elie/debian-cis
1
0
Fork 0
mirror of https://github.com/ovh/debian-cis.git synced 2025-09-03 05:08:22 +02:00
Code Issues Packages Projects Releases Wiki Activity

Commit Graph

  • 544c2a4aea Merge pull request #22 in IAAS/cis-hardening from dev/thibault.dewailly/fix to master Kevin Tanguy 2016-05-03 11:27:39 +02:00
  • e902c9b4c8 Fixed replace in file function with proper substitution thibault.dewailly 2016-05-03 11:25:37 +02:00
  • 612e28b16f tripwire : fixed typo on postinstall helper thibault.dewailly 2016-05-02 11:11:07 +02:00
  • 4867538c22 fix 99.1 Apply TMOUT Variable thibault.dewailly 2016-05-02 10:45:32 +02:00
  • a986f3b340 Merge pull request #20 in IAAS/cis-hardening from dev/kevin.tanguy/rephrasingAllOver to master Thibault Dewailly 2016-04-26 14:57:54 +02:00
  • 1479332870 debian dependencies fix, rephrasing, revision bump 1.0-8. kevin.tanguy 2016-04-25 15:15:49 +02:00
  • 2ebfee70ed Merge pull request #19 in IAAS/cis-hardening from dev/kevin.tanguy/wheezy to master Thibault Dewailly 2016-04-25 09:21:10 +02:00
  • 19543c2e68 Debian package revision bump 1.0-7 Kevin Tanguy 2016-04-25 09:19:46 +02:00
  • faedc43b73 Merge pull request #18 in IAAS/cis-hardening from dev/thibault.dewailly/fix6.15 to master Thibault Dewailly 2016-04-25 08:41:43 +02:00
  • 6e366172f8 Fixed 6.15 netstat analysis thibault.dewailly 2016-04-22 16:59:52 +02:00
  • 22fcd6ca74 Merge pull request #17 in IAAS/cis-hardening from dev/kevin.tanguy/wheezy to master Thibault Dewailly 2016-04-22 14:47:46 +02:00
  • 3136adeed5 Debian package revision bump 1.0-6 kevin.tanguy 2016-04-22 14:29:33 +02:00
  • b4aeada621 Merge pull request #15 in IAAS/cis-hardening from dev/kevin.tanguy/wheezy to master Thibault Dewailly 2016-04-22 10:25:21 +02:00
  • d229a57bac Debian package revision bump 1.0-5 kevin.tanguy 2016-04-22 10:18:31 +02:00
  • 98eff3174b Merge pull request #4 from jedisct1/valuemsg Thibault Dewailly 2016-04-22 08:40:14 +02:00
  • a286a3ffea Merge pull request #14 in IAAS/cis-hardening from dev/thibault.dewailly/fixCron to master Thibault Dewailly 2016-04-22 08:35:32 +02:00
  • cb3077e268 Fixed default file error handling and quickstart thibault.dewailly 2016-04-21 23:19:50 +02:00
  • ed410747df Rephrase confusing messages Frank Denis 2016-04-21 18:32:36 +02:00
  • 08fd72786c Fixed point 9.1.8 cron rights as a chmod 600 disabled the cron.allow features (file must be world readable) thibault.dewailly 2016-04-21 18:15:22 +02:00
  • 85bae89dc3 Merge pull request #2 from PunKeel/master Thibault Dewailly 2016-04-21 15:41:30 +02:00
  • 447718b145 Fix typo PunKeel 2016-04-21 15:18:36 +02:00
  • 56e75d78bd Merge pull request #13 in IAAS/cis-hardening from dev/kevin.tanguy/readme to master Thibault Dewailly 2016-04-21 14:52:23 +02:00
