debian-cis

elie/debian-cis

Fork 0

mirror of https://github.com/ovh/debian-cis.git synced 2025-04-18 16:17:31 +02:00

Commit Graph

Select branches

Hide Pull Requests

dependabot/github_actions/luizm/action-sh-checker-0.9.0

dev/thibault.dewailly/deb12

dev/thibault.dewailly/set_hardening_level

dev/thibault.dewailly/syslogng_remotecheck

master

#1

#10

#100

#101

#102

#103

#104

#108

#11

#111

#112

#115

#118

#119

#12

#120

#121

#122

#123

#125

#127

#128

#129

#130

#131

#132

#133

#134

#135

#137

#139

#140

#141

#142

#143

#144

#145

#146

#147

#148

#149

#150

#151

#152

#153

#154

#156

#157

#159

#16

#160

#161

#164

#166

#168

#169

#170

#171

#172

#173

#174

#176

#177

#178

#179

#18

#180

#181

#184

#185

#186

#187

#188

#19

#190

#193

#194

#197

#198

#199

#2

#20

#202

#203

#204

#205

#206

#207

#208

#21

#210

#213

#214

#215

#216

#22

#221

#222

#223

#225

#226

#228

#229

#23

#232

#234

#236

#237

#238

#24

#242

#243

#243

#250

#250

#28

#29

#30

#31

#32

#35

#36

#37

#39

#4

#40

#41

#44

#45

#47

#49

#5

#54

#56

#57

#58

#59

#6

#6

#60

#66

#67

#69

#7

#72

#73

#75

#79

#80

#81

#82

#86

#88

#9

#90

#91

#94

#95

#96

#98

#99

latest

v1.1-1

v1.2-1

v1.3

v1.3-2

v1.3-3

v1.3-4

v2.0-4

v2.0-5

v2.0-6

v2.1-1

v2.1-2

v2.1-3

v2.1-4

v2.1-5

v2.1-6

v3.0

v3.0-1

v3.1-0

v3.1-1

v3.1-2

v3.1-3

v3.1-4

v3.1-5

v3.1-6

v3.2-0

v3.2-1

v3.2-2

v3.3-1

v3.4-1

v3.5-1

v3.6-1

v3.7-1

v3.8-1

v4.0-1

v4.1-1

v4.1-2

v4.1-3

v4.1-4

625a6206c7 Fix typos Charles Herlin 2019-10-30 15:18:52 +01:00
5074c5a8bd FIX(2.2.12) handle smbd as a service Charles Herlin 2019-10-25 16:03:11 +02:00
0fa10240cd Update changelog Thibault 2020-10-28 09:26:51 +01:00
d91fdbf84b Add missing tests CUPS, telnet and LDAP Charles Herlin 2019-10-21 14:45:25 +02:00
2b60594a06 Renum 2.6.x to 1.1.x for /var/tmp Charles Herlin 2019-10-21 12:21:22 +02:00
d6dae89966 Renum logrotate config 8.4 to 4.3 Charles Herlin 2019-10-18 17:32:41 +02:00
80b97940fa Renumbering custom 99.* scripts as newcomers to CIS benchmark Charles Herlin 2019-10-18 17:26:31 +02:00
609444a47f Renum User and Groups settings 13.x to 6.2.x Charles Herlin 2019-09-12 17:43:12 +02:00
440aeaf45f Renum 12.x checks to 6.1.x Verify_System_File_Permissions Charles Herlin 2019-09-12 16:44:45 +02:00
a085785321 Renum warning banners checks 11.x to 1.7.x Charles Herlin 2019-09-12 15:42:22 +02:00
fbb73d1953 Renum 10.x to 5.4.x Charles Herlin 2019-09-12 10:55:43 +02:00
47a9ffdc9c Renum login.defs 10.1.x to 5.4.1.x Charles Herlin 2019-09-12 10:43:48 +02:00
8a4a28a35b Renum 9.x tty and su checks Charles Herlin 2019-09-11 17:16:54 +02:00
9e61ca8367 Renum ssh config check 9.3.x to 5.2.x Charles Herlin 2019-09-11 17:12:54 +02:00
