From f7a291a62f2e4747eb7624f06a0c34581cfb9f3f Mon Sep 17 00:00:00 2001 From: Michael Boelen Date: Mon, 4 Mar 2019 12:33:03 +0100 Subject: Use datestamps instead of date, due to compatibility with other platforms --- db/software-eol.db | 48 +++++++++++++++++++++++++++++------------------- 1 file changed, 29 insertions(+), 19 deletions(-) (limited to 'db') diff --git a/db/software-eol.db b/db/software-eol.db index 9bf96c12..56b3cb76 100644 --- a/db/software-eol.db +++ b/db/software-eol.db @@ -1,22 +1,32 @@ +# # End-of-life for operating systems and software +# +# This file has 4 fields: +# 1) category +# 2) name +# 3) date (human-readable) +# 4) converted date (seconds since epoch) +# +# Date can be converted on Linux using: date "+%s" --date=2020-01-01 +# # FreeBSD - https://www.freebsd.org/releases/ -os:FreeBSD 9.3:2014-07-01: -os:FreeBSD 10.0:2014-01-01: -os:FreeBSD 10.1:2014-11-01: -os:FreeBSD 10.2:2015-08-01: -os:FreeBSD 10.3:2016-04-01: -os:FreeBSD 10.4:2017-10-01: -os:FreeBSD 11.0:2016-10-01: -os:FreeBSD 11.1:2017-07-01: +os:FreeBSD 9.3:2014-07-01:1404165600: +os:FreeBSD 10.0:2014-01-01:1388530800: +os:FreeBSD 10.1:2014-11-01:0: +os:FreeBSD 10.2:2015-08-01:0: +os:FreeBSD 10.3:2016-04-01:0: +os:FreeBSD 10.4:2017-10-01:0: +os:FreeBSD 11.0:2016-10-01:0: +os:FreeBSD 11.1:2017-07-01:0: # Ubuntu - https://wiki.ubuntu.com/Kernel/LTSEnablementStack -os:Ubuntu 14.04:2019-05-01: -os:Ubuntu 14.10:2015-07-01: -os:Ubuntu 15.04:2016-01-01: -os:Ubuntu 15.10:2016-07-01: -os:Ubuntu 16.04:2021-05-01: -os:Ubuntu 16.10:2017-07-01: -os:Ubuntu 17.04:2018-01-01: -os:Ubuntu 17.10:2018-07-01: -os:Ubuntu 18.04:2023-05-01: -os:Ubuntu 18.10:2019-07-01: -os:Ubuntu 19.04:2020-01-01: \ No newline at end of file +os:Ubuntu 14.04:2019-05-01:0: +os:Ubuntu 14.10:2015-07-01:0: +os:Ubuntu 15.04:2016-01-01:0: +os:Ubuntu 15.10:2016-07-01:0: +os:Ubuntu 16.04:2021-05-01:0: +os:Ubuntu 16.10:2017-07-01:0: +os:Ubuntu 17.04:2018-01-01:0: +os:Ubuntu 17.10:2018-07-01:0: +os:Ubuntu 18.04:2023-05-01:1682892000: +os:Ubuntu 18.10:2019-07-01:1561932000: +os:Ubuntu 19.04:2020-01-01:1577833200: \ No newline at end of file -- cgit v1.2.3 From 19f38bc1eff7dee22fef8854c944d61d6c0dd90c Mon Sep 17 00:00:00 2001 From: Michael Boelen Date: Mon, 4 Mar 2019 13:40:40 +0100 Subject: Updated entries --- db/software-eol.db | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'db') diff --git a/db/software-eol.db b/db/software-eol.db index 56b3cb76..d50471df 100644 --- a/db/software-eol.db +++ b/db/software-eol.db @@ -19,14 +19,14 @@ os:FreeBSD 10.4:2017-10-01:0: os:FreeBSD 11.0:2016-10-01:0: os:FreeBSD 11.1:2017-07-01:0: # Ubuntu - https://wiki.ubuntu.com/Kernel/LTSEnablementStack -os:Ubuntu 14.04:2019-05-01:0: +os:Ubuntu 14.04:2019-05-01:1556661600: os:Ubuntu 14.10:2015-07-01:0: os:Ubuntu 15.04:2016-01-01:0: os:Ubuntu 15.10:2016-07-01:0: -os:Ubuntu 16.04:2021-05-01:0: +os:Ubuntu 16.04:2021-05-01:1619820000: os:Ubuntu 16.10:2017-07-01:0: -os:Ubuntu 17.04:2018-01-01:0: -os:Ubuntu 17.10:2018-07-01:0: +os:Ubuntu 17.04:2018-01-01:1514761200: +os:Ubuntu 17.10:2018-07-01:1530396000: os:Ubuntu 18.04:2023-05-01:1682892000: os:Ubuntu 18.10:2019-07-01:1561932000: os:Ubuntu 19.04:2020-01-01:1577833200: \ No newline at end of file -- cgit v1.2.3 From 0dafe4a02b494e0c94c3d1b89e9e9791e2fde63d Mon Sep 17 00:00:00 2001 From: jirib <46245+jirib@users.noreply.github.com> Date: Tue, 5 Mar 2019 19:03:44 +0100 Subject: better OpenBSD support (#641) --- db/tests.db | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'db') diff --git a/db/tests.db b/db/tests.db index cfc6b287..fae4a41b 100644 --- a/db/tests.db +++ b/db/tests.db @@ -45,6 +45,8 @@ AUTH-9340:test:security:authentication:Solaris:Solaris account locking: AUTH-9402:test:security:authentication::Query LDAP authentication support: AUTH-9406:test:security:authentication::Query LDAP servers in client configuration: AUTH-9408:test:security:authentication::Logging of failed login attempts via /etc/login.defs: +AUTH-9409:test:security:authentication:OpenBSD:Check for doas file: +AUTH-9410:test:security:authentication:OpenBSD:Check for doas file permissions: AUTH-9489:test:security:authentication:DragonFly:Check login shells for passwordless accounts: BANN-7113:test:security:banners:FreeBSD:Check COPYRIGHT banner file: BANN-7124:test:security:banners::Check issue banner file: @@ -71,6 +73,8 @@ BOOT-5184:test:security:boot_services:Linux:Check permissions for boot files/scr BOOT-5202:test:security:boot_services::Check uptime of system: BOOT-5260:test:security:boot_services::Check single user mode for systemd: BOOT-5261:test:security:boot_services:DragonFly:Check for DragonFly boot loader presence: +BOOT-5262:test:security:boot_services:OpenBSD:Check for OpenBSD boot daemons: +BOOT-5263:test:security:boot_services:OpenBSD:Check permissions for boot files/scripts: CONT-8004:test:security:containers:Solaris:Query running Solaris zones: CONT-8102:test:security:containers::Checking Docker status and information: CONT-8104:test:security:containers::Checking Docker info for any warnings: -- cgit v1.2.3 From 32fc4a01b0fc9ebfdf23b7d08bee85dc4f57c1bf Mon Sep 17 00:00:00 2001 From: Michael Boelen Date: Tue, 5 Mar 2019 19:31:11 +0100 Subject: Corrected FreeBSD, added CentOS and OpenBSD --- db/software-eol.db | 34 ++++++++++++++++++++++++---------- 1 file changed, 24 insertions(+), 10 deletions(-) (limited to 'db') diff --git a/db/software-eol.db b/db/software-eol.db index d50471df..39edb2da 100644 --- a/db/software-eol.db +++ b/db/software-eol.db @@ -9,22 +9,36 @@ # # Date can be converted on Linux using: date "+%s" --date=2020-01-01 # -# FreeBSD - https://www.freebsd.org/releases/ -os:FreeBSD 9.3:2014-07-01:1404165600: -os:FreeBSD 10.0:2014-01-01:1388530800: -os:FreeBSD 10.1:2014-11-01:0: -os:FreeBSD 10.2:2015-08-01:0: -os:FreeBSD 10.3:2016-04-01:0: -os:FreeBSD 10.4:2017-10-01:0: -os:FreeBSD 11.0:2016-10-01:0: -os:FreeBSD 11.1:2017-07-01:0: +# CentOS +# +os:CentOS 5:2017-03-31:1490911200: +os:CentOS 6:2020-11-30:1606690800: +os:CentOS 7:2024-06-30:1719698400: +# +# FreeBSD - https://www.freebsd.org/security/unsupported.html +# +os:FreeBSD 9.3:2014-12-31:0: +os:FreeBSD 10.0:2015-02-28:0: +os:FreeBSD 10.1:2016-12-31:0: +os:FreeBSD 10.2:2016-12-31:0: +os:FreeBSD 10.3:2018-04-30:0: +os:FreeBSD 10.4:2018-10-31:0: +os:FreeBSD 11.0:2017-11-30:0: +os:FreeBSD 11.1:2018-09-30:0: +# +# OpenBSD - https://en.wikipedia.org/wiki/OpenBSD_version_history +# +os:OpenBSD 5.8:2016-09-01:0: +os:OpenBSD 5.9:2017-04-11:0: +# # Ubuntu - https://wiki.ubuntu.com/Kernel/LTSEnablementStack +# os:Ubuntu 14.04:2019-05-01:1556661600: os:Ubuntu 14.10:2015-07-01:0: os:Ubuntu 15.04:2016-01-01:0: os:Ubuntu 15.10:2016-07-01:0: os:Ubuntu 16.04:2021-05-01:1619820000: -os:Ubuntu 16.10:2017-07-01:0: +os:Ubuntu 16.10:2017-07-01:1498860000: os:Ubuntu 17.04:2018-01-01:1514761200: os:Ubuntu 17.10:2018-07-01:1530396000: os:Ubuntu 18.04:2023-05-01:1682892000: -- cgit v1.2.3 From 89bf6074988b70cac8e3a63b0110b9540700d863 Mon Sep 17 00:00:00 2001 From: Jerry Park Date: Thu, 7 Mar 2019 18:01:02 +0900 Subject: Added Korean translation (#652) * Korean translation for ko-KR Translation in Korean * changed ko-KR to ko --- db/languages/ko | 40 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 40 insertions(+) create mode 100644 db/languages/ko (limited to 'db') diff --git a/db/languages/ko b/db/languages/ko new file mode 100644 index 00000000..df13cf7f --- /dev/null +++ b/db/languages/ko @@ -0,0 +1,40 @@ +ERROR_NO_LICENSE="라이선스 키가 없습니다" +ERROR_NO_UPLOAD_SERVER="업로드 서버가 설정되지 않았습니다" +GEN_CHECKING="확인중입니다" +GEN_CURRENT_VERSION="현재 버전" +GEN_DEBUG_MODE="디버그 모드" +GEN_INITIALIZE_PROGRAM="프로그램을 초기화합니다" +GEN_LATEST_VERSION="최신 버전" +GEN_PHASE="phase" +GEN_PLUGINS_ENABLED="플러그인이 활성화되었습니다" +GEN_UPDATE_AVAILABLE="업데이트 가능" +GEN_VERBOSE_MODE="상세 모드" +GEN_WHAT_TO_DO="할 일" +NOTE_EXCEPTIONS_FOUND="예외 발견" +NOTE_EXCEPTIONS_FOUND_DETAILED="몇 가지 예외 이벤트나 정보가 발견되었습니다" +NOTE_PLUGINS_TAKE_TIME="참고: 플러그인은 광범위한 테스트를 거치며 완료될 때까지 몇 분의 시간이 소요됩니다" +NOTE_SKIPPED_TESTS_NON_PRIVILEGED="비특권 모드로 인해 테스트를 생략했습니다" +SECTION_CUSTOM_TESTS="사용자정의 테스트" +SECTION_MALWARE="악성코드" +SECTION_MEMORY_AND_PROCESSES="메모리와 프로세스" +STATUS_DISABLED="비활성화됨" +STATUS_DONE="완료" +STATUS_ENABLED="활성화됨" +STATUS_ERROR="에러" +STATUS_FOUND="발견" +STATUS_YES="예" +STATUS_NO="아니오" +STATUS_OFF="끔" +STATUS_OK="OK" +STATUS_ON="켬" +STATUS_NONE="없음" +STATUS_NOT_FOUND="발견되지않음" +STATUS_NOT_RUNNING="동작하지않음" +STATUS_RUNNING="동작중" +STATUS_SKIPPED="생략" +STATUS_SUGGESTION="추천" +STATUS_UNKNOWN="알수없음" +STATUS_WARNING="경고" +STATUS_WEAK="취약" +TEXT_YOU_CAN_HELP_LOGFILE="로그 파일을 제공하면 도움을 받을 수 있습니다" +TEXT_UPDATE_AVAILABLE="업데이트 가능" -- cgit v1.2.3 From c83f87853fbd69e5dcb0f9e687035af73380e2fb