elie/debian-cis
1
0
Fork 0
mirror of https://github.com/ovh/debian-cis.git synced 2025-02-19 17:05:40 +01:00
Code Issues Packages Projects Releases Wiki Activity
debian-cis/bin/hardening
History
Thibault Ayanides 774af39a34 IMP(5.2.x): add tests and default_config 
I added tests from 5.2.4 to 5.2.19 and default_config files in the
checks. This checks concern sshd conf (ciphers, mac, rootlogin, ...)

	modifié :         bin/hardening/5.2.4_sshd_protocol.sh
	modifié :         bin/hardening/5.2.6_disable_x11_forwarding.sh
	modifié :         bin/hardening/5.2.7_sshd_maxauthtries.sh
	modifié :         bin/hardening/5.2.8_enable_sshd_ignorerhosts.sh
	modifié :         bin/hardening/5.2.9_disable_sshd_hostbasedauthentication.sh
	modifié :         bin/hardening/5.2.10_disable_root_login.sh
	modifié :         bin/hardening/5.2.11_disable_sshd_permitemptypasswords.sh
	modifié :         bin/hardening/5.2.12_disable_sshd_setenv.sh
	modifié :         bin/hardening/5.2.13_sshd_ciphers.sh
	modifié :         bin/hardening/5.2.16_sshd_idle_timeout.sh
	modifié :         bin/hardening/5.2.17_sshd_login_grace_time.sh
	modifié :         tests/hardening/5.2.4_sshd_protocol.sh
	modifié :         tests/hardening/5.2.5_sshd_loglevel.sh
	modifié :         tests/hardening/5.2.6_disable_x11_forwarding.sh
	modifié :         tests/hardening/5.2.7_sshd_maxauthtries.sh
	modifié :         tests/hardening/5.2.8_enable_sshd_ignorerhosts.sh
	modifié :         tests/hardening/5.2.9_disable_sshd_hostbasedauthentication.sh
	modifié :         tests/hardening/5.2.10_disable_root_login.sh
	modifié :         tests/hardening/5.2.11_disable_sshd_permitemptypasswords.sh
	modifié :         tests/hardening/5.2.12_disable_sshd_setenv.sh
	modifié :         tests/hardening/5.2.13_sshd_ciphers.sh
	modifié :         tests/hardening/5.2.16_sshd_idle_timeout.sh
	modifié :         tests/hardening/5.2.17_sshd_login_grace_time.sh
	modifié :         tests/hardening/5.2.18_sshd_limit_access.sh
	modifié :         tests/hardening/5.2.19_ssh_banner.sh
2020-10-29 11:18:31 +01:00
..
.gitignore
Initial Commit Basic folders
2016-04-01 07:50:08 +02:00
1.1.1.1_disable_freevxfs.sh
First batch of renaming to comply to comply to 8v2 and 9 pdf
2019-08-27 15:30:47 +02:00
1.1.1.2_disable_jffs2.sh
First batch of renaming to comply to comply to 8v2 and 9 pdf
2019-08-27 15:30:47 +02:00
1.1.1.3_disable_hfs.sh
First batch of renaming to comply to comply to 8v2 and 9 pdf
2019-08-27 15:30:47 +02:00
1.1.1.4_disable_hfsplus.sh
First batch of renaming to comply to comply to 8v2 and 9 pdf
2019-08-27 15:30:47 +02:00
1.1.1.5_disable_udf.sh
First batch of renaming to comply to comply to 8v2 and 9 pdf
2019-08-27 15:30:47 +02:00
1.1.1.6_disable_cramfs.sh
Fix spelling mistakes and numbering in comments
2020-10-28 10:09:10 +01:00
1.1.1.7_disable_squashfs.sh
Fix spelling mistakes and numbering in comments