c863a01305 Renum 9.2.x to 5.3.x Pam password settings Charles Herlin 2019-09-11 15:40:00 +02:00
124dde8254 Renum 9.1.x to 5.1.x cron checks Charles Herlin 2019-09-11 12:16:50 +02:00
65f92a7556 Renum 8.2.x to 4.2.2.x for syslog-ng Charles Herlin 2019-09-11 11:52:24 +02:00
00dd3ef591 Renum 8.1.x auditing configuration Charles Herlin 2019-09-09 16:45:54 +02:00
032aaa7c79 Renumber 7.5.x and 7.6 Charles Herlin 2019-08-30 17:18:26 +02:00
68f9f56192 Renumber 7.4.x tcp wrappers Charles Herlin 2019-08-30 17:11:03 +02:00
c5674c3627 Renumber network params 7.1.x, 7.2.x and 7.3 Charles Herlin 2019-08-30 14:14:29 +02:00
e205dc7481 Renumber special purpose services 6.x Charles Herlin 2019-08-29 16:02:39 +02:00
fbdf3b72ed Renumbering OS services checks and removing obsolete ones Charles Herlin 2019-08-29 10:33:23 +02:00
6365f58b4c Renumbering 4.x checks Charles Herlin 2019-08-28 17:26:27 +02:00
fe25b1ba38 Renumbering of bootloader checks Charles Herlin 2019-08-28 17:19:59 +02:00
0b85d16c16 First batch of renaming to comply to comply to 8v2 and 9 pdf Charles Herlin 2019-08-27 15:30:47 +02:00
88e3a515ef 5.2.17_sshd_login_grace_time v1.3-4 Thibault Ayanides 2020-10-05 17:26:13 +02:00
55c1cdbdde 5.2.3_ssh_host_public_keys_perm_ownership Thibault Ayanides 2020-10-05 17:05:47 +02:00
6f5d714b55 5.2.2_ssh_host_private_keys_perm_ownership Thibault Ayanides 2020-10-05 17:05:26 +02:00
a37c5bdc4e Add functions utils Thibault Ayanides 2020-10-05 17:01:13 +02:00
d6e5803252 4.2.4_logs_permissions Thibault Ayanides 2020-10-05 13:17:44 +02:00
922f28c200 4.2.3_install_syslog-ng Thibault Ayanides 2020-09-30 17:03:10 +02:00
70be679567 IMP(12.8,12.9,12.10,12.11): be able to exclude some paths v1.3-3 Benjamin MONTHOUEL 2020-03-31 14:22:24 +02:00
413277d7eb IMP(12.8,12.9): be able to exclude some paths Benjamin MONTHOUEL 2020-03-30 19:11:07 +02:00
e62648d6a4 release 1.3.1-1 v1.3-2 Stéphane Lesimple 2019-10-22 15:08:56 +02:00
ef5c00fef5 enh: 13.12_users_valid_homedir.sh: ignore /nonexistent special home folder Stéphane Lesimple 2019-10-22 14:14:32 +02:00
20dacdf6c7 CHORE: change in version numbering v1.3 Charles Herlin 2019-08-28 14:59:51 +02:00
19ee1cabf8 Update changelog Charles Herlin 2019-08-28 12:35:58 +02:00
5a1a70bbd3 FIX(test/10.2): backup and restore /etc/passwd after test Charles Herlin 2019-08-28 12:30:13 +02:00
a4969e6ba6 IMP(99.3.1): improve check with disabled passwords Charles Herlin 2019-08-28 11:49:01 +02:00
96f3b74334 FIX(10.2): improve test to check multiple login shells Charles Herlin 2019-08-28 11:47:49 +02:00
89cf484cb9 fix(99.4): do not stderr iptables warning on buster v1.2-1 kevin.tanguy 2019-08-14 10:36:25 +02:00
13783423c2 changelog: update changelog Charles Herlin 2019-04-04 16:27:17 +02:00
b2f7460977 changelog: update to 1.2-4 Charles Herlin 2019-04-04 16:27:17 +02:00
