2.17_sshd_login_grace_time.sh rename to tests/hardening/sshd_login_grace_time.sh diff --git a/tests/hardening/5.2.5_sshd_loglevel.sh b/tests/hardening/sshd_loglevel.sh similarity index 100% rename from tests/hardening/5.2.5_sshd_loglevel.sh rename to tests/hardening/sshd_loglevel.sh diff --git a/tests/hardening/5.2.7_sshd_maxauthtries.sh b/tests/hardening/sshd_maxauthtries.sh similarity index 100% rename from tests/hardening/5.2.7_sshd_maxauthtries.sh rename to tests/hardening/sshd_maxauthtries.sh diff --git a/tests/hardening/5.2.4_sshd_protocol.sh b/tests/hardening/sshd_protocol.sh similarity index 100% rename from tests/hardening/5.2.4_sshd_protocol.sh rename to tests/hardening/sshd_protocol.sh diff --git a/tests/hardening/1.1.21_sticky_bit_world_writable_folder.sh b/tests/hardening/sticky_bit_world_writable_folder.sh similarity index 100% rename from tests/hardening/1.1.21_sticky_bit_world_writable_folder.sh rename to tests/hardening/sticky_bit_world_writable_folder.sh diff --git a/tests/hardening/4.2.1.5_syslog-ng_remote_host.sh b/tests/hardening/syslog-ng_remote_host.sh similarity index 100% rename from tests/hardening/4.2.1.5_syslog-ng_remote_host.sh rename to tests/hardening/syslog-ng_remote_host.sh diff --git a/tests/hardening/99.3.3.5_hosts_deny_permissions.sh b/tests/hardening/syslog_ng_logfiles_perm.sh similarity index 100% rename from tests/hardening/99.3.3.5_hosts_deny_permissions.sh rename to tests/hardening/syslog_ng_logfiles_perm.sh diff --git a/tests/hardening/2.2.14_disable_snmp_server.sh b/tests/hardening/tmp_nodev.sh similarity index 100% rename from tests/hardening/2.2.14_disable_snmp_server.sh rename to tests/hardening/tmp_nodev.sh diff --git a/tests/hardening/2.2.17_disable_nis.sh b/tests/hardening/tmp_noexec.sh similarity index 100% rename from tests/hardening/2.2.17_disable_nis.sh rename to tests/hardening/tmp_noexec.sh diff --git a/tests/hardening/2.2.2_disable_xwindow_system.sh b/tests/hardening/tmp_nosuid.sh similarity index 100% rename from tests/hardening/2.2.2_disable_xwindow_system.sh rename to tests/hardening/tmp_nosuid.sh diff --git a/tests/hardening/2.2.3_disable_avahi_server.sh b/tests/hardening/tmp_partition.sh similarity index 100% rename from tests/hardening/2.2.3_disable_avahi_server.sh rename to tests/hardening/tmp_partition.sh diff --git a/tests/hardening/1.4.2_tripwire_cron.sh b/tests/hardening/tripwire_cron.sh similarity index 100% rename from tests/hardening/1.4.2_tripwire_cron.sh rename to tests/hardening/tripwire_cron.sh diff --git a/tests/hardening/2.2.4_disable_print_server.sh b/tests/hardening/uninstall_nis.sh similarity index 100% rename from tests/hardening/2.2.4_disable_print_server.sh rename to tests/hardening/uninstall_nis.sh diff --git a/tests/hardening/2.2.1.1_use_time_sync.sh b/tests/hardening/use_time_sync.sh similarity index 100% rename from tests/hardening/2.2.1.1_use_time_sync.sh rename to tests/hardening/use_time_sync.sh diff --git a/tests/hardening/6.2.3_users_homedir_exist.sh b/tests/hardening/users_homedir_exist.sh similarity index 100% rename from tests/hardening/6.2.3_users_homedir_exist.sh rename to tests/hardening/users_homedir_exist.sh diff --git a/tests/hardening/6.2.9_users_homedir_ownership.sh b/tests/hardening/users_homedir_ownership.sh similarity index 100% rename from tests/hardening/6.2.9_users_homedir_ownership.sh rename to tests/hardening/users_homedir_ownership.sh diff --git a/tests/hardening/2.2.5_disable_dhcp.sh b/tests/hardening/var_log_audit_nodev.sh similarity index 100% rename from tests/hardening/2.2.5_disable_dhcp.sh rename to tests/hardening/var_log_audit_nodev.sh diff --git a/tests/hardening/2.2.6_disable_ldap.sh b/tests/hardening/var_log_audit_noexec.sh similarity index 100% rename from tests/hardening/2.2.6_disable_ldap.sh rename to tests/hardening/var_log_audit_noexec.sh diff --git a/tests/hardening/2.2.7_disable_nfs_rpc.sh b/tests/hardening/var_log_audit_nosuid.sh similarity index 100% rename from tests/hardening/2.2.7_disable_nfs_rpc.sh rename to tests/hardening/var_log_audit_nosuid.sh diff --git a/tests/hardening/2.2.8_disable_dns_server.sh b/tests/hardening/var_log_audit_partition.sh similarity index 100% rename from tests/hardening/2.2.8_disable_dns_server.sh rename to tests/hardening/var_log_audit_partition.sh diff --git a/tests/hardening/2.2.9_disable_ftp.sh b/tests/hardening/var_log_nodev.sh similarity index 100% rename from tests/hardening/2.2.9_disable_ftp.sh rename to tests/hardening/var_log_nodev.sh diff --git a/tests/hardening/2.3.1_disable_nis.sh b/tests/hardening/var_log_noexec.sh similarity index 100% rename from tests/hardening/2.3.1_disable_nis.sh rename to tests/hardening/var_log_noexec.sh diff --git a/tests/hardening/2.3.2_disable_rsh_client.sh b/tests/hardening/var_log_nosuid.sh similarity index 100% rename from tests/hardening/2.3.2_disable_rsh_client.sh rename to tests/hardening/var_log_nosuid.sh diff --git a/tests/hardening/2.3.3_disable_talk_client.sh b/tests/hardening/var_log_partition.sh similarity index 100% rename from tests/hardening/2.3.3_disable_talk_client.sh rename to tests/hardening/var_log_partition.sh diff --git a/tests/hardening/2.3.4_disable_telnet_client.sh b/tests/hardening/var_nodev.sh similarity index 100% rename from tests/hardening/2.3.4_disable_telnet_client.sh rename to tests/hardening/var_nodev.sh diff --git a/tests/hardening/2.3.5_disable_ldap_client.sh b/tests/hardening/var_nosuid.sh similarity index 100% rename from tests/hardening/2.3.5_disable_ldap_client.sh rename to tests/hardening/var_nosuid.sh diff --git a/tests/hardening/4.1.1.1_install_auditd.sh b/tests/hardening/var_partition.sh similarity index 100% rename from tests/hardening/4.1.1.1_install_auditd.sh rename to tests/hardening/var_partition.sh diff --git a/tests/hardening/4.2.1.1_install_syslog-ng.sh b/tests/hardening/var_tmp_nodev.sh similarity index 100% rename from tests/hardening/4.2.1.1_install_syslog-ng.sh rename to tests/hardening/var_tmp_nodev.sh diff --git a/tests/hardening/4.2.1.2_enable_syslog-ng.sh b/tests/hardening/var_tmp_noexec.sh similarity index 100% rename from tests/hardening/4.2.1.2_enable_syslog-ng.sh rename to tests/hardening/var_tmp_noexec.sh diff --git a/tests/hardening/99.2.2_disable_telnet_server.sh b/tests/hardening/var_tmp_nosuid.sh similarity index 100% rename from tests/hardening/99.2.2_disable_telnet_server.sh rename to tests/hardening/var_tmp_nosuid.sh diff --git a/tests/hardening/99.99_check_distribution.sh b/tests/hardening/var_tmp_partition.sh similarity index 100% rename from tests/hardening/99.99_check_distribution.sh rename to tests/hardening/var_tmp_partition.sh diff --git a/versions/README.md b/versions/README.md new file mode 100644 index 0000000..ce5b7ee --- /dev/null +++ b/versions/README.md @@ -0,0 +1,8 @@ +Here, we'll add some folders to represent a specific CIS version to use. +Each folder will contains links to adequat scripts + +Ex: +debian12/ + 1.1.1.1_disable_cramfs.sh ->../../bin/hardening/disable_cramfs.sh + 1.1.1.2_disable_freevxfs.sh ->../../bin/hardening/disable_freevxfs.sh + etc. diff --git a/versions/default b/versions/default new file mode 120000 index 0000000..41eefb6 --- /dev/null +++ b/versions/default @@ -0,0 +1 @@ +ovh_legacy/ \ No newline at end of file diff --git a/versions/ovh_legacy/1.1.1.1_disable_freevxfs.sh b/versions/ovh_legacy/1.1.1.1_disable_freevxfs.sh new file mode 120000 index 0000000..f52e84a --- /dev/null +++ b/versions/ovh_legacy/1.1.1.1_disable_freevxfs.sh @@ -0,0 +1 @@ +../../bin/hardening/disable_freevxfs.sh \ No newline at end of file diff --git a/versions/ovh_legacy/1.1.1.2_disable_jffs2.sh b/versions/ovh_legacy/1.1.1.2_disable_jffs2.sh new file mode 120000 index 0000000..7d68f4f --- /dev/null +++ b/versions/ovh_legacy/1.1.1.2_disable_jffs2.sh @@ -0,0 +1 @@ +../../bin/hardening/disable_jffs2.sh \ No newline at end of file diff --git a/versions/ovh_legacy/1.1.1.3_disable_hfs.sh b/versions/ovh_legacy/1.1.1.3_disable_hfs.sh new file mode 120000 index 0000000..8e03183 --- /dev/null +++ b/versions/ovh_legacy/1.1.1.3_disable_hfs.sh @@ -0,0 +1 @@ +../../bin/hardening/disable_hfs.sh \ No newline at end of file diff --git a/versions/ovh_legacy/1.1.1.4_disable_hfsplus.sh b/versions/ovh_legacy/1.1.1.4_disable_hfsplus.sh new file mode 120000 index 0000000..9e6dee8 --- /dev/null +++ b/versions/ovh_legacy/1.1.1.4_disable_hfsplus.sh @@ -0,0 +1 @@ +../../bin/hardening/disable_hfsplus.sh \ No newline at end of file diff --git a/versions/ovh_legacy/1.1.1.5_disable_squashfs.sh b/versions/ovh_legacy/1.1.1.5_disable_squashfs.sh new file mode 120000 index 0000000..c72d67a --- /dev/null +++ b/versions/ovh_legacy/1.1.1.5_disable_squashfs.sh @@ -0,0 +1 @@ +../../bin/hardening/disable_squashfs.sh \ No newline at end of file diff --git a/versions/ovh_legacy/1.1.1.6_disable_udf.sh b/versions/ovh_legacy/1.1.1.6_disable_udf.sh new file mode 120000 index 0000000..dd229c8 --- /dev/null +++ b/versions/ovh_legacy/1.1.1.6_disable_udf.sh @@ -0,0 +1 @@ +../../bin/hardening/disable_udf.sh \ No newline at end of file diff --git a/versions/ovh_legacy/1.1.1.7_restrict_fat.sh b/versions/ovh_legacy/1.1.1.7_restrict_fat.sh new file mode 120000 index 0000000..527a191 --- /dev/null +++ b/versions/ovh_legacy/1.1.1.7_restrict_fat.sh @@ -0,0 +1 @@ +../../bin/hardening/restrict_fat.sh \ No newline at end of file diff --git a/versions/ovh_legacy/1.1.1.8_disable_cramfs.sh b/versions/ovh_legacy/1.1.1.8_disable_cramfs.sh new file mode 120000 index 0000000..8db46ff --- /dev/null +++ b/versions/ovh_legacy/1.1.1.8_disable_cramfs.sh @@ -0,0 +1 @@ +../../bin/hardening/disable_cramfs.sh \ No newline at end of file diff --git a/versions/ovh_legacy/1.1.10_var_tmp_noexec.sh b/versions/ovh_legacy/1.1.10_var_tmp_noexec.sh new file mode 120000 index 0000000..148813f --- /dev/null +++ b/versions/ovh_legacy/1.1.10_var_tmp_noexec.sh @@ -0,0 +1 @@ +../../bin/hardening/var_tmp_noexec.sh \ No newline at end of file diff --git a/versions/ovh_legacy/1.1.11.1_var_log_noexec.sh b/versions/ovh_legacy/1.1.11.1_var_log_noexec.sh new file mode 120000 index 0000000..aa889b9 --- /dev/null +++ b/versions/ovh_legacy/1.1.11.1_var_log_noexec.sh @@ -0,0 +1 @@ +../../bin/hardening/var_log_noexec.sh \ No newline at end of file diff --git a/versions/ovh_legacy/1.1.11.2_var_log_nosuid.sh b/versions/ovh_legacy/1.1.11.2_var_log_nosuid.sh new file mode 120000 index 0000000..d20a87b --- /dev/null +++ b/versions/ovh_legacy/1.1.11.2_var_log_nosuid.sh @@ -0,0 +1 @@ +../../bin/hardening/var_log_nosuid.sh \ No newline at end of file diff --git a/versions/ovh_legacy/1.1.11.3_var_log_nodev.sh b/versions/ovh_legacy/1.1.11.3_var_log_nodev.sh new file mode 120000 index 0000000..c9af8bd --- /dev/null +++ b/versions/ovh_legacy/1.1.11.3_var_log_nodev.sh @@ -0,0 +1 @@ +../../bin/hardening/var_log_nodev.sh \ No newline at end of file diff --git a/versions/ovh_legacy/1.1.11_var_log_partition.sh b/versions/ovh_legacy/1.1.11_var_log_partition.sh new file mode 120000 index 0000000..5a16b64 --- /dev/null +++ b/versions/ovh_legacy/1.1.11_var_log_partition.sh @@ -0,0 +1 @@ +../../bin/hardening/var_log_partition.sh \ No newline at end of file diff --git a/versions/ovh_legacy/1.1.12.1_var_log_audit_noexec.sh b/versions/ovh_legacy/1.1.12.1_var_log_audit_noexec.sh new file mode 120000 index 0000000..10f7d83 --- /dev/null +++ b/versions/ovh_legacy/1.1.12.1_var_log_audit_noexec.sh @@ -0,0 +1 @@ +../../bin/hardening/var_log_audit_noexec.sh \ No newline at end of file diff --git a/versions/ovh_legacy/1.1.12.2_var_log_audit_nosuid.sh b/versions/ovh_legacy/1.1.12.2_var_log_audit_nosuid.sh new file mode 120000 index 0000000..bd26ec0 --- /dev/null +++ b/versions/ovh_legacy/1.1.12.2_var_log_audit_nosuid.sh @@ -0,0 +1 @@ +../../bin/hardening/var_log_audit_nosuid.sh \ No newline at end of file diff --git a/versions/ovh_legacy/1.1.12.3_var_log_audit_nodev.sh b/versions/ovh_legacy/1.1.12.3_var_log_audit_nodev.sh new file mode 120000 index 0000000..9b35f92 --- /dev/null +++ b/versions/ovh_legacy/1.1.12.3_var_log_audit_nodev.sh @@ -0,0 +1 @@ +../../bin/hardening/var_log_audit_nodev.sh \ No newline at end of file diff --git a/versions/ovh_legacy/1.1.12_var_log_audit_partition.sh b/versions/ovh_legacy/1.1.12_var_log_audit_partition.sh new file mode 120000 index 0000000..8e3aa4d --- /dev/null +++ b/versions/ovh_legacy/1.1.12_var_log_audit_partition.sh @@ -0,0 +1 @@ +../../bin/hardening/var_log_audit_partition.sh \ No newline at end of file diff --git a/versions/ovh_legacy/1.1.13_home_partition.sh b/versions/ovh_legacy/1.1.13_home_partition.sh new file mode 120000 index 0000000..295f1f0 --- /dev/null +++ b/versions/ovh_legacy/1.1.13_home_partition.sh @@ -0,0 +1 @@ +../../bin/hardening/home_partition.sh \ No newline at end of file diff --git a/versions/ovh_legacy/1.1.14.1_home_nosuid.sh b/versions/ovh_legacy/1.1.14.1_home_nosuid.sh new file mode 120000 index 0000000..61e134d --- /dev/null +++ b/versions/ovh_legacy/1.1.14.1_home_nosuid.sh @@ -0,0 +1 @@ +../../bin/hardening/home_nosuid.sh \ No newline at end of file diff --git a/versions/ovh_legacy/1.1.14_home_nodev.sh b/versions/ovh_legacy/1.1.14_home_nodev.sh new file mode 120000 index 0000000..e8865e9 --- /dev/null +++ b/versions/ovh_legacy/1.1.14_home_nodev.sh @@ -0,0 +1 @@ +../../bin/hardening/home_nodev.sh \ No newline at end of file diff --git a/versions/ovh_legacy/1.1.15_run_shm_nodev.sh b/versions/ovh_legacy/1.1.15_run_shm_nodev.sh new file mode 120000 index 0000000..a598ba1 --- /dev/null +++ b/versions/ovh_legacy/1.1.15_run_shm_nodev.sh @@ -0,0 +1 @@ +../../bin/hardening/run_shm_nodev.sh \ No newline at end of file diff --git a/versions/ovh_legacy/1.1.16_run_shm_nosuid.sh b/versions/ovh_legacy/1.1.16_run_shm_nosuid.sh new file mode 120000 index 0000000..6d68036 --- /dev/null +++ b/versions/ovh_legacy/1.1.16_run_shm_nosuid.sh @@ -0,0 +1 @@ +../../bin/hardening/run_shm_nosuid.sh \ No newline at end of file diff --git a/versions/ovh_legacy/1.1.17_run_shm_noexec.sh b/versions/ovh_legacy/1.1.17_run_shm_noexec.sh new file mode 120000 index 0000000..0b3d27e --- /dev/null +++ b/versions/ovh_legacy/1.1.17_run_shm_noexec.sh @@ -0,0 +1 @@ +../../bin/hardening/run_shm_noexec.sh \ No newline at end of file diff --git a/versions/ovh_legacy/1.1.18_removable_device_nodev.sh b/versions/ovh_legacy/1.1.18_removable_device_nodev.sh new file mode 120000 index 0000000..d96a6b2 --- /dev/null +++ b/versions/ovh_legacy/1.1.18_removable_device_nodev.sh @@ -0,0 +1 @@ +../../bin/hardening/removable_device_nodev.sh \ No newline at end of file diff --git a/versions/ovh_legacy/1.1.19_removable_device_nosuid.sh b/versions/ovh_legacy/1.1.19_removable_device_nosuid.sh new file mode 120000 index 0000000..0a021b3 --- /dev/null +++ b/versions/ovh_legacy/1.1.19_removable_device_nosuid.sh @@ -0,0 +1 @@ +../../bin/hardening/removable_device_nosuid.sh \ No newline at end of file diff --git a/versions/ovh_legacy/1.1.20_removable_device_noexec.sh b/versions/ovh_legacy/1.1.20_removable_device_noexec.sh new file mode 120000 index 0000000..59618d8 --- /dev/null +++ b/versions/ovh_legacy/1.1.20_removable_device_noexec.sh @@ -0,0 +1 @@ +../../bin/hardening/removable_device_noexec.sh \ No newline at end of file diff --git a/versions/ovh_legacy/1.1.21_sticky_bit_world_writable_folder.sh b/versions/ovh_legacy/1.1.21_sticky_bit_world_writable_folder.sh new file mode 120000 index 0000000..6b78fe4 --- /dev/null +++ b/versions/ovh_legacy/1.1.21_sticky_bit_world_writable_folder.sh @@ -0,0 +1 @@ +../../bin/hardening/sticky_bit_world_writable_folder.sh \ No newline at end of file diff --git a/versions/ovh_legacy/1.1.22_disable_automounting.sh b/versions/ovh_legacy/1.1.22_disable_automounting.sh new file mode 120000 index 0000000..85c189e --- /dev/null +++ b/versions/ovh_legacy/1.1.22_disable_automounting.sh @@ -0,0 +1 @@ +../../bin/hardening/disable_automounting.sh \ No newline at end of file diff --git a/versions/ovh_legacy/1.1.23_disable_usb_storage.sh b/versions/ovh_legacy/1.1.23_disable_usb_storage.sh new file mode 120000 index 0000000..21eef82 --- /dev/null +++ b/versions/ovh_legacy/1.1.23_disable_usb_storage.sh @@ -0,0 +1 @@ +../../bin/hardening/disable_usb_storage.sh \ No newline at end of file diff --git a/versions/ovh_legacy/1.1.2_tmp_partition.sh b/versions/ovh_legacy/1.1.2_tmp_partition.sh new file mode 120000 index 0000000..bdbf951 --- /dev/null +++ b/versions/ovh_legacy/1.1.2_tmp_partition.sh @@ -0,0 +1 @@ +../../bin/hardening/tmp_partition.sh \ No newline at end of file diff --git a/versions/ovh_legacy/1.1.3_tmp_nodev.sh b/versions/ovh_legacy/1.1.3_tmp_nodev.sh new file mode 120000 index 0000000..5ce00cc --- /dev/null +++ b/versions/ovh_legacy/1.1.3_tmp_nodev.sh @@ -0,0 +1 @@ +../../bin/hardening/tmp_nodev.sh \ No newline at end of file diff --git a/versions/ovh_legacy/1.1.4_tmp_nosuid.sh b/versions/ovh_legacy/1.1.4_tmp_nosuid.sh new file mode 120000 index 0000000..aeee1b4 --- /dev/null +++ b/versions/ovh_legacy/1.1.4_tmp_nosuid.sh @@ -0,0 +1 @@ +../../bin/hardening/tmp_nosuid.sh \ No newline at end of file diff --git a/versions/ovh_legacy/1.1.5_tmp_noexec.sh b/versions/ovh_legacy/1.1.5_tmp_noexec.sh new file mode 120000 index 0000000..34231c4 --- /dev/null +++ b/versions/ovh_legacy/1.1.5_tmp_noexec.sh @@ -0,0 +1 @@ +../../bin/hardening/tmp_noexec.sh \ No newline at end of file diff --git a/versions/ovh_legacy/1.1.6.1_var_nodev.sh b/versions/ovh_legacy/1.1.6.1_var_nodev.sh new file mode 120000 index 0000000..b5dfb0a --- /dev/null +++ b/versions/ovh_legacy/1.1.6.1_var_nodev.sh @@ -0,0 +1 @@ +../../bin/hardening/var_nodev.sh \ No newline at end of file diff --git a/versions/ovh_legacy/1.1.6.2_var_nosuid.sh b/versions/ovh_legacy/1.1.6.2_var_nosuid.sh new file mode 120000 index 0000000..34f1c16 --- /dev/null +++ b/versions/ovh_legacy/1.1.6.2_var_nosuid.sh @@ -0,0 +1 @@ +../../bin/hardening/var_nosuid.sh \ No newline at end of file diff --git a/versions/ovh_legacy/1.1.6_var_partition.sh b/versions/ovh_legacy/1.1.6_var_partition.sh new file mode 120000 index 0000000..f4d19e2 --- /dev/null +++ b/versions/ovh_legacy/1.1.6_var_partition.sh @@ -0,0 +1 @@ +../../bin/hardening/var_partition.sh \ No newline at end of file diff --git a/versions/ovh_legacy/1.1.7_var_tmp_partition.sh b/versions/ovh_legacy/1.1.7_var_tmp_partition.sh new file mode 120000 index 0000000..73b23cc --- /dev/null +++ b/versions/ovh_legacy/1.1.7_var_tmp_partition.sh @@ -0,0 +1 @@ +../../bin/hardening/var_tmp_partition.sh \ No newline at end of file diff --git a/versions/ovh_legacy/1.1.8_var_tmp_nodev.sh b/versions/ovh_legacy/1.1.8_var_tmp_nodev.sh new file mode 120000 index 0000000..3195744 --- /dev/null +++ b/versions/ovh_legacy/1.1.8_var_tmp_nodev.sh @@ -0,0 +1 @@ +../../bin/hardening/var_tmp_nodev.sh \ No newline at end of file diff --git a/versions/ovh_legacy/1.1.9_var_tmp_nosuid.sh b/versions/ovh_legacy/1.1.9_var_tmp_nosuid.sh new file mode 120000 index 0000000..0f9dcce --- /dev/null +++ b/versions/ovh_legacy/1.1.9_var_tmp_nosuid.sh @@ -0,0 +1 @@ +../../bin/hardening/var_tmp_nosuid.sh \ No newline at end of file diff --git a/versions/ovh_legacy/1.3.1_install_sudo.sh b/versions/ovh_legacy/1.3.1_install_sudo.sh new file mode 120000 index 0000000..a90dc71 --- /dev/null +++ b/versions/ovh_legacy/1.3.1_install_sudo.sh @@ -0,0 +1 @@ +../../bin/hardening/install_sudo.sh \ No newline at end of file diff --git a/versions/ovh_legacy/1.3.2_pty_sudo.sh b/versions/ovh_legacy/1.3.2_pty_sudo.sh new file mode 120000 index 0000000..3a0a648 --- /dev/null +++ b/versions/ovh_legacy/1.3.2_pty_sudo.sh @@ -0,0 +1 @@ +../../bin/hardening/pty_sudo.sh \ No newline at end of file diff --git a/versions/ovh_legacy/1.3.3_logfile_sudo.sh b/versions/ovh_legacy/1.3.3_logfile_sudo.sh new file mode 120000 index 0000000..3e7a6ad --- /dev/null +++ b/versions/ovh_legacy/1.3.3_logfile_sudo.sh @@ -0,0 +1 @@ +../../bin/hardening/logfile_sudo.sh \ No newline at end of file diff --git a/versions/ovh_legacy/1.4.1_install_tripwire.sh b/versions/ovh_legacy/1.4.1_install_tripwire.sh new file mode 120000 index 0000000..8a17252 --- /dev/null +++ b/versions/ovh_legacy/1.4.1_install_tripwire.sh @@ -0,0 +1 @@ +../../bin/hardening/install_tripwire.sh \ No newline at end of file diff --git a/versions/ovh_legacy/1.4.2_tripwire_cron.sh b/versions/ovh_legacy/1.4.2_tripwire_cron.sh new file mode 120000 index 0000000..a5f8bba --- /dev/null +++ b/versions/ovh_legacy/1.4.2_tripwire_cron.sh @@ -0,0 +1 @@ +../../bin/hardening/tripwire_cron.sh \ No newline at end of file diff --git a/versions/ovh_legacy/1.5.1_bootloader_ownership.sh b/versions/ovh_legacy/1.5.1_bootloader_ownership.sh new file mode 120000 index 0000000..e5749a4 --- /dev/null +++ b/versions/ovh_legacy/1.5.1_bootloader_ownership.sh @@ -0,0 +1 @@ +../../bin/hardening/bootloader_ownership.sh \ No newline at end of file diff --git a/versions/ovh_legacy/1.5.2_bootloader_password.sh b/versions/ovh_legacy/1.5.2_bootloader_password.sh new file mode 120000 