mirror of
https://github.com/ovh/debian-cis.git
synced 2024-11-22 13:37:02 +01:00
Renum 4.x files to comply with debian10 CIS
renamed: bin/hardening/4.1.2_enable_auditd.sh -> bin/hardening/4.1.1.2_enable_auditd.sh renamed: bin/hardening/4.1.3_audit_bootloader.sh -> bin/hardening/4.1.1.3_audit_bootloader.sh renamed: bin/hardening/4.1.11_record_failed_access_file.sh -> bin/hardening/4.1.10_record_failed_access_file.sh renamed: bin/hardening/4.1.12_record_privileged_commands.sh -> bin/hardening/4.1.11_record_privileged_commands.sh renamed: bin/hardening/4.1.13_record_successful_mount.sh -> bin/hardening/4.1.12_record_successful_mount.sh renamed: bin/hardening/4.1.14_record_file_deletions.sh -> bin/hardening/4.1.13_record_file_deletions.sh renamed: bin/hardening/4.1.15_record_sudoers_edit.sh -> bin/hardening/4.1.14_record_sudoers_edit.sh renamed: bin/hardening/4.1.16_record_sudo_usage.sh -> bin/hardening/4.1.15_record_sudo_usage.sh renamed: bin/hardening/4.1.17_record_kernel_modules.sh -> bin/hardening/4.1.16_record_kernel_modules.sh renamed: bin/hardening/4.1.18_freeze_auditd_conf.sh -> bin/hardening/4.1.17_freeze_auditd_conf.sh renamed: bin/hardening/4.1.1.1_audit_log_storage.sh -> bin/hardening/4.1.2.1_audit_log_storage.sh renamed: bin/hardening/4.1.1.2_halt_when_audit_log_full.sh -> bin/hardening/4.1.2.2_halt_when_audit_log_full.sh renamed: bin/hardening/4.1.1.3_keep_all_audit_logs.sh -> bin/hardening/4.1.2.3_keep_all_audit_logs.sh renamed: bin/hardening/4.1.4_record_date_time_edit.sh -> bin/hardening/4.1.3_record_date_time_edit.sh renamed: bin/hardening/4.1.5_record_user_group_edit.sh -> bin/hardening/4.1.4_record_user_group_edit.sh renamed: bin/hardening/4.1.6_record_network_edit.sh -> bin/hardening/4.1.5_record_network_edit.sh renamed: bin/hardening/4.1.7_record_mac_edit.sh -> bin/hardening/4.1.6_record_mac_edit.sh renamed: bin/hardening/4.1.8_record_login_logout.sh -> bin/hardening/4.1.7_record_login_logout.sh renamed: bin/hardening/4.1.9_record_session_init.sh -> bin/hardening/4.1.8_record_session_init.sh renamed: bin/hardening/4.1.10_record_dac_edit.sh -> bin/hardening/4.1.9_record_dac_edit.sh renamed: bin/hardening/4.2.3_install_syslog-ng.sh -> bin/hardening/4.2.2.1_install_syslog-ng.sh renamed: bin/hardening/4.2.2.1_enable_syslog-ng.sh -> bin/hardening/4.2.2.2_enable_syslog-ng.sh renamed: bin/hardening/4.2.2.2_configure_syslog-ng.sh -> bin/hardening/4.2.2.3_configure_syslog-ng.sh renamed: bin/hardening/4.2.2.3_syslog_ng_logfiles_perm.sh -> bin/hardening/4.2.2.4_syslog_ng_logfiles_perm.sh renamed: bin/hardening/4.2.2.4_syslog-ng_remote_host.sh -> bin/hardening/4.2.2.5_syslog-ng_remote_host.sh renamed: bin/hardening/4.2.2.5_remote_syslog-ng_acl.sh -> bin/hardening/4.2.2.6_remote_syslog-ng_acl.sh renamed: bin/hardening/4.2.4_logs_permissions.sh -> bin/hardening/4.2.3_logs_permissions.sh renamed: tests/hardening/4.1.2_enable_auditd.sh -> tests/hardening/4.1.1.2_enable_auditd.sh renamed: tests/hardening/4.1.3_audit_bootloader.sh -> tests/hardening/4.1.1.3_audit_bootloader.sh renamed: tests/hardening/4.1.11_record_failed_access_file.sh -> tests/hardening/4.1.10_record_failed_access_file.sh renamed: tests/hardening/4.1.12_record_privileged_commands.sh -> tests/hardening/4.1.11_record_privileged_commands.sh renamed: tests/hardening/4.1.13_record_successful_mount.sh -> tests/hardening/4.1.12_record_successful_mount.sh renamed: tests/hardening/4.1.14_record_file_deletions.sh -> tests/hardening/4.1.13_record_file_deletions.sh renamed: tests/hardening/4.1.15_record_sudoers_edit.sh -> tests/hardening/4.1.14_record_sudoers_edit.sh renamed: tests/hardening/4.1.16_record_sudo_usage.sh -> tests/hardening/4.1.15_record_sudo_usage.sh renamed: tests/hardening/4.1.17_record_kernel_modules.sh -> tests/hardening/4.1.16_record_kernel_modules.sh renamed: tests/hardening/4.1.18_freeze_auditd_conf.sh -> tests/hardening/4.1.17_freeze_auditd_conf.sh renamed: tests/hardening/4.1.1.1_audit_log_storage.sh -> tests/hardening/4.1.2.1_audit_log_storage.sh renamed: tests/hardening/4.1.1.2_halt_when_audit_log_full.sh -> tests/hardening/4.1.2.2_halt_when_audit_log_full.sh renamed: tests/hardening/4.1.1.3_keep_all_audit_logs.sh -> tests/hardening/4.1.2.3_keep_all_audit_logs.sh renamed: tests/hardening/4.1.4_record_date_time_edit.sh -> tests/hardening/4.1.3_record_date_time_edit.sh renamed: tests/hardening/4.1.5_record_user_group_edit.sh -> tests/hardening/4.1.4_record_user_group_edit.sh renamed: tests/hardening/4.1.6_record_network_edit.sh -> tests/hardening/4.1.5_record_network_edit.sh renamed: tests/hardening/4.1.7_record_mac_edit.sh -> tests/hardening/4.1.6_record_mac_edit.sh renamed: tests/hardening/4.1.8_record_login_logout.sh -> tests/hardening/4.1.7_record_login_logout.sh renamed: tests/hardening/4.1.9_record_session_init.sh -> tests/hardening/4.1.8_record_session_init.sh renamed: tests/hardening/4.1.10_record_dac_edit.sh -> tests/hardening/4.1.9_record_dac_edit.sh renamed: tests/hardening/4.2.2.1_enable_syslog-ng.sh -> tests/hardening/4.2.2.1_install_syslog-ng.sh renamed: tests/hardening/4.2.2.2_configure_syslog-ng.sh -> tests/hardening/4.2.2.2_enable_syslog-ng.sh renamed: tests/hardening/4.2.2.3_syslog_ng_logfiles_perm.sh -> tests/hardening/4.2.2.3_configure_syslog-ng.sh renamed: tests/hardening/4.2.2.5_remote_syslog-ng_acl.sh -> tests/hardening/4.2.2.4_syslog_ng_logfiles_perm.sh renamed: tests/hardening/4.2.2.4_syslog-ng_remote_host.sh -> tests/hardening/4.2.2.5_syslog-ng_remote_host.sh renamed: tests/hardening/4.2.3_install_syslog-ng.sh -> tests/hardening/4.2.2.6_remote_syslog-ng_acl.sh renamed: tests/hardening/4.2.4_logs_permissions.sh -> tests/hardening/4.2.3_logs_permissions.sh
This commit is contained in:
Thibault Ayanides
parent
7ce8ec8b89
commit
c9e19b51e6
@ -6,7 +6,7 @@
|
||||
#
|
||||
|
||||
#
|
||||
# 4.1.2 Ensure auditd service is enabled (Scored)
|
||||
# 4.1.1.2 Ensure auditd service is enabled (Scored)
|
||||
#
|
||||
|
||||
set -e # One error, it's over
|
||||
@ -6,7 +6,7 @@
|
||||
#
|
||||
|
||||
#
|
||||
# 4.1.3 Ensure auditing for processes that start prior to auditd is enabled (Scored)
|
||||
# 4.1.1.3 Ensure auditing for processes that start prior to auditd is enabled (Scored)
|
||||
#
|
||||
|
||||
set -e # One error, it's over
|
||||
@ -6,7 +6,7 @@
|
||||
#
|
||||
|
||||
#
|
||||
# 4.1.11 Ensure unsuccessful unauthorized file access attempts are collected (Scored)
|
||||