Mon Sep 17 00:00:00 2001 From: Michael Boelen Date: Thu, 7 Mar 2019 11:01:33 +0100 Subject: Add new tests --- db/tests.db | 1 + 1 file changed, 1 insertion(+) (limited to 'db') diff --git a/db/tests.db b/db/tests.db index fae4a41b..641ea927 100644 --- a/db/tests.db +++ b/db/tests.db @@ -58,6 +58,7 @@ BOOT-5104:test:security:boot_services::Determine service manager: BOOT-5106:test:security:boot_services:MacOS:Check EFI boot file on macOS: BOOT-5108:test:security:boot_services:Linux:Test Syslinux boot loader: BOOT-5116:test:security:boot_services::Check if system is booted in UEFI mode: +BOOT-5117:test:security:boot_services:Linux:Check for systemd-boot boot loader: BOOT-5121:test:security:boot_services::Check for GRUB boot loader presence: BOOT-5122:test:security:boot_services::Check for GRUB boot password: BOOT-5124:test:security:boot_services:FreeBSD:Check for FreeBSD boot loader presence: -- cgit v1.2.3 From f2e6b23c9f0ce432cd55e48f52e60c9e06263097 Mon Sep 17 00:00:00 2001 From: Michael Boelen Date: Tue, 2 Apr 2019 11:14:49 +0200 Subject: Added PKGS-7420 --- db/tests.db | 1 + 1 file changed, 1 insertion(+) (limited to 'db') diff --git a/db/tests.db b/db/tests.db index 641ea927..24023cd2 100644 --- a/db/tests.db +++ b/db/tests.db @@ -319,6 +319,7 @@ PKGS-7393:test:security:ports_packages::Check for Gentoo vulnerable packages: PKGS-7394:test:security:ports_packages:Linux:Check for Ubuntu updates: PKGS-7398:test:security:ports_packages::Check for package audit tool: PKGS-7410:test:security:ports_packages::Count installed kernel packages: +PKGS-7420:test:security:ports_packages::Detect toolkit to automatically download and apply upgrades: PRNT-2302:test:security:printers_spools:FreeBSD:Check for printcap consistency: PRNT-2304:test:security:printers_spools::Check cupsd status: PRNT-2306:test:security:printers_spools::Check CUPSd configuration file: -- cgit v1.2.3 From 7ebfd3015c4daa41607f6aaf9e435ff74332ad29 Mon Sep 17 00:00:00 2001 From: Michael Boelen Date: Thu, 4 Apr 2019 14:42:06 +0200 Subject: Added new tests --- db/tests.db | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) (limited to 'db') diff --git a/db/tests.db b/db/tests.db index 24023cd2..215c3595 100644 --- a/db/tests.db +++ b/db/tests.db @@ -169,11 +169,17 @@ HTTP-6712:test:security:webservers::Check nginx access logging: HTTP-6714:test:security:webservers::Check for missing error logs in nginx: HTTP-6716:test:security:webservers::Check for debug mode on error log in nginx: HTTP-6720:test:security:webservers::Check Nginx log files: -INSE-8002:test:security:insecure_services::Check for enabled inet daemon: -INSE-8004:test:security:insecure_services::Check for enabled inet daemon: -INSE-8006:test:security:insecure_services::Check configuration of inetd when disabled: +INSE-8000:test:security:insecure_services::Installed inetd package: +INSE-8002:test:security:insecure_services::Status of inet daemon: +INSE-8004:test:security:insecure_services::Presence of inetd configuration file: +INSE-8006:test:security:insecure_services::Check configuration of inetd when it is disabled: INSE-8016:test:security:insecure_services::Check for telnet via inetd: INSE-8050:test:security:insecure_services:MacOS:Check for insecure services on macOS systems: +INSE-8100:test:security:insecure_services::Installed xinetd package: +INSE-8116:test:security:insecure_services::Insecure services enabled via xinetd: +INSE-8200:test:security:insecure_services::Usage of TCP wrappers: +INSE-8300:test:security:insecure_services::Presence of rsh client: +INSE-8302:test:security:insecure_services::Presence of rsh server: KRNL-5622:test:security:kernel:Linux:Determine Linux default run level: KRNL-5677:test:security:kernel:Linux:Check CPU options and support: KRNL-5695:test:security:kernel:Linux:Determine Linux kernel version and release number: -- cgit v1.2.3 From 2855e8503e67b4d2775df6c2bb177826d04004b6 Mon Sep 17 00:00:00 2001 From: Michael Boelen Date: Mon, 15 Apr 2019 19:20:43 +0200 Subject: Corrected CentOS entries --- db/software-eol.db | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'db') diff --git a/db/software-eol.db b/db/software-eol.db index 39edb2da..df2ae36a 100644 --- a/db/software-eol.db +++ b/db/software-eol.db @@ -11,9 +11,9 @@ # # CentOS # -os:CentOS 5:2017-03-31:1490911200: -os:CentOS 6:2020-11-30:1606690800: -os:CentOS 7:2024-06-30:1719698400: +os:CentOS Linux release 5:2017-03-31:1490911200: +os:CentOS Linux release 6:2020-11-30:1606690800: +os:CentOS Linux release 7:2024-06-30:1719698400: # # FreeBSD - https://www.freebsd.org/security/unsupported.html # -- cgit v1.2.3 From 4370c4a2417bb3a5a27aa6725fb3dac9e84f5742 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20Sj=C3=B6gren?= Date: Thu, 30 May 2019 10:36:26 +0000 Subject: update CentOS releases in software-eol.db (#721) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Thomas Sjögren --- db/software-eol.db | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'db') diff --git a/db/software-eol.db b/db/software-eol.db index df2ae36a..525920a5 100644 --- a/db/software-eol.db +++ b/db/software-eol.db @@ -11,8 +11,8 @@ # # CentOS # -os:CentOS Linux release 5:2017-03-31:1490911200: -os:CentOS Linux release 6:2020-11-30:1606690800: +os:CentOS release 5:2017-03-31:1490911200: +os:CentOS release 6:2020-11-30:1606690800: os:CentOS Linux release 7:2024-06-30:1719698400: # # FreeBSD - https://www.freebsd.org/security/unsupported.html @@ -43,4 +43,4 @@ os:Ubuntu 17.04:2018-01-01:1514761200: os:Ubuntu 17.10:2018-07-01:1530396000: os:Ubuntu 18.04:2023-05-01:1682892000: os:Ubuntu 18.10:2019-07-01:1561932000: -os:Ubuntu 19.04:2020-01-01:1577833200: \ No newline at end of file +os:Ubuntu 19.04:2020-01-01:1577833200: -- cgit v1.2.3 From a64e3966c9cc419bcbe86806a11a1d1daf054409 Mon Sep 17 00:00:00 2001 From: Patark Date: Thu, 30 May 2019 12:38:11 +0200 Subject: Add danish language support (#718) --- db/languages/da | 41 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 41 insertions(+) create mode 100644 db/languages/da (limited to 'db') diff --git a/db/languages/da b/db/languages/da new file mode 100644 index 00000000..d26c1220 --- /dev/null +++ b/db/languages/da @@ -0,0 +1,41 @@ +ERROR_NO_LICENSE="Ingen licensnøgle konfigureret" +ERROR_NO_UPLOAD_SERVER="Ingen upload server konfigureret" +GEN_CHECKING="Tjekker" +GEN_CURRENT_VERSION="Nuværende version" +GEN_DEBUG_MODE="Fejlfindingstilstand" +GEN_INITIALIZE_PROGRAM="Initialiserer program" +GEN_LATEST_VERSION="Seneste version" +GEN_PHASE="Fase" +GEN_PLUGINS_ENABLED="Plugins aktiverede" +GEN_UPDATE_AVAILABLE="opdatering tilgængelig" +GEN_VERBOSE_MODE="Detaljeret tilstand" +GEN_WHAT_TO_DO="At gøre" +NOTE_EXCEPTIONS_FOUND="Undtagelser fundet" +NOTE_EXCEPTIONS_FOUND_DETAILED="Nogle usædvanlige hændelser eller information var fundet" +NOTE_PLUGINS_TAKE_TIME="Bemærk: plugins har mere omfattende tests og kan tage flere minutter at fuldføre" +NOTE_SKIPPED_TESTS_NON_PRIVILEGED="Sprang over tests på grund af ikke-privilegeret tilstand" +SECTION_CUSTOM_TESTS="Brugerdefinerede Tests" +SECTION_MALWARE="Malware" +SECTION_MEMORY_AND_PROCESSES="Hukommelse og Processer" +STATUS_DISABLED="DEAKTIVERET" +STATUS_DONE="FÆRDIG" +STATUS_ENABLED="AKTIVERET" +STATUS_NOT_ENABLED="IKKE AKTIVERET" +STATUS_ERROR="FEJL" +STATUS_FOUND="FUNDET" +STATUS_YES="JA" +STATUS_NO="NEJ" +STATUS_OFF="FRA" +STATUS_OK="OK" +STATUS_ON="TIL" +STATUS_NONE="INGEN" +STATUS_NOT_FOUND="IKKE FUNDET" +STATUS_NOT_RUNNING="KØRER IKKE" +STATUS_RUNNING="KØRER" +STATUS_SKIPPED="SPRUNGET OVER" +STATUS_SUGGESTION="FORSLAG" +STATUS_UNKNOWN="UKENDT" +STATUS_WARNING="ADVARSEL" +STATUS_WEAK="SVAG" +TEXT_YOU_CAN_HELP_LOGFILE="Du kan hjælpe ved at bidrage med din logfil" +TEXT_UPDATE_AVAILABLE="opdatering tilgængelig" -- cgit v1.2.3 From 2065b06e9550feaa085e140bdd9cdb61ed951524 Mon Sep 17 00:00:00 2001 From: pyllyukko Date: Wed, 12 Jun 2019 11:44:22 +0300 Subject: Added Slackware Linux EOLs --- db/software-eol.db | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) (limited to 'db') diff --git a/db/software-eol.db b/db/software-eol.db index 525920a5..084a5815 100644 --- a/db/software-eol.db +++ b/db/software-eol.db @@ -44,3 +44,19 @@ os:Ubuntu 17.10:2018-07-01:1530396000: os:Ubuntu 18.04:2023-05-01:1682892000: os:Ubuntu 18.10:2019-07-01:1561932000: os:Ubuntu 19.04:2020-01-01:1577833200: +# +# Slackware - https://en.wikipedia.org/wiki/Slackware#Releases +# +os:Slackware Linux 8.1:2012-08-01:1343768400: +os:Slackware Linux 9.0:2012-08-01:1343768400: +os:Slackware Linux 9.1:2012-08-01:1343768400: +os:Slackware Linux 10.0:2012-08-01:1343768400: +os:Slackware Linux 10.1:2012-08-01:1343768400: +os:Slackware Linux 10.2:2012-08-01:1343768400: +os:Slackware Linux 11.0:2012-08-01:1343768400: +os:Slackware Linux 12.0:2012-08-01:1343768400: +os:Slackware Linux 12.1:2013-12-09:1386540000: +os:Slackware Linux 12.2:2013-12-09:1386540000: +os:Slackware Linux 13.0:2018-07-05:1530738000: +os:Slackware Linux 13.1:2018-07-05:1530738000: +os:Slackware Linux 13.37:2018-07-05:1530738000: -- cgit v1.2.3 From a49ea33fea9e6bf6ddcf7bcb7711c7bb79bdf62c Mon Sep 17 00:00:00 2001 From: Michael Boelen Date: Sun, 7 Jul 2019 18:47:35 +0200 Subject: Changed Ubuntu 18.10 period --- db/software-eol.db | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'db') diff --git a/db/software-eol.db b/db/software-eol.db index 084a5815..7b511237 100644 --- a/db/software-eol.db +++ b/db/software-eol.db @@ -42,7 +42,7 @@ os:Ubuntu 16.10:2017-07-01:1498860000: os:Ubuntu 17.04:2018-01-01:1514761200: os:Ubuntu 17.10:2018-07-01:1530396000: os:Ubuntu 18.04:2023-05-01:1682892000: -os:Ubuntu 18.10:2019-07-01:1561932000: +os:Ubuntu 18.10:2019-07-18:1563400800: os:Ubuntu 19.04:2020-01-01:1577833200: # # Slackware - https://en.wikipedia.org/wiki/Slackware#Releases -- cgit v1.2.3 From 6891f64c393efdfe3d9157b0d4a4bd84ff0c6298 Mon Sep 17 00:00:00 2001 From: Michael Boelen Date: Tue, 9 Jul 2019 10:33:51 +0200 Subject: Added CRYP-7930 --- db/tests.db | 1 + 1 file changed, 1 insertion(+) (limited to 'db') diff --git a/db/tests.db b/db/tests.db index 215c3595..6be553f0 100644 --- a/db/tests.db +++ b/db/tests.db @@ -84,6 +84,7 @@ CONT-8107:test:performance:containers::Check number of unused Docker containers: CONT-8108:test:security:containers::Check file permissions for Docker files: CORE-1000:test:performance:system_integrity::Check all system binaries: CRYP-7902:test:security:crypto::Check expire date of SSL certificates: +CRYP-7930:test:security:crypto::Determine if system uses disk or file encryption: DNS-1600:test:security:dns::Validating that the DNSSEC signatures are checked: DBS-1804:test:security:databases::Checking active MySQL process: DBS-1816:test:security:databases::Checking MySQL root password: -- cgit v1.2.3 From e4498be840cb7deed7745c248fe78c0b1f9f9979 Mon Sep 17 00:00:00 2001 From: Michael Boelen Date: Wed, 10 Jul 2019 20:12:43 +0200 Subject: Added new test: PROC-3802 --- db/tests.db | 1 + 1 file changed, 1 insertion(+) (limited to 'db') diff --git a/db/tests.db b/db/tests.db index 6be553f0..cd978c50 100644 --- a/db/tests.db +++ b/db/tests.db @@ -340,6 +340,7 @@ PROC-3602:test:security:memory_processes:Linux:Checking /proc/meminfo for memory PROC-3604:test:security:memory_processes:Solaris:Query prtconf for memory details: PROC-3612:test:security:memory_processes::Check dead or zombie processes: PROC-3614:test:security:memory_processes::Check heavy IO waiting based processes: +PROC-3802:test:security:memory_processes::Check presence of prelink tooling: RBAC-6272:test:security:mac_frameworks::Check grsecurity presence: SCHD-7702:test:security:scheduling::Check status of cron daemon: SCHD-7704:test:security:scheduling::Check crontab/cronjobs: -- cgit v1.2.3 From 7d33b59b0c21f1713011968e90914f390b0083ab Mon Sep 17 00:00:00 2001 From: Michael Boelen Date: Sun, 14 Jul 2019 13:19:11 +0200 Subject: Added tests --- db/tests.db | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'db') diff --git a/db/tests.db b/db/tests.db index cd978c50..56faba09 100644 --- a/db/tests.db +++ b/db/tests.db @@ -181,6 +181,10 @@ INSE-8116:test:security:insecure_services::Insecure services enabled via xinetd: INSE-8200:test:security:insecure_services::Usage of TCP wrappers: INSE-8300:test:security:insecure_services::Presence of rsh client: INSE-8302:test:security:insecure_services::Presence of rsh server: +INSE-8310:test:security:insecure_services::Presence of telnet client: +INSE-8312:test:security:insecure_services::Presence of telnet server: +INSE-8314:test:security:insecure_services::Presence of NIS client: +INSE-8316:test:security:insecure_services::Presence of NIS server: KRNL-5622:test:security:kernel:Linux:Determine Linux default run level: KRNL-5677:test:security:kernel:Linux:Check CPU options and support: KRNL-5695:test:security:kernel:Linux:Determine Linux kernel version and release number: -- cgit v1.2.3 From 27b2a4dc7a4c1a3cbcb775e9b35810e2b075a2c6 Mon Sep 17 00:00:00 2001 From: Michael Boelen Date: Mon, 15 Jul 2019 20:04:59 +0200 Subject: Renamed STRG-1840 and STRG-1842 --- db/tests.db | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'db') diff --git a/db/tests.db b/db/tests.db index 56faba09..ec7dfde6 100644 --- a/db/tests.db +++ b/db/tests.db @@ -375,8 +375,6 @@ SSH-7404:test:security:ssh::Check SSH daemon file location: SSH-7406:test:security:ssh::Detection of OpenSSH server version: SSH-7408:test:security:ssh::Check SSH specific defined options: SSH-7440:test:security:ssh::AllowUsers and AllowGroups: -STRG-1840:test:security:storage:Linux:Check if USB storage is disabled: -STRG-1842:test:security:storage:Linux:Check USB authorizations: STRG-1846:test:security:storage:Linux:Check if firewire storage is disabled: STRG-1902:test:security:storage_nfs::Check rpcinfo registered programs: STRG-1904:test:security:storage_nfs::Check nfs rpc: @@ -404,5 +402,7 @@ TOOL-5120:test:security:tooling::Presence of Snort IDS: TOOL-5122:test:security:tooling::Snort IDS configuration file: TOOL-5160:test:security:tooling::Check for active OSSEC analysis daemon: TOOL-5190:test:security:tooling::Check presence of available IDS/IPS tooling: +USB-1000:test:security:storage:Linux:Check if USB storage is disabled: +USB-2000:test:security:storage:Linux:Check USB authorizations: USB-3000:test:security:storage:Linux:Check for presence of USBGuard: # EOF -- cgit v1.2.3 From 3213cadd5a389156a03d45c633ba6fdce9bfd30b Mon Sep 17 00:00:00 2001 From: Michael Boelen Date: Tue, 16 Jul 2019 13:13:25 +0200 Subject: Added new tests INSE-8318 and INSE-8320 --- db/tests.db | 2 ++ 1 file changed, 2 insertions(+) (limited to 'db') diff --git a/db/tests.db b/db/tests.db index ec7dfde6..fe73dfc0 100644 --- a/db/tests.db +++ b/db/tests.db @@ -185,6 +185,8 @@ INSE-8310:test:security:insecure_services::Presence of telnet client: INSE-8312:test:security:insecure_services::Presence of telnet server: INSE-8314:test:security:insecure_services::Presence of NIS client: INSE-8316:test:security:insecure_services::Presence of NIS server: +INSE-8318:test:security:insecure_services::Presence of TFTP client: +INSE-8320:test:security:insecure_services::Presence of TFTP server: KRNL-5622:test:security:kernel:Linux:Determine Linux default run level: KRNL-5677:test:security:kernel:Linux:Check CPU options and support: KRNL-5695:test:security:kernel:Linux:Determine Linux kernel version and release number: -- cgit v1.2.3 From 0a6417423f7dad6e6d8c777e70bd9a088736780b Mon Sep 17 00:00:00 2001 From: Michael Boelen Date: Fri, 26 Jul 2019 14:15:09 +0200 Subject: Added HOME-9304 and HOME-9306 --- db/tests.db | 2 ++ 1 file changed, 2 insertions(+) (limited to 'db') diff --git a/db/tests.db b/db/tests.db index fe73dfc0..2a8ac612 100644 --- a/db/tests.db +++ b/db/tests.db @@ -149,6 +149,8 @@ FIRE-4586:test:security:firewalls::Check firewall logging: FIRE-4590:test:security:firewalls::Check firewall status: FIRE-4594:test:security:firewalls::Check for APF presence: HOME-9302:test:security:homedirs::Create list with home directories: +HOME-9304:test:security:homedirs::Test permissions of user home directories: +HOME-9306:test:security:homedirs::Test ownership of user home directories: HOME-9310:test:security:homedirs::Checking for suspicious shell history files: HOME-9350:test:security:homedirs::Collecting information from home directories: HRDN-7220:test:security:hardening::Check if one or more compilers are installed: -- cgit v1.2.3 From a510c1c13645e3b7cf0b3a06e042f1306ab69108 Mon Sep 17 00:00:00 2001 From: Michael Boelen Date: Thu, 8 Aug 2019 12:38:46 +0200 Subject: Sorting and added new strings --- db/languages/en | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) (limited to 'db') diff --git a/db/languages/en b/db/languages/en index fbd62435..34e7f63e 100644 --- a/db/languages/en +++ b/db/languages/en @@ -14,19 +14,22 @@ NOTE_EXCEPTIONS_FOUND="Exceptions found" NOTE_EXCEPTIONS_FOUND_DETAILED="Some exceptional events or information was found" NOTE_PLUGINS_TAKE_TIME="Note: plugins have more extensive tests and may take several minutes to complete" NOTE_SKIPPED_TESTS_NON_PRIVILEGED="Skipped tests due to non-privileged mode" -SECTION_CUSTOM_TESTS="Custom Tests" +SECTION_CUSTOM_TESTS="Custom tests" +SECTION_DATA_UPLOAD="Data upload" +SECTION_INITIALIZING_PROGRAM="Initializing