Age | Commit message (Collapse) | Author | |
---|---|---|---|
2020-03-30 | Improved text about software packages | Michael Boelen | |
2020-03-30 | Move Repology link and text change for packages | Michael Boelen | |
2020-03-30 | Merge pull request #884 from topimiettinen/add-repology-badge | Michael Boelen | |
README.md: add repology badge | |||
2020-03-28 | README.md: add repology badge | Topi Miettinen | |
Show downstream usage for various versions of Lynis. Signed-off-by: Topi Miettinen <toiwoton@gmail.com> | |||
2020-03-25 | [FINT-4339] define what file to check for | Michael Boelen | |
2020-03-25 | Corrected requirements to run tests | Michael Boelen | |
2020-03-25 | Updated log | Michael Boelen | |
2020-03-25 | Added notes to NETW-3200 for future extending this test | Michael Boelen | |
2020-03-25 | [NETW-3200] corrected test | Michael Boelen | |
2020-03-25 | Add specific control ID for warnings regarding usage of deprecated options | Michael Boelen | |
2020-03-25 | Merge branch 'master' of https://github.com/CISOfy/lynis | Michael Boelen | |
2020-03-25 | Improved warning message with 'how to resolve' | Michael Boelen | |
2020-03-25 | Merge pull request #881 from topimiettinen/enhance-fs-totals | Michael Boelen | |
[FILE-6374]: Summarize unhardened file system | |||
2020-03-25 | [FILE-6374]: Summarize unhardened file system | Topi Miettinen | |
Report total numbers of unhardened filesystems. Signed-off-by: Topi Miettinen <toiwoton@gmail.com> | |||
2020-03-24 | Merge pull request #862 from topimiettinen/blacklist-fs | Michael Boelen | |
FS module tests: check if modules are blacklisted | |||
2020-03-24 | Added new tests | Michael Boelen | |
2020-03-24 | Merge pull request #824 from Varbin/master | Michael Boelen | |
Add detection of OpenNTPD | |||
2020-03-24 | Merge pull request #860 from topimiettinen/harden-mount-options | Michael Boelen | |
Harden mount options for /var, check also /dev and /run | |||
2020-03-24 | Merge pull request #879 from topimiettinen/enhance-tomoyo-check | Michael Boelen | |
Enhance TOMOYO Linux check | |||
2020-03-24 | Updated log | Michael Boelen | |
2020-03-24 | Merge pull request #880 from konstruktoid/grphashrounds | Michael Boelen | |
Add test for group password hash rounds | |||
2020-03-24 | Merge pull request #866 from topimiettinen/run-systemd-analyze-security | Michael Boelen | |
Run 'systemd-analyze security' | |||
2020-03-24 | fix indentation | Thomas Sjögren | |
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com> | |||
2020-03-24 | fix tabs | Thomas Sjögren | |
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com> | |||
2020-03-24 | AUTH-9229 isnt related to login.defs, add AUTH-9230 | Thomas Sjögren | |
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com> | |||
2020-03-24 | add AUTH-9230 | Thomas Sjögren | |
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com> | |||
2020-03-23 | Enhance TOMOYO Linux check | Topi Miettinen | |
Count and log unconfined processes, which are not using policy profile 3. Signed-off-by: Topi Miettinen <toiwoton@gmail.com> | |||
2020-03-23 | FS module tests: check if modules are blacklisted | Topi Miettinen | |
Check if FS modules are blacklisted. Signed-off-by: Topi Miettinen <toiwoton@gmail.com> | |||
2020-03-23 | Run 'systemd-analyze security' | Topi Miettinen | |
'systemd-analyze security' (available since systemd v240) makes a nice overall evaluation of hardening levels of services in a system. More details can be found with 'systemd-analyze security SERVICE' for each service. Signed-off-by: Topi Miettinen <toiwoton@gmail.com> | |||
2020-03-23 | Removed incorrect process name from list, enable --full as it is required ↵ | Michael Boelen | |
for matching jitterentropy-rngd | |||
2020-03-23 | Merge branch 'master' of https://github.com/CISOfy/lynis | Michael Boelen | |
2020-03-23 | Fixed 'lynis show details' output | Michael Boelen | |
2020-03-23 | Merge pull request #876 from topimiettinen/enhance-apparmor-check | Michael Boelen | |
Enhance AppArmor check | |||
2020-03-23 | [CRYP-8005] added haveged, match against process name instead of full ↵ | Michael Boelen | |
command line, code cleanup | |||
2020-03-23 | Updated log | Michael Boelen | |
2020-03-23 | Merge branch 'master' of https://github.com/CISOfy/lynis | Michael Boelen | |
2020-03-23 | [AUTH-9229] make test only available for root | Michael Boelen | |
2020-03-23 | Merge pull request #878 from topimiettinen/check-ima-evm | Michael Boelen | |
Check IMA/EVM, dm-integrity and dm-verity statuses | |||
2020-03-23 | Updated log | Michael Boelen | |
2020-03-23 | Merge pull request #874 from topimiettinen/check-password-hashing-methods | Michael Boelen | |
Check password hashing methods | |||
2020-03-23 | Removed restriction for using the plugin and code style improvements | Michael Boelen | |
2020-03-23 | Merge pull request #865 from topimiettinen/journald-fix-disk-usage | Michael Boelen | |
Fix journalctl output parsing for recent journalctls | |||
2020-03-23 | [AUTH-9252] corrected permission check | Michael Boelen | |
2020-03-23 | Check for dm-integrity and dm-verity | Topi Miettinen | |
Detect tools for dm-integrity and dm-verity, check if some devices in /dev/mapper/* use them and especially the system root device. Signed-off-by: Topi Miettinen <toiwoton@gmail.com> | |||
2020-03-22 | Updated log | Michael Boelen | |
2020-03-22 | Merge pull request #877 from bginsbach/auth-9268-add-bsd | Michael Boelen | |
Add FreeBSD and NetBSD to AUTH-9268 | |||
2020-03-22 | Merge pull request #869 from bginsbach/auth-9234-netbsd | Michael Boelen | |
Add AUTH-9234 for NetBSD | |||
2020-03-22 | Check IMA/EVM status | Topi Miettinen | |
Check for evmctl (Extended Verification Module) tool and system IMA (Integrity Measurement Architecture) status. Signed-off-by: Topi Miettinen <toiwoton@gmail.com> | |||
2020-03-22 | Add FreeBSD and NetBSD to AUTH-9268 | Brian Ginsbach | |
Add FreeBSD and NetBSD as both support PAM. Simplify the PREQS_MET test by using a case rather than a long if or. | |||
2020-03-22 | Combine NetBSD and OpenBSD AUTH-9234 check | Brian Ginsbach | |
Both NetBSD and OpenBSD have `useradd(8)`, so they can share logic checking `/etc/usermgmt.conf` for the default user UID range. |