Thibault Dewailly
370c97efab
Merge pull request #7 from MatthieuDestrez/fixPermitEmptyPassword
...
fixed option name in 9.3.9_disable_sshd_permitemptypasswords.sh, was …
2016-07-04 11:44:40 +02:00
Matthieu Destrez
1e47226bd4
fixed option name in 9.3.9_disable_sshd_permitemptypasswords.sh, was PermitRootLogin instead of PermitEmptyPassword
2016-06-29 15:12:21 +02:00
Thibault Dewailly
bb9b467bf2
Merge pull request #24 in IAAS/cis-hardening from dev/kevin.tanguy/wheezy to master
...
* commit '39950ab163b5e45d6271194a2e81a8dedb31aa3d':
Debian package revision bump 1.0-10
2016-05-18 09:44:02 +02:00
Kevin Tanguy
39950ab163
Debian package revision bump 1.0-10
2016-05-18 09:06:14 +02:00
Thibault Dewailly
f9889434e4
Merge pull request #5 from jeremydenoun/fix-echo
...
Script output should be usefull with pipe or redirection
2016-05-17 13:28:37 +02:00
jeremydenoun
c278e7b1ec
Remove test on _logger() function
...
the original line contain test that can hide echo if we launch script with pipe or IO redirection
2016-05-14 20:39:32 +02:00
Thibault Dewailly
d133d2ff3b
Merge pull request #23 in IAAS/cis-hardening from dev/kevin.tanguy/wheezy to master
...
* commit '84a5d0e0d8270b68e2c534c38b0ef34f62754a31':
Debian package revision bump 1.0-9
2016-05-03 13:24:15 +02:00
Kevin Tanguy
84a5d0e0d8
Debian package revision bump 1.0-9
2016-05-03 12:34:12 +02:00
Kevin Tanguy
4d6a5e7a60
Merge pull request #22 in IAAS/cis-hardening from dev/thibault.dewailly/fix to master
...
* commit '1bb8c5b387673e2c069a41ca4fc793b1d4c0869b':
Fixed replace in file function with proper substitution
tripwire : fixed typo on postinstall helper
fix 99.1 Apply TMOUT Variable
2016-05-03 11:27:39 +02:00
thibault.dewailly
1bb8c5b387
Fixed replace in file function with proper substitution
2016-05-03 11:25:37 +02:00
thibault.dewailly
3b9718239d
tripwire : fixed typo on postinstall helper
2016-05-02 11:11:07 +02:00
thibault.dewailly
59e3008b4c
fix 99.1 Apply TMOUT Variable
2016-05-02 10:45:32 +02:00
Thibault Dewailly
b80db095f3
Merge pull request #20 in IAAS/cis-hardening from dev/kevin.tanguy/rephrasingAllOver to master
...
* commit '8bbac84f7b0023cbcf9150cc18023ba5a219501c':
debian dependencies fix, rephrasing, revision bump 1.0-8.
2016-04-26 14:57:54 +02:00
kevin.tanguy
8bbac84f7b
debian dependencies fix, rephrasing, revision bump 1.0-8.
2016-04-26 14:02:17 +02:00
Thibault Dewailly
c6c58fd1b7
Merge pull request #19 in IAAS/cis-hardening from dev/kevin.tanguy/wheezy to master
...
* commit '0927c1db92534eddcc4612829e61dbb1c8b82e17':
Debian package revision bump 1.0-7
2016-04-25 09:21:10 +02:00
Kevin Tanguy
0927c1db92
Debian package revision bump 1.0-7
2016-04-25 09:19:46 +02:00
Thibault Dewailly
7b73604461
Merge pull request #18 in IAAS/cis-hardening from dev/thibault.dewailly/fix6.15 to master
...
* commit 'c1a45d1df172e0f3c715759b3dd71873fd58559d':
Fixed 6.15 netstat analysis
2016-04-25 08:41:43 +02:00
thibault.dewailly
c1a45d1df1
Fixed 6.15 netstat analysis
2016-04-22 17:23:21 +02:00
Thibault Dewailly
4c9cb2239d
Merge pull request #17 in IAAS/cis-hardening from dev/kevin.tanguy/wheezy to master
...
* commit 'f3e582c957c8b54a7f4d7b3dc192ab984feaa125':
Debian package revision bump 1.0-6
2016-04-22 14:47:46 +02:00
kevin.tanguy
f3e582c957
Debian package revision bump 1.0-6
2016-04-22 14:44:43 +02:00
Thibault Dewailly
ca37438ff9
Merge pull request #15 in IAAS/cis-hardening from dev/kevin.tanguy/wheezy to master
...