program" SECTION_MALWARE="Malware" SECTION_MEMORY_AND_PROCESSES="Memory and Processes" +SECTION_SYSTEM_TOOLS="System tools" STATUS_DISABLED="DISABLED" STATUS_DONE="DONE" STATUS_ENABLED="ENABLED" STATUS_ERROR="ERROR" +STATUS_FAILED="FAILED" STATUS_FOUND="FOUND" -STATUS_YES="YES" -STATUS_NO="NO" STATUS_OFF="OFF" STATUS_OK="OK" STATUS_ON="ON" +STATUS_NO="NO" STATUS_NONE="NONE" STATUS_NOT_FOUND="NOT FOUND" STATUS_NOT_RUNNING="NOT RUNNING" @@ -36,5 +39,6 @@ STATUS_SUGGESTION="SUGGESTION" STATUS_UNKNOWN="UNKNOWN" STATUS_WARNING="WARNING" STATUS_WEAK="WEAK" +STATUS_YES="YES" TEXT_YOU_CAN_HELP_LOGFILE="You can help by providing your log file" TEXT_UPDATE_AVAILABLE="update available" -- cgit v1.2.3 From 3e392c8e6c6b9dc4df347180183b29b586b47881 Mon Sep 17 00:00:00 2001 From: Michael Boelen Date: Tue, 13 Aug 2019 21:40:29 +0200 Subject: Added end-of-life data for Arch Linux (rolling) --- db/software-eol.db | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'db') diff --git a/db/software-eol.db b/db/software-eol.db index 7b511237..1d8505fb 100644 --- a/db/software-eol.db +++ b/db/software-eol.db @@ -9,6 +9,10 @@ # # Date can be converted on Linux using: date "+%s" --date=2020-01-01 # +# Arch Linux +# +os:Arch Linux:2286-11-20:9999999999: +# # CentOS # os:CentOS release 5:2017-03-31:1490911200: -- cgit v1.2.3 From e5b8047133a2f5107f4096c265ff075083e31776 Mon Sep 17 00:00:00 2001 From: Michael Boelen Date: Tue, 13 Aug 2019 22:00:30 +0200 Subject: Added data and detection of Amazon Linux --- db/software-eol.db | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'db') diff --git a/db/software-eol.db b/db/software-eol.db index 1d8505fb..87f5a065 100644 --- a/db/software-eol.db +++ b/db/software-eol.db @@ -9,6 +9,11 @@ # # Date can be converted on Linux using: date "+%s" --date=2020-01-01 # +# Amazon Linux +# +os:Amazon Linux:2020-06-30:1593468000: +os:Amazon Linux 2:2023-06-26:1687730400: +# # Arch Linux # os:Arch Linux:2286-11-20:9999999999: -- cgit v1.2.3 From d3464d88b117b7fbb164c708b6a889a4391e132b Mon Sep 17 00:00:00 2001 From: Michael Boelen Date: Wed, 21 Aug 2019 14:08:17 +0200 Subject: [CRYP-7930] changed description --- db/tests.db | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'db') diff --git a/db/tests.db b/db/tests.db index 2a8ac612..5395c1b4 100644 --- a/db/tests.db +++ b/db/tests.db @@ -84,7 +84,7 @@ CONT-8107:test:performance:containers::Check number of unused Docker containers: CONT-8108:test:security:containers::Check file permissions for Docker files: CORE-1000:test:performance:system_integrity::Check all system binaries: CRYP-7902:test:security:crypto::Check expire date of SSL certificates: -CRYP-7930:test:security:crypto::Determine if system uses disk or file encryption: +CRYP-7930:test:security:crypto:Linux:Determine if system uses LUKS encryption: DNS-1600:test:security:dns::Validating that the DNSSEC signatures are checked: DBS-1804:test:security:databases::Checking active MySQL process: DBS-1816:test:security:databases::Checking MySQL root password: -- cgit v1.2.3 From d2deb63ebb416b957ba973a014ea6588103f3cfc Mon Sep 17 00:00:00 2001 From: Michael Boelen Date: Thu, 22 Aug 2019 14:12:53 +0200 Subject: Added NETW-3200 --- db/tests.db | 1 + 1 file changed, 1 insertion(+) (limited to 'db') diff --git a/db/tests.db b/db/tests.db index 5395c1b4..0eac8186 100644 --- a/db/tests.db +++ b/db/tests.db @@ -288,6 +288,7 @@ NETW-3015:test:security:networking:Linux:Checking promiscuous interfaces (Linux) NETW-3028:test:security:networking::Checking connections in WAIT state: NETW-3030:test:security:networking::Checking DHCP client status: NETW-3032:test:security:networking:Linux:Checking for ARP monitoring software: +NETW-3200:test:security:networking::Determine available network protocols: PHP-2211:test:security:php::Check php.ini presence: PHP-2320:test:security:php::Check PHP disabled functions: PHP-2368:test:security:php::Check PHP register_globals option: -- cgit v1.2.3 From f89aa984087c2e22582aa5185855c0e4b5522fb6 Mon Sep 17 00:00:00 2001 From: Michael Boelen Date: Mon, 26 Aug 2019 08:02:11 +0200 Subject: Added FINT-4316 --- db/tests.db | 1 + 1 file changed, 1 insertion(+) (limited to 'db') diff --git a/db/tests.db b/db/tests.db index 0eac8186..f7460e6e 100644 --- a/db/tests.db +++ b/db/tests.db @@ -121,6 +121,7 @@ FILE-7524:test:security:file_permissions::Perform file permissions check: FINT-4310:test:security:file_integrity::AFICK availability: FINT-4314:test:security:file_integrity::AIDE availability: FINT-4315:test:security:file_integrity::Check AIDE configuration file: +FINT-4316:test:security:file_integirty::Presence of AIDE database and size check: FINT-4318:test:security:file_integrity::Osiris availability: FINT-4322:test:security:file_integrity::Samhain availability: FINT-4326:test:security:file_integrity::Tripwire availability: -- cgit v1.2.3 From 1e4e00adeaef0b119c6831c3cd8a1aa5b47e64b9 Mon Sep 17 00:00:00 2001 From: Michael Boelen Date: Wed, 28 Aug 2019 15:37:35 +0200 Subject: Changed description of TOOL-5160 --- db/tests.db | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'db') diff --git a/db/tests.db b/db/tests.db index f7460e6e..dea85fba 100644 --- a/db/tests.db +++ b/db/tests.db @@ -406,7 +406,7 @@ TOOL-5102:test:security:tooling::Check for presence of Fail2ban: TOOL-5104:test:security:tooling::Enabled tests for Fail2ban: TOOL-5120:test:security:tooling::Presence of Snort IDS: TOOL-5122:test:security:tooling::Snort IDS configuration file: -TOOL-5160:test:security:tooling::Check for active OSSEC analysis daemon: +TOOL-5160:test:security:tooling::Check for active OSSEC daemon: TOOL-5190:test:security:tooling::Check presence of available IDS/IPS tooling: USB-1000:test:security:storage:Linux:Check if USB storage is disabled: USB-2000:test:security:storage:Linux:Check USB authorizations: -- cgit v1.2.3 From a87c2b10f9ce15d51344c8531e143bbc52a106e7 Mon Sep 17 00:00:00 2001 From: Michael Boelen Date: Thu, 29 Aug 2019 10:39:43 +0200 Subject: Added CRYP-8002 --- db/tests.db | 1 + 1 file changed, 1 insertion(+) (limited to 'db') diff --git a/db/tests.db b/db/tests.db index dea85fba..77ec7fbb 100644 --- a/db/tests.db +++ b/db/tests.db @@ -85,6 +85,7 @@ CONT-8108:test:security:containers::Check file permissions for Docker files: CORE-1000:test:performance:system_integrity::Check all system binaries: CRYP-7902:test:security:crypto::Check expire date of SSL certificates: CRYP-7930:test:security:crypto:Linux:Determine if system uses LUKS encryption: +CRYP-8002:test:security:crypto:Linux:Gather kernel entropy: DNS-1600:test:security:dns::Validating that the DNSSEC signatures are checked: DBS-1804:test:security:databases::Checking active MySQL process: DBS-1816:test:security:databases::Checking MySQL root password: -- cgit v1.2.3 From b8c3c55d6868634f5a536c33a59c3c7bab0f34bb Mon Sep 17 00:00:00 2001 From: 2*yo Date: Tue, 3 Sep 2019 10:41:13 +0200 Subject: Add Debian EOL --- db/software-eol.db | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'db') diff --git a/db/software-eol.db b/db/software-eol.db index 87f5a065..4d40d6d3 100644 --- a/db/software-eol.db +++ b/db/software-eol.db @@ -69,3 +69,12 @@ os:Slackware Linux 12.2:2013-12-09:1386540000: os:Slackware Linux 13.0:2018-07-05:1530738000: os:Slackware Linux 13.1:2018-07-05:1530738000: os:Slackware Linux 13.37:2018-07-05:1530738000: +# +# Debian - https://wiki.debian.org/DebianReleases#Production_Releases +# +os:Debian 5.0:2012-02-06:1328482800 +os:Debian 6.0:2016-02-29:1456700400 +os:Debian 7:2018-05-31:1527717600 +os:Debian 8:2020-06-30:1593468000 +os:Debian 9:2022-01-01:1640991600 +os:Debian 10:2022-01-01:1640991600 -- cgit v1.2.3 From b3cb6e91f057db77a875e70d2e523a07a01f2f33 Mon Sep 17 00:00:00 2001 From: Michael Boelen Date: Tue, 3 Sep 2019 10:55:05 +0200 Subject: Ordering of entries --- db/software-eol.db | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) (limited to 'db') diff --git a/db/software-eol.db b/db/software-eol.db index 4d40d6d3..0c185153 100644 --- a/db/software-eol.db +++ b/db/software-eol.db @@ -24,6 +24,15 @@ os:CentOS release 5:2017-03-31:1490911200: os:CentOS release 6:2020-11-30:1606690800: os:CentOS Linux release 7:2024-06-30:1719698400: # +# Debian - https://wiki.debian.org/DebianReleases#Production_Releases +# +os:Debian 5.0:2012-02-06:1328482800: +os:Debian 6.0:2016-02-29:1456700400: +os:Debian 7:2018-05-31:1527717600: +os:Debian 8:2020-06-30:1593468000: +os:Debian 9:2022-01-01:1640991600: +os:Debian 10:2022-01-01:1640991600: +# # FreeBSD - https://www.freebsd.org/security/unsupported.html # os:FreeBSD 9.3:2014-12-31:0: @@ -69,12 +78,3 @@ os:Slackware Linux 12.2:2013-12-09:1386540000: os:Slackware Linux 