mirror of
https://github.com/ovh/debian-cis.git
synced 2024-12-23 06:28:50 +01:00
c9e19b51e6
renamed: bin/hardening/4.1.2_enable_auditd.sh -> bin/hardening/4.1.1.2_enable_auditd.sh renamed: bin/hardening/4.1.3_audit_bootloader.sh -> bin/hardening/4.1.1.3_audit_bootloader.sh renamed: bin/hardening/4.1.11_record_failed_access_file.sh -> bin/hardening/4.1.10_record_failed_access_file.sh renamed: bin/hardening/4.1.12_record_privileged_commands.sh -> bin/hardening/4.1.11_record_privileged_commands.sh renamed: bin/hardening/4.1.13_record_successful_mount.sh -> bin/hardening/4.1.12_record_successful_mount.sh renamed: bin/hardening/4.1.14_record_file_deletions.sh -> bin/hardening/4.1.13_record_file_deletions.sh renamed: bin/hardening/4.1.15_record_sudoers_edit.sh -> bin/hardening/4.1.14_record_sudoers_edit.sh renamed: bin/hardening/4.1.16_record_sudo_usage.sh -> bin/hardening/4.1.15_record_sudo_usage.sh renamed: bin/hardening/4.1.17_record_kernel_modules.sh -> bin/hardening/4.1.16_record_kernel_modules.sh renamed: bin/hardening/4.1.18_freeze_auditd_conf.sh -> bin/hardening/4.1.17_freeze_auditd_conf.sh renamed: bin/hardening/4.1.1.1_audit_log_storage.sh -> bin/hardening/4.1.2.1_audit_log_storage.sh renamed: bin/hardening/4.1.1.2_halt_when_audit_log_full.sh -> bin/hardening/4.1.2.2_halt_when_audit_log_full.sh renamed: bin/hardening/4.1.1.3_keep_all_audit_logs.sh -> bin/hardening/4.1.2.3_keep_all_audit_logs.sh renamed: bin/hardening/4.1.4_record_date_time_edit.sh -> bin/hardening/4.1.3_record_date_time_edit.sh renamed: bin/hardening/4.1.5_record_user_group_edit.sh -> bin/hardening/4.1.4_record_user_group_edit.sh renamed: bin/hardening/4.1.6_record_network_edit.sh -> bin/hardening/4.1.5_record_network_edit.sh renamed: bin/hardening/4.1.7_record_mac_edit.sh -> bin/hardening/4.1.6_record_mac_edit.sh renamed: bin/hardening/4.1.8_record_login_logout.sh -> bin/hardening/4.1.7_record_login_logout.sh renamed: bin/hardening/4.1.9_record_session_init.sh -> bin/hardening/4.1.8_record_session_init.sh renamed: bin/hardening/4.1.10_record_dac_edit.sh -> bin/hardening/4.1.9_record_dac_edit.sh renamed: bin/hardening/4.2.3_install_syslog-ng.sh -> bin/hardening/4.2.2.1_install_syslog-ng.sh renamed: bin/hardening/4.2.2.1_enable_syslog-ng.sh -> bin/hardening/4.2.2.2_enable_syslog-ng.sh renamed: bin/hardening/4.2.2.2_configure_syslog-ng.sh -> bin/hardening/4.2.2.3_configure_syslog-ng.sh renamed: bin/hardening/4.2.2.3_syslog_ng_logfiles_perm.sh -> bin/hardening/4.2.2.4_syslog_ng_logfiles_perm.sh renamed: bin/hardening/4.2.2.4_syslog-ng_remote_host.sh -> bin/hardening/4.2.2.5_syslog-ng_remote_host.sh