71f97062d7 FIX(99.1): remove dot in files to search Charles Herlin 2019-04-04 12:18:15 +02:00
1ec77dbb56 FIX(13.15): fix code that did not show duplicated group Charles Herlin 2019-03-28 17:51:02 +01:00
8f87d75293 FIX(99.5.4): fix regex to allow other authkey options than "from" Charles Herlin 2019-03-15 18:17:48 +01:00
41e3402b10 FIX(batch): sed \n to space in batch echo Charles Herlin 2019-03-19 10:38:41 +01:00
02673826a0 FIX(8.2.x): fix grep and find in audit scripts Charles Herlin 2019-03-18 16:19:05 +01:00
d5d5a39109 FIX(nbsp): remove nbsp for missing file Charles Herlin 2019-03-12 10:08:28 +01:00
1bac756dcb FIX(nbsp): remove non breakable spaces that caused Puppet to warn Charles Herlin 2019-03-12 09:58:35 +01:00
75f6cce7f5 Debian release 1.2-3 kevin.tanguy 2019-03-06 08:33:18 +01:00
be1ad3e581 IMP(99.5.4): add conf to check only listed users Charles Herlin 2019-03-05 10:49:45 +01:00
b4b7524156 Update changelog Charles Herlin 2019-03-01 14:41:28 +01:00
455e58899d FIX(8.2.4): script crashed when touching a logfile in subdir of /var/log Charles Herlin 2019-03-01 13:08:07 +01:00
9ada868f43 IMP(8.2.4): add exceptions in check and apply Charles Herlin 2019-03-01 12:12:42 +01:00
4bddd8ee8b IMP(8.2.5): follow symlinks in find Charles Herlin 2019-03-01 10:00:35 +01:00
81dc308677 FIX(8.3.2): add $SUDO_CMD to find Charles Herlin 2019-02-28 17:52:47 +01:00
db4dc4d598 FIX(8.2.5): grep: x is a directory Charles Herlin 2019-02-28 16:41:41 +01:00
a9af957f7a Debian release 1.2-2 kevin.tanguy 2019-02-28 13:03:09 +01:00
0a6f8bdba6 FEAT(2.6.x): retrieve actual partition in case if bind mount Charles Herlin 2019-02-28 10:14:00 +01:00
d05ffaf9d5 CHORE: replace == with = that is bash syntax Charles Herlin 2019-02-26 15:23:23 +01:00
41ccd5655a CHORE(test 8.2.5): removed useless cleanup line Charles Herlin 2019-02-26 15:19:05 +01:00
e46a85dc6c FIX(9.3.2): dismiss test for initial after e7d9977 Charles Herlin 2019-02-26 15:16:06 +01:00
1caf0f489a FIX(12.1x): fix tests exception for mail after da6acb0b Charles Herlin 2019-02-26 15:08:21 +01:00
de7dfe5956 CHORE(2.1x): use "readlink -e" instead of custom func Charles Herlin 2019-02-26 15:06:51 +01:00
8031c388c6 IMP(9.3.2): Comply with Debian9 guide: verbose ssh loglevel Charles Herlin 2019-02-25 15:16:02 +01:00
7b8e359590 IMP(13.13): improve exception detection Charles Herlin 2019-02-25 10:33:15 +01:00
f7f2f614aa IMP(9.3.2): Add custom configuration management Charles Herlin 2019-02-22 15:40:01 +01:00
605a768fe1 IMP(13.13): Add exceptions for home directories not owned by owner Charles Herlin 2019-02-22 15:22:58 +01:00
80a1146af7 IMP(8.2.5): find multiline pattern in files (syslog) Charles Herlin 2019-02-22 12:39:41 +01:00
7408216957 IMP(2.1x): Retrieve actual partition when symlink Charles Herlin 2019-02-22 12:22:14 +01:00