index 0000000..c23de11 --- /dev/null +++ b/versions/ovh_legacy/1.5.2_bootloader_password.sh @@ -0,0 +1 @@ +../../bin/hardening/bootloader_password.sh \ No newline at end of file diff --git a/versions/ovh_legacy/1.5.3_root_password.sh b/versions/ovh_legacy/1.5.3_root_password.sh new file mode 120000 index 0000000..14caeaa --- /dev/null +++ b/versions/ovh_legacy/1.5.3_root_password.sh @@ -0,0 +1 @@ +../../bin/hardening/root_password.sh \ No newline at end of file diff --git a/versions/ovh_legacy/1.6.1_enable_nx_support.sh b/versions/ovh_legacy/1.6.1_enable_nx_support.sh new file mode 120000 index 0000000..fbd9143 --- /dev/null +++ b/versions/ovh_legacy/1.6.1_enable_nx_support.sh @@ -0,0 +1 @@ +../../bin/hardening/enable_nx_support.sh \ No newline at end of file diff --git a/versions/ovh_legacy/1.6.2_enable_randomized_vm_placement.sh b/versions/ovh_legacy/1.6.2_enable_randomized_vm_placement.sh new file mode 120000 index 0000000..a998859 --- /dev/null +++ b/versions/ovh_legacy/1.6.2_enable_randomized_vm_placement.sh @@ -0,0 +1 @@ +../../bin/hardening/enable_randomized_vm_placement.sh \ No newline at end of file diff --git a/versions/ovh_legacy/1.6.3.1_disable_apport.sh b/versions/ovh_legacy/1.6.3.1_disable_apport.sh new file mode 120000 index 0000000..fbf4cb1 --- /dev/null +++ b/versions/ovh_legacy/1.6.3.1_disable_apport.sh @@ -0,0 +1 @@ +../../bin/hardening/disable_apport.sh \ No newline at end of file diff --git a/versions/ovh_legacy/1.6.3_disable_prelink.sh b/versions/ovh_legacy/1.6.3_disable_prelink.sh new file mode 120000 index 0000000..63f79c6 --- /dev/null +++ b/versions/ovh_legacy/1.6.3_disable_prelink.sh @@ -0,0 +1 @@ +../../bin/hardening/disable_prelink.sh \ No newline at end of file diff --git a/versions/ovh_legacy/1.6.4_restrict_core_dumps.sh b/versions/ovh_legacy/1.6.4_restrict_core_dumps.sh new file mode 120000 index 0000000..e25fa94 --- /dev/null +++ b/versions/ovh_legacy/1.6.4_restrict_core_dumps.sh @@ -0,0 +1 @@ +../../bin/hardening/restrict_core_dumps.sh \ No newline at end of file diff --git a/versions/ovh_legacy/1.7.1.1_install_apparmor.sh b/versions/ovh_legacy/1.7.1.1_install_apparmor.sh new file mode 120000 index 0000000..b54c164 --- /dev/null +++ b/versions/ovh_legacy/1.7.1.1_install_apparmor.sh @@ -0,0 +1 @@ +../../bin/hardening/install_apparmor.sh \ No newline at end of file diff --git a/versions/ovh_legacy/1.7.1.2_enable_apparmor.sh b/versions/ovh_legacy/1.7.1.2_enable_apparmor.sh new file mode 120000 index 0000000..f3bd0af --- /dev/null +++ b/versions/ovh_legacy/1.7.1.2_enable_apparmor.sh @@ -0,0 +1 @@ +../../bin/hardening/enable_apparmor.sh \ No newline at end of file diff --git a/versions/ovh_legacy/1.7.1.3_enforce_or_complain_apparmor.sh b/versions/ovh_legacy/1.7.1.3_enforce_or_complain_apparmor.sh new file mode 120000 index 0000000..c89a268 --- /dev/null +++ b/versions/ovh_legacy/1.7.1.3_enforce_or_complain_apparmor.sh @@ -0,0 +1 @@ +../../bin/hardening/enforce_or_complain_apparmor.sh \ No newline at end of file diff --git a/versions/ovh_legacy/1.7.1.4_enforcing_apparmor.sh b/versions/ovh_legacy/1.7.1.4_enforcing_apparmor.sh new file mode 120000 index 0000000..7caebd1 --- /dev/null +++ b/versions/ovh_legacy/1.7.1.4_enforcing_apparmor.sh @@ -0,0 +1 @@ +../../bin/hardening/enforcing_apparmor.sh \ No newline at end of file diff --git a/versions/ovh_legacy/1.8.1.1_remove_os_info_motd.sh b/versions/ovh_legacy/1.8.1.1_remove_os_info_motd.sh new file mode 120000 index 0000000..40ad021 --- /dev/null +++ b/versions/ovh_legacy/1.8.1.1_remove_os_info_motd.sh @@ -0,0 +1 @@ +../../bin/hardening/remove_os_info_motd.sh \ No newline at end of file diff --git a/versions/ovh_legacy/1.8.1.2_remove_os_info_issue.sh b/versions/ovh_legacy/1.8.1.2_remove_os_info_issue.sh new file mode 120000 index 0000000..a31b269 --- /dev/null +++ b/versions/ovh_legacy/1.8.1.2_remove_os_info_issue.sh @@ -0,0 +1 @@ +../../bin/hardening/remove_os_info_issue.sh \ No newline at end of file diff --git a/versions/ovh_legacy/1.8.1.3_remove_os_info_issue_net.sh b/versions/ovh_legacy/1.8.1.3_remove_os_info_issue_net.sh new file mode 120000 index 0000000..83f69c8 --- /dev/null +++ b/versions/ovh_legacy/1.8.1.3_remove_os_info_issue_net.sh @@ -0,0 +1 @@ +../../bin/hardening/remove_os_info_issue_net.sh \ No newline at end of file diff --git a/versions/ovh_legacy/1.8.1.4_motd_perms.sh b/versions/ovh_legacy/1.8.1.4_motd_perms.sh new file mode 120000 index 0000000..c46f05a --- /dev/null +++ b/versions/ovh_legacy/1.8.1.4_motd_perms.sh @@ -0,0 +1 @@ +../../bin/hardening/motd_perms.sh \ No newline at end of file diff --git a/versions/ovh_legacy/1.8.1.5_etc_issue_perms.sh b/versions/ovh_legacy/1.8.1.5_etc_issue_perms.sh new file mode 120000 index 0000000..f3a044e --- /dev/null +++ b/versions/ovh_legacy/1.8.1.5_etc_issue_perms.sh @@ -0,0 +1 @@ +../../bin/hardening/etc_issue_perms.sh \ No newline at end of file diff --git a/versions/ovh_legacy/1.8.1.6_etc_issue_net_perms.sh b/versions/ovh_legacy/1.8.1.6_etc_issue_net_perms.sh new file mode 120000 index 0000000..dba8e5b --- /dev/null +++ b/versions/ovh_legacy/1.8.1.6_etc_issue_net_perms.sh @@ -0,0 +1 @@ +../../bin/hardening/etc_issue_net_perms.sh \ No newline at end of file diff --git a/versions/ovh_legacy/1.8.2_graphical_warning_banners.sh b/versions/ovh_legacy/1.8.2_graphical_warning_banners.sh new file mode 120000 index 0000000..73c331e --- /dev/null +++ b/versions/ovh_legacy/1.8.2_graphical_warning_banners.sh @@ -0,0 +1 @@ +../../bin/hardening/graphical_warning_banners.sh \ No newline at end of file diff --git a/versions/ovh_legacy/1.9_install_updates.sh b/versions/ovh_legacy/1.9_install_updates.sh new file mode 120000 index 0000000..14a9138 --- /dev/null +++ b/versions/ovh_legacy/1.9_install_updates.sh @@ -0,0 +1 @@ +../../bin/hardening/install_updates.sh \ No newline at end of file diff --git a/versions/ovh_legacy/2.1.1_disable_xinetd.sh b/versions/ovh_legacy/2.1.1_disable_xinetd.sh new file mode 120000 index 0000000..751acd2 --- /dev/null +++ b/versions/ovh_legacy/2.1.1_disable_xinetd.sh @@ -0,0 +1 @@ +../../bin/hardening/disable_xinetd.sh \ No newline at end of file diff --git a/versions/ovh_legacy/2.1.2_disable_bsd_inetd.sh b/versions/ovh_legacy/2.1.2_disable_bsd_inetd.sh new file mode 120000 index 0000000..a2f2bac --- /dev/null +++ b/versions/ovh_legacy/2.1.2_disable_bsd_inetd.sh @@ -0,0 +1 @@ +../../bin/hardening/disable_bsd_inetd.sh \ No newline at end of file diff --git a/versions/ovh_legacy/2.2.1.1_use_time_sync.sh b/versions/ovh_legacy/2.2.1.1_use_time_sync.sh new file mode 120000 index 0000000..c2785eb --- /dev/null +++ b/versions/ovh_legacy/2.2.1.1_use_time_sync.sh @@ -0,0 +1 @@ +../../bin/hardening/use_time_sync.sh \ No newline at end of file diff --git a/versions/ovh_legacy/2.2.1.2_configure_systemd-timesyncd.sh b/versions/ovh_legacy/2.2.1.2_configure_systemd-timesyncd.sh new file mode 120000 index 0000000..761ba4e --- /dev/null +++ b/versions/ovh_legacy/2.2.1.2_configure_systemd-timesyncd.sh @@ -0,0 +1 @@ +../../bin/hardening/configure_systemd-timesyncd.sh \ No newline at end of file diff --git a/versions/ovh_legacy/2.2.1.3_configure_chrony.sh b/versions/ovh_legacy/2.2.1.3_configure_chrony.sh new file mode 120000 index 0000000..fb27f10 --- /dev/null +++ b/versions/ovh_legacy/2.2.1.3_configure_chrony.sh @@ -0,0 +1 @@ +../../bin/hardening/configure_chrony.sh \ No newline at end of file diff --git a/versions/ovh_legacy/2.2.1.4_configure_ntp.sh b/versions/ovh_legacy/2.2.1.4_configure_ntp.sh new file mode 120000 index 0000000..88175ed --- /dev/null +++ b/versions/ovh_legacy/2.2.1.4_configure_ntp.sh @@ -0,0 +1 @@ +../../bin/hardening/configure_ntp.sh \ No newline at end of file diff --git a/versions/ovh_legacy/2.2.10_disable_http_server.sh b/versions/ovh_legacy/2.2.10_disable_http_server.sh new file mode 120000 index 0000000..976f2a6 --- /dev/null +++ b/versions/ovh_legacy/2.2.10_disable_http_server.sh @@ -0,0 +1 @@ +../../bin/hardening/disable_http_server.sh \ No newline at end of file diff --git a/versions/ovh_legacy/2.2.11_disable_imap_pop.sh b/versions/ovh_legacy/2.2.11_disable_imap_pop.sh new file mode 120000 index 0000000..20a869d --- /dev/null +++ b/versions/ovh_legacy/2.2.11_disable_imap_pop.sh @@ -0,0 +1 @@ +../../bin/hardening/disable_imap_pop.sh \ No newline at end of file diff --git a/versions/ovh_legacy/2.2.12_disable_samba.sh b/versions/ovh_legacy/2.2.12_disable_samba.sh new file mode 120000 index 0000000..0edd7e6 --- /dev/null +++ b/versions/ovh_legacy/2.2.12_disable_samba.sh @@ -0,0 +1 @@ +../../bin/hardening/disable_samba.sh \ No newline at end of file diff --git a/versions/ovh_legacy/2.2.13_disable_http_proxy.sh b/versions/ovh_legacy/2.2.13_disable_http_proxy.sh new file mode 120000 index 0000000..79296f4 --- /dev/null +++ b/versions/ovh_legacy/2.2.13_disable_http_proxy.sh @@ -0,0 +1 @@ +../../bin/hardening/disable_http_proxy.sh \ No newline at end of file diff --git a/versions/ovh_legacy/2.2.14_disable_snmp_server.sh b/versions/ovh_legacy/2.2.14_disable_snmp_server.sh new file mode 120000 index 0000000..389146a --- /dev/null +++ b/versions/ovh_legacy/2.2.14_disable_snmp_server.sh @@ -0,0 +1 @@ +../../bin/hardening/disable_snmp_server.sh \ No newline at end of file diff --git a/versions/ovh_legacy/2.2.15_mta_localhost.sh b/versions/ovh_legacy/2.2.15_mta_localhost.sh new file mode 120000 index 0000000..8aabb0f --- /dev/null +++ b/versions/ovh_legacy/2.2.15_mta_localhost.sh @@ -0,0 +1 @@ +../../bin/hardening/mta_localhost.sh \ No newline at end of file diff --git a/versions/ovh_legacy/2.2.16_disable_rsync.sh b/versions/ovh_legacy/2.2.16_disable_rsync.sh new file mode 120000 index 0000000..6c64e5f --- /dev/null +++ b/versions/ovh_legacy/2.2.16_disable_rsync.sh @@ -0,0 +1 @@ +../../bin/hardening/disable_rsync.sh \ No newline at end of file diff --git a/versions/ovh_legacy/2.2.17_disable_nis.sh b/versions/ovh_legacy/2.2.17_disable_nis.sh new file mode 120000 index 0000000..92c508d --- /dev/null +++ b/versions/ovh_legacy/2.2.17_disable_nis.sh @@ -0,0 +1 @@ +../../bin/hardening/disable_nis.sh \ No newline at end of file diff --git a/versions/ovh_legacy/2.2.2_disable_xwindow_system.sh b/versions/ovh_legacy/2.2.2_disable_xwindow_system.sh new file mode 120000 index 0000000..f8ec2d8 --- /dev/null +++ b/versions/ovh_legacy/2.2.2_disable_xwindow_system.sh @@ -0,0 +1 @@ +../../bin/hardening/disable_xwindow_system.sh \ No newline at end of file diff --git a/versions/ovh_legacy/2.2.3_disable_avahi_server.sh