2020-10-28 10:09:10 +01:00
1.1.2_tmp_partition.sh
First batch of renaming to comply to comply to 8v2 and 9 pdf
2019-08-27 15:30:47 +02:00
1.1.3_tmp_nodev.sh
First batch of renaming to comply to comply to 8v2 and 9 pdf
2019-08-27 15:30:47 +02:00
1.1.4_tmp_nosuid.sh
First batch of renaming to comply to comply to 8v2 and 9 pdf
2019-08-27 15:30:47 +02:00
1.1.5_tmp_noexec.sh
First batch of renaming to comply to comply to 8v2 and 9 pdf
2019-08-27 15:30:47 +02:00
1.1.6_var_partition.sh
First batch of renaming to comply to comply to 8v2 and 9 pdf
2019-08-27 15:30:47 +02:00
1.1.7_var_tmp_partition.sh
Renum 2.6.x to 1.1.x for /var/tmp
2019-10-21 12:21:22 +02:00
1.1.8_var_tmp_nodev.sh
Renum 2.6.x to 1.1.x for /var/tmp
2019-10-21 12:21:22 +02:00
1.1.9_var_tmp_nosuid.sh
Renum 2.6.x to 1.1.x for /var/tmp
2019-10-21 12:21:22 +02:00
1.1.10_var_tmp_noexec.sh
Renum 2.6.x to 1.1.x for /var/tmp
2019-10-21 12:21:22 +02:00
1.1.11_var_log_partition.sh
First batch of renaming to comply to comply to 8v2 and 9 pdf
2019-08-27 15:30:47 +02:00
1.1.12_var_log_audit_partition.sh
First batch of renaming to comply to comply to 8v2 and 9 pdf
2019-08-27 15:30:47 +02:00
1.1.13_home_partition.sh
First batch of renaming to comply to comply to 8v2 and 9 pdf
2019-08-27 15:30:47 +02:00
1.1.14_home_nodev.sh
First batch of renaming to comply to comply to 8v2 and 9 pdf
2019-08-27 15:30:47 +02:00
1.1.15_run_shm_nodev.sh
First batch of renaming to comply to comply to 8v2 and 9 pdf
2019-08-27 15:30:47 +02:00
1.1.16_run_shm_nosuid.sh
First batch of renaming to comply to comply to 8v2 and 9 pdf
2019-08-27 15:30:47 +02:00
1.1.17_run_shm_noexec.sh
First batch of renaming to comply to comply to 8v2 and 9 pdf
2019-08-27 15:30:47 +02:00
1.1.18_removable_device_nodev.sh
First batch of renaming to comply to comply to 8v2 and 9 pdf
2019-08-27 15:30:47 +02:00
1.1.19_removable_device_nosuid.sh
First batch of renaming to comply to comply to 8v2 and 9 pdf
2019-08-27 15:30:47 +02:00
1.1.20_removable_device_noexec.sh
First batch of renaming to comply to comply to 8v2 and 9 pdf
2019-08-27 15:30:47 +02:00
1.1.21_sticky_bit_world_writable_folder.sh
First batch of renaming to comply to comply to 8v2 and 9 pdf
2019-08-27 15:30:47 +02:00
1.1.22_disable_automounting.sh
First batch of renaming to comply to comply to 8v2 and 9 pdf
2019-08-27 15:30:47 +02:00
1.4.1_bootloader_ownership.sh
Renumbering of bootloader checks
2019-08-28 17:19:59 +02:00
1.4.2_bootloader_password.sh
Renumbering of bootloader checks
2019-08-28 17:19:59 +02:00
1.4.3_root_password.sh
Renumbering of bootloader checks
2019-08-28 17:19:59 +02:00
1.5.1_restrict_core_dumps.sh
Renumbering 4.x checks
2019-08-28 17:26:27 +02:00
1.5.2_enable_nx_support.sh
Renumbering 4.x checks
2019-08-28 17:26:27 +02:00
1.5.3_enable_randomized_vm_placement.sh
Renumbering 4.x checks
2019-08-28 17:26:27 +02:00
1.5.4_disable_prelink.sh