13.0:2018-07-05:1530738000: os:Slackware Linux 13.1:2018-07-05:1530738000: os:Slackware Linux 13.37:2018-07-05:1530738000: -# -# Debian - https://wiki.debian.org/DebianReleases#Production_Releases -# -os:Debian 5.0:2012-02-06:1328482800 -os:Debian 6.0:2016-02-29:1456700400 -os:Debian 7:2018-05-31:1527717600 -os:Debian 8:2020-06-30:1593468000 -os:Debian 9:2022-01-01:1640991600 -os:Debian 10:2022-01-01:1640991600 -- cgit v1.2.3 From 157c23e892596e200dee974c8732f0abb73c27a9 Mon Sep 17 00:00:00 2001 From: Michael Boelen Date: Thu, 12 Sep 2019 11:14:44 +0200 Subject: Added additional string --- db/languages/en | 1 + 1 file changed, 1 insertion(+) (limited to 'db') diff --git a/db/languages/en b/db/languages/en index 34e7f63e..716a584c 100644 --- a/db/languages/en +++ b/db/languages/en @@ -31,6 +31,7 @@ STATUS_OK="OK" STATUS_ON="ON" STATUS_NO="NO" STATUS_NONE="NONE" +STATUS_NOT_CONFIGURED="NOT CONFIGURED" STATUS_NOT_FOUND="NOT FOUND" STATUS_NOT_RUNNING="NOT RUNNING" STATUS_RUNNING="RUNNING" -- cgit v1.2.3 From f188bac7e8b92a4d1d933e5ed961c0417d4e1aeb Mon Sep 17 00:00:00 2001 From: Michael Boelen Date: Tue, 8 Oct 2019 15:10:02 +0200 Subject: Update description for FILE-6374 --- db/tests.db | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'db') diff --git a/db/tests.db b/db/tests.db index 77ec7fbb..000883e2 100644 --- a/db/tests.db +++ b/db/tests.db @@ -113,7 +113,7 @@ FILE-6362:test:security:filesystems::Checking /tmp sticky bit: FILE-6363:test:security:filesystems::Checking /var/tmp sticky bit: FILE-6368:test:security:filesystems:Linux:Checking ACL support on root file system: FILE-6372:test:security:filesystems:Linux:Checking / mount options: -FILE-6374:test:security:filesystems:Linux:Checking /boot mount options: +FILE-6374:test:security:filesystems:Linux:Linux mount options: FILE-6376:test:security:filesystems:Linux:Determine if /var/tmp is bound to /tmp: FILE-6410:test:security:filesystems::Checking Locate database: FILE-6430:test:security:filesystems::Disable mounting of some filesystems: -- cgit v1.2.3 From 87f559695267d114bde01b5dc8f2be4425aade41 Mon Sep 17 00:00:00 2001 From: Michael Boelen Date: Tue, 8 Oct 2019 15:15:18 +0200 Subject: Added new test DBS-1828 --- db/tests.db | 1 + 1 file changed, 1 insertion(+) (limited to 'db') diff --git a/db/tests.db b/db/tests.db index 000883e2..b43cef54 100644 --- a/db/tests.db +++ b/db/tests.db @@ -92,6 +92,7 @@ DBS-1816:test:security:databases::Checking MySQL root password: DBS-1818:test:security:databases::MongoDB status: DBS-1820:test:security:databases::Check MongoDB authentication: DBS-1826:test:security:databases::Checking active PostgreSQL processes: +DBS-1828:test:security:databases::PostgreSQL configuration files: DBS-1840:test:security:databases::Checking active Oracle processes: DBS-1860:test:security:databases::Checking active DB2 instances: DBS-1880:test:security:databases::Checking active Redis processes: -- cgit v1.2.3 From c88953a81531dc05d049077763d1c7151ce55651 Mon Sep 17 00:00:00 2001 From: pyllyukko Date: Tue, 8 Oct 2019 20:31:35 +0300 Subject: Test SINT-7010 in macOS only --- db/tests.db | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'db') diff --git a/db/tests.db b/db/tests.db index b43cef54..cbe892b9 100644 --- a/db/tests.db +++ b/db/tests.db @@ -363,7 +363,7 @@ SHLL-6202:test:security:shells:FreeBSD:Check console TTYs: SHLL-6211:test:security:shells::Checking available and valid shells: SHLL-6220:test:security:shells::Checking available and valid shells: SHLL-6230:test:security:shells::Perform umask check for shell configurations: -SINT-7010:test:security:system_integrity::System Integrity Status: +SINT-7010:test:security:system_integrity:MacOS:System Integrity Status: SNMP-3302:test:security:snmp::Check for running SNMP daemon: SNMP-3304:test:security:snmp::Check SNMP daemon file location: SNMP-3306:test:security:snmp::Check SNMP communities: -- cgit v1.2.3 From 3bbe34ea736968e572dbc65aaec2d91e217c6eff Mon Sep 17 00:00:00 2001 From: Michael Boelen Date: Sat, 15 Feb 2020 14:09:56 +0100 Subject: [CRYP-8004] enhanced after pulling in initital test --- db/tests.db | 1 + 1 file changed, 1 insertion(+) (limited to 'db') diff --git a/db/tests.db b/db/tests.db index cbe892b9..e057c06e 100644 --- a/db/tests.db +++ b/db/tests.db @@ -86,6 +86,7 @@ CORE-1000:test:performance:system_integrity::Check all system binaries: CRYP-7902:test:security:crypto::Check expire date of SSL certificates: CRYP-7930:test:security:crypto:Linux:Determine if system uses LUKS encryption: CRYP-8002:test:security:crypto:Linux:Gather kernel entropy: +CRYP-8004:test:security:crypto:Linux:Presence of hardware number generator: DNS-1600:test:security:dns::Validating that the DNSSEC signatures are checked: DBS-1804:test:security:databases::Checking active MySQL process: DBS-1816:test:security:databases::Checking MySQL root password: -- cgit v1.2.3 From 3aaeeea856f6e939c5b8d50d995e9e3eaa80fb35 Mon Sep 17 00:00:00 2001 From: Topi Miettinen Date: Thu, 19 Mar 2020 15:42:16 +0200 Subject: Check for rEFInd boot loader Detect rEFInd boot loader (https://www.rodsbooks.com/refind/). Signed-off-by: Topi Miettinen --- db/tests.db | 1 + 1 file changed, 1 insertion(+) (limited to 'db') diff --git a/db/tests.db b/db/tests.db index e057c06e..359760b9 100644 --- a/db/tests.db +++ b/db/tests.db @@ -57,6 +57,7 @@ BOOT-5102:test:security:boot_services:AIX:Check for AIX boot device: BOOT-5104:test:security:boot_services::Determine service manager: BOOT-5106:test:security:boot_services:MacOS:Check EFI boot file on macOS: BOOT-5108:test:security:boot_services:Linux:Test Syslinux boot loader: +BOOT-5109:test:security:boot_services:Linux:Test rEFInd boot loader: BOOT-5116:test:security:boot_services::Check if system is booted in UEFI mode: BOOT-5117:test:security:boot_services:Linux:Check for systemd-boot boot loader: BOOT-5121:test:security:boot_services::Check for GRUB boot loader presence: -- cgit v1.2.3 From 820d2ec60774e558f24f09357827d98d0c766efe Mon Sep 17 00:00:00 2001 From: Topi Miettinen Date: Thu, 19 Mar 2020 23:53:57 +0200 Subject: Check DNSSEC status with resolvectl when available 'resolvectl statistics' shows if DNSSEC is supported by systemd-resolved and upstream DNS servers. Signed-off-by: Topi Miettinen --- db/tests.db | 1 + 1 file changed, 1 insertion(+) (limited to 'db') diff --git a/db/tests.db b/db/tests.db index 359760b9..e45d2d9a 100644 --- a/db/tests.db +++ b/db/tests.db @@ -283,6 +283,7 @@ NAME-4408:test:security:nameservices::Check localhost to IP mapping: NETW-2600:test:security:networking:Linux:Checking IPv6 configuration: NETW-2704:test:security:networking::Basic nameserver configuration tests: NETW-2705:test:security:networking::Check availability two nameservers: +NETW-2705:test:security:networking::Check DNSSEC status: NETW-3001:test:security:networking::Find default gateway (route): NETW-3004:test:security:networking::Search available network interfaces: NETW-3006:test:security:networking::Get network MAC addresses: -- cgit v1.2.3 From 8f37edb62699316e2992a9c768b83cfde17d01ed Mon Sep 17 00:00:00 2001 From: Michael Boelen Date: Fri, 20 Mar 2020 09:46:08 +0100 Subject: Update tests.db Corrected test ID --- db/tests.db | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'db') diff --git a/db/tests.db b/db/tests.db index e45d2d9a..d051c77d 100644 --- a/db/tests.db +++ b/db/tests.db @@ -283,7 +283,7 @@ NAME-4408:test:security:nameservices::Check localhost to IP mapping: NETW-2600:test:security:networking:Linux:Checking IPv6 configuration: NETW-2704:test:security:networking::Basic nameserver configuration tests: NETW-2705:test:security:networking::Check availability two nameservers: -NETW-2705:test:security:networking::Check DNSSEC status: +NETW-2706:test:security:networking::Check DNSSEC status: NETW-3001:test:security:networking::Find default gateway (route): NETW-3004:test:security:networking::Search available network interfaces: NETW-3006:test:security:networking::Get network MAC addresses: -- cgit v1.2.3 From 27cdcec7416a4869e166a00432fe880165a831a6 Mon Sep 17 00:00:00 2001 From: Michael Boelen Date: Fri, 20 Mar 2020 14:57:28 +0100 Subject: Add CentOS 7 (Core) --- db/software-eol.db | 1 + 1 file changed, 1 insertion(+) (limited to 'db') diff --git a/db/software-eol.db b/db/software-eol.db index 0c185153..d0452616 100644 --- a/db/software-eol.db +++ b/db/software-eol.db @@ -23,6 +23,7 @@ os:Arch Linux:2286-11-20:9999999999: os:CentOS release 5:2017-03-31:1490911200: os:CentOS release 6:2020-11-30:1606690800: os:CentOS Linux release 7:2024-06-30:1719698400: +os:CentOS Linux 7 (Core):2024-06-30:1719698400: # # Debian - https://wiki.debian.org/DebianReleases#Production_Releases # -- cgit v1.2.3 From 724acf1be5c2cad92c9ca9ea6e7be0cbdc3a32e5 Mon Sep 17 00:00:00 2001 From: Michael Boelen Date: Fri, 20 Mar 2020 19:33:10 +0100 Subject: Added CentOS 8 end-of-life --- db/software-eol.db | 1 + 1 file changed, 1 insertion(+) (limited to 'db') diff --git a/db/software-eol.db b/db/software-eol.db index d0452616..a3aaa93c 100644 --- a/db/software-eol.db +++ b/db/software-eol.db @@ -24,6 +24,7 @@ os:CentOS release 5:2017-03-31:1490911200: os:CentOS release 6:2020-11-30:1606690800: os:CentOS Linux release 7:2024-06-30:1719698400: os:CentOS Linux 7 (Core):2024-06-30:1719698400: +os:CentOS Linux 8 (Core):2029-05-31:1874872800: # # Debian - https://wiki.debian.org/DebianReleases#Production_Releases # -- cgit v1.2.3 From af03c07d9fd81225d8c975c62e352d01e4c88e9a Mon Sep 17 00:00:00 2001 From: Michael Boelen Date: Fri, 20 Mar 2020 19:39:49 +0100 Subject: Shortened CentOS 7/8 strings to allow match and added note --- db/software-eol.db | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'db') diff --git a/db/software-eol.db b/db/software-eol.db index a3aaa93c..eb5353ff 100644 --- a/db/software-eol.db +++ b/db/software-eol.db @@ -9,6 +9,9 @@ # # Date can be converted on Linux using: date "+%s" --date=2020-01-01 # +# Note: Full string for CentOS can be something like 'CentOS Linux 8 (Core)'. +# As this does not properly match, shorter string is used for matching. +# # Amazon Linux # os:Amazon Linux:2020-06-30:1593468000: @@ -22,9 +25,8 @@ os:Arch Linux:2286-11-20:9999999999: # os:CentOS release 5:2017-03-31:1490911200: os:CentOS release 6:2020-11-30:1606690800: -os:CentOS Linux release 7:2024-06-30:1719698400: -os:CentOS Linux 7 (Core):2024-06-30:1719698400: -os:CentOS Linux 8 (Core):2029-05-31:1874872800: +os:CentOS Linux 7:2024-06-30:1719698400: +os:CentOS Linux 8:2029-05-31:1874872800: # # Debian - https://wiki.debian.org/DebianReleases#Production_Releases # -- cgit v1.2.3 From 52344913d3ac3fe1c7120a9c4395d5a3f961e314 Mon Sep 17 00:00:00 2001 From: Brian Ginsbach Date: Thu, 19 Mar 2020 15:41:35 -0500 Subject: Add a way to signify undetermined EOL Replace setting an artificaly high date and converted date for operating systems with no EOL (rolling) or the EOL is still to be determined. This makes it easier for humans and saves making a comparison (when using an artifically high converted time) will always be false (EOL=0). An example entry os:AGreatOS 2.0::-1: The converted time (seconds since the epoch) could be specified as zero but this typically means the OS is out of date (now), A value of -1 is a convention indicating no EOL. --- db/software-eol.db | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'db') diff --git a/db/software-eol.db b/db/software-eol.db index d0452616..124334e9 100644 --- a/db/software-eol.db +++ b/db/software-eol.db @@ -9,6 +9,9 @@ # # Date can be converted on Linux using: date "+%s" --date=2020-01-01 # +# Note: For rolling releases or releases that do not (currently have an +# EOL date, leave field three empty and set field four to -1. +# # Amazon Linux # os:Amazon Linux:2020-06-30:1593468000: @@ -16,7 +19,7 @@ os:Amazon Linux 2:2023-06-26:1687730400: # # Arch Linux # -os:Arch Linux:2286-11-20:9999999999: +os:Arch Linux::-1: # # CentOS # -- cgit v1.2.3 From 50fc3f816a87824f0891b25d099b7270743e99fa Mon Sep 17 00:00:00 2001 From: Brian Ginsbach Date: Thu, 19 Mar 2020 15:58:50 -0500 Subject: Add NetBSD EOL data --- db/software-eol.db | 49 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 49 insertions(+) (limited to 'db') diff --git a/db/software-eol.db b/db/software-eol.db index 124334e9..a1eb43c7 100644 --- a/db/software-eol.db +++ b/db/software-eol.db @@ -48,6 +48,55 @@ os:FreeBSD 10.4:2018-10-31:0: os:FreeBSD 11.0:2017-11-30:0: os:FreeBSD 11.1:2018-09-30:0: # +# NetBSD - https://www.netbsd.org/support/security/release.html and +# https://www.netbsd.org/releases/formal.html +# +os:NetBSD 2.0:2008-01-19:0: +os:NetBSD 2.0.1:2008-01-19:0: +os:NetBSD 2.0.2:2008-01-19:0: +os:NetBSD 2.0.3:2008-01-19:0: +os:NetBSD 2.1:2008-01-19:0: +os:NetBSD 3.0:2009-09-29:0: +os:NetBSD 3.0.1:2009-09-29:0: +os:NetBSD 3.0.2:2009-09-29:0: +os:NetBSD 3.1:2009-09-29:0: +os:NetBSD 4.0:2012-11-17:0: +os:NetBSD 4.0.1:2012-11-17:0: +os:NetBSD 5.0:2015-11-17:0: +os:NetBSD 5.0.1:2015-10-17:0: +os:NetBSD 5.0.2:2015-10-17:0: +os:NetBSD 5.1:2015-10-17:0: +os:NetBSD 5.1.1:2015-10-17:0: +os:NetBSD 5.1.2:2015-10-17:0: +os:NetBSD 5.1.3:2015-10-17:0: +os:NetBSD 5.1.4:2015-10-17:0: +os:NetBSD 5.1.5:2015-10-17:0: +os:NetBSD 5.2.1:2015-10-17:0: +os:NetBSD 5.2.2:2015-10-17:0: +os:NetBSD 5.2.3:2015-10-17:0: +os:NetBSD 6.0:2017-09-17:0: +os:NetBSD 6.0.1:2017-09-17:0: +os:NetBSD 6.0.2:2017-09-17:0: +os:NetBSD 6.0.3:2017-09-17:0: +os:NetBSD 6.0.4:2017-09-17:0: +os:NetBSD 6.0.5:2017-09-17:0: +os:NetBSD 6.1:2017-09-17:0: +os:NetBSD 6.1.1:2017-09-17:0: +os:NetBSD 6.1.2:2017-09-17:0: +os:NetBSD 6.1.3:2017-09-17:0: +os:NetBSD 6.1.4:2017-09-17:0: +os:NetBSD 6.1.5:2017-09-17:0: +os:NetBSD 7.0:2020-03-14:1584162000: +os:NetBSD 7.0.1:2020-03-14:1584162000: +os:NetBSD 7.0.2:2020-03-14:1584162000: +os:NetBSD 7.1:2020-03-14:1584162000: +os:NetBSD 7.1.1:2020-03-14:1584162000: +os:NetBSD 7.1.1:2020-03-14:1584162000: +os:NetBSD 7.2:2020-03-14:1584162000: +os:NetBSD 8.0::-1: +os:NetBSD 8.1::-1: +os:NetBSD 9.0::-1: +# # OpenBSD - https://en.wikipedia.org/wiki/OpenBSD_version_history # os:OpenBSD 5.8:2016-09-01:0: -- cgit v1.2.3 From 4a51ad031b371dd60ed79f125fa68b787d31a840 Mon Sep 17 00:00:00 2001 From: Topi Miettinen Date: Sat, 21 Mar 2020 12:50:38 +0200 Subject: Check password hashing methods Manual page crypt(5) gives recommendations for choosing password hashing methods, so let's check if there are weakly encrypted passwords in the system. Signed-off-by: Topi Miettinen --- db/tests.db | 1 + 1 file changed, 1 insertion(+) (limited to 'db') diff --git a/db/tests.db b/db/tests.db index d051c77d..fce9a691 100644 --- a/db/tests.db +++ b/db/tests.db @@ -22,6 +22,7 @@ AUTH-9218:test:security:authentication:FreeBSD:Check harmful login shells: AUTH-9222:test:security:authentication::Check for non unique groups: AUTH-9226:test:security:authentication::Check non unique group names: AUTH-9228:test:security:authentication::Check password file consistency with pwck: +AUTH-9229:test:security:authentication::Check password hashing methods: AUTH-9234:test:security:authentication::Query user accounts: AUTH-9240:test:security:authentication::Query NIS+ authentication support: AUTH-9242:test:security:authentication::Query NIS authentication support: -- cgit v1.2.3 From 26a54991ba6a09f1fcc5f8f68cb9ae64539c8230 Mon Sep 17 00:00:00 2001 From: Topi Miettinen Date: Sat, 21 Mar 2020 14:12:06 +0200 Subject: Check for software pseudo random number generators Check for running audio-entropyd, havegd or jitterentropy-rngd. Signed-off-by: Topi Miettinen --- db/tests.db | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'db') diff --git a/db/tests.db b/db/tests.db index d051c77d..76884a45 100644 --- a/db/tests.db +++ b/db/tests.db @@ -87,7 +87,8 @@ CORE-1000:test:performance:system_integrity::Check all system binaries: CRYP-7902:test:security:crypto::Check expire date of SSL certificates: CRYP-7930:test:security:crypto:Linux:Determine if system uses LUKS encryption: CRYP-8002:test:security:crypto:Linux:Gather kernel entropy: -CRYP-8004:test:security:crypto:Linux:Presence of hardware number generator: +CRYP-8004:test:security:crypto:Linux:Presence of hardware random number generators: +CRYP-8005:test:security:crypto:Linux:Presence of software pseudo random number generators: DNS-1600:test:security:dns::Validating that the DNSSEC signatures are checked: DBS-1804:test:security:databases::Checking active MySQL process: DBS-1816:test:security:databases::Checking MySQL root password: -- cgit v1.2.3 From 203a4d34801ec37200d2ec190328f6c27ad71b78 Mon Sep 17 00:00:00 2001 From: Topi Miettinen Date: Sun, 22 Mar 2020 11:18:00 +0200 Subject: Check IMA/EVM status Check for evmctl (Extended Verification Module) tool and system IMA (Integrity Measurement Architecture) status. Signed-off-by: Topi Miettinen --- db/tests.db | 1 + 1 file changed, 1 insertion(+) (limited to 'db') diff --git a/db/tests.db b/db/tests.db index 76884a45..44a9a410 100644 --- a/db/tests.db +++ b/db/tests.db @@ -135,6 +135,7 @@ FINT-4330:test:security:file_integrity::mtree availability: FINT-4334:test:security:file_integrity::Check lfd daemon status: FINT-4336:test:security:file_integrity::Check lfd configuration status: FINT-4338:test:security:file_integrity::osqueryd syscheck daemon running: +FINT-4339:test:security:file_integrity:Linux:Check IMA/EVM Status