thibault.dewailly
c1a45d1df1
Fixed 6.15 netstat analysis
2016-04-22 17:23:21 +02:00
Thibault Dewailly
4c9cb2239d
Merge pull request #17 in IAAS/cis-hardening from dev/kevin.tanguy/wheezy to master
...
* commit 'f3e582c957c8b54a7f4d7b3dc192ab984feaa125':
Debian package revision bump 1.0-6
2016-04-22 14:47:46 +02:00
kevin.tanguy
f3e582c957
Debian package revision bump 1.0-6
2016-04-22 14:44:43 +02:00
Thibault Dewailly
ca37438ff9
Merge pull request #15 in IAAS/cis-hardening from dev/kevin.tanguy/wheezy to master
...
* commit 'bf0ba2595d3150f54621de60fc6d4df91c1e318d':
Debian package revision bump 1.0-5
2016-04-22 10:25:21 +02:00
kevin.tanguy
bf0ba2595d
Debian package revision bump 1.0-5
2016-04-22 10:18:31 +02:00
Thibault Dewailly
50a502dd32
Merge pull request #4 from jedisct1/valuemsg
...
Rephrase confusing messages
2016-04-22 08:40:14 +02:00
Thibault Dewailly
d98133b920
Merge pull request #14 in IAAS/cis-hardening from dev/thibault.dewailly/fixCron to master
...
* commit '7e951c020a866567a444502d7d45eb84faf94e25':
Fixed default file error handling and quickstart
Fixed point 9.1.8 cron rights as a chmod 600 disabled the cron.allow features (file must be world readable)
2016-04-22 08:35:32 +02:00
thibault.dewailly
7e951c020a
Fixed default file error handling and quickstart
2016-04-22 08:34:28 +02:00
thibault.dewailly
516b4dc7f9
Fixed point 9.1.8 cron rights as a chmod 600 disabled the cron.allow features (file must be world readable)
2016-04-21 18:56:10 +02:00
Frank Denis
ccd40f4369
Rephrase confusing messages
2016-04-21 18:32:36 +02:00
Thibault Dewailly
8bc3ab43a2
Merge pull request #2 from PunKeel/master
...
Fix typo
2016-04-21 15:41:30 +02:00
PunKeel
b08022dbe1
Fix typo
2016-04-21 15:18:36 +02:00
Thibault Dewailly
4b7b785b63
Merge pull request #13 in IAAS/cis-hardening from dev/kevin.tanguy/readme to master
...
* commit '0018d82060026346693080efc8f7f10a09148a90':
Debian package revision bump 1.0-4
2016-04-21 14:52:23 +02:00
kevin.tanguy
0018d82060
Debian package revision bump 1.0-4
2016-04-21 14:42:16 +02:00
thibault.dewailly
f9bef9a3f1
Added valid suid sgid binaries
2016-04-21 11:51:10 +02:00
Thibault Dewailly
3736cea212
Merge pull request #1 from ovh/jt-readme
...
Readme
2016-04-20 19:15:28 +02:00
Jean-Tiare Le Bigot
6ff7b63ce4
add Readme.md
2016-04-20 18:58:02 +02:00
Kevin Tanguy
cf3fe6967d
Debian package revision bump 1.0-3
2016-04-20 18:06:08 +02:00
thibault.dewailly
799b3b5145
Fixed 8.2.4 check file exists before testing rights
2016-04-20 18:06:08 +02:00
thibault.dewailly
c5b4aa220d
Added exit code to CIS_ROOT_DIR test def, optimized sed and sort
2016-04-20 18:06:08 +02:00
Stéphane Lesimple
55f9cae65c
add --audit-all-enable-passed, add info in README and help
2016-04-20 18:06:08 +02:00
Stéphane Lesimple
76811c8a7f
add --audit-all option
2016-04-20 18:06:08 +02:00
Kevin Tanguy
011cd160ea
Debianization time
2016-04-20 18:06:08 +02:00
Thibault Dewailly
df10deb2b4
Merge pull request #5 in IAAS/cis-hardening from dev/thibault.dewailly/fixedLicense to master
...
* commit 'a7f418d8a2d5b90a7257542b1dd16fd4238721ca':
Corrected script names, added License, Completed README and corrected bug with too long logger messages
2016-04-19 13:53:08 +02:00
thibault.dewailly
a7f418d8a2
Corrected script names, added License, Completed README and corrected bug with too long logger messages
2016-04-19 13:51:28 +02:00
Thibault Dewailly
21b6b060f9
Merge pull request #4 in IAAS/cis-hardening from dev/thibault.dewailly/fixPath to master
...