Renumbering 4.x checks
2019-08-28 17:26:27 +02:00
1.7.1.1_remove_os_info_motd.sh
Renum warning banners checks 11.x to 1.7.x
2019-09-12 15:42:22 +02:00
1.7.1.2_remove_os_info_issue.sh
Renum warning banners checks 11.x to 1.7.x
2019-09-12 15:42:22 +02:00
1.7.1.3_remove_os_info_issue_net.sh
Renum warning banners checks 11.x to 1.7.x
2019-09-12 15:42:22 +02:00
1.7.1.4_motd_perms.sh
Fix typos
2019-10-30 15:18:52 +01:00
1.7.1.5_etc_issue_perms.sh
Fix spelling mistakes and numbering in comments
2020-10-28 10:09:10 +01:00
1.7.1.6_etc_issue_net_perms.sh
Fix spelling mistakes and numbering in comments
2020-10-28 10:09:10 +01:00
1.7.2_graphical_warning_banners.sh
Renum warning banners checks 11.x to 1.7.x
2019-09-12 15:42:22 +02:00
1.8_install_updates.sh
Fix typos
2019-10-30 15:18:52 +01:00
2.1.1_disable_xinetd.sh
Renumbering OS services checks and removing obsolete ones
2019-08-29 10:33:23 +02:00
2.1.2_disable_bsd_inetd.sh
Fix spelling mistakes and numbering in comments
2020-10-28 10:09:10 +01:00
2.2.1.1_use_time_sync.sh
Renumber special purpose services 6.x
2019-08-29 16:02:39 +02:00
2.2.1.2_configure_ntp.sh
Renumber special purpose services 6.x
2019-08-29 16:02:39 +02:00
2.2.1.3_configure_chrony.sh
Renumber special purpose services 6.x
2019-08-29 16:02:39 +02:00
2.2.2_disable_xwindow_system.sh
Renumber special purpose services 6.x
2019-08-29 16:02:39 +02:00
2.2.3_disable_avahi_server.sh
Renumber special purpose services 6.x
2019-08-29 16:02:39 +02:00
2.2.4_disable_print_server.sh
Add missing tests CUPS, telnet and LDAP
2019-10-21 14:45:25 +02:00
2.2.5_disable_dhcp.sh
Renumber special purpose services 6.x
2019-08-29 16:02:39 +02:00
2.2.6_disable_ldap.sh
Renumber special purpose services 6.x
2019-08-29 16:02:39 +02:00
2.2.7_disable_nfs_rpc.sh
Renumber special purpose services 6.x
2019-08-29 16:02:39 +02:00
2.2.8_disable_dns_server.sh
Renumber special purpose services 6.x
2019-08-29 16:02:39 +02:00
2.2.9_disable_ftp.sh
Renumber special purpose services 6.x
2019-08-29 16:02:39 +02:00
2.2.10_disable_http_server.sh
Renumber special purpose services 6.x
2019-08-29 16:02:39 +02:00
2.2.11_disable_imap_pop.sh
Renumber special purpose services 6.x
2019-08-29 16:02:39 +02:00
2.2.12_disable_samba.sh
FIX(2.2.12): smbd enabling check was wrong
2020-11-02 16:53:04 +01:00
2.2.13_disable_http_proxy.sh
Renumber special purpose services 6.x
2019-08-29 16:02:39 +02:00
2.2.14_disable_snmp_server.sh
Renumber special purpose services 6.x
2019-08-29 16:02:39 +02:00
2.2.15_mta_localhost.sh
Renumber special purpose services 6.x
2019-08-29 16:02:39 +02:00
2.2.16_disable_rsync.sh
Renumber special purpose services 6.x
2019-08-29 16:02:39 +02:00
2.2.18_disable_telnet_server.sh
FIX(2.3.18): Re-add telnet server check
2020-11-03 09:38:13 +01:00
2.3.1_disable_nis.sh
Renumbering OS services checks and removing obsolete ones
2019-08-29 10:33:23 +02:00