FINT-4350:test:security:file_integrity::File integrity software installed: FINT-4402:test:security:file_integrity::Checksums (SHA256 or SHA512): FIRE-4502:test:security:firewalls:Linux:Check iptables kernel module: -- cgit v1.2.3 From 8ea39314f2a028bca4ff53842258459c8ca018d3 Mon Sep 17 00:00:00 2001 From: Topi Miettinen Date: Mon, 23 Mar 2020 10:35:38 +0200 Subject: Check for dm-integrity and dm-verity Detect tools for dm-integrity and dm-verity, check if some devices in /dev/mapper/* use them and especially the system root device. Signed-off-by: Topi Miettinen --- db/tests.db | 2 ++ 1 file changed, 2 insertions(+) (limited to 'db') diff --git a/db/tests.db b/db/tests.db index 44a9a410..3fc66b9a 100644 --- a/db/tests.db +++ b/db/tests.db @@ -136,6 +136,8 @@ FINT-4334:test:security:file_integrity::Check lfd daemon status: FINT-4336:test:security:file_integrity::Check lfd configuration status: FINT-4338:test:security:file_integrity::osqueryd syscheck daemon running: FINT-4339:test:security:file_integrity:Linux:Check IMA/EVM Status +FINT-4340:test:security:file_integrity:Linux:Check dm-integrity status +FINT-4341:test:security:file_integrity:Linux:Check dm-verity status FINT-4350:test:security:file_integrity::File integrity software installed: FINT-4402:test:security:file_integrity::Checksums (SHA256 or SHA512): FIRE-4502:test:security:firewalls:Linux:Check iptables kernel module: -- cgit v1.2.3 From 8913374092acf285b492abcffde3d97406ec88f1 Mon Sep 17 00:00:00 2001 From: Topi Miettinen Date: Thu, 19 Mar 2020 22:40:54 +0200 Subject: Run 'systemd-analyze security' 'systemd-analyze security' (available since systemd v240) makes a nice overall evaluation of hardening levels of services in a system. More details can be found with 'systemd-analyze security SERVICE' for each service. Signed-off-by: Topi Miettinen --- db/tests.db | 1 + 1 file changed, 1 insertion(+) (limited to 'db') diff --git a/db/tests.db b/db/tests.db index 79cfe6ce..34af6fdd 100644 --- a/db/tests.db +++ b/db/tests.db @@ -78,6 +78,7 @@ BOOT-5260:test:security:boot_services::Check single user mode for systemd: BOOT-5261:test:security:boot_services:DragonFly:Check for DragonFly boot loader presence: BOOT-5262:test:security:boot_services:OpenBSD:Check for OpenBSD boot daemons: BOOT-5263:test:security:boot_services:OpenBSD:Check permissions for boot files/scripts: +BOOT-5264:test:security:boot_services:Linux:Run systemd-analyze security: CONT-8004:test:security:containers:Solaris:Query running Solaris zones: CONT-8102:test:security:containers::Checking Docker status and information: CONT-8104:test:security:containers::Checking Docker info for any warnings: -- cgit v1.2.3 From 6818db5e127e732db432a119c9894c663995ed5e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20Sj=C3=B6gren?= Date: Tue, 24 Mar 2020 11:43:34 +0100 Subject: add AUTH-9230 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Thomas Sjögren --- db/tests.db | 1 + 1 file changed, 1 insertion(+) (limited to 'db') diff --git a/db/tests.db b/db/tests.db index 79cfe6ce..220d76e1 100644 --- a/db/tests.db +++ b/db/tests.db @@ -23,6 +23,7 @@ AUTH-9222:test:security:authentication::Check for non unique groups: AUTH-9226:test:security:authentication::Check non unique group names: AUTH-9228:test:security:authentication::Check password file consistency with pwck: AUTH-9229:test:security:authentication::Check password hashing methods: +AUTH-9230:test:security:authentication::Check group password hashing rounds: AUTH-9234:test:security:authentication::Query user accounts: AUTH-9240:test:security:authentication::Query NIS+ authentication support: AUTH-9242:test:security:authentication::Query NIS authentication support: -- cgit v1.2.3 From 5e821687af6025980d9a94f5520b8bf849bcd0dc Mon Sep 17 00:00:00 2001 From: Michael Boelen Date: Tue, 24 Mar 2020 13:33:24 +0100 Subject: Added new tests --- db/tests.db | 3 +++ 1 file changed, 3 insertions(+) (limited to 'db') diff --git a/db/tests.db b/db/tests.db index 43a48c12..d401424c 100644 --- a/db/tests.db +++ b/db/tests.db @@ -413,6 +413,9 @@ TIME-3136:test:security:time:Linux:Check NTP protocol version: TIME-3148:test:performance:time:Linux:Check TZ variable: TIME-3160:test:security:time:Linux:Check empty NTP step-tickers: TIME-3170:test:security:time::Check configuration files: +TIME-3180:test:security:time::Report if ntpctl cannot communicate with OpenNTPD: +TIME-3181:test:security:time::Check status of OpenNTPD time synchronisation +TIME-3182:test:security:time::Check OpenNTPD has working peers TOOL-5002:test:security:tooling::Checking for automation tools: TOOL-5102:test:security:tooling::Check for presence of Fail2ban: TOOL-5104:test:security:tooling::Enabled tests for Fail2ban: -- cgit v1.2.3 From 5c5cc43c6f7effe83adc8eeb65e7202e5ce10a73 Mon Sep 17 00:00:00 2001 From: Topi Miettinen Date: Fri, 27 Mar 2020 13:00:09 +0200 Subject: Check if system uses encrypted swap devices Add test CRYP-7931 to check if the system uses any encrypted swap devices. Signed-off-by: Topi Miettinen --- db/tests.db | 1 + 1 file changed, 1 insertion(+) (limited to 'db') diff --git a/db/tests.db b/db/tests.db index d401424c..9b978fa5 100644 --- a/db/tests.db +++ b/db/tests.db @@ -89,6 +89,7 @@ CONT-8108:test:security:containers::Check file permissions for Docker files: CORE-1000:test:performance:system_integrity::Check all system binaries: CRYP-7902:test:security:crypto::Check expire date of SSL certificates: CRYP-7930:test:security:crypto:Linux:Determine if system uses LUKS encryption: +CRYP-7931:test:security:crypto:Linux:Determine if system uses encrypted swap: CRYP-8002:test:security:crypto:Linux:Gather kernel entropy: CRYP-8004:test:security:crypto:Linux:Presence of hardware random number generators: CRYP-8005:test:security:crypto:Linux:Presence of software pseudo random number generators: -- cgit v1.2.3 From 4cf21ebdcc3310265fd923907b08080f6af0f346 Mon Sep 17 00:00:00 2001 From: Michael Boelen Date: Wed, 1 Apr 2020 16:19:09 +0200 Subject: Added FILE-6394 --- db/tests.db | 1 + 1 file changed, 1 insertion(+) (limited to 'db') diff --git a/db/tests.db b/db/tests.db index d401424c..48430806 100644 --- a/db/tests.db +++ b/db/tests.db @@ -122,6 +122,7 @@ FILE-6368:test:security:filesystems:Linux:Checking ACL support on root file syst FILE-6372:test:security:filesystems:Linux:Checking / mount options: FILE-6374:test:security:filesystems:Linux:Linux mount options: FILE-6376:test:security:filesystems:Linux:Determine if /var/tmp is bound to /tmp: +FILE-6394:test:performance:filesystems:Linux:Test swappiness of virtual memory: FILE-6410:test:security:filesystems::Checking Locate database: FILE-6430:test:security:filesystems::Disable mounting of some filesystems: FILE-6439:test:security:filesystems:DragonFly:Checking HAMMER PFS mounts: -- cgit v1.2.3 From 38a5c2cb79bdf56352555f08472b9ea5c77d0e1f Mon Sep 17 00:00:00 2001 From: Michael Boelen Date: Thu, 2 Apr 2020 19:46:58 +0200 Subject: Added new test PHP-2382 --- db/tests.db | 1 + 1 file changed, 1 insertion(+) (limited to 'db') diff --git a/db/tests.db b/db/tests.db index 48430806..ba9778d1 100644 --- a/db/tests.db +++ b/db/tests.db @@ -311,6 +311,7 @@ PHP-2374:test:security:php::Check PHP enable_dl option: PHP-2376:test:security:php::Check PHP allow_url_fopen option: PHP-2378:test:security:php::Check PHP allow_url_include option: PHP-2379:test:security:php::Check PHP suhosin extension status: +PHP-2382:test:security:php::Check PHP listen option: PKGS-7301:test:security:ports_packages::Query NetBSD pkg: PKGS-7302:test:security:ports_packages::Query FreeBSD/NetBSD pkg_info: PKGS-7303:test:security:ports_packages::Query brew package manager: -- cgit v1.2.3 From 6308682caee9a060e9915c8b85be36ef015ced7c Mon Sep 17 00:00:00 2001 From: Brian Ginsbach Date: Thu, 2 Apr 2020 14:00:23 -0500 Subject: Combine AUTH-9218 and AUTH-9489 These two tests are essentially identical. There is no need separate the DragonFly and FreeBSD tests. This will make it easier to add support for other BSD systems. --- db/tests.db | 1 - 1 file changed, 1 deletion(-) (limited to 'db') diff --git a/db/tests.db b/db/tests.db index 48430806..6f1b9974 100644 --- a/db/tests.db +++ b/db/tests.db @@ -49,7 +49,6 @@ AUTH-9406:test:security:authentication::Query LDAP servers in client configurati AUTH-9408:test:security:authentication::Logging of failed login attempts via /etc/login.defs: AUTH-9409:test:security:authentication:OpenBSD:Check for doas file: AUTH-9410:test:security:authentication:OpenBSD:Check for doas file permissions: -AUTH-9489:test:security:authentication:DragonFly:Check login shells for passwordless accounts: BANN-7113:test:security:banners:FreeBSD:Check