  • 861236c292 Debian package revision bump 1.0-4 kevin.tanguy 2016-04-21 12:00:20 +02:00
  • f5fc840b04 Added valid suid sgid binaries thibault.dewailly 2016-04-21 11:51:10 +02:00
  • 38d144aae2 Merge pull request #1 from ovh/jt-readme Thibault Dewailly 2016-04-20 19:15:28 +02:00
  • c63eeaa209 add Readme.md Jean-Tiare Le Bigot 2016-04-20 18:56:28 +02:00
  • 8b846d77bb Debian package revision bump 1.0-3 Kevin Tanguy 2016-04-20 12:39:58 +02:00
  • 5048099df8 Fixed 8.2.4 check file exists before testing rights thibault.dewailly 2016-04-20 14:36:55 +02:00
  • 3ece442743 Added exit code to CIS_ROOT_DIR test def, optimized sed and sort thibault.dewailly 2016-04-20 11:29:44 +02:00
  • 1d7865dd68 add --audit-all-enable-passed, add info in README and help Stéphane Lesimple 2016-04-19 20:16:47 +02:00
  • 8d84f38c97 add --audit-all option Stéphane Lesimple 2016-04-19 19:26:04 +02:00
  • ccda7adb93 Debianization time Kevin Tanguy 2016-04-18 17:14:56 +02:00
  • 5cd2b48fa8 Merge pull request #5 in IAAS/cis-hardening from dev/thibault.dewailly/fixedLicense to master Thibault Dewailly 2016-04-19 13:53:08 +02:00
  • b2d3ed937e Corrected script names, added License, Completed README and corrected bug with too long logger messages thibault.dewailly 2016-04-19 09:31:01 +02:00
  • 11ed345a60 Merge pull request #4 in IAAS/cis-hardening from dev/thibault.dewailly/fixPath to master Thibault Dewailly 2016-04-18 17:40:22 +02:00
  • 6019dd9078 Corrected default file path thibault.dewailly 2016-04-18 17:39:14 +02:00
  • 6971560e06 Merge pull request #3 in IAAS/cis-hardening from dev/thibault.dewailly/bugfix to master Thibault Dewailly 2016-04-18 14:03:50 +02:00
  • b1b96cf4e3 log format correction, loglevel defaults to info thibault.dewailly 2016-04-18 14:01:03 +02:00
  • 80236c9e27 Merge pull request #2 in IAAS/cis-hardening from dev/thibault.dewailly/base_harden to master Thibault Dewailly 2016-04-18 13:25:54 +02:00
  • e79a03095c All configuration defaults to disabled README updated thibault.dewailly 2016-04-18 13:19:46 +02:00
  • 7eaf124fc0 99.1_timeout_tty.sh 99.2_disable_usb_devices.sh thibault.dewailly 2016-04-18 11:16:05 +02:00
  • 628fe96666 Fixed disabled features, headers and preparing main script thibault.dewailly 2016-04-17 23:19:41 +02:00
  • fa98efc32b Added argument parsing and test checks thibault.dewailly 2016-04-17 23:10:47 +02:00
  • f829cdacf2 13.16_check_duplicate_username.sh 13.17_check_duplicate_groupname.sh 13.18_find_user_netrc_files.sh 13.19_find_user_forward_files.sh 13.20_shadow_group_empty.sh thibault.dewailly 2016-04-17 22:30:20 +02:00
  • dbeca2fba3 13.14_check_duplicate_uid.sh 13.15_check_duplicate_gid.sh^C thibault.dewailly 2016-04-17 19:53:47 +02:00
  • 4894b6d402 13.12_users_valid_homedir.sh 13.11_find_passwd_group_inconsistencies.sh 13.13_check_user_homedir_ownership.sh thibault.dewailly 2016-04-17 18:58:25 +02:00