2.3.2_disable_rsh_client.sh
Renumbering OS services checks and removing obsolete ones
2019-08-29 10:33:23 +02:00
2.3.3_disable_talk_client.sh
Renumbering OS services checks and removing obsolete ones
2019-08-29 10:33:23 +02:00
2.3.4_disable_telnet_client.sh
FIX(2.3.18): Re-add telnet server check
2020-11-03 09:38:13 +01:00
2.3.5_disable_ldap_client.sh
FIX(2.3.18): Re-add telnet server check
2020-11-03 09:38:13 +01:00
3.1.1_disable_ip_forwarding.sh
FIX(3.1.1): fix unbound variable issue
2020-11-12 10:15:41 +01:00
3.1.2_disable_send_packet_redirects.sh
Renumber network params 7.1.x, 7.2.x and 7.3
2019-08-30 14:14:29 +02:00
3.2.1_disable_source_routed_packets.sh
FIX(3.1.1,3.2.1,3.2.2): don't check for IPv6 options if IPv6 is disabled
2020-11-02 17:16:11 +01:00
3.2.2_disable_icmp_redirect.sh
FIX(3.1.1,3.2.1,3.2.2): don't check for IPv6 options if IPv6 is disabled
2020-11-02 17:16:11 +01:00
3.2.3_disable_secure_icmp_redirect.sh
Renumber network params 7.1.x, 7.2.x and 7.3
2019-08-30 14:14:29 +02:00
3.2.4_log_martian_packets.sh
Renumber network params 7.1.x, 7.2.x and 7.3
2019-08-30 14:14:29 +02:00
3.2.5_ignore_broadcast_requests.sh
Renumber network params 7.1.x, 7.2.x and 7.3
2019-08-30 14:14:29 +02:00
3.2.6_enable_bad_error_message_protection.sh
ADD(3.2.6): add check mysteriously deleted during renaming
2020-10-30 16:09:21 +01:00
3.2.7_enable_source_route_validation.sh
ADD(3.2.7): add check mysteriously deleted during renaming
2020-10-30 16:09:25 +01:00
3.2.8_enable_tcp_syn_cookies.sh
Renumber network params 7.1.x, 7.2.x and 7.3
2019-08-30 14:14:29 +02:00
3.2.9_disable_ipv6_router_advertisement.sh
Renumber network params 7.1.x, 7.2.x and 7.3
2019-08-30 14:14:29 +02:00
3.3.1_install_tcp_wrapper.sh
Renumber 7.4.x tcp wrappers
2019-08-30 17:11:03 +02:00
3.3.2_hosts_allow.sh
Renumber 7.4.x tcp wrappers
2019-08-30 17:11:03 +02:00
3.3.3_hosts_deny.sh
Renumber 7.4.x tcp wrappers
2019-08-30 17:11:03 +02:00
3.3.4_hosts_allow_permissions.sh
Renumber 7.4.x tcp wrappers
2019-08-30 17:11:03 +02:00
3.3.5_hosts_deny_permissions.sh
Renumber 7.4.x tcp wrappers
2019-08-30 17:11:03 +02:00
3.4.1_disable_dccp.sh
Renumber 7.5.x and 7.6
2019-08-30 17:18:26 +02:00
3.4.2_disable_sctp.sh
Renumber 7.5.x and 7.6
2019-08-30 17:18:26 +02:00
3.4.3_disable_rds.sh
Renumber 7.5.x and 7.6
2019-08-30 17:18:26 +02:00
3.4.4_disable_tipc.sh
Renumber 7.5.x and 7.6
2019-08-30 17:18:26 +02:00
3.5_enable_firewall.sh
Fix spelling mistakes and numbering in comments
2020-10-28 10:09:10 +01:00
3.5.1.1_net_fw_default_policy_drop.sh
Renumbering custom 99.* scripts as newcomers to CIS benchmark
2019-10-18 17:26:31 +02:00
3.6_disable_wireless.sh
Renumber 7.5.x and 7.6
2019-08-30 17:18:26 +02:00
3.7_disable_ipv6.sh
Renumber network params 7.1.x, 7.2.x and 7.3
2019-08-30 14:14:29 +02:00
4.1.1.1_audit_log_storage.sh
Renum 8.1.x auditing configuration
2019-09-09 16:45:54 +02:00