* commit 'bf0ba2595d3150f54621de60fc6d4df91c1e318d':
Debian package revision bump 1.0-5
2016-04-22 10:25:21 +02:00
kevin.tanguy
bf0ba2595d
Debian package revision bump 1.0-5
2016-04-22 10:18:31 +02:00
Thibault Dewailly
50a502dd32
Merge pull request #4 from jedisct1/valuemsg
...
Rephrase confusing messages
2016-04-22 08:40:14 +02:00
Thibault Dewailly
d98133b920
Merge pull request #14 in IAAS/cis-hardening from dev/thibault.dewailly/fixCron to master
...
* commit '7e951c020a866567a444502d7d45eb84faf94e25':
Fixed default file error handling and quickstart
Fixed point 9.1.8 cron rights as a chmod 600 disabled the cron.allow features (file must be world readable)
2016-04-22 08:35:32 +02:00
thibault.dewailly
7e951c020a
Fixed default file error handling and quickstart
2016-04-22 08:34:28 +02:00
thibault.dewailly
516b4dc7f9
Fixed point 9.1.8 cron rights as a chmod 600 disabled the cron.allow features (file must be world readable)
2016-04-21 18:56:10 +02:00
Frank Denis
ccd40f4369
Rephrase confusing messages
2016-04-21 18:32:36 +02:00
Thibault Dewailly
8bc3ab43a2
Merge pull request #2 from PunKeel/master
...
Fix typo
2016-04-21 15:41:30 +02:00
PunKeel
b08022dbe1
Fix typo
2016-04-21 15:18:36 +02:00
Thibault Dewailly
4b7b785b63
Merge pull request #13 in IAAS/cis-hardening from dev/kevin.tanguy/readme to master
...
* commit '0018d82060026346693080efc8f7f10a09148a90':
Debian package revision bump 1.0-4
2016-04-21 14:52:23 +02:00
kevin.tanguy
0018d82060
Debian package revision bump 1.0-4
2016-04-21 14:42:16 +02:00
thibault.dewailly
f9bef9a3f1
Added valid suid sgid binaries
2016-04-21 11:51:10 +02:00
Thibault Dewailly
3736cea212
Merge pull request #1 from ovh/jt-readme
...
Readme
2016-04-20 19:15:28 +02:00
Jean-Tiare Le Bigot
6ff7b63ce4
add Readme.md
2016-04-20 18:58:02 +02:00
Kevin Tanguy
cf3fe6967d
Debian package revision bump 1.0-3
2016-04-20 18:06:08 +02:00
thibault.dewailly
799b3b5145
Fixed 8.2.4 check file exists before testing rights
2016-04-20 18:06:08 +02:00
thibault.dewailly
c5b4aa220d
Added exit code to CIS_ROOT_DIR test def, optimized sed and sort
2016-04-20 18:06:08 +02:00
Stéphane Lesimple
55f9cae65c
add --audit-all-enable-passed, add info in README and help
2016-04-20 18:06:08 +02:00
Stéphane Lesimple
76811c8a7f
add --audit-all option
2016-04-20 18:06:08 +02:00
Kevin Tanguy
011cd160ea
Debianization time
2016-04-20 18:06:08 +02:00
Thibault Dewailly
df10deb2b4
Merge pull request #5 in IAAS/cis-hardening from dev/thibault.dewailly/fixedLicense to master
...
* commit 'a7f418d8a2d5b90a7257542b1dd16fd4238721ca':
Corrected script names, added License, Completed README and corrected bug with too long logger messages
2016-04-19 13:53:08 +02:00
thibault.dewailly
a7f418d8a2
Corrected script names, added License, Completed README and corrected bug with too long logger messages
2016-04-19 13:51:28 +02:00
Thibault Dewailly
21b6b060f9
Merge pull request #4 in IAAS/cis-hardening from dev/thibault.dewailly/fixPath to master
...