  • 39e9c794e4 13.10_find_user_rhosts_files.sh thibault.dewailly 2016-04-16 18:55:44 +02:00
  • 77f01d2709 13.8_check_user_dot_file_perm.sh 13.9_set_perm_on_user_netrc.sh thibault.dewailly 2016-04-16 18:32:09 +02:00
  • db91df2296 13.7_check_user_dir_perm.sh thibault.dewailly 2016-04-16 18:11:53 +02:00
  • fb9bf542a1 13.1_remove_empty_password_field.sh 13.2_remove_legacy_passwd_entries.sh 13.3_remove_legacy_shadow_entries.sh 13.4_remove_legacy_group_entries.sh 13.5_find_0_uid_non_root_account.sh 13.6_sanitize_root_path.sh thibault.dewailly 2016-04-16 17:25:48 +02:00
  • 8c94214120 13.1_remove_empry_password_field.sh thibault.dewailly 2016-04-16 15:10:14 +02:00
  • c193bd49f5 12.11_find_sgid_files.sh thibault.dewailly 2016-04-16 12:57:24 +02:00
  • ac2b994306 12.10_find_suid_files.sh 12.1_etc_passwd_permissions.sh 12.2_etc_shadow_permissions.sh 12.3_etc_group_permissions.sh 12.4_etc_passwd_ownership.sh 12.5_etc_shadow_ownership.sh 12.6_etc_group_ownership.sh 12.7_find_world_writable_file.sh 12.8_find_unowned_files.sh 12.9_find_ungrouped_files.sh thibault.dewailly 2016-04-16 00:26:19 +02:00
  • 82a7b05a05 10.5_lock_inactive_user_account.sh 11.1_warning_banners.sh 11.2_remove_os_info_warning_banners.sh 11.3_graphical_warning_banners.sh thibault.dewailly 2016-04-15 23:38:48 +02:00
  • 6c72eb0a8b 10.1.1_set_password_exp_days.sh 10.1.2_set_password_min_days_change.sh 10.1.3_set_password_exp_warning_days.sh 10.2_disable_system_accounts.sh 10.3_default_root_group.sh 10.4_default_umask.sh 9.4_secure_tty.sh 9.5_restrict_su.sh thibault.dewailly 2016-04-15 19:29:26 +02:00
  • 823cd217a0 9.2.1_enable_cracklib.sh 9.2.2_enable_lockout_failed_password.sh 9.2.3_limit_password_reuse.sh 9.3.10_disable_sshd_setenv.sh 9.3.11_sshd_ciphers.sh 9.3.12_sshd_idle_timeout.sh 9.3.13_sshd_limit_access.sh 9.3.14_ssh_banner.sh 9.3.2_sshd_loglevel.sh 9.3.1_sshd_protocol.sh 9.3.3_sshd_conf_perm_ownership.sh 9.3.4_disable_x11_forwarding.sh 9.3.5_sshd_maxauthtries.sh 9.3.6_enable_sshd_ignorerhosts.sh 9.3.7_disable_sshd_hostbasedauthentication.sh 9.3.8_disable_root_login.sh 9.3.9_disable_sshd_permitemptypasswords.sh thibault.dewailly 2016-04-15 14:24:45 +02:00
  • 0407ebe362 9.1.3_cron_hourly_perm_ownership.sh 9.1.4_cron_daily_perm_ownership.sh 9.1.5_cron_weekly_perm_ownership.sh 9.1.6_cron_monthly_perm_ownership.sh 9.1.7_cron_d_perm_ownership.sh 9.1.8_cron_users.sh thibault.dewailly 2016-04-15 10:18:23 +02:00
  • 95d4936fbc 9.1.1_enable_cron.sh 9.1.2_crontab_perm_ownership.sh thibault.dewailly 2016-04-14 23:26:37 +02:00
  • 1a0be2e5b0 8.4_configure_logrotate.sh thibault.dewailly 2016-04-14 23:11:09 +02:00
  • a93c6174e3 8.4_conifgure_logrotate.sh thibault.dewailly 2016-04-14 23:08:52 +02:00