4.1.1.2_halt_when_audit_log_full.sh
Renum 8.1.x auditing configuration
2019-09-09 16:45:54 +02:00
4.1.1.3_keep_all_audit_logs.sh
Renum 8.1.x auditing configuration
2019-09-09 16:45:54 +02:00
4.1.2_enable_auditd.sh
Renum 8.1.x auditing configuration
2019-09-09 16:45:54 +02:00
4.1.3_audit_bootloader.sh
Renum 8.1.x auditing configuration
2019-09-09 16:45:54 +02:00
4.1.4_record_date_time_edit.sh
Renum 8.1.x auditing configuration
2019-09-09 16:45:54 +02:00
4.1.5_record_user_group_edit.sh
Renum 8.1.x auditing configuration
2019-09-09 16:45:54 +02:00
4.1.6_record_network_edit.sh
Renum 8.1.x auditing configuration
2019-09-09 16:45:54 +02:00
4.1.7_record_mac_edit.sh
Renum 8.1.x auditing configuration
2019-09-09 16:45:54 +02:00
4.1.8_record_login_logout.sh
Renum 8.1.x auditing configuration
2019-09-09 16:45:54 +02:00
4.1.9_record_session_init.sh
Renum 8.1.x auditing configuration
2019-09-09 16:45:54 +02:00
4.1.10_record_dac_edit.sh
Renum 8.1.x auditing configuration
2019-09-09 16:45:54 +02:00
4.1.11_record_failed_access_file.sh
Renum 8.1.x auditing configuration
2019-09-09 16:45:54 +02:00
4.1.12_record_privileged_commands.sh
Renum 8.1.x auditing configuration
2019-09-09 16:45:54 +02:00
4.1.13_record_successful_mount.sh
Renum 8.1.x auditing configuration
2019-09-09 16:45:54 +02:00
4.1.14_record_file_deletions.sh
Renum 8.1.x auditing configuration
2019-09-09 16:45:54 +02:00
4.1.15_record_sudoers_edit.sh
Fix spelling mistakes and numbering in comments
2020-10-28 10:09:10 +01:00
4.1.16_record_sudo_usage.sh
Renum 8.1.x auditing configuration
2019-09-09 16:45:54 +02:00
4.1.17_record_kernel_modules.sh
Renum 8.1.x auditing configuration
2019-09-09 16:45:54 +02:00
4.1.18_freeze_auditd_conf.sh
Renum 8.1.x auditing configuration
2019-09-09 16:45:54 +02:00
4.2.2.1_enable_syslog-ng.sh
Renum 8.2.x to 4.2.2.x for syslog-ng
2019-09-11 11:52:24 +02:00
4.2.2.2_configure_syslog-ng.sh
Renum 8.2.x to 4.2.2.x for syslog-ng
2019-09-11 11:52:24 +02:00
4.2.2.3_syslog_ng_logfiles_perm.sh
Revert to previous check (8.2.4 in old num)
2020-11-16 14:06:39 +01:00
4.2.2.4_syslog-ng_remote_host.sh
Renum 8.2.x to 4.2.2.x for syslog-ng
2019-09-11 11:52:24 +02:00
4.2.2.5_remote_syslog-ng_acl.sh
Renum 8.2.x to 4.2.2.x for syslog-ng
2019-09-11 11:52:24 +02:00
4.2.3_install_syslog-ng.sh
CLEAN(4.2.2): delete 4.2.2, duplicate with 4.2.3
2020-10-30 14:40:48 +01:00
4.2.4_logs_permissions.sh
IMP(4.2.4): use functions in utils
2020-10-30 14:49:16 +01:00
4.3_configure_logrotate.sh
Renum logrotate config 8.4 to 4.3
2019-10-18 17:32:41 +02:00
4.5_enable_apparmor.sh
Update debian 7/8/9 in help files and remove in generic scripts
2019-02-06 15:19:14 +01:00
5.1.1_enable_cron.sh
Renum 9.1.x to 5.1.x cron checks
2019-09-11 12:16:50 +02:00
5.1.2_crontab_perm_ownership.sh
Renum 9.1.x to 5.1.x cron checks
2019-09-11 12:16:50 +02:00
5.1.3_cron_hourly_perm_ownership.sh
Renum 9.1.x to 5.1.x cron checks
