diff options
| author | mboelen <michael@cisofy.com> | 2015-07-22 13:21:36 +0300 |
|---|---|---|
| committer | mboelen <michael@cisofy.com> | 2015-07-22 13:21:36 +0300 |
| commit | afaecd951297d2ad14266448f608668e7621bc50 (patch) | |
| tree | d29b232297c04dec5be702dc9d1a631e670eff86 /include | |
| parent | 95d08a735a37d06e23c1bf9d290150c8178ad108 (diff) | |
Removing deprecated strings and cleaning up
Diffstat (limited to 'include')
| -rw-r--r-- | include/tests_accounting | 49 | ||||
| -rw-r--r-- | include/tests_authentication | 6 | ||||
| -rw-r--r-- | include/tests_homedirs | 2 | ||||
| -rw-r--r-- | include/tests_kernel | 4 |
4 files changed, 7 insertions, 54 deletions
diff --git a/include/tests_accounting b/include/tests_accounting index d32f4b33..146b7589 100644 --- a/include/tests_accounting +++ b/include/tests_accounting @@ -5,8 +5,8 @@ # Lynis # ------------------ # -# Copyright 2007-2015, Michael Boelen (michael@rootkit.nl), The Netherlands -# Web site: http://www.rootkit.nl +# Copyright 2007-2015, Michael Boelen (michael.boelen@cisofy.com) +# Web site: https://cisofy.com # # Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are # welcome to redistribute it under the terms of the GNU General Public License. @@ -327,15 +327,6 @@ # ################################################################################# # - # Test : ACCT-9658 - # Description : Check required audit files in /etc/security - #if [ ${SOLARIS_AUDITD_RUNNING} -eq 1 ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi - #Register --test-no ACCT-9658 --os Solaris --preqs-met ${PREQS_MET} --weight L --network NO --description "Check required audit files" - #if [ ${SKIPTEST} -eq 0 ]; then - #fi -# -################################################################################# -# # Test : ACCT-9662 # Description : Check location for audit events if [ ${SOLARIS_AUDITD_RUNNING} -eq 1 ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi @@ -368,22 +359,6 @@ # ################################################################################# # - # Test : ACCT-96xx - # Description : Check which events are audited - #if [ ${SOLARIS_AUDITD_RUNNING} -eq 1 ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi - #Register --test-no ACCT-96xx --os Solaris --preqs-met ${PREQS_MET} --weight L --network NO --description "Check BSM auditing in module list" - #if [ ${SKIPTEST} -eq 0 ]; then -# -################################################################################# -# - # Test : ACCT-96xx - # Description : Check user specific event auditing - #if [ ${SOLARIS_AUDITD_RUNNING} -eq 1 ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi - #Register --test-no ACCT-96xx --os Solaris --preqs-met ${PREQS_MET} --weight L --network NO --description "Check user specific event auditing" - #if [ ${SKIPTEST} -eq 0 ]; then -# -################################################################################# -# # Test : ACCT-9672 # Description : check auditstat if [ ${SOLARIS_AUDITD_RUNNING} -eq 1 ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi @@ -405,26 +380,6 @@ ################################################################################# # - # Test : ACCT-9680 - # Description : Check if required packages are installed - #if [ ${SOLARIS_AUDITD_RUNNING} -eq 1 ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi - #Register --test-no ACCT-9662 --os Solaris --preqs-met ${PREQS_MET} --weight L --network NO --description "Check BSM auditing in module list" - #if [ ${SKIPTEST} -eq 0 ]; then - # - # Solaris 10 packages - # bash-3.00# pkginfo | egrep 'SUNWcar|SUNWcsr|SUNWcsu|SUNWhea|SUNWman' - #system SUNWcar Core Architecture, (Root) - #system SUNWcsr Core Solaris, (Root) - #system SUNWcsu Core Solaris, (Usr) - #system SUNWhea SunOS Header Files - #system SUNWman On-Line Manual Pages - -# -################################################################################# -# -# Check psacct package (ac, lastcomm, accton, sa) -# Check auditd (auditctl, ausearch, aureport) - wait_for_keypress # diff --git a/include/tests_authentication b/include/tests_authentication index 402cc1f6..442e20ab 100644 --- a/include/tests_authentication +++ b/include/tests_authentication @@ -58,10 +58,8 @@ # # Test : AUTH-9208 # Description : Check non-unique accounts - Register --test-no AUTH-9208 --weight L --network NO --description "Check non-unique accounts" + Register --test-no AUTH-9208 --weight L --network NO --description "Check non-unique accounts in passwd file" if [ ${SKIPTEST} -eq 0 ]; then - logtext "Test: ${USER_PASSWD_DOUBLEUID_AUDIT_TITLE}" - logtext "Description: ${USER_PASSWD_DOUBLEUID_AUDIT_DESCRIPTION}" logtext "Test: Checking for non-unique accounts" if [ "${OS}" = "DragonFly" -o "${OS}" = "FreeBSD" -o "${OS}" = "NetBSD" ]; then PASSWD_FILE="/etc/master.passwd" @@ -84,7 +82,7 @@ Display --indent 2 --text "- Checking UIDs" --result SKIPPED --color WHITE logtext "Result: test skipped, ${PASSWD_FILE} file not available" fi - logtext "Remarks: ${USER_PASSWD_DOUBLEUID_AUDIT_TEXT}" + logtext "Remarks: Non unique UIDs can riskful for the system or part of a configuration mistake" fi # ################################################################################# diff --git a/include/tests_homedirs b/include/tests_homedirs index 7afe5068..81127eb8 100644 --- a/include/tests_homedirs +++ b/include/tests_homedirs @@ -69,7 +69,7 @@ logtext "Info: above files could be redirected files to avoid logging and should be investigated" ReportWarning ${TEST_NO} "M" "Incorrect file type found for shell history file" fi - logtext "Remarks: ${HOME_HISTORY_LOG_TEXT}" + logtext "Remarks: History files are normally of the type 'file'. Symbolic links and other types can be riskful." else Display --indent 2 --text "- Checking shell history files" --result SKIPPED --color WHITE logtext "Result: Homedirs is empty, test will be skipped" diff --git a/include/tests_kernel b/include/tests_kernel index 4a5f437a..a7cb4a91 100644 --- a/include/tests_kernel +++ b/include/tests_kernel @@ -286,8 +286,8 @@ Register --test-no KRNL-5745 --os FreeBSD --weight L --network NO --description "Checking FreeBSD loaded kernel modules" if [ ${SKIPTEST} -eq 0 ]; then Display --indent 2 --text "- Checking active kernel modules" - logtext "Test: ${KERNEL_ACTIVE_MODULES_TITLE}" - logtext "Description: ${KERNEL_ACTIVE_MODULES_DESCRIPTION}" + logtext "Test: Active kernel modules (KLDs)" + logtext "Description: View all active kernel modules (including kernel)" logtext "Test: Checking modules" if [ -f /sbin/kldstat ]; then FIND=`kldstat | grep -v 'Name' | tr -s ' ' | cut -d ' ' -f6` |