217895dfe6 FIX(tests): change sed to audit in test skeleton after 81f9348 Charles Herlin 2019-02-21 18:07:21 +01:00
bc5809f92e FIX CONFIG_AUDIT test kevin.tanguy 2019-02-21 11:15:48 +01:00
22d223fece changelog: Update to 1.2-2 Charles Herlin 2019-02-19 15:40:27 +01:00
ac76942ca7 CHORE(tests): cleanup test files Charles Herlin 2019-02-18 18:08:19 +01:00
cf42666833 FIX(tests): change sed in conf file disabled->audit following d6172ad Charles Herlin 2019-02-15 17:42:17 +01:00
6cbe8f572f CHORE(tests): Cleanup test files Charles Herlin 2019-02-18 18:10:22 +01:00
982301d395 FIX(tests): improve test cases and cleanup Charles Herlin 2019-02-18 17:25:04 +01:00
d18f5edfba FIX(99.2): add missing $SUDO_CMD Charles Herlin 2019-02-15 16:56:54 +01:00
6ede832685 FIX(sudoers): add missing test Charles Herlin 2019-02-15 16:45:03 +01:00
0c17da012f FIX(test): catch return values when retval differs to avoid runtime error Charles Herlin 2019-02-15 16:27:54 +01:00
6afed4eedb Add test stub for all audit checks, to tests root/sudo consistency Charles Herlin 2019-02-14 18:10:46 +01:00
bad32f8078 Rename dismiss_test to skip_tests since test won't even run in this case Charles Herlin 2019-02-14 17:52:45 +01:00
47a818b832 dismiss_count will still report failed root/sudo consistency failure Charles Herlin 2019-02-14 17:44:13 +01:00
fc88194eca properly purge remaining config files on purge kevin.tanguy 2019-02-14 14:22:55 +01:00
2b2a91a564 Change default status to audit for file with custom create_config Charles Herlin 2019-02-14 14:33:21 +01:00
5c313c8f31 Change default status disabled -> audit when no conf file Charles Herlin 2019-02-06 15:26:41 +01:00
11305a0980 FIX package name in example-cron.d-entry Charles Herlin 2019-02-14 12:21:17 +01:00
1586dae0c5 Improve user management in test cases Charles Herlin 2019-02-14 11:15:51 +01:00
1281860401 IMP: enhance scripts that check duplicate UID Charles Herlin 2019-02-13 16:07:06 +01:00
09ae131de9 FIX: usage if no RUN_MODE, fix only that used to run too many checks Charles Herlin 2019-02-13 17:11:28 +01:00
1dd630e65b changelog: Update to 1.2-1 (go cds go) kevin.tanguy 2019-02-12 11:41:05 +01:00
810fee4c8f Migrate generic checks from secaudit to cis-hardening Charles Herlin 2017-12-20 15:14:30 +01:00
ba93159a00 Add crontab Charles Herlin 2019-02-08 10:35:35 +01:00
d014405e1f FIX: add becho to send batch output to syslog too Charles Herlin 2019-02-06 17:25:16 +01:00
6cea326921 Update debian 7/8/9 in help files and remove in generic scripts Charles Herlin 2019-02-06 15:19:14 +01:00
58cb064919 IMP: sort find result by name and version to ease reading Charles Herlin 2019-02-01 09:42:12 +01:00
3ff3bb209f FIX: remove "exernal-sources" option when running shellcheck Charles Herlin 2019-01-30 16:00:45 +01:00
507eadc3cb Add shellcheck recommendation Charles Herlin 2019-01-30 12:38:39 +01:00