2019-09-11 12:16:50 +02:00
5.1.4_cron_daily_perm_ownership.sh
Renum 9.1.x to 5.1.x cron checks
2019-09-11 12:16:50 +02:00
5.1.5_cron_weekly_perm_ownership.sh
Renum 9.1.x to 5.1.x cron checks
2019-09-11 12:16:50 +02:00
5.1.6_cron_monthly_perm_ownership.sh
Renum 9.1.x to 5.1.x cron checks
2019-09-11 12:16:50 +02:00
5.1.7_cron_d_perm_ownership.sh
Renum 9.1.x to 5.1.x cron checks
2019-09-11 12:16:50 +02:00
5.1.8_cron_users.sh
Renum 9.1.x to 5.1.x cron checks
2019-09-11 12:16:50 +02:00
5.2.1_sshd_conf_perm_ownership.sh
Renum ssh config check 9.3.x to 5.2.x
2019-09-11 17:12:54 +02:00
5.2.2_ssh_host_private_keys_perm_ownership.sh
FIX(5.2.2,5.2.3) find was not working properly
2020-10-27 12:47:11 +01:00
5.2.3_ssh_host_public_keys_perm_ownership.sh
IMP(5.2.3): 640 permission is now ok for the check
2020-11-16 14:08:42 +01:00
5.2.4_sshd_protocol.sh
IMP(5.2.x): add tests and default_config
2020-10-29 11:18:31 +01:00
5.2.5_sshd_loglevel.sh
Renum ssh config check 9.3.x to 5.2.x
2019-09-11 17:12:54 +02:00
5.2.6_disable_x11_forwarding.sh
IMP(5.2.x): add tests and default_config
2020-10-29 11:18:31 +01:00
5.2.7_sshd_maxauthtries.sh
IMP(5.2.x): add tests and default_config
2020-10-29 11:18:31 +01:00
5.2.8_enable_sshd_ignorerhosts.sh
IMP(5.2.x): add tests and default_config
2020-10-29 11:18:31 +01:00
5.2.9_disable_sshd_hostbasedauthentication.sh
IMP(5.2.x): add tests and default_config
2020-10-29 11:18:31 +01:00
5.2.10_disable_root_login.sh
IMP(5.2.x): add tests and default_config
2020-10-29 11:18:31 +01:00
5.2.11_disable_sshd_permitemptypasswords.sh
IMP(5.2.x): add tests and default_config
2020-10-29 11:18:31 +01:00
5.2.12_disable_sshd_setenv.sh
IMP(5.2.x): add tests and default_config
2020-10-29 11:18:31 +01:00
5.2.13_sshd_ciphers.sh
IMP(5.2.x): add tests and default_config
2020-10-29 11:18:31 +01:00
5.2.14_ssh_cry_mac.sh
Renum ssh config check 9.3.x to 5.2.x
2019-09-11 17:12:54 +02:00
5.2.15_ssh_cry_kex.sh
Renum ssh config check 9.3.x to 5.2.x
2019-09-11 17:12:54 +02:00
5.2.16_sshd_idle_timeout.sh
IMP(5.2.x): add tests and default_config
2020-10-29 11:18:31 +01:00
5.2.17_sshd_login_grace_time.sh
IMP(5.2.x): add tests and default_config
2020-10-29 11:18:31 +01:00
5.2.18_sshd_limit_access.sh
Renum ssh config check 9.3.x to 5.2.x
2019-09-11 17:12:54 +02:00
5.2.19_ssh_banner.sh
Renum ssh config check 9.3.x to 5.2.x
2019-09-11 17:12:54 +02:00
5.3.1_enable_pwquality.sh
FIX: change name to fit check content (cracklib -> pwquality)
2019-10-30 15:40:15 +01:00
5.3.2_enable_lockout_failed_password.sh
Renum 9.2.x to 5.3.x Pam password settings
2019-09-11 15:40:00 +02:00
5.3.3_limit_password_reuse.sh
Renum 9.2.x to 5.3.x Pam password settings
2019-09-11 15:40:00 +02:00
5.3.4_acc_pam_sha512.sh
Renumbering custom 99.* scripts as newcomers to CIS benchmark
2019-10-18 17:26:31 +02:00
5.4.1.1_set_password_exp_days.sh