* commit 'e9487bfb04d43cd034add8cd0e305ece3be39cd9':
Corrected default file path
2016-04-18 17:40:22 +02:00
thibault.dewailly
e9487bfb04
Corrected default file path
2016-04-18 17:39:14 +02:00
Thibault Dewailly
b74a5fe19e
Merge pull request #3 in IAAS/cis-hardening from dev/thibault.dewailly/bugfix to master
...
first Bugfixes included
* commit '5e4e0176533f709065e6abd0c3f1f34e69f319e9':
log format correction, loglevel defaults to info
2016-04-18 14:03:50 +02:00
thibault.dewailly
5e4e017653
log format correction, loglevel defaults to info
2016-04-18 14:03:20 +02:00
Thibault Dewailly
df6d513929
Merge pull request #2 in IAAS/cis-hardening from dev/thibault.dewailly/base_harden to master
...
Release Alpha 0.1
* commit '091eec57ee7f706c2dd16150c75b4d93a183b724': (64 commits)
All configuration defaults to disabled README updated
99.1_timeout_tty.sh 99.2_disable_usb_devices.sh
Fixed disabled features, headers and preparing main script
Added argument parsing and test checks
13.16_check_duplicate_username.sh 13.17_check_duplicate_groupname.sh 13.18_find_user_netrc_files.sh 13.19_find_user_forward_files.sh 13.20_shadow_group_empty.sh
13.14_check_duplicate_uid.sh 13.15_check_duplicate_gid.sh^C
13.12_users_valid_homedir.sh 13.11_find_passwd_group_inconsistencies.sh 13.13_check_user_homedir_ownership.sh
13.10_find_user_rhosts_files.sh
13.8_check_user_dot_file_perm.sh 13.9_set_perm_on_user_netrc.sh
13.7_check_user_dir_perm.sh
13.1_remove_empty_password_field.sh 13.2_remove_legacy_passwd_entries.sh 13.3_remove_legacy_shadow_entries.sh 13.4_remove_legacy_group_entries.sh 13.5_find_0_uid_non_root_account.sh 13.6_sanitize_root_path.sh
13.1_remove_empry_password_field.sh
12.11_find_sgid_files.sh
12.10_find_suid_files.sh 12.1_etc_passwd_permissions.sh 12.2_etc_shadow_permissions.sh 12.3_etc_group_permissions.sh 12.4_etc_passwd_ownership.sh 12.5_etc_shadow_ownership.sh 12.6_etc_group_ownership.sh 12.7_find_world_writable_file.sh 12.8_find_unowned_files.sh 12.9_find_ungrouped_files.sh
10.5_lock_inactive_user_account.sh 11.1_warning_banners.sh 11.2_remove_os_info_warning_banners.sh 11.3_graphical_warning_banners.sh
10.1.1_set_password_exp_days.sh 10.1.2_set_password_min_days_change.sh 10.1.3_set_password_exp_warning_days.sh 10.2_disable_system_accounts.sh 10.3_default_root_group.sh 10.4_default_umask.sh 9.4_secure_tty.sh 9.5_restrict_su.sh
9.2.1_enable_cracklib.sh 9.2.2_enable_lockout_failed_password.sh 9.2.3_limit_password_reuse.sh 9.3.10_disable_sshd_setenv.sh 9.3.11_sshd_ciphers.sh 9.3.12_sshd_idle_timeout.sh 9.3.13_sshd_limit_access.sh 9.3.14_ssh_banner.sh 9.3.2_sshd_loglevel.sh 9.3.1_sshd_protocol.sh 9.3.3_sshd_conf_perm_ownership.sh 9.3.4_disable_x11_forwarding.sh 9.3.5_sshd_maxauthtries.sh 9.3.6_enable_sshd_ignorerhosts.sh 9.3.7_disable_sshd_hostbasedauthentication.sh 9.3.8_disable_root_login.sh 9.3.9_disable_sshd_permitemptypasswords.sh
9.1.3_cron_hourly_perm_ownership.sh 9.1.4_cron_daily_perm_ownership.sh 9.1.5_cron_weekly_perm_ownership.sh 9.1.6_cron_monthly_perm_ownership.sh 9.1.7_cron_d_perm_ownership.sh 9.1.8_cron_users.sh
9.1.1_enable_cron.sh 9.1.2_crontab_perm_ownership.sh
8.4_configure_logrotate.sh
...
