diff options
| author | Michael Boelen <michael.boelen@cisofy.com> | 2017-01-28 17:48:26 +0300 |
|---|---|---|
| committer | Michael Boelen <michael.boelen@cisofy.com> | 2017-01-28 17:48:26 +0300 |
| commit | bbe95bb0ff866cfde5206c8f1de91d7d51873f50 (patch) | |
| tree | 77e682a0e82da841fa9127e45776801c9a664756 /include/tests_mail_messaging | |
| parent | 7475032f2df34101eea80ca0c9361640b061214f (diff) | |
Check for OS name in Postfix banner
Diffstat (limited to 'include/tests_mail_messaging')
| -rw-r--r-- | include/tests_mail_messaging | 26 |
1 files changed, 15 insertions, 11 deletions
diff --git a/include/tests_mail_messaging b/include/tests_mail_messaging index 4e6cd8ee..1942af8a 100644 --- a/include/tests_mail_messaging +++ b/include/tests_mail_messaging @@ -101,23 +101,27 @@ FIND1=$(${POSTCONFBINARY} 2> /dev/null | ${GREPBINARY} '^smtpd_banner' | ${GREPBINARY} 'postfix') FIND2=$(${POSTCONFBINARY} 2> /dev/null | ${GREPBINARY} '^smtpd_banner' | ${GREPBINARY} '$mail_name') FIND3=$(${POSTCONFBINARY} 2> /dev/null | ${GREPBINARY} '^mail_name' | ${GREPBINARY} -i 'postfix') - #TODO Check if OS name shows up in banner - #FIND4=`${POSTCONFBINARY} 2> /dev/null | ${GREPBINARY} '^smtpd_banner' | ${EGREPBINARY} "${OS}|${LINUX_VERSION}` + FIND4=$(${POSTCONFBINARY} 2> /dev/null | ${GREPBINARY} '^smtpd_banner' | ${EGREPBINARY} -i "${OS}|${LINUX_VERSION}") SHOWWARNING=0 - if [ ! "${FIND1}" = "" ]; then + + if [ ! -z "${FIND1}" ]; then SHOWWARNING=1 - else - if [ ! "${FIND2}" = "" -a ! "${FIND3}" = "" ]; then - SHOWWARNING=1 - else - Display --indent 4 --text "- Postfix banner" --result "${STATUS_OK}" --color GREEN - fi + Report "banner_software_disclosure[]=${FIND1}" + elif [ ! -z "${FIND2}" -a ! -z "${FIND3}" ]; then + SHOWWARNING=1 + Report "banner_software_disclosure[]=${FIND2}" + elif [ ! -z "${FIND4}" ]; then + SHOWWARNING=1 + Report "banner_os_disclosure[]=${FIND4}" fi + if [ ${SHOWWARNING} -eq 1 ]; then Display --indent 4 --text "- Postfix banner" --result "${STATUS_WARNING}" --color RED - LogText "Result: found mail_name in SMTP banner, and/or mail_name contains 'Postfix'." - ReportWarning ${TEST_NO} "Found mail_name in SMTP banner, and/or mail_name contains 'Postfix'" + LogText "Result: found OS, or mail_name in SMTP banner, and/or mail_name contains 'Postfix'." + ReportWarning ${TEST_NO} "Found some information disclosure in SMTP banner (OS or software name)" ReportSuggestion ${TEST_NO} "You are advised to hide the mail_name (option: smtpd_banner) from your postfix configuration. Use postconf -e or change your main.cf file (${POSTFIX_CONFIGFILE})" + else + if IsVerbose; then Display --indent 4 --text "- Postfix banner" --result "${STATUS_OK}" --color GREEN; fi fi fi # |