Renum login.defs 10.1.x to 5.4.1.x
2019-09-12 10:43:48 +02:00
5.4.1.2_set_password_min_days_change.sh
Renum login.defs 10.1.x to 5.4.1.x
2019-09-12 10:43:48 +02:00
5.4.1.3_set_password_exp_warning_days.sh
Renum login.defs 10.1.x to 5.4.1.x
2019-09-12 10:43:48 +02:00
5.4.1.4_lock_inactive_user_account.sh
Renum 10.x to 5.4.x
2019-09-12 10:55:43 +02:00
5.4.2_disable_system_accounts.sh
Renum 10.x to 5.4.x
2019-09-12 10:55:43 +02:00
5.4.3_default_root_group.sh
Renum 10.x to 5.4.x
2019-09-12 10:55:43 +02:00
5.4.4_default_umask.sh
Renum 10.x to 5.4.x
2019-09-12 10:55:43 +02:00
5.5_secure_tty.sh
Renum 9.x tty and su checks
2019-09-11 17:16:54 +02:00
5.6_restrict_su.sh
Renum 9.x tty and su checks
2019-09-11 17:16:54 +02:00
6.1.2_etc_passwd_permissions.sh
Renum 12.x checks to 6.1.x Verify_System_File_Permissions
2019-09-12 16:44:45 +02:00
6.1.3_etc_shadow_permissions.sh
Renum 12.x checks to 6.1.x Verify_System_File_Permissions
2019-09-12 16:44:45 +02:00
6.1.4_etc_group_permissions.sh
Renum 12.x checks to 6.1.x Verify_System_File_Permissions
2019-09-12 16:44:45 +02:00
6.1.10_find_world_writable_file.sh
Renum 12.x checks to 6.1.x Verify_System_File_Permissions
2019-09-12 16:44:45 +02:00
6.1.11_find_unowned_files.sh
Renum 12.x checks to 6.1.x Verify_System_File_Permissions
2019-09-12 16:44:45 +02:00
6.1.12_find_ungrouped_files.sh
Renum 12.x checks to 6.1.x Verify_System_File_Permissions
2019-09-12 16:44:45 +02:00
6.1.13_find_suid_files.sh
Renum 12.x checks to 6.1.x Verify_System_File_Permissions
2019-09-12 16:44:45 +02:00
6.1.14_find_sgid_files.sh
Renum 12.x checks to 6.1.x Verify_System_File_Permissions
2019-09-12 16:44:45 +02:00
6.2.1_remove_empty_password_field.sh
Fix race condition on /etc/passwd, /etc/shadow and /etc/group
2020-11-16 14:09:12 +01:00
6.2.2_remove_legacy_passwd_entries.sh
Renum User and Groups settings 13.x to 6.2.x
2019-09-12 17:43:12 +02:00
6.2.3_remove_legacy_shadow_entries.sh
IMP(6.2.2,6.2.3,6.2.4): add purposely failing tests
2020-10-26 14:46:42 +01:00
6.2.4_remove_legacy_group_entries.sh
Renum User and Groups settings 13.x to 6.2.x
2019-09-12 17:43:12 +02:00
6.2.5_find_0_uid_non_root_account.sh
Renum User and Groups settings 13.x to 6.2.x
2019-09-12 17:43:12 +02:00
6.2.6_sanitize_root_path.sh
IMP(6.2.6): add purposely failing tests
2020-10-27 09:17:57 +01:00
6.2.7_users_valid_homedir.sh
Fix race condition on /etc/passwd, /etc/shadow and /etc/group
2020-11-16 14:09:12 +01:00
6.2.8_check_user_dir_perm.sh
Fix race condition on /etc/passwd, /etc/shadow and /etc/group
2020-11-16 14:09:12 +01:00
6.2.9_users_valid_homedir.sh
Fix race condition on /etc/passwd, /etc/shadow and /etc/group
2020-11-16 14:09:12 +01:00
6.2.10_check_user_dot_file_perm.sh
Fix race condition on /etc/passwd, /etc/shadow and /etc/group
2020-11-16 14:09:12 +01:00
6.2.11_find_user_forward_files.sh
Fix race condition on /etc/passwd, /etc/shadow and /etc/group