renamed: bin/hardening/4.2.2.5_remote_syslog-ng_acl.sh -> bin/hardening/4.2.2.6_remote_syslog-ng_acl.sh renamed: bin/hardening/4.2.4_logs_permissions.sh -> bin/hardening/4.2.3_logs_permissions.sh renamed: tests/hardening/4.1.2_enable_auditd.sh -> tests/hardening/4.1.1.2_enable_auditd.sh renamed: tests/hardening/4.1.3_audit_bootloader.sh -> tests/hardening/4.1.1.3_audit_bootloader.sh renamed: tests/hardening/4.1.11_record_failed_access_file.sh -> tests/hardening/4.1.10_record_failed_access_file.sh renamed: tests/hardening/4.1.12_record_privileged_commands.sh -> tests/hardening/4.1.11_record_privileged_commands.sh renamed: tests/hardening/4.1.13_record_successful_mount.sh -> tests/hardening/4.1.12_record_successful_mount.sh renamed: tests/hardening/4.1.14_record_file_deletions.sh -> tests/hardening/4.1.13_record_file_deletions.sh renamed: tests/hardening/4.1.15_record_sudoers_edit.sh -> tests/hardening/4.1.14_record_sudoers_edit.sh renamed: tests/hardening/4.1.16_record_sudo_usage.sh -> tests/hardening/4.1.15_record_sudo_usage.sh renamed: tests/hardening/4.1.17_record_kernel_modules.sh -> tests/hardening/4.1.16_record_kernel_modules.sh renamed: tests/hardening/4.1.18_freeze_auditd_conf.sh -> tests/hardening/4.1.17_freeze_auditd_conf.sh renamed: tests/hardening/4.1.1.1_audit_log_storage.sh -> tests/hardening/4.1.2.1_audit_log_storage.sh renamed: tests/hardening/4.1.1.2_halt_when_audit_log_full.sh -> tests/hardening/4.1.2.2_halt_when_audit_log_full.sh renamed: tests/hardening/4.1.1.3_keep_all_audit_logs.sh -> tests/hardening/4.1.2.3_keep_all_audit_logs.sh renamed: tests/hardening/4.1.4_record_date_time_edit.sh -> tests/hardening/4.1.3_record_date_time_edit.sh renamed: tests/hardening/4.1.5_record_user_group_edit.sh -> tests/hardening/4.1.4_record_user_group_edit.sh renamed: tests/hardening/4.1.6_record_network_edit.sh -> tests/hardening/4.1.5_record_network_edit.sh renamed: tests/hardening/4.1.7_record_mac_edit.sh -> tests/hardening/4.1.6_record_mac_edit.sh renamed: tests/hardening/4.1.8_record_login_logout.sh -> tests/hardening/4.1.7_record_login_logout.sh renamed: tests/hardening/4.1.9_record_session_init.sh -> tests/hardening/4.1.8_record_session_init.sh renamed: tests/hardening/4.1.10_record_dac_edit.sh -> tests/hardening/4.1.9_record_dac_edit.sh renamed: tests/hardening/4.2.2.1_enable_syslog-ng.sh -> tests/hardening/4.2.2.1_install_syslog-ng.sh renamed: tests/hardening/4.2.2.2_configure_syslog-ng.sh -> tests/hardening/4.2.2.2_enable_syslog-ng.sh renamed: tests/hardening/4.2.2.3_syslog_ng_logfiles_perm.sh -> tests/hardening/4.2.2.3_configure_syslog-ng.sh