PCI-DSS compliant Debian 10/11/12 hardening
Go to file
2016-04-20 18:06:08 +02:00
bin Corrected script names, added License, Completed README and corrected bug with too long logger messages 2016-04-19 13:51:28 +02:00
debian Debianization time 2016-04-20 18:06:08 +02:00
etc Corrected script names, added License, Completed README and corrected bug with too long logger messages 2016-04-19 13:51:28 +02:00
lib Corrected script names, added License, Completed README and corrected bug with too long logger messages 2016-04-19 13:51:28 +02:00
src Corrected default file path 2016-04-18 17:39:14 +02:00
tmp/backups 2.2_tmp_nodev.sh 2016-04-04 16:14:53 +02:00
.gitignore Initial Commit Basic folders 2016-04-01 07:50:08 +02:00
LICENSE Corrected script names, added License, Completed README and corrected bug with too long logger messages 2016-04-19 13:51:28 +02:00
README Corrected script names, added License, Completed README and corrected bug with too long logger messages 2016-04-19 13:51:28 +02:00

# CIS Debian 7 Hardening git repository
# Authors : Thibault Dewailly, OVH <thibault.dewailly@corp.ovh.com>
# This is the code base which will be used to fill CIS hardening requirements

# Hardening scripts :
# bin/hardening : Every script has a .cfg associated, status must be defined here

# Configuration
# etc/hardening.cfg : Global variables defined such as backup directory, or log level
# etc/conf.d        : Folder with all .cfg associated to hardening scripts

# Status parameter will define on each script if it has to be disabled (do nothing), audit (RO), enabled (RW)
# Enabled will perform audit and most of the time correct your system accordingly. 
# There is exceptions as it is difficult to know how you want to correct that.

# Main script : 
# bin/hardening.sh : Will execute hardening according to configuration
# Options are :
# --apply     : Will apply hardening when scripts have status enabled (RW), and audit points where status is audit (RO)
# --audit     : Will audit hardening when scripts have status enabled or audit (RO) 
# --audit-all : Apply audit (RO) on all scripts