b/versions/ovh_legacy/2.2.3_disable_avahi_server.sh new file mode 120000 index 0000000..e6b4264 --- /dev/null +++ b/versions/ovh_legacy/2.2.3_disable_avahi_server.sh @@ -0,0 +1 @@ +../../bin/hardening/disable_avahi_server.sh \ No newline at end of file diff --git a/versions/ovh_legacy/2.2.4_disable_print_server.sh b/versions/ovh_legacy/2.2.4_disable_print_server.sh new file mode 120000 index 0000000..f0b0546 --- /dev/null +++ b/versions/ovh_legacy/2.2.4_disable_print_server.sh @@ -0,0 +1 @@ +../../bin/hardening/disable_print_server.sh \ No newline at end of file diff --git a/versions/ovh_legacy/2.2.5_disable_dhcp.sh b/versions/ovh_legacy/2.2.5_disable_dhcp.sh new file mode 120000 index 0000000..eb2da9c --- /dev/null +++ b/versions/ovh_legacy/2.2.5_disable_dhcp.sh @@ -0,0 +1 @@ +../../bin/hardening/disable_dhcp.sh \ No newline at end of file diff --git a/versions/ovh_legacy/2.2.6_disable_ldap.sh b/versions/ovh_legacy/2.2.6_disable_ldap.sh new file mode 120000 index 0000000..0ad421a --- /dev/null +++ b/versions/ovh_legacy/2.2.6_disable_ldap.sh @@ -0,0 +1 @@ +../../bin/hardening/disable_ldap.sh \ No newline at end of file diff --git a/versions/ovh_legacy/2.2.7_disable_nfs_rpc.sh b/versions/ovh_legacy/2.2.7_disable_nfs_rpc.sh new file mode 120000 index 0000000..39e456b --- /dev/null +++ b/versions/ovh_legacy/2.2.7_disable_nfs_rpc.sh @@ -0,0 +1 @@ +../../bin/hardening/disable_nfs_rpc.sh \ No newline at end of file diff --git a/versions/ovh_legacy/2.2.8_disable_dns_server.sh b/versions/ovh_legacy/2.2.8_disable_dns_server.sh new file mode 120000 index 0000000..566bf5a --- /dev/null +++ b/versions/ovh_legacy/2.2.8_disable_dns_server.sh @@ -0,0 +1 @@ +../../bin/hardening/disable_dns_server.sh \ No newline at end of file diff --git a/versions/ovh_legacy/2.2.9_disable_ftp.sh b/versions/ovh_legacy/2.2.9_disable_ftp.sh new file mode 120000 index 0000000..b40d87a --- /dev/null +++ b/versions/ovh_legacy/2.2.9_disable_ftp.sh @@ -0,0 +1 @@ +../../bin/hardening/disable_ftp.sh \ No newline at end of file diff --git a/versions/ovh_legacy/2.3.1_disable_nis.sh b/versions/ovh_legacy/2.3.1_disable_nis.sh new file mode 120000 index 0000000..8863ce0 --- /dev/null +++ b/versions/ovh_legacy/2.3.1_disable_nis.sh @@ -0,0 +1 @@ +../../bin/hardening/uninstall_nis.sh \ No newline at end of file diff --git a/versions/ovh_legacy/2.3.2_disable_rsh_client.sh b/versions/ovh_legacy/2.3.2_disable_rsh_client.sh new file mode 120000 index 0000000..4578416 --- /dev/null +++ b/versions/ovh_legacy/2.3.2_disable_rsh_client.sh @@ -0,0 +1 @@ +../../bin/hardening/disable_rsh_client.sh \ No newline at end of file diff --git a/versions/ovh_legacy/2.3.3_disable_talk_client.sh b/versions/ovh_legacy/2.3.3_disable_talk_client.sh new file mode 120000 index 0000000..6ddd492 --- /dev/null +++ b/versions/ovh_legacy/2.3.3_disable_talk_client.sh @@ -0,0 +1 @@ +../../bin/hardening/disable_talk_client.sh \ No newline at end of file diff --git a/versions/ovh_legacy/2.3.4_disable_telnet_client.sh b/versions/ovh_legacy/2.3.4_disable_telnet_client.sh new file mode 120000 index 0000000..d3a92f1 --- /dev/null +++ b/versions/ovh_legacy/2.3.4_disable_telnet_client.sh @@ -0,0 +1 @@ +../../bin/hardening/disable_telnet_client.sh \ No newline at end of file diff --git a/versions/ovh_legacy/2.3.5_disable_ldap_client.sh b/versions/ovh_legacy/2.3.5_disable_ldap_client.sh new file mode 120000 index 0000000..65d20eb --- /dev/null +++ b/versions/ovh_legacy/2.3.5_disable_ldap_client.sh @@ -0,0 +1 @@ +../../bin/hardening/disable_ldap_client.sh \ No newline at end of file diff --git a/versions/ovh_legacy/3.1.1_disable_ipv6.sh b/versions/ovh_legacy/3.1.1_disable_ipv6.sh new file mode 120000 index 0000000..e5b24dc --- /dev/null +++ b/versions/ovh_legacy/3.1.1_disable_ipv6.sh @@ -0,0 +1 @@ +../../bin/hardening/disable_ipv6.sh \ No newline at end of file diff --git a/versions/ovh_legacy/3.1.2_disable_wireless.sh b/versions/ovh_legacy/3.1.2_disable_wireless.sh new file mode 120000 index 0000000..2dc9c7b --- /dev/null +++ b/versions/ovh_legacy/3.1.2_disable_wireless.sh @@ -0,0 +1 @@ +../../bin/hardening/disable_wireless.sh \ No newline at end of file diff --git a/versions/ovh_legacy/3.2.1_disable_send_packet_redirects.sh b/versions/ovh_legacy/3.2.1_disable_send_packet_redirects.sh new file mode 120000 index 0000000..3ff61ab --- /dev/null +++ b/versions/ovh_legacy/3.2.1_disable_send_packet_redirects.sh @@ -0,0 +1 @@ +../../bin/hardening/disable_send_packet_redirects.sh \ No newline at end of file diff --git a/versions/ovh_legacy/3.2.2_disable_ip_forwarding.sh b/versions/ovh_legacy/3.2.2_disable_ip_forwarding.sh new file mode 120000 index 0000000..2467943 --- /dev/null +++ b/versions/ovh_legacy/3.2.2_disable_ip_forwarding.sh @@ -0,0 +1 @@ +../../bin/hardening/disable_ip_forwarding.sh \ No newline at end of file diff --git a/versions/ovh_legacy/3.3.1_disable_source_routed_packets.sh b/versions/ovh_legacy/3.3.1_disable_source_routed_packets.sh new file mode 120000 index 0000000..052ab1e --- /dev/null +++ b/versions/ovh_legacy/3.3.1_disable_source_routed_packets.sh @@ -0,0 +1 @@ +../../bin/hardening/disable_source_routed_packets.sh \ No newline at end of file diff --git a/versions/ovh_legacy/3.3.2_disable_icmp_redirect.sh b/versions/ovh_legacy/3.3.2_disable_icmp_redirect.sh new file mode 120000 index 0000000..98276ba --- /dev/null +++ b/versions/ovh_legacy/3.3.2_disable_icmp_redirect.sh @@ -0,0 +1 @@ +../../bin/hardening/disable_icmp_redirect.sh \ No newline at end of file diff --git a/versions/ovh_legacy/3.3.3_disable_secure_icmp_redirect.sh b/versions/ovh_legacy/3.3.3_disable_secure_icmp_redirect.sh new file mode 120000 index 0000000..fc2e247 --- /dev/null +++ b/versions/ovh_legacy/3.3.3_disable_secure_icmp_redirect.sh @@ -0,0 +1 @@ +../../bin/hardening/disable_secure_icmp_redirect.sh \ No newline at end of file diff --git a/versions/ovh_legacy/3.3.4_log_martian_packets.sh b/versions/ovh_legacy/3.3.4_log_martian_packets.sh new file mode 120000 index 0000000..fb10679 --- /dev/null +++ b/versions/ovh_legacy/3.3.4_log_martian_packets.sh @@ -0,0 +1 @@ +../../bin/hardening/log_martian_packets.sh \ No newline at end of file diff --git a/versions/ovh_legacy/3.3.5_ignore_broadcast_requests.sh b/versions/ovh_legacy/3.3.5_ignore_broadcast_requests.sh new file mode 120000 index 0000000..7a88bc5 --- /dev/null +++ b/versions/ovh_legacy/3.3.5_ignore_broadcast_requests.sh @@ -0,0 +1 @@ +../../bin/hardening/ignore_broadcast_requests.sh \ No newline at end of file diff --git a/versions/ovh_legacy/3.3.6_enable_bad_error_message_protection.sh b/versions/ovh_legacy/3.3.6_enable_bad_error_message_protection.sh new file mode 120000 index 0000000..3a45aa0 --- /dev/null +++ b/versions/ovh_legacy/3.3.6_enable_bad_error_message_protection.sh @@ -0,0 +1 @@ +../../bin/hardening/enable_bad_error_message_protection.sh \ No newline at end of file diff --git a/versions/ovh_legacy/3.3.7_enable_source_route_validation.sh b/versions/ovh_legacy/3.3.7_enable_source_route_validation.sh new file mode 120000 index 0000000..5864188 --- /dev/null +++ b/versions/ovh_legacy/3.3.7_enable_source_route_validation.sh @@ -0,0 +1 @@ +../../bin/hardening/enable_source_route_validation.sh \ No newline at end of file diff --git a/versions/ovh_legacy/3.3.8_enable_tcp_syn_cookies.sh b/versions/ovh_legacy/3.3.8_enable_tcp_syn_cookies.sh new file mode 120000 index 0000000..e0c0da3 --- /dev/null +++ b/versions/ovh_legacy/3.3.8_enable_tcp_syn_cookies.sh @@ -0,0 +1 @@ +../../bin/hardening/enable_tcp_syn_cookies.sh \ No newline at end of file diff --git a/versions/ovh_legacy/3.3.9_disable_ipv6_router_advertisement.sh b/versions/ovh_legacy/3.3.9_disable_ipv6_router_advertisement.sh new file mode 120000 index 0000000..d03e098 --- /dev/null +++ b/versions/ovh_legacy/3.3.9_disable_ipv6_router_advertisement.sh @@ -0,0 +1 @@ +../../bin/hardening/disable_ipv6_router_advertisement.sh \ No newline at end of file diff --git a/versions/ovh_legacy/3.4.1_disable_dccp.sh b/versions/ovh_legacy/3.4.1_disable_dccp.sh new file mode 120000 index 0000000..8b870ec --- /dev/null +++ b/versions/ovh_legacy/3.4.1_disable_dccp.sh @@ -0,0 +1 @@ +../../bin/hardening/disable_dccp.sh \ No newline at end of file diff --git a/versions/ovh_legacy/3.4.2_disable_sctp.sh b/versions/ovh_legacy/3.4.2_disable_sctp.sh new file mode 120000 index 0000000..8e72a48 --- /dev/null +++ b/versions/ovh_legacy/3.4.2_disable_sctp.sh @@ -0,0 +1 @@ +../../bin/hardening/disable_sctp.sh \ No newline at end of file diff --git a/versions/ovh_legacy/3.4.3_disable_rds.sh b/versions/ovh_legacy/3.4.3_disable_rds.sh new file mode 120000 index 0000000..f4dd7f9 --- /dev/null +++ b/versions/ovh_legacy/3.4.3_disable_rds.sh @@ -0,0 +1 @@ +../../bin/hardening/disable_rds.sh \ No newline at end of file diff --git a/versions/ovh_legacy/3.4.4_disable_tipc.sh b/versions/ovh_legacy/3.4.4_disable_tipc.sh new file mode 120000 index 0000000..74b226e --- /dev/null +++ b/versions/ovh_legacy/3.4.4_disable_tipc.sh @@ -0,0 +1 @@ +../../bin/hardening/disable_tipc.sh \ No newline at end of file diff --git a/versions/ovh_legacy/3.5.1.1_enable_firewall.sh b/versions/ovh_legacy/3.5.1.1_enable_firewall.sh new file mode 120000 index 0000000..672e806 --- /dev/null +++ b/versions/ovh_legacy/3.5.1.1_enable_firewall.sh @@ -0,0 +1 @@ +../../bin/hardening/enable_firewall.sh \ No newline at end of file diff --git a/versions/ovh_legacy/3.5.4.1.1_net_fw_default_policy_drop.sh b/versions/ovh_legacy/3.5.4.1.1_net_fw_default_policy_drop.sh new file mode 120000 index 0000000..f4e1055 --- /dev/null +++ b/versions/ovh_legacy/3.5.4.1.1_net_fw_default_policy_drop.sh @@ -0,0 +1 @@ +../../bin/hardening/net_fw_default_policy_drop.sh \ No newline at end of file diff --git a/versions/ovh_legacy/4.1.1.1_install_auditd.sh b/versions/ovh_legacy/4.1.1.1_install_auditd.sh new file mode 120000 index 0000000..27e629b --- /dev/null +++ b/versions/ovh_legacy/4.1.1.1_install_auditd.sh @@ -0,0 +1 @@ +../../bin/hardening/install_auditd.sh \ No newline at end of file diff --git a/versions/ovh_legacy/4.1.1.2_enable_auditd.sh b/versions/ovh_legacy/4.1.1.2_enable_auditd.sh new file mode 120000 index 0000000..3f6a6aa --- /dev/null +++ b/versions/ovh_legacy/4.1.1.2_enable_auditd.sh @@ -0,0 +1 @@ +../../bin/hardening/enable_auditd.sh \ No newline at end of file diff --git a/versions/ovh_legacy/4.1.1.3_audit_bootloader.sh b/versions/ovh_legacy/4.1.1.3_audit_bootloader.sh new file mode 120000 index 0000000..2ac41ab --- /dev/null +++ b/versions/ovh_legacy/4.1.1.3_audit_bootloader.sh @@ -0,0 +1 @@ +../../bin/hardening/audit_bootloader.sh \ No newline at end of file diff --git a/versions/ovh_legacy/4.1.1.4_audit_backlog_limit.sh b/versions/ovh_legacy/4.1.1.4_audit_backlog_limit.sh new file mode 120000 index 0000000..629b78b --- /dev/null +++ b/versions/ovh_legacy/4.1.1.4_audit_backlog_limit.sh @@ -0,0 +1 @@ +../../bin/hardening/audit_backlog_limit.sh \ No newline at end of file diff --git a/versions/ovh_legacy/4.1.10_record_failed_access_file.sh b/versions/ovh_legacy/4.1.10_record_failed_access_file.sh new file mode 120000 index 0000000..a9a212a --- /dev/null +++ b/versions/ovh_legacy/4.1.10_record_failed_access_file.sh @@ -0,0 +1 @@ +../../bin/hardening/record_failed_access_file.sh \ No newline at end of file diff --git a/versions/ovh_legacy/4.1.11_record_privileged_commands.sh b/versions/ovh_legacy/4.1.11_record_privileged_commands.sh new file mode 120000 index 0000000..89d99e7 --- /dev/null +++ b/versions/ovh_legacy/4.1.11_record_privileged_commands.sh @@ -0,0 +1 @@ +../../bin/hardening/record_privileged_commands.sh \ No newline at end of file diff --git a/versions/ovh_legacy/4.1.12_record_successful_mount.sh b/versions/ovh_legacy/4.1.12_record_successful_mount.sh new file mode 120000 index 0000000..480d864 --- /dev/null +++ b/versions/ovh_legacy/4.1.12_record_successful_mount.sh @@ -0,0 +1 @@ +../../bin/hardening/record_successful_mount.sh \ No newline at end of file diff --git a/versions/ovh_legacy/4.1.13_record_file_deletions.sh b/versions/ovh_legacy/4.1.13_record_file_deletions.sh new file mode 120000 index 0000000..756310c --- /dev/null +++ b/versions/ovh_legacy/4.1.13_record_file_deletions.sh @@ -0,0 +1 @@ +../../bin/hardening/record_file_deletions.sh \ No newline at end of file diff --git a/versions/ovh_legacy/4.1.14_record_sudoers_edit.sh b/versions/ovh_legacy/4.1.14_record_sudoers_edit.sh new file mode 120000 index 0000000..a5f5cfb --- /dev/null +++ b/versions/ovh_legacy/4.1.14_record_sudoers_edit.sh @@ -0,0 +1 @@ +../../bin/hardening/record_sudoers_edit.sh \ No newline at end of file diff --git a/versions/ovh_legacy/4.1.15_record_sudo_usage.sh b/versions/ovh_legacy/4.1.15_record_sudo_usage.sh new file mode 120000 index 0000000..f29d10e --- /dev/null +++ b/versions/ovh_legacy/4.1.15_record_sudo_usage.sh @@ -0,0 +1 @@ +../../bin/hardening/record_sudo_usage.sh \ No newline at end of file diff --git a/versions/ovh_legacy/4.1.16_record_kernel_modules.sh b/versions/ovh_legacy/4.1.16_record_kernel_modules.sh new file mode 120000 index 0000000..295983a --- /dev/null +++ b/versions/ovh_legacy/4.1.16_record_kernel_modules.sh @@ -0,0 +1 @@ +../../bin/hardening/record_kernel_modules.sh \ No newline at end of file diff --git a/versions/ovh_legacy/4.1.17_freeze_auditd_conf.sh b/versions/ovh_legacy/4.1.17_freeze_auditd_conf.sh new file mode 120000 index 0000000..fb4e030 --- /dev/null +++ b/versions/ovh_legacy/4.1.17_freeze_auditd_conf.sh @@ -0,0 +1 @@ +../../bin/hardening/freeze_auditd_conf.sh \ No newline at end of file diff --git a/versions/ovh_legacy/4.1.2.1_audit_log_storage.sh b/versions/ovh_legacy/4.1.2.1_audit_log_storage.sh new file mode 120000 index 0000000..d60bb75 --- /dev/null +++ b/versions/ovh_legacy/4.1.2.1_audit_log_storage.sh @@ -0,0 +1 @@ +../../bin/hardening/audit_log_storage.sh \ No newline at end of file diff --git a/versions/ovh_legacy/4.1.2.2_halt_when_audit_log_full.sh b/versions/ovh_legacy/4.1.2.2_halt_when_audit_log_full.sh new file mode 120000 index 0000000..e54667f --- /dev/null +++ b/versions/ovh_legacy/4.1.2.2_halt_when_audit_log_full.sh @@ -0,0 +1 @@ +../../bin/hardening/halt_when_audit_log_full.sh \ No newline at end of file diff --git a/versions/ovh_legacy/4.1.2.3_keep_all_audit_logs.sh b/versions/ovh_legacy/4.1.2.3_keep_all_audit_logs.sh new file mode 120000 index 0000000..6ff6932 --- /dev/null +++ b/versions/ovh_legacy/4.1.2.3_keep_all_audit_logs.sh @@ -0,0 +1 @@ +../../bin/hardening/keep_all_audit_logs.sh \ No newline at end of file diff --git a/versions/ovh_legacy/4.1.3_record_date_time_edit.sh b/versions/ovh_legacy/4.1.3_record_date_time_edit.sh new file mode 120000 index 0000000..24b7081 --- /dev/null +++ b/versions/ovh_legacy/4.1.3_record_date_time_edit.sh @@ -0,0 +1 @@ +../../bin/hardening/record_date_time_edit.sh \ No newline at end of file diff --git a/versions/ovh_legacy/4.1.4_record_user_group_edit.sh b/versions/ovh_legacy/4.1.4_record_user_group_edit.sh new file mode 120000 index 0000000..a2a220d --- /dev/null +++ b/versions/ovh_legacy/4.1.4_record_user_group_edit.sh @@ -0,0 +1 @@ +../../bin/hardening/record_user_group_edit.sh \ No newline at end of file diff --git a/versions/ovh_legacy/4.1.5_record_network_edit.sh b/versions/ovh_legacy/4.1.5_record_network_edit.sh new file mode 120000 index 0000000..a4f0c7d --- /dev/null +++ b/versions/ovh_legacy/4.1.5_record_network_edit.sh @@ -0,0 +1 @@ +../../bin/hardening/record_network_edit.sh \ No newline at end of file diff --git a/versions/ovh_legacy/4.1.6_record_mac_edit.sh b/versions/ovh_legacy/4.1.6_record_mac_edit.sh new file mode 120000 index 0000000..5f71894 --- /dev/null +++ b/versions/ovh_legacy/4.1.6_record_mac_edit.sh @@ -0,0 +1 @@ +../../bin/hardening/record_mac_edit.sh \ No newline at end of file diff --git a/versions/ovh_legacy/4.1.7_record_login_logout.sh b/versions/ovh_legacy/4.1.7_record_login_logout.sh new file mode 120000 index 0000000..3d2c331 --- /dev/null +++ b/versions/ovh_legacy/4.1.7_record_login_logout.sh @@ -0,0 +1 @@ +../../bin/hardening/record_login_logout.sh \ No newline at end of file diff --git a/versions/ovh_legacy/4.1.8_record_session_init.sh b/versions/ovh_legacy/4.1.8_record_session_init.sh new file mode 120000 index 0000000..85c2d3a --- /dev/null +++ b/versions/ovh_legacy/4.1.8_record_session_init.sh @@ -0,0 +1 @@ +../../bin/hardening/record_session_init.sh \ No newline at end of file diff --git a/versions/ovh_legacy/4.1.9_record_dac_edit.sh b/versions/ovh_legacy/4.1.9_record_dac_edit.sh new file mode 120000 index 0000000..264c7d2 --- /dev/null +++ b/versions/ovh_legacy/4.1.9_record_dac_edit.sh @@ -0,0 +1 @@ +../../bin/hardening/record_dac_edit.sh \ No newline at end of file diff --git a/versions/ovh_legacy/4.2.1.1_install_syslog-ng.sh b/versions/ovh_legacy/4.2.1.1_install_syslog-ng.sh new file mode 120000 index 0000000..ea73231 --- /dev/null +++ b/versions/ovh_legacy/4.2.1.1_install_syslog-ng.sh @@ -0,0 +1 @@ +../../bin/hardening/install_syslog-ng.sh \ No newline at end of file diff --git a/versions/ovh_legacy/4.2.1.2_enable_syslog-ng.sh b/versions/ovh_legacy/4.2.1.2_enable_syslog-ng.sh new file mode 120000 index 0000000..37fd377 --- /dev/null +++ b/versions/ovh_legacy/4.2.1.2_enable_syslog-ng.sh @@ -0,0 +1 @@ +../../bin/hardening/enable_syslog-ng.sh \ No newline at end of file diff --git a/versions/ovh_legacy/4.2.1.3_configure_syslog-ng.sh b/versions/ovh_legacy/4.2.1.3_configure_syslog-ng.sh new file mode 120000 index 0000000..98d734c --- /dev/null +++ b/versions/ovh_legacy/4.2.1.3_configure_syslog-ng.sh @@ -0,0 +1 @@ +../../bin/hardening/configure_syslog-ng.sh \ No newline at end of file diff --git a/versions/ovh_legacy/4.2.1.4_syslog_ng_logfiles_perm.sh b/versions/ovh_legacy/4.2.1.4_syslog_ng_logfiles_perm.sh new file mode 120000 index 0000000..6609bcc --- /dev/null +++ b/versions/ovh_legacy/4.2.1.4_syslog_ng_logfiles_perm.sh @@ -0,0 +1 @@ +../../bin/hardening/syslog_ng_logfiles_perm.sh \ No newline at end of file diff --git a/versions/ovh_legacy/4.2.1.5_syslog-ng_remote_host.sh b/versions/ovh_legacy/4.2.1.5_syslog-ng_remote_host.sh new file mode 120000 index 0000000..54f451b --- /dev/null +++ b/versions/ovh_legacy/4.2.1.5_syslog-ng_remote_host.sh @@ -0,0 +1 @@ +../../bin/hardening/syslog-ng_remote_host.sh \ No newline at end of file diff --git a/versions/ovh_legacy/4.2.1.6_remote_syslog-ng_acl.sh b/versions/ovh_legacy/4.2.1.6_remote_syslog-ng_acl.sh new file mode 120000 index 0000000..2cce2cd --- /dev/null +++ b/versions/ovh_legacy/4.2.1.6_remote_syslog-ng_acl.sh @@ -0,0 +1 @@ +../../bin/hardening/remote_syslog-ng_acl.sh \ No newline at end of file diff --git a/versions/ovh_legacy/4.2.2.1_journald_logs.sh b/versions/ovh_legacy/4.2.2.1_journald_logs.sh new file mode 120000 index 0000000..fd72c9f --- /dev/null +++ b/versions/ovh_legacy/4.2.2.1_journald_logs.sh @@ -0,0 +1 @@ +../../bin/hardening/journald_logs.sh \ No newline at end of file diff --git a/versions/ovh_legacy/4.2.2.2_journald_compress.sh b/versions/ovh_legacy/4.2.2.2_journald_compress.sh new file mode 120000 index 0000000..24460a6 --- /dev/null +++ b/versions/ovh_legacy/4.2.2.2_journald_compress.sh @@ -0,0 +1 @@ +../../bin/hardening/journald_compress.sh \ No newline at end of file diff --git a/versions/ovh_legacy/4.2.2.3_journald_write_persistent.sh b/versions/ovh_legacy/4.2.2.3_journald_write_persistent.sh new file mode 120000 index 0000000..347f8c6 --- /dev/null +++ b/versions/ovh_legacy/4.2.2.3_journald_write_persistent.sh @@ -0,0 +1 @@ +../../bin/hardening/journald_write_persistent.sh \ No newline at end of file diff --git a/versions/ovh_legacy/4.2.3_logs_permissions.sh b/versions/ovh_legacy/4.2.3_logs_permissions.sh new file mode 120000 index 0000000..7a72a70 --- /dev/null +++ b/versions/ovh_legacy/4.2.3_logs_permissions.sh @@ -0,0 +1 @@ +../../bin/hardening/logs_permissions.sh \ No newline at end of file diff --git a/versions/ovh_legacy/4.3_configure_logrotate.sh b/versions/ovh_legacy/4.3_configure_logrotate.sh new file mode 120000 index 0000000..6eaa820 --- /dev/null +++ b/versions/ovh_legacy/4.3_configure_logrotate.sh @@ -0,0 +1 @@ +../../bin/hardening/configure_logrotate.sh \ No newline at end of file diff --git a/versions/ovh_legacy/4.4_logrotate_permissions.sh b/versions/ovh_legacy/4.4_logrotate_permissions.sh new file mode 120000 index 0000000..c0f1654 --- /dev/null +++ b/versions/ovh_legacy/4.4_logrotate_permissions.sh @@ -0,0 +1 @@ +../../bin/hardening/logrotate_permissions.sh \ No newline at end of file diff --git a/versions/ovh_legacy/5.1.1_enable_cron.sh b/versions/ovh_legacy/5.1.1_enable_cron.sh new file mode 120000 index 0000000..ffe94d8 --- /dev/null +++ b/versions/ovh_legacy/5.1.1_enable_cron.sh @@ -0,0 +1 @@ +../../bin/hardening/enable_cron.sh \ No newline at end of file diff --git a/versions/ovh_legacy/5.1.2_crontab_perm_ownership.sh b/versions/ovh_legacy/5.1.2_crontab_perm_ownership.sh new file mode 120000 index 0000000..5cc4637 --- /dev/null +++ b/versions/ovh_legacy/5.1.2_crontab_perm_ownership.sh @@ -0,0 +1 @@ +../../bin/hardening/crontab_perm_ownership.sh \ No newline at end of file diff --git a/versions/ovh_legacy/5.1.3_cron_hourly_perm_ownership.sh b/versions/ovh_legacy/5.1.3_cron_hourly_perm_ownership.sh new file mode 120000 index 0000000..8d783ff --- /dev/null +++ b/versions/ovh_legacy/5.1.3_cron_hourly_perm_ownership.sh @@ -0,0 +1 @@ +../../bin/hardening/cron_hourly_perm_ownership.sh \ No newline at end of file diff --git a/versions/ovh_legacy/5.1.4_cron_daily_perm_ownership.sh b/versions/ovh_legacy/5.1.4_cron_daily_perm_ownership.sh new file mode 120000 index 0000000..dfcf7e1 --- /dev/null +++ b/versions/ovh_legacy/5.1.4_cron_daily_perm_ownership.sh @@ -0,0 +1 @@ +../../bin/hardening/cron_daily_perm_ownership.sh \ No newline at end of file diff --git a/versions/ovh_legacy/5.1.5_cron_weekly_perm_ownership.sh b/versions/ovh_legacy/5.1.5_cron_weekly_perm_ownership.sh new file mode 120000 index 0000000..56e70d9 --- /dev/null +++ b/versions/ovh_legacy/5.1.5_cron_weekly_perm_ownership.sh @@ -0,0 +1 @@ +../../bin/hardening/cron_weekly_perm_ownership.sh \ No newline at end of file diff --git a/versions/ovh_legacy/5.1.6_cron_monthly_perm_ownership.sh b/versions/ovh_legacy/5.1.6_cron_monthly_perm_ownership.sh new file mode 120000 index 0000000..be85d41 --- /dev/null +++ b/versions/ovh_legacy/5.1.6_cron_monthly_perm_ownership.sh @@ -0,0 +1 @@ +../../bin/hardening/cron_monthly_perm_ownership.sh \ No newline at end of file diff --git a/versions/ovh_legacy/5.1.7_cron_d_perm_ownership.sh b/versions/ovh_legacy/5.1.7_cron_d_perm_ownership.sh new file mode 120000 index 0000000..3fb673b --- /dev/null +++ b/versions/ovh_legacy/5.1.7_cron_d_perm_ownership.sh @@ -0,0 +1 @@ +../../bin/hardening/cron_d_perm_ownership.sh \ No newline at end of file diff --git a/versions/ovh_legacy/5.1.8_cron_users.sh b/versions/ovh_legacy/5.1.8_cron_users.sh new file mode 120000 index 0000000..64e2e2e --- /dev/null +++ b/versions/ovh_legacy/5.1.8_cron_users.sh @@ -0,0 +1 @@ +../../bin/hardening/cron_users.sh \ No newline at end of file diff --git a/versions/ovh_legacy/5.2.10_disable_root_login.sh b/versions/ovh_legacy/5.2.10_disable_root_login.sh new file mode 120000 index 0000000..32eb75f --- /dev/null +++ b/versions/ovh_legacy/5.2.10_disable_root_login.sh @@ -0,0 +1 @@ +../../bin/hardening/disable_root_login.sh \ No newline at end of file diff --git a/versions/ovh_legacy/5.2.11_disable_sshd_permitemptypasswords.sh b/versions/ovh_legacy/5.2.11_disable_sshd_permitemptypasswords.sh new file mode 120000 index 0000000..58517ad --- /dev/null +++ b/versions/ovh_legacy/5.2.11_disable_sshd_permitemptypasswords.sh @@ -0,0 +1 @@ +../../bin/hardening/disable_sshd_permitemptypasswords.sh \ No newline at end of file diff --git a/versions/ovh_legacy/5.2.12_disable_sshd_setenv.sh b/versions/ovh_legacy/5.2.12_disable_sshd_setenv.sh new file mode 120000 index 0000000..e29537b --- /dev/null +++ b/versions/ovh_legacy/5.2.12_disable_sshd_setenv.sh @@ -0,0 +1 @@ +../../bin/hardening/disable_sshd_setenv.sh \ No newline at end of file diff --git a/versions/ovh_legacy/5.2.13_sshd_ciphers.sh b/versions/ovh_legacy/5.2.13_sshd_ciphers.sh new file mode 120000 index 0000000..3f26688 --- /dev/null +++ b/versions/ovh_legacy/5.2.13_sshd_ciphers.sh @@ -0,0 +1 @@ +../../bin/hardening/sshd_ciphers.sh \ No newline at end of file diff --git a/versions/ovh_legacy/5.2.14_ssh_cry_mac.sh b/versions/ovh_legacy/5.2.14_ssh_cry_mac.sh new file mode 120000 index 0000000..8b86933 --- /dev/null +++ b/versions/ovh_legacy/5.2.14_ssh_cry_mac.sh @@ -0,0 +1 @@ +../../bin/hardening/ssh_cry_mac.sh \ No newline at end of file diff --git a/versions/ovh_legacy/5.2.15_ssh_cry_kex.sh b/versions/ovh_legacy/5.2.15_ssh_cry_kex.sh new file mode 120000 index 0000000..0b58469 --- /dev/null +++ b/versions/ovh_legacy/5.2.15_ssh_cry_kex.sh @@ -0,0 +1 @@ +../../bin/hardening/ssh_cry_kex.sh \ No newline at end of file diff --git a/versions/ovh_legacy/5.2.16_sshd_idle_timeout.sh b/versions/ovh_legacy/5.2.16_sshd_idle_timeout.sh new file mode 120000 index 0000000..17c4b60 --- /dev/null +++ b/versions/ovh_legacy/5.2.16_sshd_idle_timeout.sh @@ -0,0 +1 @@ +../../bin/hardening/sshd_idle_timeout.sh \ No newline at end of file diff --git a/versions/ovh_legacy/5.2.17_sshd_login_grace_time.sh b/versions/ovh_legacy/5.2.17_sshd_login_grace_time.sh new file mode 120000 index 0000000..e1cd63d --- /dev/null +++ b/versions/ovh_legacy/5.2.17_sshd_login_grace_time.sh @@ -0,0 +1 @@ +../../bin/hardening/sshd_login_grace_time.sh \ No newline at end of file diff --git a/versions/ovh_legacy/5.2.18_sshd_limit_access.sh b/versions/ovh_legacy/5.2.18_sshd_limit_access.sh new file mode 120000 index 0000000..fbe77d5 --- /dev/null +++ b/versions/ovh_legacy/5.2.18_sshd_limit_access.sh @@ -0,0 +1 @@ +../../bin/hardening/sshd_limit_access.sh \ No newline at end of file diff --git a/versions/ovh_legacy/5.2.19_ssh_banner.sh b/versions/ovh_legacy/5.2.19_ssh_banner.sh new file mode 120000 index 0000000..480c1ea --- /dev/null +++ b/versions/ovh_legacy/5.2.19_ssh_banner.sh @@ -0,0 +1 @@ +../../bin/hardening/ssh_banner.sh \ No newline at end of file diff --git a/versions/ovh_legacy/5.2.1_sshd_conf_perm_ownership.sh b/versions/ovh_legacy/5.2.1_sshd_conf_perm_ownership.sh new file mode 120000 index 0000000..8273b1d --- /dev/null +++ b/versions/ovh_legacy/5.2.1_sshd_conf_perm_ownership.sh @@ -0,0 +1 @@ +../../bin/hardening/sshd_conf_perm_ownership.sh \ No newline at end of file diff --git a/versions/ovh_legacy/5.2.20_enable_ssh_pam.sh b/versions/ovh_legacy/5.2.20_enable_ssh_pam.sh new file mode 120000 index 0000000..0b01144 --- /dev/null +++ b/versions/ovh_legacy/5.2.20_enable_ssh_pam.sh @@ -0,0 +1 @@ +../../bin/hardening/enable_ssh_pam.sh \ No newline at end of file diff --git a/versions/ovh_legacy/5.2.21_disable_ssh_allow_tcp_forwarding.sh b/versions/ovh_legacy/5.2.21_disable_ssh_allow_tcp_forwarding.sh new file mode 120000 index 0000000..c94b366 --- /dev/null +++ b/versions/ovh_legacy/5.2.21_disable_ssh_allow_tcp_forwarding.sh @@ -0,0 +1 @@ +../../bin/hardening/disable_ssh_allow_tcp_forwarding.sh \ No newline at end of file diff --git a/versions/ovh_legacy/5.2.22_configure_ssh_max_startups.sh b/versions/ovh_legacy/5.2.22_configure_ssh_max_startups.sh new file mode 120000 index 0000000..21f35b7 --- /dev/null +++ b/versions/ovh_legacy/5.2.22_configure_ssh_max_startups.sh @@ -0,0 +1 @@ +../../bin/hardening/configure_ssh_max_startups.sh \ No newline at end of file diff --git a/versions/ovh_legacy/5.2.23_limit_ssh_max_sessions.sh b/versions/ovh_legacy/5.2.23_limit_ssh_max_sessions.sh new file mode 120000 index 0000000..d119301 --- /dev/null +++ b/versions/ovh_legacy/5.2.23_limit_ssh_max_sessions.sh @@ -0,0 +1 @@ +../../bin/hardening/limit_ssh_max_sessions.sh \ No newline at end of file diff --git a/versions/ovh_legacy/5.2.2_ssh_host_private_keys_perm_ownership.sh b/versions/ovh_legacy/5.2.2_ssh_host_private_keys_perm_ownership.sh new file mode 120000 index 0000000..2473b40 --- /dev/null +++ b/versions/ovh_legacy/5.2.2_ssh_host_private_keys_perm_ownership.sh @@ -0,0 +1 @@ +../../bin/hardening/ssh_host_private_keys_perm_ownership.sh \ No newline at end of file diff --git a/versions/ovh_legacy/5.2.3_ssh_host_public_keys_perm_ownership.sh b/versions/ovh_legacy/5.2.3_ssh_host_public_keys_perm_ownership.sh new file mode 120000 index 0000000..6c255db --- /dev/null +++ b/versions/ovh_legacy/5.2.3_ssh_host_public_keys_perm_ownership.sh @@ -0,0 +1 @@ +../../bin/hardening/ssh_host_public_keys_perm_ownership.sh \ No newline at end of file diff --git a/versions/ovh_legacy/5.2.4_sshd_protocol.sh b/versions/ovh_legacy/5.2.4_sshd_protocol.sh new file mode 120000 index 0000000..85e7a7d --- /dev/null +++ b/versions/ovh_legacy/5.2.4_sshd_protocol.sh @@ -0,0 +1 @@ +../../bin/hardening/sshd_protocol.sh \ No newline at end of file diff --git a/versions/ovh_legacy/5.2.5_sshd_loglevel.sh b/versions/ovh_legacy/5.2.5_sshd_loglevel.sh new file mode 120000 index 0000000..9a26fa5 --- /dev/null +++ b/versions/ovh_legacy/5.2.5_sshd_loglevel.sh @@ -0,0 +1 @@ +../../bin/hardening/sshd_loglevel.sh \ No newline at end of file diff --git a/versions/ovh_legacy/5.2.6_disable_x11_forwarding.sh b/versions/ovh_legacy/5.2.6_disable_x11_forwarding.sh new file mode 120000 index 0000000..17e2a4e --- /dev/null +++ b/versions/ovh_legacy/5.2.6_disable_x11_forwarding.sh @@ -0,0 +1 @@ +../../bin/hardening/disable_x11_forwarding.sh \ No newline at end of file diff --git a/versions/ovh_legacy/5.2.7_sshd_maxauthtries.sh b/versions/ovh_legacy/5.2.7_sshd_maxauthtries.sh new file mode 120000 index 0000000..37c1c04 --- /dev/null +++ b/versions/ovh_legacy/5.2.7_sshd_maxauthtries.sh @@ -0,0 +1 @@ +../../bin/hardening/sshd_maxauthtries.sh \ No newline at end of file diff --git a/versions/ovh_legacy/5.2.8_enable_sshd_ignorerhosts.sh b/versions/ovh_legacy/5.2.8_enable_sshd_ignorerhosts.sh new file mode 120000 index 0000000..df8b6df --- /dev/null +++ b/versions/ovh_legacy/5.2.8_enable_sshd_ignorerhosts.sh @@ -0,0 +1 @@ +../../bin/hardening/enable_sshd_ignorerhosts.sh \ No newline at end of file diff --git a/versions/ovh_legacy/5.2.9_disable_sshd_hostbasedauthentication.sh b/versions/ovh_legacy/5.2.9_disable_sshd_hostbasedauthentication.sh new file mode 120000 index 0000000..92827b1 --- /dev/null +++ b/versions/ovh_legacy/5.2.9_disable_sshd_hostbasedauthentication.sh @@ -0,0 +1 @@ +../../bin/hardening/disable_sshd_hostbasedauthentication.sh \ No newline at end of file diff --git a/versions/ovh_legacy/5.3.1_enable_pwquality.sh b/versions/ovh_legacy/5.3.1_enable_pwquality.sh new file mode 120000 index 0000000..ab18228 --- /dev/null +++ b/versions/ovh_legacy/5.3.1_enable_pwquality.sh @@ -0,0 +1 @@ +../../bin/hardening/enable_pwquality.sh \ No newline at end of file diff --git a/versions/ovh_legacy/5.3.2_enable_lockout_failed_password.sh b/versions/ovh_legacy/5.3.2_enable_lockout_failed_password.sh new file mode 120000 index 0000000..5d36a8c --- /dev/null +++ b/versions/ovh_legacy/5.3.2_enable_lockout_failed_password.sh @@ -0,0 +1 @@ +../../bin/hardening/enable_lockout_failed_password.sh \ No newline at end of file diff --git a/versions/ovh_legacy/5.3.3_limit_password_reuse.sh b/versions/ovh_legacy/5.3.3_limit_password_reuse.sh new file mode 120000 index 0000000..17047a7 --- /dev/null +++ b/versions/ovh_legacy/5.3.3_limit_password_reuse.sh @@ -0,0 +1 @@ +../../bin/hardening/limit_password_reuse.sh \ No newline at end of file diff --git a/versions/ovh_legacy/5.3.4_acc_pam_sha512.sh b/versions/ovh_legacy/5.3.4_acc_pam_sha512.sh new file mode 120000 index 0000000..482af59 --- /dev/null +++ b/versions/ovh_legacy/5.3.4_acc_pam_sha512.sh @@ -0,0 +1 @@ +../../bin/hardening/acc_pam_sha512.sh \ No newline at end of file diff --git a/versions/ovh_legacy/5.4.1.1_set_password_exp_days.sh b/versions/ovh_legacy/5.4.1.1_set_password_exp_days.sh new file mode 120000 index 0000000..6c38364 --- /dev/null +++ b/versions/ovh_legacy/5.4.1.1_set_password_exp_days.sh @@ -0,0 +1 @@ +../../bin/hardening/set_password_exp_days.sh \ No newline at end of file diff --git a/versions/ovh_legacy/5.4.1.2_set_password_min_days_change.sh b/versions/ovh_legacy/5.4.1.2_set_password_min_days_change.sh new file mode 120000 index 0000000..ac60fd4 --- /dev/null +++ b/versions/ovh_legacy/5.4.1.2_set_password_min_days_change.sh @@ -0,0 +1 @@ +../../bin/hardening/set_password_min_days_change.sh \ No newline at end of file diff --git a/versions/ovh_legacy/5.4.1.3_set_password_exp_warning_days.sh b/versions/ovh_legacy/5.4.1.3_set_password_exp_warning_days.sh new file mode 120000 index 0000000..79fdd8d --- /dev/null +++ b/versions/ovh_legacy/5.4.1.3_set_password_exp_warning_days.sh @@ -0,0 +1 @@ +../../bin/hardening/set_password_exp_warning_days.sh \ No newline at end of file diff --git a/versions/ovh_legacy/5.4.1.4_lock_inactive_user_account.sh b/versions/ovh_legacy/5.4.1.4_lock_inactive_user_account.sh new file mode 120000 index 0000000..7ec9ee7 --- /dev/null +++ b/versions/ovh_legacy/5.4.1.4_lock_inactive_user_account.sh @@ -0,0 +1 @@ +../../bin/hardening/lock_inactive_user_account.sh \ No newline at end of file diff --git a/versions/ovh_legacy/5.4.1.5_last_password_change_past.sh b/versions/ovh_legacy/5.4.1.5_last_password_change_past.sh new file mode 120000 index 0000000..f575344 --- /dev/null +++ b/versions/ovh_legacy/5.4.1.5_last_password_change_past.sh @@ -0,0 +1 @@ +../../bin/hardening/last_password_change_past.sh \ No newline at end of file diff --git a/versions/ovh_legacy/5.4.2_disable_system_accounts.sh b/versions/ovh_legacy/5.4.2_disable_system_accounts.sh new file mode 120000 index 0000000..ee98f47 --- /dev/null +++ b/versions/ovh_legacy/5.4.2_disable_system_accounts.sh @@ -0,0 +1 @@ +../../bin/hardening/disable_system_accounts.sh \ No newline at end of file diff --git a/versions/ovh_legacy/5.4.3_default_root_group.sh b/versions/ovh_legacy/5.4.3_default_root_group.sh new file mode 120000 index 0000000..11e4e55 --- /dev/null +++ b/versions/ovh_legacy/5.4.3_default_root_group.sh @@ -0,0 +1 @@ +../../bin/hardening/default_root_group.sh \ No newline at end of file diff --git a/versions/ovh_legacy/5.4.4_default_umask.sh b/versions/ovh_legacy/5.4.4_default_umask.sh new file mode 120000 index 0000000..89b5fcd --- /dev/null +++ b/versions/ovh_legacy/5.4.4_default_umask.sh @@ -0,0 +1 @@ +../../bin/hardening/default_umask.sh \ No newline at end of file diff --git a/versions/ovh_legacy/5.4.5_default_timeout.sh b/versions/ovh_legacy/5.4.5_default_timeout.sh new file mode 120000 index 0000000..a98bba9 --- /dev/null +++ b/versions/ovh_legacy/5.4.5_default_timeout.sh @@ -0,0 +1 @@ +../../bin/hardening/default_timeout.sh \ No newline at end of file diff --git a/versions/ovh_legacy/5.5_secure_tty.sh b/versions/ovh_legacy/5.5_secure_tty.sh new file mode 120000 index 0000000..d49646b --- /dev/null +++ b/versions/ovh_legacy/5.5_secure_tty.sh @@ -0,0 +1 @@ +../../bin/hardening/secure_tty.sh \ No newline at end of file diff --git a/versions/ovh_legacy/5.6_restrict_su.sh b/versions/ovh_legacy/5.6_restrict_su.sh new file mode 120000 index 0000000..4ce8b40 --- /dev/null +++ b/versions/ovh_legacy/5.6_restrict_su.sh @@ -0,0 +1 @@ +../../bin/hardening/restrict_su.sh \ No newline at end of file diff --git a/versions/ovh_legacy/6.1.10_find_world_writable_file.sh b/versions/ovh_legacy/6.1.10_find_world_writable_file.sh new file mode 120000 index 0000000..1b83cce --- /dev/null +++ b/versions/ovh_legacy/6.1.10_find_world_writable_file.sh @@ -0,0 +1 @@ +../../bin/hardening/find_world_writable_file.sh \ No newline at end of file diff --git a/versions/ovh_legacy/6.1.11_find_unowned_files.sh b/versions/ovh_legacy/6.1.11_find_unowned_files.sh new file mode 120000 index 0000000..56bc7c6 --- /dev/null +++ b/versions/ovh_legacy/6.1.11_find_unowned_files.sh @@ -0,0 +1 @@ +../../bin/hardening/find_unowned_files.sh \ No newline at end of file diff --git a/versions/ovh_legacy/6.1.12_find_ungrouped_files.sh b/versions/ovh_legacy/6.1.12_find_ungrouped_files.sh new file mode 120000 index 0000000..0adf6f0 --- /dev/null +++ b/versions/ovh_legacy/6.1.12_find_ungrouped_files.sh @@ -0,0 +1 @@ +../../bin/hardening/find_ungrouped_files.sh \ No newline at end of file diff --git a/versions/ovh_legacy/6.1.13_find_suid_files.sh b/versions/ovh_legacy/6.1.13_find_suid_files.sh new file mode 120000 index 0000000..f6244dd --- /dev/null +++ b/versions/ovh_legacy/6.1.13_find_suid_files.sh @@ -0,0 +1 @@ +../../bin/hardening/find_suid_files.sh \ No newline at end of file diff --git a/versions/ovh_legacy/6.1.14_find_sgid_files.sh b/versions/ovh_legacy/6.1.14_find_sgid_files.sh new file mode 120000 index 0000000..00c83a2 --- /dev/null +++ b/versions/ovh_legacy/6.1.14_find_sgid_files.sh @@ -0,0 +1 @@ +../../bin/hardening/find_sgid_files.sh \ No newline at end of file diff --git a/versions/ovh_legacy/6.1.2_etc_passwd_permissions.sh b/versions/ovh_legacy/6.1.2_etc_passwd_permissions.sh new file mode 120000 index 0000000..a6f2488 --- /dev/null +++ b/versions/ovh_legacy/6.1.2_etc_passwd_permissions.sh @@ -0,0 +1 @@ +../../bin/hardening/etc_passwd_permissions.sh \ No newline at end of file diff --git a/versions/ovh_legacy/6.1.3_etc_gshadow-_permissions.sh b/versions/ovh_legacy/6.1.3_etc_gshadow-_permissions.sh new file mode 120000 index 0000000..5d341e3 --- /dev/null +++ b/versions/ovh_legacy/6.1.3_etc_gshadow-_permissions.sh @@ -0,0 +1 @@ +../../bin/hardening/etc_gshadow-_permissions.sh \ No newline at end of file diff --git a/versions/ovh_legacy/6.1.4_etc_shadow_permissions.sh b/versions/ovh_legacy/6.1.4_etc_shadow_permissions.sh new file mode 120000 index 0000000..c9c72d9 --- /dev/null +++ b/versions/ovh_legacy/6.1.4_etc_shadow_permissions.sh @@ -0,0 +1 @@ +../../bin/hardening/etc_shadow_permissions.sh \ No newline at end of file diff --git a/versions/ovh_legacy/6.1.5_etc_group_permissions.sh b/versions/ovh_legacy/6.1.5_etc_group_permissions.sh new file mode 120000 index 0000000..f1c3fa8 --- /dev/null +++ b/versions/ovh_legacy/6.1.5_etc_group_permissions.sh @@ -0,0 +1 @@ +../../bin/hardening/etc_group_permissions.sh \ No newline at end of file diff --git a/versions/ovh_legacy/6.1.6_etc_passwd-_permissions.sh b/versions/ovh_legacy/6.1.6_etc_passwd-_permissions.sh new file mode 120000 index 0000000..b166e1f --- /dev/null +++ b/versions/ovh_legacy/6.1.6_etc_passwd-_permissions.sh @@ -0,0 +1 @@ +../../bin/hardening/etc_passwd-_permissions.sh \ No newline at end of file diff --git a/versions/ovh_legacy/6.1.7_etc_shadow-_permissions.sh b/versions/ovh_legacy/6.1.7_etc_shadow-_permissions.sh new file mode 120000 index 0000000..a7c3595 --- /dev/null +++ b/versions/ovh_legacy/6.1.7_etc_shadow-_permissions.sh @@ -0,0 +1 @@ +../../bin/hardening/etc_shadow-_permissions.sh \ No newline at end of file diff --git a/versions/ovh_legacy/6.1.8_etc_group-_permissions.sh b/versions/ovh_legacy/6.1.8_etc_group-_permissions.sh new file mode 120000 index 0000000..494d8c3 --- /dev/null +++ b/versions/ovh_legacy/6.1.8_etc_group-_permissions.sh @@ -0,0 +1 @@ +../../bin/hardening/etc_group-_permissions.sh \ No newline at end of file diff --git a/versions/ovh_legacy/6.1.9_etc_gshadow_permissions.sh b/versions/ovh_legacy/6.1.9_etc_gshadow_permissions.sh new file mode 120000 index 0000000..556945a --- /dev/null +++ b/versions/ovh_legacy/6.1.9_etc_gshadow_permissions.sh @@ -0,0 +1 @@ +../../bin/hardening/etc_gshadow_permissions.sh \ No newline at end of file diff --git a/versions/ovh_legacy/6.2.10_check_user_dot_file_perm.sh b/versions/ovh_legacy/6.2.10_check_user_dot_file_perm.sh new file mode 120000 index 0000000..7358a0a --- /dev/null +++ b/versions/ovh_legacy/6.2.10_check_user_dot_file_perm.sh @@ -0,0 +1 @@ +../../bin/hardening/check_user_dot_file_perm.sh \ No newline at end of file diff --git a/versions/ovh_legacy/6.2.11_find_user_forward_files.sh b/versions/ovh_legacy/6.2.11_find_user_forward_files.sh new file mode 120000 index 0000000..67da80f --- /dev/null +++ b/versions/ovh_legacy/6.2.11_find_user_forward_files.sh @@ -0,0 +1 @@ +../../bin/hardening/find_user_forward_files.sh \ No newline at end of file diff --git a/versions/ovh_legacy/6.2.12_find_user_netrc_files.sh b/versions/ovh_legacy/6.2.12_find_user_netrc_files.sh new file mode 120000 index 0000000..00e6c22 --- /dev/null +++ b/versions/ovh_legacy/6.2.12_find_user_netrc_files.sh @@ -0,0 +1 @@ +../../bin/hardening/find_user_netrc_files.sh \ No newline at end of file diff --git a/versions/ovh_legacy/6.2.13_set_perm_on_user_netrc.sh b/versions/ovh_legacy/6.2.13_set_perm_on_user_netrc.sh new file mode 120000 index 0000000..b549f2b --- /dev/null +++ b/versions/ovh_legacy/6.2.13_set_perm_on_user_netrc.sh @@ -0,0 +1 @@ +../../bin/hardening/set_perm_on_user_netrc.sh \ No newline at end of file diff --git a/versions/ovh_legacy/6.2.14_find_user_rhosts_files.sh b/versions/ovh_legacy/6.2.14_find_user_rhosts_files.sh new file mode 120000 index 0000000..e605174 --- /dev/null +++ b/versions/ovh_legacy/6.2.14_find_user_rhosts_files.sh @@ -0,0 +1 @@ +../../bin/hardening/find_user_rhosts_files.sh \ No newline at end of file diff --git a/versions/ovh_legacy/6.2.15_find_passwd_group_inconsistencies.sh b/versions/ovh_legacy/6.2.15_find_passwd_group_inconsistencies.sh new file mode 120000 index 0000000..2cc4753 --- /dev/null +++ b/versions/ovh_legacy/6.2.15_find_passwd_group_inconsistencies.sh @@ -0,0 +1 @@ +../../bin/hardening/find_passwd_group_inconsistencies.sh \ No newline at end of file diff --git a/versions/ovh_legacy/6.2.16_check_duplicate_uid.sh b/versions/ovh_legacy/6.2.16_check_duplicate_uid.sh new file mode 120000 index 0000000..171f96b --- /dev/null +++ b/versions/ovh_legacy/6.2.16_check_duplicate_uid.sh @@ -0,0 +1 @@ +../../bin/hardening/check_duplicate_uid.sh \ No newline at end of file diff --git a/versions/ovh_legacy/6.2.17_check_duplicate_gid.sh b/versions/ovh_legacy/6.2.17_check_duplicate_gid.sh new file