renamed: tests/hardening/4.2.2.5_remote_syslog-ng_acl.sh -> tests/hardening/4.2.2.4_syslog_ng_logfiles_perm.sh renamed: tests/hardening/4.2.2.4_syslog-ng_remote_host.sh -> tests/hardening/4.2.2.5_syslog-ng_remote_host.sh renamed: tests/hardening/4.2.3_install_syslog-ng.sh -> tests/hardening/4.2.2.6_remote_syslog-ng_acl.sh renamed: tests/hardening/4.2.4_logs_permissions.sh -> tests/hardening/4.2.3_logs_permissions.sh |
||
---|---|---|
.. | ||
1.1.1.1_disable_freevxfs.sh | ||
1.1.1.2_disable_jffs2.sh | ||
1.1.1.3_disable_hfs.sh | ||
1.1.1.4_disable_hfsplus.sh | ||
1.1.1.5_disable_squashfs.sh | ||
1.1.1.6_disable_udf.sh | ||
1.1.2_tmp_partition.sh | ||
1.1.3_tmp_nodev.sh | ||
1.1.4_tmp_nosuid.sh | ||
1.1.5_tmp_noexec.sh | ||
1.1.6_var_partition.sh | ||
1.1.7_var_tmp_partition.sh | ||
1.1.8_var_tmp_nodev.sh | ||
1.1.9_var_tmp_nosuid.sh | ||
1.1.10_var_tmp_noexec.sh | ||
1.1.11_var_log_partition.sh | ||
1.1.12_var_log_audit_partition.sh | ||
1.1.13_home_partition.sh | ||
1.1.14_home_nodev.sh | ||
1.1.15_run_shm_nodev.sh | ||
1.1.16_run_shm_nosuid.sh | ||
1.1.17_run_shm_noexec.sh | ||
1.1.18_removable_device_nodev.sh | ||
1.1.19_removable_device_nosuid.sh | ||
1.1.20_removable_device_noexec.sh | ||
1.1.21_sticky_bit_world_writable_folder.sh | ||
1.1.22_disable_automounting.sh | ||
1.3.1_install_sudo.sh | ||
1.3.2_pty_sudo.sh | ||
1.3.3_logfile_sudo.sh | ||
1.5.1_bootloader_ownership.sh | ||
1.5.2_bootloader_password.sh | ||
1.5.3_root_password.sh | ||
1.6.1_enable_nx_support.sh | ||
1.6.2_enable_randomized_vm_placement.sh | ||
1.6.3_disable_prelink.sh | ||
1.6.4_restrict_core_dumps.sh | ||
1.7.1.2_enable_apparmor.sh | ||
1.8.1.1_remove_os_info_motd.sh | ||
1.8.1.2_remove_os_info_issue.sh | ||
1.8.1.3_remove_os_info_issue_net.sh | ||
1.8.1.4_motd_perms.sh | ||
1.8.1.5_etc_issue_perms.sh | ||
1.8.1.6_etc_issue_net_perms.sh | ||
1.8.2_graphical_warning_banners.sh | ||
1.9_install_updates.sh | ||
2.1.1_disable_xinetd.sh | ||
2.2.1.1_use_time_sync.sh | ||
2.2.1.3_configure_chrony.sh | ||
2.2.1.4_configure_ntp.sh | ||
2.2.2_disable_xwindow_system.sh | ||
2.2.3_disable_avahi_server.sh | ||
2.2.4_disable_print_server.sh | ||
2.2.5_disable_dhcp.sh | ||
2.2.6_disable_ldap.sh | ||
2.2.7_disable_nfs_rpc.sh | ||
2.2.8_disable_dns_server.sh | ||
2.2.9_disable_ftp.sh | ||
2.2.10_disable_http_server.sh | ||
2.2.11_disable_imap_pop.sh | ||
2.2.12_disable_samba.sh | ||
2.2.13_disable_http_proxy.sh | ||
2.2.14_disable_snmp_server.sh | ||
2.2.15_mta_localhost.sh | ||
2.2.16_disable_rsync.sh | ||
2.3.1_disable_nis.sh | ||
2.3.2_disable_rsh_client.sh | ||
2.3.3_disable_talk_client.sh | ||
