debian-cis/bin/hardening
Thibault Dewailly b6aba4cc88 Merge pull request #12 from speed47/dev/enhancements
Hardening Classification
subs enhancements as well as bug fixes
2017-09-28 13:22:59 +02:00
..
.gitignore Initial Commit Basic folders 2016-04-01 07:50:08 +02:00
1.1_install_updates.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
2.1_tmp_partition.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
2.2_tmp_nodev.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
2.3_tmp_nosuid.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
2.4_tmp_noexec.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
2.5_var_partition.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
2.6.1_var_tmp_partition.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
2.6.2_var_tmp_nodev.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
2.6.3_var_tmp_nosuid.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
2.6.4_var_tmp_noexec.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
2.7_var_log_partition.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
2.8_var_log_audit_partition.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
2.9_home_partition.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
2.10_home_nodev.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
2.11_removable_device_nodev.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
2.12_removable_device_noexec.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
2.13_removable_device_nosuid.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
2.14_run_shm_nodev.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
2.15_run_shm_nosuid.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
2.16_run_shm_noexec.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
2.17_sticky_bit_world_writable_folder.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
2.18_disable_cramfs.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
2.19_disable_freevxfs.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
2.20_disable_jffs2.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
2.21_disable_hfs.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
2.22_disable_hfsplus.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
2.23_disable_squashfs.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
2.24_disable_udf.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
2.25_disable_automounting.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
3.1_bootloader_ownership.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
3.2_bootloader_permissions.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
3.3_bootloader_password.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
3.4_root_password.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
4.1_restrict_core_dumps.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
4.2_enable_nx_support.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
4.3_enable_randomized_vm_placement.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
4.4_disable_prelink.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
4.5_enable_apparmor.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
5.1.1_disable_nis.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
5.1.2_disable_rsh.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
5.1.3_disable_rsh_client.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
5.1.4_disable_talk.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
5.1.5_disable_talk_client.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
5.1.6_disable_telnet_server.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
5.1.7_disable_tftp_server.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
5.1.8_disable_inetd.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
5.2_disable_chargen.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
5.3_disable_daytime.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
5.4_disable_echo.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
5.5_disable_discard.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
5.6_disable_time.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
6.1_disable_xwindow_system.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
6.2_disable_avahi_server.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
6.3_disable_print_server.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
6.4_disable_dhcp.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
6.5_configure_ntp.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
6.6_disable_ldap.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
6.7_disable_nfs_rpc.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
6.8_disable_dns_server.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
6.9_disable_ftp.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
6.10_disable_http_server.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
6.11_disable_imap_pop.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
6.12_disable_samba.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
6.13_disable_http_proxy.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
6.14_disable_snmp_server.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
6.15_mta_localhost.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
6.16_disable_rsync.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
7.1.1_disable_ip_forwarding.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
7.1.2_disable_send_packet_redirects.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
7.2.1_disable_source_routed_packets.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
7.2.2_disable_icmp_redirect.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
7.2.3_disable_secure_icmp_redirect.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
7.2.4_log_martian_packets.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
7.2.5_ignore_broadcast_requests.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
7.2.6_enable_bad_error_message_protection.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
7.2.7_enable_source_route_validation.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
7.2.8_enable_tcp_syn_cookies.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
7.3.1_disable_ipv6_router_advertisement.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
7.3.2_disable_ipv6_redirect.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
7.3.3_disable_ipv6.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
7.4.1_install_tcp_wrapper.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
7.4.2_hosts_allow.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
7.4.3_hosts_allow_permissions.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
7.4.4_hosts_deny.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
7.4.5_hosts_deny_permissions.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
7.5.1_disable_dccp.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
7.5.2_disable_sctp.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
7.5.3_disable_rds.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
7.5.4_disable_tipc.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
7.6_disable_wireless.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
7.7_enable_firewall.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
8.0_enable_auditd_kernel.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
8.1.1.1_audit_log_storage.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
8.1.1.2_halt_when_audit_log_full.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
8.1.1.3_keep_all_audit_logs.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
8.1.2_enable_auditd.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
8.1.3_audit_bootloader.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