# 4.1.10 Ensure unsuccessful unauthorized file access attempts are collected (Scored)
|
||||
#
|
||||
|
||||
set -e # One error, it's over
|
||||
@ -6,7 +6,7 @@
|
||||
#
|
||||
|
||||
#
|
||||
# 4.1.12 Ensure use of privileged commands is collected (Scored)
|
||||
# 4.1.11 Ensure use of privileged commands is collected (Scored)
|
||||
#
|
||||
|
||||
set -e # One error, it's over
|
||||
@ -6,7 +6,7 @@
|
||||
#
|
||||
|
||||
#
|
||||
# 4.1.13 Ensure successful file system mounts are collected (Scored)
|
||||
# 4.1.12 Ensure successful file system mounts are collected (Scored)
|
||||
#
|
||||
|
||||
set -e # One error, it's over
|
||||
@ -6,7 +6,7 @@
|
||||
#
|
||||
|
||||
#
|
||||
# 4.1.14 Ensure file deletion events by users are collected (Scored)
|
||||
# 4.1.13 Ensure file deletion events by users are collected (Scored)
|
||||
#
|
||||
|
||||
set -e # One error, it's over
|
||||
@ -6,7 +6,7 @@
|
||||
#
|
||||
|
||||
#
|
||||
# 4.1.15 Ensure changes to system administration scope (sudoers) is collected (Scored)
|
||||
# 4.1.14 Ensure changes to system administration scope (sudoers) is collected (Scored)
|
||||
#
|
||||
|
||||
set -e # One error, it's over
|
||||
@ -6,7 +6,7 @@
|
||||
#
|
||||
|
||||
#
|
||||
# 4.1.16 Ensure system administrator actions (sudolog) are collected (Scored)
|
||||
# 4.1.15 Ensure system administrator actions (sudolog) are collected (Scored)
|
||||
#
|
||||
|
||||
set -e # One error, it's over
|
||||
@ -6,7 +6,7 @@
|
||||
#
|
||||
|
||||
#
|
||||
# 4.1.17 Ensure kernel module loading and unloading is collected (Scored)
|
||||
# 4.1.16 Ensure kernel module loading and unloading is collected (Scored)
|
||||
#
|
||||
|
||||
set -e # One error, it's over
|
||||
@ -6,7 +6,7 @@
|
||||
#
|
||||
|
||||
#
|
||||
# 4.1.18 Ensure the audit configuration is immutable (Scored)
|
||||
# 4.1.17 Ensure the audit configuration is immutable (Scored)
|
||||
#
|
||||
|
||||
set -e # One error, it's over
|
||||
@ -6,7 +6,7 @@
|
||||
#
|
||||
|
||||
#
|
||||
# 4.1.1.1 Ensure audit log storage size is configured (Scored)
|
||||
# 4.1.2.1 Ensure audit log storage size is configured (Scored)
|
||||
#
|
||||
|
||||
set -e # One error, it's over
|
||||
@ -6,7 +6,7 @@
|
||||
#
|
||||
|
||||
#
|
||||
# 4.1.1.2 Ensure system is disabled when audit logs are full (Scored)
|
||||
# 4.1.2.2 Ensure system is disabled when audit logs are full (Scored)
|
||||
#
|
||||
|
||||
set -e # One error, it's over
|
||||
@ -6,7 +6,7 @@
|
||||
#
|
||||
|
||||
#
|
||||
# 4.1.1.3 Ensure audit logs are not automatically deleted (Scored)
|
||||
# 4.1.2.3 Ensure audit logs are not automatically deleted (Scored)
|
||||
#
|
||||
|
||||
set -e # One error, it's over
|
||||
@ -6,7 +6,7 @@
|
||||
#
|
||||
|
||||
#
|
||||
# 4.1.4 Ensure events that modify date and time information are collected (Scored)
|
||||
# 4.1.3 Ensure events that modify date and time information are collected (Scored)
|
||||
#
|
||||
|
||||
set -e # One error, it's over
|
||||
@ -6,7 +6,7 @@
|
||||
#
|
||||
|
||||
#
|
||||
# 4.1.5 Ensure events that modify user/group information are collected (Scored)
|
||||
# 4.1.4 Ensure events that modify user/group information are collected (Scored)
|
||||
#
|
||||
|
||||
set -e # One error, it's over