2.3.4_disable_telnet_client.sh | ||
2.3.5_disable_ldap_client.sh | ||
3.1.1_disable_ipv6.sh | ||
3.1.2_disable_wireless.sh | ||
3.2.1_disable_send_packet_redirects.sh | ||
3.2.2_disable_ip_forwarding.sh | ||
3.3.1_disable_source_routed_packets.sh | ||
3.3.2_disable_icmp_redirect.sh | ||
3.3.3_disable_secure_icmp_redirect.sh | ||
3.3.4_log_martian_packets.sh | ||
3.3.5_ignore_broadcast_requests.sh | ||
3.3.6_enable_bad_error_message_protection.sh | ||
3.3.7_enable_source_route_validation.sh | ||
3.3.8_enable_tcp_syn_cookies.sh | ||
3.3.9_disable_ipv6_router_advertisement.sh | ||
3.4.1_disable_dccp.sh | ||
3.4.2_disable_sctp.sh | ||
3.4.3_disable_rds.sh | ||
3.4.4_disable_tipc.sh | ||
3.5.1.1_enable_firewall.sh | ||
3.5.4.1.1_net_fw_default_policy_drop.sh | ||
4.1.1.2_enable_auditd.sh | ||
4.1.1.3_audit_bootloader.sh | ||
4.1.2.1_audit_log_storage.sh | ||
4.1.2.2_halt_when_audit_log_full.sh | ||
4.1.2.3_keep_all_audit_logs.sh | ||
4.1.3_record_date_time_edit.sh | ||
4.1.4_record_user_group_edit.sh | ||
4.1.5_record_network_edit.sh | ||
4.1.6_record_mac_edit.sh | ||
4.1.7_record_login_logout.sh | ||
4.1.8_record_session_init.sh | ||
4.1.9_record_dac_edit.sh | ||
4.1.10_record_failed_access_file.sh | ||
4.1.11_record_privileged_commands.sh | ||
4.1.12_record_successful_mount.sh | ||
4.1.13_record_file_deletions.sh | ||
4.1.14_record_sudoers_edit.sh | ||
4.1.15_record_sudo_usage.sh | ||
4.1.16_record_kernel_modules.sh | ||
4.1.17_freeze_auditd_conf.sh | ||
4.2.1.1_install_syslog-ng.sh | ||
4.2.1.2_enable_syslog-ng.sh | ||
4.2.1.3_configure_syslog-ng.sh | ||
4.2.1.4_syslog_ng_logfiles_perm.sh | ||
4.2.1.5_syslog-ng_remote_host.sh | ||
4.2.1.6_remote_syslog-ng_acl.sh | ||
4.2.3_logs_permissions.sh | ||
4.3_configure_logrotate.sh | ||
5.1.1_enable_cron.sh | ||
5.1.2_crontab_perm_ownership.sh | ||
5.1.3_cron_hourly_perm_ownership.sh | ||
5.1.4_cron_daily_perm_ownership.sh | ||
5.1.5_cron_weekly_perm_ownership.sh | ||
5.1.6_cron_monthly_perm_ownership.sh | ||
5.1.7_cron_d_perm_ownership.sh | ||
5.1.8_cron_users.sh | ||
5.2.1_sshd_conf_perm_ownership.sh | ||
5.2.2_ssh_host_private_keys_perm_ownership.sh | ||
5.2.3_ssh_host_public_keys_perm_ownership.sh | ||
5.2.4_sshd_protocol.sh | ||
5.2.5_sshd_loglevel.sh | ||
5.2.6_disable_x11_forwarding.sh | ||
5.2.7_sshd_maxauthtries.sh | ||
5.2.8_enable_sshd_ignorerhosts.sh | ||
5.2.9_disable_sshd_hostbasedauthentication.sh | ||
5.2.10_disable_root_login.sh | ||
5.2.11_disable_sshd_permitemptypasswords.sh | ||
5.2.12_disable_sshd_setenv.sh | ||
5.2.13_sshd_ciphers.sh | ||
5.2.14_ssh_cry_mac.sh | ||
5.2.15_ssh_cry_kex.sh | ||