8.1.4_record_date_time_edit.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
8.1.5_record_user_group_edit.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
8.1.6_record_network_edit.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
8.1.7_record_mac_edit.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
8.1.8_record_login_logout.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
8.1.9_record_session_init.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
8.1.10_record_dac_edit.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
8.1.11_record_failed_access_file.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
8.1.12_record_privileged_commands.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
8.1.13_record_successful_mount.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
8.1.14_record_file_deletions.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
8.1.15_record_sudoers_edit.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
8.1.16_record_sudo_usage.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
8.1.17_record_kernel_modules.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
8.1.18_freeze_auditd_conf.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
8.2.1_install_syslog-ng.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
8.2.2_enable_syslog-ng.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
8.2.3_configure_syslog-ng.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
8.2.4_set_logfile_perm.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
8.2.5_syslog-ng_remote_host.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
8.2.6_remote_syslog-ng_acl.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
8.3.1_install_tripwire.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
8.3.2_tripwire_cron.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
8.4_configure_logrotate.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
9.1.1_enable_cron.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
9.1.2_crontab_perm_ownership.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
9.1.3_cron_hourly_perm_ownership.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
9.1.4_cron_daily_perm_ownership.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
9.1.5_cron_weekly_perm_ownership.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
9.1.6_cron_monthly_perm_ownership.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
9.1.7_cron_d_perm_ownership.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
9.1.8_cron_users.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
9.2.1_enable_cracklib.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
9.2.2_enable_lockout_failed_password.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
9.2.3_limit_password_reuse.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
9.3.1_sshd_protocol.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
9.3.2_sshd_loglevel.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
9.3.3_sshd_conf_perm_ownership.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
9.3.4_disable_x11_forwarding.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
9.3.5_sshd_maxauthtries.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
9.3.6_enable_sshd_ignorerhosts.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
9.3.7_disable_sshd_hostbasedauthentication.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
9.3.8_disable_root_login.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
9.3.9_disable_sshd_permitemptypasswords.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
9.3.10_disable_sshd_setenv.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
9.3.11_sshd_ciphers.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
9.3.12_sshd_idle_timeout.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
9.3.13_sshd_limit_access.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
9.3.14_ssh_banner.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
9.4_secure_tty.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
9.5_restrict_su.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
10.1.1_set_password_exp_days.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
10.1.2_set_password_min_days_change.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
10.1.3_set_password_exp_warning_days.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
10.2_disable_system_accounts.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
10.3_default_root_group.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
10.4_default_umask.sh Merge pull request #12 from speed47/dev/enhancements 2017-09-28 13:22:59 +02:00
10.5_lock_inactive_user_account.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
11.1_warning_banners.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
11.2_remove_os_info_warning_banners.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
11.3_graphical_warning_banners.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
12.1_etc_passwd_permissions.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
12.2_etc_shadow_permissions.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
12.3_etc_group_permissions.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
12.4_etc_passwd_ownership.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
12.5_etc_shadow_ownership.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
12.6_etc_group_ownership.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
12.7_find_world_writable_file.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
12.8_find_unowned_files.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
12.9_find_ungrouped_files.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
12.10_find_suid_files.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
12.11_find_sgid_files.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
13.1_remove_empty_password_field.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
13.2_remove_legacy_passwd_entries.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
13.3_remove_legacy_shadow_entries.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
13.4_remove_legacy_group_entries.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
13.5_find_0_uid_non_root_account.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
13.6_sanitize_root_path.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
13.7_check_user_dir_perm.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
13.8_check_user_dot_file_perm.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
13.9_set_perm_on_user_netrc.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
13.10_find_user_rhosts_files.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
13.11_find_passwd_group_inconsistencies.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
13.12_users_valid_homedir.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
13.13_check_user_homedir_ownership.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
13.14_check_duplicate_uid.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
13.15_check_duplicate_gid.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
13.16_check_duplicate_username.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
13.17_check_duplicate_groupname.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
13.18_find_user_netrc_files.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
13.19_find_user_forward_files.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
13.20_shadow_group_empty.sh add hardening templating and several enhancements 2017-06-13 18:30:29 +02:00
99.1_timeout_tty.sh No more wildcards in file list to be more resilient 2017-06-13 15:36:06 +02:00
99.2_disable_usb_devices.sh No more wildcards in file list to be more resilient 2017-06-13 15:36:06 +02:00