diff options
author | Michael Boelen <michael.boelen@cisofy.com> | 2019-07-14 14:13:02 +0300 |
---|---|---|
committer | Michael Boelen <michael.boelen@cisofy.com> | 2019-07-14 14:13:02 +0300 |
commit | 93e311e52e9c5c2671e0e3030fb4fd9634d9ded6 (patch) | |
tree | 0d768e6cfc155c07cecd08d6e67b3ccae441d09a /include/tests_insecure_services | |
parent | 819f310750700988e70b9d791d3f4e0b2f3b730c (diff) |
Added INSE-8314 and INSE-8316 for NIS client and server
Diffstat (limited to 'include/tests_insecure_services')
-rw-r--r-- | include/tests_insecure_services | 51 |
1 files changed, 51 insertions, 0 deletions
diff --git a/include/tests_insecure_services b/include/tests_insecure_services index 0560a3ea..a52037a1 100644 --- a/include/tests_insecure_services +++ b/include/tests_insecure_services @@ -392,6 +392,57 @@ Display --indent 2 --text "- Installed telnet server package" --result "${STATUS_NOT_FOUND}" --color GREEN fi fi + +# +################################################################################# +# + # Test : INSE-8314 + # Description : Check if NIS client is installed + Register --test-no INSE-8314 --weight L --network NO --category security --description "Check if NIS client is installed" + if [ ${SKIPTEST} -eq 0 ]; then + FOUND="" + LogText "Test: Checking if NIS client is installed" + PACKAGES="nis ypbind" + for PACKAGE in ${PACKAGES}; do + PackageIsInstalled "${PACKAGE}" + if [ $? -eq 0 ]; then + FOUND="${PACKAGE}" + fi + done + if [ ${FOUND} ]; then + LogText "Result: NIS client is installed" + Display --indent 2 --text "- Checking NIS client installation" --result "${STATUS_SUGGESTION}" --color YELLOW + ReportSuggestion ${TEST_NO} "NIS client should be removed as it contains numerous security exposures and have been replaced with the more secure SSH package" + else + LogText "Result: NIS client is NOT installed" + Display --indent 2 --text "- Checking NIS client installation" --result "${STATUS_OK}" --color GREEN + fi + fi +# +################################################################################# +# + # Test : INSE-8316 + # Description : Check if NIS server is installed + Register --test-no INSE-8316 --weight L --network NO --category security --description "Check if NIS server is installed" + if [ ${SKIPTEST} -eq 0 ]; then + FOUND="" + LogText "Test: Checking if NIS server is installed" + PACKAGES="nis ypserv" + for PACKAGE in ${PACKAGES}; do + PackageIsInstalled "${PACKAGE}" + if [ $? -eq 0 ]; then + FOUND="${PACKAGE}" + fi + done + if [ ${FOUND} ]; then + LogText "Result: NIS server is installed" + Display --indent 2 --text "- Checking NIS server installation" --result "${STATUS_SUGGESTION}" --color YELLOW + ReportSuggestion ${TEST_NO} "Removing the ${FOUND} package decreases the risk of the accidental (or intentional) activation of NIS or NIS+ services" + else + LogText "Result: NIS server is NOT installed" + Display --indent 2 --text "- Checking NIS server installation" --result "${STATUS_OK}" --color GREEN + fi + fi # ################################################################################# # |