  • 909dde9f18 8.3.2_tripwire_cron.sh thibault.dewailly 2016-04-14 23:05:58 +02:00
  • d373b6f937 8.2.5_syslog-ng_remote_host.sh 8.2.6_remote_syslog-ng_acl.sh 8.3.1_install_tripwire.sh thibault.dewailly 2016-04-14 22:47:34 +02:00
  • f0bff32503 8.2.1_install_syslog-ng.sh 8.2.2_enable_syslog-ng.sh 8.2.3_configure_syslog-ng.sh 8.2.4_set_logfile_perm.sh thibault.dewailly 2016-04-14 17:55:14 +02:00
  • 488886305f 8.1.11_record_failed_access_file.sh 8.1.12_record_privileged_commands.sh 8.1.13_record_successful_mount.sh 8.1.14_record_file_deletions.sh 8.1.15_record_sudoers_edit.sh 8.1.16_record_sudo_usage.sh 8.1.17_record_kernel_modules.sh 8.1.18_freeze_auditd_conf.sh thibault.dewailly 2016-04-14 16:44:14 +02:00
  • 2ad4260ffb 8.1.10_record_dac_edit.sh 8.1.6_record_network_edit.sh 8.1.7_record_mac_edit.sh 8.1.8_record_login_logout.sh 8.1.9_record_session_init.sh thibault.dewailly 2016-04-14 14:43:26 +02:00
  • 0ce0b23dc8 8.1.4_record_date_time_edit.sh 8.1.5_record_user_group_edit.sh thibault.dewailly 2016-04-14 14:07:00 +02:00
  • 127d3e9124 8.1.1.3_keep_all_audit_logs.sh 8.1.3_audit_bootloader.sh thibault.dewailly 2016-04-14 13:11:56 +02:00
  • 9c229574d1 8.0_enable_auditd_kernel.sh 8.1.1.2_halt_when_audit_log_full.sh 8.1.2_enable_auditd.sh thibault.dewailly 2016-04-14 10:40:31 +02:00
  • 1f873a14f6 7.4.1_install_tcp_wrapper.sh 7.4.2_hosts_allow.sh 7.4.3_hosts_allow_permissions.sh 7.4.4_hosts_deny.sh 7.4.5_hosts_deny_permissions.sh 7.5.1_disable_dccp.sh 7.5.2_disable_sctp.sh 7.5.3_disable_rds.sh 7.5.4_disable_tipc.sh 7.6_disable_wireless.sh 7.7_enable_firewall.sh 8.0_install_auditd.sh 8.1.1.1_audit_log_storage.sh thibault.dewailly 2016-04-13 22:51:18 +02:00
  • 9b3cd3e31d 7.3.3_disable_ipv6.sh thibault.dewailly 2016-04-13 21:19:26 +02:00
  • 11817e8c05 7.3.2_disable_ipv6_redirect.sh thibault.dewailly 2016-04-13 17:47:25 +02:00
  • df51ac5bcb 7.3.1_disable_ipv6_router_advertisement.sh thibault.dewailly 2016-04-13 17:41:10 +02:00
  • e81778e615 7.2.5_ignore_broadcast_requests.sh 7.2.6_enable_bad_error_message_protection.sh 7.2.7_enable_source_route_validation.sh 7.2.8_enable_tcp_syn_cookies.sh thibault.dewailly 2016-04-13 16:07:16 +02:00
  • c466ae4855 7.2.1_disable_source_routed_packets.sh 7.2.2_disable_icmp_redirect.sh 7.2.3_disable_secure_icmp_redirect.sh 7.2.4_log_martian_packets.sh thibault.dewailly 2016-04-13 15:48:03 +02:00
  • 1843d1a67b 7.1.1_disable_ip_forwarding.sh 7.1.2_disable_send_packet_redirects.sh thibault.dewailly 2016-04-13 14:54:35 +02:00
  • bec4ccd7da 6.16_disable_rsync.sh thibault.dewailly 2016-04-13 14:12:57 +02:00
  • c32c985bb7 6.10_disable_http_server.sh 6.11_disable_imap_pop.sh 6.12_disable_samba.sh 6.13_diable_http_proxy.sh 6.14_disable_snmp_server.sh 6.15_mta_localhost.sh 6.9_disable_ftp.sh thibault.dewailly 2016-04-12 17:59:17 +02:00