mode 120000 index 0000000..34eeffa --- /dev/null +++ b/versions/ovh_legacy/6.2.17_check_duplicate_gid.sh @@ -0,0 +1 @@ +../../bin/hardening/check_duplicate_gid.sh \ No newline at end of file diff --git a/versions/ovh_legacy/6.2.18_check_duplicate_username.sh b/versions/ovh_legacy/6.2.18_check_duplicate_username.sh new file mode 120000 index 0000000..5486bc0 --- /dev/null +++ b/versions/ovh_legacy/6.2.18_check_duplicate_username.sh @@ -0,0 +1 @@ +../../bin/hardening/check_duplicate_username.sh \ No newline at end of file diff --git a/versions/ovh_legacy/6.2.19_check_duplicate_groupname.sh b/versions/ovh_legacy/6.2.19_check_duplicate_groupname.sh new file mode 120000 index 0000000..6117e47 --- /dev/null +++ b/versions/ovh_legacy/6.2.19_check_duplicate_groupname.sh @@ -0,0 +1 @@ +../../bin/hardening/check_duplicate_groupname.sh \ No newline at end of file diff --git a/versions/ovh_legacy/6.2.1_remove_empty_password_field.sh b/versions/ovh_legacy/6.2.1_remove_empty_password_field.sh new file mode 120000 index 0000000..933a527 --- /dev/null +++ b/versions/ovh_legacy/6.2.1_remove_empty_password_field.sh @@ -0,0 +1 @@ +../../bin/hardening/remove_empty_password_field.sh \ No newline at end of file diff --git a/versions/ovh_legacy/6.2.20_shadow_group_empty.sh b/versions/ovh_legacy/6.2.20_shadow_group_empty.sh new file mode 120000 index 0000000..4a690ba --- /dev/null +++ b/versions/ovh_legacy/6.2.20_shadow_group_empty.sh @@ -0,0 +1 @@ +../../bin/hardening/shadow_group_empty.sh \ No newline at end of file diff --git a/versions/ovh_legacy/6.2.2_remove_legacy_passwd_entries.sh b/versions/ovh_legacy/6.2.2_remove_legacy_passwd_entries.sh new file mode 120000 index 0000000..6b33eee --- /dev/null +++ b/versions/ovh_legacy/6.2.2_remove_legacy_passwd_entries.sh @@ -0,0 +1 @@ +../../bin/hardening/remove_legacy_passwd_entries.sh \ No newline at end of file diff --git a/versions/ovh_legacy/6.2.3_users_homedir_exist.sh b/versions/ovh_legacy/6.2.3_users_homedir_exist.sh new file mode 120000 index 0000000..a37f346 --- /dev/null +++ b/versions/ovh_legacy/6.2.3_users_homedir_exist.sh @@ -0,0 +1 @@ +../../bin/hardening/users_homedir_exist.sh \ No newline at end of file diff --git a/versions/ovh_legacy/6.2.4_remove_legacy_shadow_entries.sh b/versions/ovh_legacy/6.2.4_remove_legacy_shadow_entries.sh new file mode 120000 index 0000000..178bb89 --- /dev/null +++ b/versions/ovh_legacy/6.2.4_remove_legacy_shadow_entries.sh @@ -0,0 +1 @@ +../../bin/hardening/remove_legacy_shadow_entries.sh \ No newline at end of file diff --git a/versions/ovh_legacy/6.2.5_remove_legacy_group_entries.sh b/versions/ovh_legacy/6.2.5_remove_legacy_group_entries.sh new file mode 120000 index 0000000..4057f14 --- /dev/null +++ b/versions/ovh_legacy/6.2.5_remove_legacy_group_entries.sh @@ -0,0 +1 @@ +../../bin/hardening/remove_legacy_group_entries.sh \ No newline at end of file diff --git a/versions/ovh_legacy/6.2.6_find_0_uid_non_root_account.sh b/versions/ovh_legacy/6.2.6_find_0_uid_non_root_account.sh new file mode 120000 index 0000000..8714bdd --- /dev/null +++ b/versions/ovh_legacy/6.2.6_find_0_uid_non_root_account.sh @@ -0,0 +1 @@ +../../bin/hardening/find_0_uid_non_root_account.sh \ No newline at end of file diff --git a/versions/ovh_legacy/6.2.7_sanitize_root_path.sh b/versions/ovh_legacy/6.2.7_sanitize_root_path.sh new file mode 120000 index 0000000..d06762b --- /dev/null +++ b/versions/ovh_legacy/6.2.7_sanitize_root_path.sh @@ -0,0 +1 @@ +../../bin/hardening/sanitize_root_path.sh \ No newline at end of file diff --git a/versions/ovh_legacy/6.2.8_check_user_dir_perm.sh b/versions/ovh_legacy/6.2.8_check_user_dir_perm.sh new file mode 120000 index 0000000..5b10d36 --- /dev/null +++ b/versions/ovh_legacy/6.2.8_check_user_dir_perm.sh @@ -0,0 +1 @@ +../../bin/hardening/check_user_dir_perm.sh \ No newline at end of file diff --git a/versions/ovh_legacy/6.2.9_users_homedir_ownership.sh b/versions/ovh_legacy/6.2.9_users_homedir_ownership.sh new file mode 120000 index 0000000..144aa2e --- /dev/null +++ b/versions/ovh_legacy/6.2.9_users_homedir_ownership.sh @@ -0,0 +1 @@ +../../bin/hardening/users_homedir_ownership.sh \ No newline at end of file diff --git a/versions/ovh_legacy/99.1.1.1_disable_cramfs.sh b/versions/ovh_legacy/99.1.1.1_disable_cramfs.sh new file mode 120000 index 0000000..8db46ff --- /dev/null +++ b/versions/ovh_legacy/99.1.1.1_disable_cramfs.sh @@ -0,0 +1 @@ +../../bin/hardening/disable_cramfs.sh \ No newline at end of file diff --git a/versions/ovh_legacy/99.1.1.23_disable_usb_devices.sh b/versions/ovh_legacy/99.1.1.23_disable_usb_devices.sh new file mode 120000 index 0000000..dc913b8 --- /dev/null +++ b/versions/ovh_legacy/99.1.1.23_disable_usb_devices.sh @@ -0,0 +1 @@ +../../bin/hardening/disable_usb_devices.sh \ No newline at end of file diff --git a/versions/ovh_legacy/99.1.3_acc_sudoers_no_all.sh b/versions/ovh_legacy/99.1.3_acc_sudoers_no_all.sh new file mode 120000 index 0000000..c2834b6 --- /dev/null +++ b/versions/ovh_legacy/99.1.3_acc_sudoers_no_all.sh @@ -0,0 +1 @@ +../../bin/hardening/acc_sudoers_no_all.sh \ No newline at end of file diff --git a/versions/ovh_legacy/99.2.2_disable_telnet_server.sh b/versions/ovh_legacy/99.2.2_disable_telnet_server.sh new file mode 120000 index 0000000..32a6fcb --- /dev/null +++ b/versions/ovh_legacy/99.2.2_disable_telnet_server.sh @@ -0,0 +1 @@ +../../bin/hardening/disable_telnet_server.sh \ No newline at end of file diff --git a/versions/ovh_legacy/99.3.3.1_install_tcp_wrapper.sh b/versions/ovh_legacy/99.3.3.1_install_tcp_wrapper.sh new file mode 120000 index 0000000..1d1b580 --- /dev/null +++ b/versions/ovh_legacy/99.3.3.1_install_tcp_wrapper.sh @@ -0,0 +1 @@ +../../bin/hardening/install_tcp_wrapper.sh \ No newline at end of file diff --git a/versions/ovh_legacy/99.3.3.2_hosts_allow.sh b/versions/ovh_legacy/99.3.3.2_hosts_allow.sh new file mode 120000 index 0000000..2f37166 --- /dev/null +++ b/versions/ovh_legacy/99.3.3.2_hosts_allow.sh @@ -0,0 +1 @@ +../../bin/hardening/hosts_allow.sh \ No newline at end of file diff --git a/versions/ovh_legacy/99.3.3.3_hosts_deny.sh b/versions/ovh_legacy/99.3.3.3_hosts_deny.sh new file mode 120000 index 0000000..15862f3 --- /dev/null +++ b/versions/ovh_legacy/99.3.3.3_hosts_deny.sh @@ -0,0 +1 @@ +../../bin/hardening/hosts_deny.sh \ No newline at end of file diff --git a/versions/ovh_legacy/99.3.3.4_hosts_allow_permissions.sh b/versions/ovh_legacy/99.3.3.4_hosts_allow_permissions.sh new file mode 120000 index 0000000..9274c7f --- /dev/null +++ b/versions/ovh_legacy/99.3.3.4_hosts_allow_permissions.sh @@ -0,0 +1 @@ +../../bin/hardening/hosts_allow_permissions.sh \ No newline at end of file diff --git a/versions/ovh_legacy/99.3.3.5_hosts_deny_permissions.sh b/versions/ovh_legacy/99.3.3.5_hosts_deny_permissions.sh new file mode 120000 index 0000000..04838ba --- /dev/null +++ b/versions/ovh_legacy/99.3.3.5_hosts_deny_permissions.sh @@ -0,0 +1 @@ +../../bin/hardening/hosts_deny_permissions.sh \ No newline at end of file diff --git a/versions/ovh_legacy/99.4.0_enable_auditd_kernel.sh b/versions/ovh_legacy/99.4.0_enable_auditd_kernel.sh new file mode 120000 index 0000000..6d29148 --- /dev/null +++ b/versions/ovh_legacy/99.4.0_enable_auditd_kernel.sh @@ -0,0 +1 @@ +../../bin/hardening/enable_auditd_kernel.sh \ No newline at end of file diff --git a/versions/ovh_legacy/99.5.2.1_ssh_auth_pubk_only.sh b/versions/ovh_legacy/99.5.2.1_ssh_auth_pubk_only.sh new file mode 120000 index 0000000..542d758 --- /dev/null +++ b/versions/ovh_legacy/99.5.2.1_ssh_auth_pubk_only.sh @@ -0,0 +1 @@ +../../bin/hardening/ssh_auth_pubk_only.sh \ No newline at end of file diff --git a/versions/ovh_legacy/99.5.2.2_ssh_cry_rekey.sh b/versions/ovh_legacy/99.5.2.2_ssh_cry_rekey.sh new file mode 120000 index 0000000..b1ffeec --- /dev/null +++ b/versions/ovh_legacy/99.5.2.2_ssh_cry_rekey.sh @@ -0,0 +1 @@ +../../bin/hardening/ssh_cry_rekey.sh \ No newline at end of file diff --git a/versions/ovh_legacy/99.5.2.3_ssh_disable_features.sh b/versions/ovh_legacy/99.5.2.3_ssh_disable_features.sh new file mode 120000 index 0000000..2e83431 --- /dev/null +++ b/versions/ovh_legacy/99.5.2.3_ssh_disable_features.sh @@ -0,0 +1 @@ +../../bin/hardening/ssh_disable_features.sh \ No newline at end of file diff --git a/versions/ovh_legacy/99.5.2.4_ssh_keys_from.sh b/versions/ovh_legacy/99.5.2.4_ssh_keys_from.sh new file mode 120000 index 0000000..375956e --- /dev/null +++ b/versions/ovh_legacy/99.5.2.4_ssh_keys_from.sh @@ -0,0 +1 @@ +../../bin/hardening/ssh_keys_from.sh \ No newline at end of file diff --git a/versions/ovh_legacy/99.5.2.5_ssh_strict_modes.sh b/versions/ovh_legacy/99.5.2.5_ssh_strict_modes.sh new file mode 120000 index 0000000..e998a32 --- /dev/null +++ b/versions/ovh_legacy/99.5.2.5_ssh_strict_modes.sh @@ -0,0 +1 @@ +../../bin/hardening/ssh_strict_modes.sh \ No newline at end of file diff --git a/versions/ovh_legacy/99.5.2.6_ssh_sys_accept_env.sh b/versions/ovh_legacy/99.5.2.6_ssh_sys_accept_env.sh new file mode 120000 index 0000000..5ad19ce --- /dev/null +++ b/versions/ovh_legacy/99.5.2.6_ssh_sys_accept_env.sh @@ -0,0 +1 @@ +../../bin/hardening/ssh_sys_accept_env.sh \ No newline at end of file diff --git a/versions/ovh_legacy/99.5.2.7_ssh_sys_no_legacy.sh b/versions/ovh_legacy/99.5.2.7_ssh_sys_no_legacy.sh new file mode 120000 index 0000000..49b07bf --- /dev/null +++ b/versions/ovh_legacy/99.5.2.7_ssh_sys_no_legacy.sh @@ -0,0 +1 @@ +../../bin/hardening/ssh_sys_no_legacy.sh \ No newline at end of file diff --git a/versions/ovh_legacy/99.5.4.5.1_acc_logindefs_sha512.sh b/versions/ovh_legacy/99.5.4.5.1_acc_logindefs_sha512.sh new file mode 120000 index 0000000..53f885b --- /dev/null +++ b/versions/ovh_legacy/99.5.4.5.1_acc_logindefs_sha512.sh @@ -0,0 +1 @@ +../../bin/hardening/acc_logindefs_sha512.sh \ No newline at end of file diff --git a/versions/ovh_legacy/99.5.4.5.2_acc_shadow_sha512.sh b/versions/ovh_legacy/99.5.4.5.2_acc_shadow_sha512.sh new file mode 120000 index 0000000..bda05f1 --- /dev/null +++ b/versions/ovh_legacy/99.5.4.5.2_acc_shadow_sha512.sh @@ -0,0 +1 @@ +../../bin/hardening/acc_shadow_sha512.sh \ No newline at end of file diff --git a/versions/ovh_legacy/99.99_check_distribution.sh b/versions/ovh_legacy/99.99_check_distribution.sh new file mode 120000 index 0000000..091d60c --- /dev/null +++ b/versions/ovh_legacy/99.99_check_distribution.sh @@ -0,0 +1 @@ +../../bin/hardening/check_distribution.sh \ No newline at end of file