2020-11-16 14:09:12 +01:00
6.2.12_find_user_netrc_files.sh
Fix race condition on /etc/passwd, /etc/shadow and /etc/group
2020-11-16 14:09:12 +01:00
6.2.13_set_perm_on_user_netrc.sh
Fix race condition on /etc/passwd, /etc/shadow and /etc/group
2020-11-16 14:09:12 +01:00
6.2.14_find_user_rhosts_files.sh
Fix race condition on /etc/passwd, /etc/shadow and /etc/group
2020-11-16 14:09:12 +01:00
6.2.15_find_passwd_group_inconsistencies.sh
Renum User and Groups settings 13.x to 6.2.x
2019-09-12 17:43:12 +02:00
6.2.16_check_duplicate_uid.sh
Fix race condition on /etc/passwd, /etc/shadow and /etc/group
2020-11-16 14:09:12 +01:00
6.2.17_check_duplicate_gid.sh
Fix race condition on /etc/passwd, /etc/shadow and /etc/group
2020-11-16 14:09:12 +01:00
6.2.18_check_duplicate_username.sh
Fix race condition on /etc/passwd, /etc/shadow and /etc/group
2020-11-16 14:09:12 +01:00
6.2.19_check_duplicate_groupname.sh
Fix race condition on /etc/passwd, /etc/shadow and /etc/group
2020-11-16 14:09:12 +01:00
6.2.20_shadow_group_empty.sh
Renum User and Groups settings 13.x to 6.2.x
2019-09-12 17:43:12 +02:00
8.0_enable_auditd_kernel.sh
FIX CONFIG_AUDIT test
2019-02-21 11:15:48 +01:00
8.3.1_install_tripwire.sh
Update debian 7/8/9 in help files and remove in generic scripts
2019-02-06 15:19:14 +01:00
8.3.2_tripwire_cron.sh
FIX(8.3.2): add $SUDO_CMD to find
2019-02-28 17:52:47 +01:00
99.1_timeout_tty.sh
FIX(99.1): remove dot in files to search
2019-04-04 12:18:15 +02:00
99.2_disable_usb_devices.sh
FIX(99.2): add missing $SUDO_CMD
2019-02-15 16:56:54 +01:00
99.3.1_acc_shadow_sha512.sh
IMP(99.3.1): improve check with disabled passwords
2019-08-28 11:49:01 +02:00
99.3.2_acc_sudoers_no_all.sh
Change default status to audit for file with custom create_config
2019-02-14 14:33:21 +01:00
99.3.4_acc_logindefs_sha512.sh
Migrate generic checks from secaudit to cis-hardening
2017-12-20 15:14:30 +01:00
99.5.1_ssh_auth_pubk_only.sh
Migrate generic checks from secaudit to cis-hardening
2017-12-20 15:14:30 +01:00
99.5.2.3_ssh_cry_rekey.sh
Migrate generic checks from secaudit to cis-hardening
2017-12-20 15:14:30 +01:00
99.5.3_ssh_disable_features.sh
Migrate generic checks from secaudit to cis-hardening
2017-12-20 15:14:30 +01:00
99.5.4_ssh_keys_from.sh
FIX(99.5.4): fix test (permission denied on authorized_keys)
2020-11-05 15:05:12 +01:00
99.5.5_ssh_strict_modes.sh
Migrate generic checks from secaudit to cis-hardening
2017-12-20 15:14:30 +01:00
99.5.6_ssh_sys_accept_env.sh
Fix spelling mistakes and numbering in comments
2020-10-28 10:09:10 +01:00
99.5.7_ssh_sys_no_legacy.sh
Migrate generic checks from secaudit to cis-hardening
2017-12-20 15:14:30 +01:00
99.5.8_ssh_sys_sandbox.sh
Migrate generic checks from secaudit to cis-hardening
2017-12-20 15:14:30 +01:00
99.5.9_ssh_loglevel.sh
Migrate generic checks from secaudit to cis-hardening
2017-12-20 15:14:30 +01:00