  • 4d5ccf1f58 6.2_disable_avahi_server.sh 6.3_disable_print_server.sh 6.4_disable_dhcp.sh 6.5_configure_ntp.sh 6.6_diable_ldap.sh 6.7_disable_nfs_rpc.sh 6.8_disable_dns_server.sh thibault.dewailly 2016-04-12 11:21:36 +02:00
  • 9ee7b646bf 5.1.5_disable_talk_client.sh 5.1.6_disable_telnet_server.sh 5.1.7_disable_tftp_server.sh 5.1.8_disable_inetd.sh 5.2_disable_chargen.sh 5.3_disable_daytime.sh 5.4_disable_echo.sh 5.5_disable_discard.sh 5.6_disable_time.sh 6.1_disable_xwindow_system.sh thibault.dewailly 2016-04-12 08:31:41 +02:00
  • 1e8d90198d 5.1.4_disable_talk.sh thibault.dewailly 2016-04-11 17:50:06 +02:00
  • a60ed7fc45 5.1.2_disable_rsh.sh 5.1.3_disable_rsh_client.sh thibault.dewailly 2016-04-11 17:42:31 +02:00
  • db7b85ceed 4.2_enable_nx_support.sh 4.3_enable_randomized_vm_placement.sh 4.4_disable_prelink.sh 4.5_enable_apparmor.sh 5.1.1_disable_nis.sh thibault.dewailly 2016-04-11 16:53:57 +02:00
  • 1bacb6c2ff 4.1_restrict_core_dumps.sh thibault.dewailly 2016-04-11 14:55:42 +02:00
  • 90e4c32138 3.4_root_password.sh thibault.dewailly 2016-04-11 13:51:54 +02:00
  • f2a979e24c 3.2_bootloader_permissions.sh 3.3_bootloader_password.sh thibault.dewailly 2016-04-11 11:38:50 +02:00
  • d44a8eb440 3.1_bootloader_ownership.sh fix thibault.dewailly 2016-04-11 08:55:44 +02:00
  • 91d6ba3fdd 3.1_bootloader_ownership.sh thibault.dewailly 2016-04-07 08:43:37 +02:00
  • 31454e394d 2.25_disable_automounting.sh thibault.dewailly 2016-04-07 07:46:44 +02:00
  • a22c47c97d 2.19_disable_freevxfs.sh 2.20_disable_jffs2.sh 2.21_disable_hfs.sh 2.22_disable_hfsplus.sh 2.23_disable_squashfs.sh 2.24_disable_udf.sh thibault.dewailly 2016-04-07 07:22:04 +02:00
  • b87e9a6f14 2.18_disable_cramfs.sh thibault.dewailly 2016-04-07 06:56:14 +02:00
  • a578e889ee 2.17_sticky_bit_world_writable_folder.sh thibault.dewailly 2016-04-05 13:42:05 +02:00
  • 1a59c377c7 2.13_removable_device_nosuid.sh 2.14_run_shm_nodev.sh 2.15_run_shm_nosuid.sh 2.16_run_shm_noexec.sh thibault.dewailly 2016-04-05 13:16:00 +02:00
  • a572f6a17c 2.10_home_nodev.sh 2.11_removable_device_nodev.sh 2.12_removable_device_noexec.sh thibault.dewailly 2016-04-05 11:48:45 +02:00
  • f535548d0b 2.8_var_log_audit_partition.sh 2.9_home_partition.sh thibault.dewailly 2016-04-05 09:29:09 +02:00
  • 324de22b36 2.6.4_var_tmp_noexec.sh 2.7_var_log_partition.sh thibault.dewailly 2016-04-05 09:18:51 +02:00
  • f60d996d33 2.6.2_var_tmp_nodev.sh 2.6.3_var_tmp_nosuid.sh thibault.dewailly 2016-04-05 09:11:51 +02:00
  • a77740db2c 2.6.1_var_tmp_partition.sh thibault.dewailly 2016-04-05 09:07:15 +02:00
  • 007180149a 2.5_var_partition.sh + refacto thibault.dewailly 2016-04-04 16:50:57 +02:00
  • 18d920e98a 2.4_tmp_noexec.sh thibault.dewailly 2016-04-04 16:48:21 +02:00
  • 6acf44eee7 2.3_tmp_nosuid.sh thibault.dewailly 2016-04-04 16:28:40 +02:00