2016-04-18 13:25:54 +02:00
thibault.dewailly
091eec57ee
All configuration defaults to disabled README updated
2016-04-18 13:25:09 +02:00
thibault.dewailly
57121f116c
99.1_timeout_tty.sh 99.2_disable_usb_devices.sh
2016-04-18 11:16:05 +02:00
thibault.dewailly
756fce8c2e
Fixed disabled features, headers and preparing main script
2016-04-17 23:19:41 +02:00
thibault.dewailly
ef14c475fe
Added argument parsing and test checks
2016-04-17 23:10:47 +02:00
thibault.dewailly
e1337d76df
13.16_check_duplicate_username.sh 13.17_check_duplicate_groupname.sh 13.18_find_user_netrc_files.sh 13.19_find_user_forward_files.sh 13.20_shadow_group_empty.sh
2016-04-17 22:30:20 +02:00
thibault.dewailly
aad764bb1b
13.14_check_duplicate_uid.sh 13.15_check_duplicate_gid.sh^C
2016-04-17 19:53:47 +02:00
thibault.dewailly
a38aa6f039
13.12_users_valid_homedir.sh 13.11_find_passwd_group_inconsistencies.sh 13.13_check_user_homedir_ownership.sh
2016-04-17 18:58:25 +02:00
thibault.dewailly
fbba59cc67
13.10_find_user_rhosts_files.sh
2016-04-16 18:55:44 +02:00
thibault.dewailly
83cd95756d
13.8_check_user_dot_file_perm.sh 13.9_set_perm_on_user_netrc.sh
2016-04-16 18:32:09 +02:00
thibault.dewailly
f82a438246
13.7_check_user_dir_perm.sh
2016-04-16 18:11:53 +02:00
thibault.dewailly
b24a415dce
13.1_remove_empty_password_field.sh 13.2_remove_legacy_passwd_entries.sh 13.3_remove_legacy_shadow_entries.sh 13.4_remove_legacy_group_entries.sh 13.5_find_0_uid_non_root_account.sh 13.6_sanitize_root_path.sh
2016-04-16 17:25:48 +02:00
thibault.dewailly
dbc24bb8d7
13.1_remove_empry_password_field.sh
2016-04-16 15:10:14 +02:00
thibault.dewailly
fffd9842d6
12.11_find_sgid_files.sh
2016-04-16 12:57:24 +02:00
thibault.dewailly
d241ae57f9
12.10_find_suid_files.sh 12.1_etc_passwd_permissions.sh 12.2_etc_shadow_permissions.sh 12.3_etc_group_permissions.sh 12.4_etc_passwd_ownership.sh 12.5_etc_shadow_ownership.sh 12.6_etc_group_ownership.sh 12.7_find_world_writable_file.sh 12.8_find_unowned_files.sh 12.9_find_ungrouped_files.sh
2016-04-16 00:26:19 +02:00
thibault.dewailly
da30fa0b48
10.5_lock_inactive_user_account.sh 11.1_warning_banners.sh 11.2_remove_os_info_warning_banners.sh 11.3_graphical_warning_banners.sh
2016-04-15 23:38:48 +02:00
thibault.dewailly
dd9fac10d9
10.1.1_set_password_exp_days.sh 10.1.2_set_password_min_days_change.sh 10.1.3_set_password_exp_warning_days.sh 10.2_disable_system_accounts.sh 10.3_default_root_group.sh 10.4_default_umask.sh 9.4_secure_tty.sh 9.5_restrict_su.sh
2016-04-15 19:29:26 +02:00
thibault.dewailly
9451842e84
9.2.1_enable_cracklib.sh 9.2.2_enable_lockout_failed_password.sh 9.2.3_limit_password_reuse.sh 9.3.10_disable_sshd_setenv.sh 9.3.11_sshd_ciphers.sh 9.3.12_sshd_idle_timeout.sh 9.3.13_sshd_limit_access.sh 9.3.14_ssh_banner.sh 9.3.2_sshd_loglevel.sh 9.3.1_sshd_protocol.sh 9.3.3_sshd_conf_perm_ownership.sh 9.3.4_disable_x11_forwarding.sh 9.3.5_sshd_maxauthtries.sh 9.3.6_enable_sshd_ignorerhosts.sh 9.3.7_disable_sshd_hostbasedauthentication.sh 9.3.8_disable_root_login.sh 9.3.9_disable_sshd_permitemptypasswords.sh
2016-04-15 14:24:45 +02:00
thibault.dewailly
682d94bf9c
9.1.3_cron_hourly_perm_ownership.sh 9.1.4_cron_daily_perm_ownership.sh 9.1.5_cron_weekly_perm_ownership.sh 9.1.6_cron_monthly_perm_ownership.sh 9.1.7_cron_d_perm_ownership.sh 9.1.8_cron_users.sh
2016-04-15 10:18:23 +02:00
thibault.dewailly
9007ffdad1
9.1.1_enable_cron.sh 9.1.2_crontab_perm_ownership.sh
2016-04-14 23:26:37 +02:00
thibault.dewailly
6c9b2bbdd3
8.4_configure_logrotate.sh
2016-04-14 23:11:09 +02:00