|
||||
@ -6,7 +6,7 @@
|
||||
#
|
||||
|
||||
#
|
||||
# 4.1.6 Ensure events that modify the system's network environment are collected (Scored)
|
||||
# 4.1.5 Ensure events that modify the system's network environment are collected (Scored)
|
||||
#
|
||||
|
||||
set -e # One error, it's over
|
||||
@ -6,7 +6,7 @@
|
||||
#
|
||||
|
||||
#
|
||||
# 4.1.7 Ensure that events that modify the system's Mandatory Access Controls are collected (Scored)
|
||||
# 4.1.6 Ensure that events that modify the system's Mandatory Access Controls are collected (Scored)
|
||||
#
|
||||
|
||||
set -e # One error, it's over
|
||||
@ -6,7 +6,7 @@
|
||||
#
|
||||
|
||||
#
|
||||
# 4.1.8 Ensure login and logout events are collected (Scored)
|
||||
# 4.1.7 Ensure login and logout events are collected (Scored)
|
||||
#
|
||||
|
||||
set -e # One error, it's over
|
||||
@ -6,7 +6,7 @@
|
||||
#
|
||||
|
||||
#
|
||||
# 4.1.9 Ensure session initiation information is collected (Scored)
|
||||
# 4.1.8 Ensure session initiation information is collected (Scored)
|
||||
#
|
||||
|
||||
set -e # One error, it's over
|
||||
@ -6,7 +6,7 @@
|
||||
#
|
||||
|
||||
#
|
||||
# 4.1.10 Ensure discretionary access control permission modification events are collected (Scored)
|
||||
# 4.1.9 Ensure discretionary access control permission modification events are collected (Scored)
|
||||
#
|
||||
|
||||
set -e # One error, it's over
|
||||
@ -6,7 +6,7 @@
|
||||
#
|
||||
|
||||
#
|
||||
# 4.2.3 Ensure Syslog-ng is installed (Scored)
|
||||
# 4.2.2.1 Ensure Syslog-ng is installed (Scored)
|
||||
#
|
||||
|
||||
set -e # One error, it's over
|
||||
@ -6,7 +6,7 @@
|
||||
#
|
||||
|
||||
#
|
||||
# 4.2.2.1 Ensure syslog-ng service is enabled (Scored)
|
||||
# 4.2.2.2 Ensure syslog-ng service is enabled (Scored)
|
||||
#
|
||||
|
||||
set -e # One error, it's over
|
||||
@ -6,7 +6,7 @@
|
||||
#
|
||||
|
||||
#
|
||||
# 4.2.2.2 Configure /etc/syslog-ng/syslog-ng.conf (Not Scored)
|
||||
# 4.2.2.3 Configure /etc/syslog-ng/syslog-ng.conf (Not Scored)
|
||||
#
|
||||
|
||||
set -e # One error, it's over
|
||||
@ -6,7 +6,7 @@
|
||||
#
|
||||
|
||||
#
|
||||
# 4.2.2.3 Create and Set Permissions on syslog-ng Log Files (Scored)
|
||||
# 4.2.2.4 Create and Set Permissions on syslog-ng Log Files (Scored)
|
||||
#
|
||||
|
||||
set -e # One error, it's over
|
||||
@ -6,7 +6,7 @@
|
||||
#
|
||||
|
||||
#
|
||||
# 4.2.2.4 Ensure syslog-ng is configured to send logs to a remote log host (Not Scored)
|
||||
# 4.2.2.5 Ensure syslog-ng is configured to send logs to a remote log host (Not Scored)
|
||||
#
|
||||
|
||||
set -e # One error, it's over
|
||||
@ -6,7 +6,7 @@
|
||||
#
|
||||
|
||||
#
|
||||
# 4.2.2.5 Accept Remote rsyslog Messages Only on Designated Log Hosts (Not Scored)
|
||||
# 4.2.2.6 Accept Remote rsyslog Messages Only on Designated Log Hosts (Not Scored)
|
||||
#
|
||||
|
||||
set -e # One error, it's over
|
||||
@ -6,7 +6,7 @@
|
||||
#
|
||||
|
||||
#
|
||||
# 4.2.4 Ensure permissions on all logfiles are configured (Scored)
|
||||
# 4.2.3 Ensure permissions on all logfiles are configured (Scored)
|
||||
#
|
||||
|
||||
set -e # One error, it's over
|
||||
Loading…
Reference in New Issue
Block a user