5.2.16_sshd_idle_timeout.sh | ||
5.2.17_sshd_login_grace_time.sh | ||
5.2.18_sshd_limit_access.sh | ||
5.2.19_ssh_banner.sh | ||
5.3.1_enable_pwquality.sh | ||
5.3.2_enable_lockout_failed_password.sh | ||
5.3.3_limit_password_reuse.sh | ||
5.3.4_acc_pam_sha512.sh | ||
5.4.1.1_set_password_exp_days.sh | ||
5.4.1.2_set_password_min_days_change.sh | ||
5.4.1.3_set_password_exp_warning_days.sh | ||
5.4.1.4_lock_inactive_user_account.sh | ||
5.4.2_disable_system_accounts.sh | ||
5.4.3_default_root_group.sh | ||
5.4.4_default_umask.sh | ||
5.5_secure_tty.sh | ||
5.6_restrict_su.sh | ||
6.1.2_etc_passwd_permissions.sh | ||
6.1.3_etc_gshadow-_permissions.sh | ||
6.1.4_etc_shadow_permissions.sh | ||
6.1.5_etc_group_permissions.sh | ||
6.1.6_etc_passwd-_permissions.sh | ||
6.1.7_etc_shadow-_permissions.sh | ||
6.1.8_etc_group-_permissions.sh | ||
6.1.9_etc_gshadow_permissions.sh | ||
6.1.10_find_world_writable_file.sh | ||
6.1.11_find_unowned_files.sh | ||
6.1.12_find_ungrouped_files.sh | ||
6.1.13_find_suid_files.sh | ||
6.1.14_find_sgid_files.sh | ||
6.2.1_remove_empty_password_field.sh | ||
6.2.2_remove_legacy_passwd_entries.sh | ||
6.2.3_remove_legacy_shadow_entries.sh | ||
6.2.4_remove_legacy_group_entries.sh | ||
6.2.5_find_0_uid_non_root_account.sh | ||
6.2.6_sanitize_root_path.sh | ||
6.2.7_users_valid_homedir.sh | ||
6.2.8_check_user_dir_perm.sh | ||
6.2.9_users_valid_homedir.sh | ||
6.2.10_check_user_dot_file_perm.sh | ||
6.2.11_find_user_forward_files.sh | ||
6.2.12_find_user_netrc_files.sh | ||
6.2.13_set_perm_on_user_netrc.sh | ||
6.2.14_find_user_rhosts_files.sh | ||
6.2.15_find_passwd_group_inconsistencies.sh | ||
6.2.16_check_duplicate_uid.sh | ||
6.2.17_check_duplicate_gid.sh | ||
6.2.18_check_duplicate_username.sh | ||
6.2.19_check_duplicate_groupname.sh | ||
6.2.20_shadow_group_empty.sh | ||
8.0_enable_auditd_kernel.sh | ||
8.3.1_install_tripwire.sh | ||
8.3.2_tripwire_cron.sh | ||
99.1_timeout_tty.sh | ||
99.1.1.1_disable_cramfs.sh | ||
99.2_disable_usb_devices.sh | ||
99.2.2_disable_telnet_server.sh | ||
99.3.1_acc_shadow_sha512.sh | ||
99.3.2_acc_sudoers_no_all.sh | ||
99.3.3.1_install_tcp_wrapper.sh | ||
99.3.3.2_hosts_allow.sh | ||
99.3.3.3_hosts_deny.sh | ||
99.3.3.4_hosts_allow_permissions.sh | ||
99.3.3.5_hosts_deny_permissions.sh | ||
99.3.4_acc_logindefs_sha512.sh | ||
99.5.1_ssh_auth_pubk_only.sh | ||
99.5.2.3_ssh_cry_rekey.sh | ||
99.5.3_ssh_disable_features.sh | ||
99.5.4_ssh_keys_from.sh | ||
99.5.5_ssh_strict_modes.sh | ||
99.5.6_ssh_sys_accept_env.sh | ||
99.5.7_ssh_sys_no_legacy.sh | ||
99.5.8_ssh_sys_sandbox.sh | ||
99.5.9_ssh_loglevel.sh |