* commit 'e9487bfb04d43cd034add8cd0e305ece3be39cd9':
Corrected default file path
2016-04-18 17:40:22 +02:00
thibault.dewailly
e9487bfb04
Corrected default file path
2016-04-18 17:39:14 +02:00
Thibault Dewailly
b74a5fe19e
Merge pull request #3 in IAAS/cis-hardening from dev/thibault.dewailly/bugfix to master
...
first Bugfixes included
* commit '5e4e0176533f709065e6abd0c3f1f34e69f319e9':
log format correction, loglevel defaults to info
2016-04-18 14:03:50 +02:00
thibault.dewailly
5e4e017653
log format correction, loglevel defaults to info
2016-04-18 14:03:20 +02:00
Thibault Dewailly
df6d513929
Merge pull request #2 in IAAS/cis-hardening from dev/thibault.dewailly/base_harden to master
...
Release Alpha 0.1
* commit '091eec57ee7f706c2dd16150c75b4d93a183b724': (64 commits)
All configuration defaults to disabled README updated
99.1_timeout_tty.sh 99.2_disable_usb_devices.sh
Fixed disabled features, headers and preparing main script
Added argument parsing and test checks
13.16_check_duplicate_username.sh 13.17_check_duplicate_groupname.sh 13.18_find_user_netrc_files.sh 13.19_find_user_forward_files.sh 13.20_shadow_group_empty.sh
13.14_check_duplicate_uid.sh 13.15_check_duplicate_gid.sh^C
13.12_users_valid_homedir.sh 13.11_find_passwd_group_inconsistencies.sh 13.13_check_user_homedir_ownership.sh
13.10_find_user_rhosts_files.sh
13.8_check_user_dot_file_perm.sh 13.9_set_perm_on_user_netrc.sh
13.7_check_user_dir_perm.sh
13.1_remove_empty_password_field.sh 13.2_remove_legacy_passwd_entries.sh 13.3_remove_legacy_shadow_entries.sh 13.4_remove_legacy_group_entries.sh 13.5_find_0_uid_non_root_account.sh 13.6_sanitize_root_path.sh
13.1_remove_empry_password_field.sh
12.11_find_sgid_files.sh
12.10_find_suid_files.sh 12.1_etc_passwd_permissions.sh 12.2_etc_shadow_permissions.sh 12.3_etc_group_permissions.sh 12.4_etc_passwd_ownership.sh 12.5_etc_shadow_ownership.sh 12.6_etc_group_ownership.sh 12.7_find_world_writable_file.sh 12.8_find_unowned_files.sh 12.9_find_ungrouped_files.sh
10.5_lock_inactive_user_account.sh 11.1_warning_banners.sh 11.2_remove_os_info_warning_banners.sh 11.3_graphical_warning_banners.sh
10.1.1_set_password_exp_days.sh 10.1.2_set_password_min_days_change.sh 10.1.3_set_password_exp_warning_days.sh 10.2_disable_system_accounts.sh 10.3_default_root_group.sh 10.4_default_umask.sh 9.4_secure_tty.sh 9.5_restrict_su.sh
9.2.1_enable_cracklib.sh 9.2.2_enable_lockout_failed_password.sh 9.2.3_limit_password_reuse.sh 9.3.10_disable_sshd_setenv.sh 9.3.11_sshd_ciphers.sh 9.3.12_sshd_idle_timeout.sh 9.3.13_sshd_limit_access.sh 9.3.14_ssh_banner.sh 9.3.2_sshd_loglevel.sh 9.3.1_sshd_protocol.sh 9.3.3_sshd_conf_perm_ownership.sh 9.3.4_disable_x11_forwarding.sh 9.3.5_sshd_maxauthtries.sh 9.3.6_enable_sshd_ignorerhosts.sh 9.3.7_disable_sshd_hostbasedauthentication.sh 9.3.8_disable_root_login.sh 9.3.9_disable_sshd_permitemptypasswords.sh
9.1.3_cron_hourly_perm_ownership.sh 9.1.4_cron_daily_perm_ownership.sh 9.1.5_cron_weekly_perm_ownership.sh 9.1.6_cron_monthly_perm_ownership.sh 9.1.7_cron_d_perm_ownership.sh 9.1.8_cron_users.sh
9.1.1_enable_cron.sh 9.1.2_crontab_perm_ownership.sh
8.4_configure_logrotate.sh
...
2016-04-18 13:25:54 +02:00
thibault.dewailly
091eec57ee
All configuration defaults to disabled README updated
2016-04-18 13:25:09 +02:00
thibault.dewailly
57121f116c
99.1_timeout_tty.sh 99.2_disable_usb_devices.sh
2016-04-18 11:16:05 +02:00
thibault.dewailly
756fce8c2e
Fixed disabled features, headers and preparing main script
2016-04-17 23:19:41 +02:00