COPYRIGHT banner file: BANN-7124:test:security:banners::Check issue banner file: BANN-7126:test:security:banners::Check issue banner file contents: -- cgit v1.2.3 From 032bb6988e7b94415cbe202dd26177e94803859f Mon Sep 17 00:00:00 2001 From: Michael Boelen Date: Sat, 4 Apr 2020 15:28:04 +0200 Subject: Added new test NETW-2400 --- db/tests.db | 1 + 1 file changed, 1 insertion(+) (limited to 'db') diff --git a/db/tests.db b/db/tests.db index 26960c00..62857946 100644 --- a/db/tests.db +++ b/db/tests.db @@ -287,6 +287,7 @@ NAME-4402:test:security:nameservices::Check duplicate line in /etc/hosts: NAME-4404:test:security:nameservices::Check /etc/hosts contains an entry for this server name: NAME-4406:test:security:nameservices::Check server hostname mapping: NAME-4408:test:security:nameservices::Check localhost to IP mapping: +NETW-2400:test:basics:networking::Test hostname for valid characters and length: NETW-2600:test:security:networking:Linux:Checking IPv6 configuration: NETW-2704:test:security:networking::Basic nameserver configuration tests: NETW-2705:test:security:networking::Check availability two nameservers: -- cgit v1.2.3 From 49549f9155510442712711a6b2d0390ece24ccbc Mon Sep 17 00:00:00 2001 From: 0xD503 Date: Sun, 5 Apr 2020 22:01:29 +0100 Subject: Added Russian translation Added Russian localization --- db/languages/ru | 76 ++++++++++++++++++++++++++++----------------------------- 1 file changed, 38 insertions(+), 38 deletions(-) (limited to 'db') diff --git a/db/languages/ru b/db/languages/ru index e16f1062..5153a319 100644 --- a/db/languages/ru +++ b/db/languages/ru @@ -1,38 +1,38 @@ -GEN_CHECKING="Checking" -GEN_CURRENT_VERSION="Current version" -GEN_DEBUG_MODE="Debug mode" -GEN_INITIALIZE_PROGRAM="Initializing program" -GEN_PHASE="phase" -GEN_PLUGINS_ENABLED="Plugins enabled" -GEN_VERBOSE_MODE="Verbose mode" -GEN_UPDATE_AVAILABLE="update available" -GEN_WHAT_TO_DO="What to do" -NOTE_EXCEPTIONS_FOUND="Exceptions found" -NOTE_EXCEPTIONS_FOUND_DETAILED="Some exceptional events or information was found" -NOTE_PLUGINS_TAKE_TIME="Note: plugins have more extensive tests and may take several minutes to complete" -SECTION_CUSTOM_TESTS="Custom Tests" -SECTION_MALWARE="Malware" -SECTION_MEMORY_AND_PROCESSES="Memory and Processes" -STATUS_DONE="DONE" -STATUS_FOUND="FOUND" -STATUS_YES="YES" -STATUS_NO="NO" -STATUS_OFF="OFF" -STATUS_OK="OK" -STATUS_ON="ON" -STATUS_NONE="NONE" -STATUS_NOT_FOUND="NOT FOUND" -STATUS_NOT_RUNNING="NOT RUNNING" -STATUS_RUNNING="RUNNING" -STATUS_SKIPPED="SKIPPED" -STATUS_SUGGESTION="SUGGESTION" -STATUS_UNKNOWN="UNKNOWN" -STATUS_WARNING="WARNING" -TEXT_YOU_CAN_HELP_LOGFILE="You can help by providing your log file" -TEXT_UPDATE_AVAILABLE="update available" -NOTE_SKIPPED_TESTS_NON_PRIVILEGED="Skipped tests due to non-privileged mode" -STATUS_DISABLED="DISABLED" -STATUS_ENABLED="ENABLED" -STATUS_ERROR="ERROR" -ERROR_NO_LICENSE="No license key configured" -ERROR_NO_UPLOAD_SERVER="No upload server configured" +GEN_CHECKING="Проверка" +GEN_CURRENT_VERSION="Текущая версия" +GEN_DEBUG_MODE="Режим отладки" +GEN_INITIALIZE_PROGRAM="Инициализация программы" +GEN_PHASE="Стадия" +GEN_PLUGINS_ENABLED="Плагины включены" +GEN_VERBOSE_MODE="Подробный режим" +GEN_UPDATE_AVAILABLE="доступно обновление" +GEN_WHAT_TO_DO="Что сделать" +NOTE_EXCEPTIONS_FOUND="Найдены исключения" +NOTE_EXCEPTIONS_FOUND_DETAILED="Были найдены некоторые исключительные события или информация" +NOTE_PLUGINS_TAKE_TIME="Примечание: плагины имеют более обширные тесты и могут занять несколько минут до завершения" +SECTION_CUSTOM_TESTS="Пользовательские тесты" +SECTION_MALWARE="Вредоносное ПО" +SECTION_MEMORY_AND_PROCESSES="Память и процессы" +STATUS_DONE="Завершено" +STATUS_FOUND="Найдено" +STATUS_YES="ДА" +STATUS_NO="НЕТ" +STATUS_OFF="Выключено" +STATUS_OK="ОК" +STATUS_ON="Включено" +STATUS_NONE="Отсутствует" +STATUS_NOT_FOUND="НЕ НАЙДЕНО" +STATUS_NOT_RUNNING="НЕ ЗАПУЩЕНО" +STATUS_RUNNING="ЗАПУЩЕНО" +STATUS_SKIPPED="ПРОПУЩЕНО" +STATUS_SUGGESTION="ПРЕДЛОЖЕНИЕ" +STATUS_UNKNOWN="НЕИЗВЕСТНО" +STATUS_WARNING="ПРЕДУПРЕЖДЕНИЕ" +TEXT_YOU_CAN_HELP_LOGFILE="Вы можете помочь предоставив ваш лог-файл" +TEXT_UPDATE_AVAILABLE="доступно обновление" +NOTE_SKIPPED_TESTS_NON_PRIVILEGED="Тесты пропущены из-за использования непривилегированного режима" +STATUS_DISABLED="ОТКЛЮЧЕНО" +STATUS_ENABLED="ВКЛЮЧЕНО" +STATUS_ERROR="ОШИБКА" +ERROR_NO_LICENSE="Лицензионный ключ не настроен" +ERROR_NO_UPLOAD_SERVER="Загрузочный сервер не настроен" -- cgit v1.2.3 From f072f808a2a5f76566c8f49e87147f903c65c5a3 Mon Sep 17 00:00:00 2001 From: Jaimie <59117167+Jaimie85@users.noreply.github.com> Date: Wed, 20 May 2020 15:41:46 +0200 Subject: Update nl --- db/languages/nl | 47 +++++++++++++++++++++++++++-------------------- 1 file changed, 27 insertions(+), 20 deletions(-) (limited to 'db') diff --git a/db/languages/nl b/db/languages/nl index 21700617..31a694ee 100644 --- a/db/languages/nl +++ b/db/languages/nl @@ -1,38 +1,45 @@ +ERROR_NO_LICENSE="Geen licentiecode geconfigureerd" +ERROR_NO_UPLOAD_SERVER="Geen upload server geconfigureerd" GEN_CHECKING="Zoeken naar" +GEN_CURRENT_VERSION="Huidige versie" +GEN_DEBUG_MODE="Debug modus" +GEN_INITIALIZE_PROGRAM="Programma initialiseren" +GEN_LATEST_VERSION="Laatste versie" GEN_PHASE="fase" -GEN_INITIALIZE_PROGRAM="Initialiseren van programma" -NOTE_PLUGINS_TAKE_TIME="Plugins hebben uitgebreidere testen en kunnen derhalve enkele minuten duren" -NOTE_EXCEPTIONS_FOUND="Uitzonderingen gevonden" -SECTION_CUSTOM_TESTS="Eigen Testen" +GEN_PLUGINS_ENABLED="Plugins geactiveerd" +GEN_VERBOSE_MODE="Verbose modus" +GEN_UPDATE_AVAILABLE="Update beschikbaar" +GEN_WHAT_TO_DO="Wat te doen" +NOTE_EXCEPTIONS_FOUND="Bijzonderheden gevonden" +NOTE_EXCEPTIONS_FOUND_DETAILED="Enkele bijzondere gebeurtenissen of informatie gevonden" +NOTE_PLUGINS_TAKE_TIME="Let op: plugins hebben uitgebreidere testen en kunnen daardoor enkele minuten duren" +NOTE_SKIPPED_TESTS_NON_PRIVILEGED="Overgeslagen testen vanwege beperkte rechten" +SECTION_CUSTOM_TESTS="Eigen testen" +SECTION_DATA_UPLOAD="Data upload" +SECTION_INITIALIZING_PROGRAM="Programma initialiseren" SECTION_MALWARE="Kwaadaardige software (malware)" SECTION_MEMORY_AND_PROCESSES="Geheugen en Processen" -STATUS_DONE="KLAAR" +SECTION_SYSTEM_TOOLS="Systeem gereedschap" STATUS_DISABLED="UITGESCHAKELD" +STATUS_DONE="KLAAR" STATUS_ENABLED="INGESCHAKELD" +STATUS_ERROR="FOUT" +STATUS_FAILED="MISLUKT" STATUS_FOUND="GEVONDEN" +STATUS_OFF="UIT" +STATUS_OK="OK" +STATUS_ON="AAN" STATUS_NO="NEE" STATUS_NONE="GEEN" +STATUS_NOT_CONFIGURED="NIET GECONFIGUREERD" STATUS_NOT_FOUND="NIET GEVONDEN" STATUS_NOT_RUNNING="NIET ACTIEF" -STATUS_OK="OK" -STATUS_ON="AAN" -STATUS_OFF="UIT" -STATUS_YES="JA" STATUS_RUNNING="ACTIEF" STATUS_SKIPPED="OVERGESLAGEN" STATUS_SUGGESTION="SUGGESTIE" STATUS_UNKNOWN="ONBEKEND" STATUS_WARNING="WAARSCHUWING" -GEN_CURRENT_VERSION="Huidige versie" -GEN_DEBUG_MODE="Debug mode" -GEN_PLUGINS_ENABLED="Plugins geactiveerd" -GEN_VERBOSE_MODE="Verbose mode" -GEN_UPDATE_AVAILABLE="update beschikbaar" -GEN_WHAT_TO_DO="Wat te doen" -NOTE_EXCEPTIONS_FOUND_DETAILED="Enkele uitzonderingen gevonden" -NOTE_SKIPPED_TESTS_NON_PRIVILEGED="Overgeslagen testen vanwege beperkte rechten" +STATUS_WEAK="ZWAK" +STATUS_YES="JA" TEXT_YOU_CAN_HELP_LOGFILE="Help mee door je logbestand te delen" TEXT_UPDATE_AVAILABLE="update beschikbaar" -STATUS_ERROR="FOUT" -ERROR_NO_LICENSE="geen licentiecode configureerd" -ERROR_NO_UPLOAD_SERVER="geen server configureerd voor uploads" -- cgit v1.2.3 From b3e1fc67c8f21217bc5e2a9a60b3ab3920982864 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20Sj=C3=B6gren?= Date: Mon, 15 Jun 2020 01:35:00 +0200 Subject: add Fedora EOL, update other releases MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Thomas Sjögren --- db/software-eol.db | 25 +++++++++++++++++++++++-- 1 file changed, 23 insertions(+), 2 deletions(-) (limited to 'db') diff --git a/db/software-eol.db b/db/software-eol.db index b3285487..426560c8 100644 --- a/db/software-eol.db +++ b/db/software-eol.db @@ -48,6 +48,8 @@ os:FreeBSD 10.3:2018-04-30:0: os:FreeBSD 10.4:2018-10-31:0: os:FreeBSD 11.0:2017-11-30:0: os:FreeBSD 11.1:2018-09-30:0: +os:FreeBSD 11.2:2019-10-31:1572476400: +os:FreeBSD 12.0:2020-02-29:1582930800: # # NetBSD - https://www.netbsd.org/support/security/release.html and # https://www.netbsd.org/releases/formal.html @@ -102,8 +104,17 @@ os:NetBSD 9.0::-1: # os:OpenBSD 5.8:2016-09-01:0: os:OpenBSD 5.9:2017-04-11:0: -# -# Ubuntu - https://wiki.ubuntu.com/Kernel/LTSEnablementStack +os:OpenBSD 6.0:2017-09-10:0: +os:OpenBSD 6.1:2018-04-15:0: +os:OpenBSD 6.2:2018-10-18:0: +os:OpenBSD 6.3:2019-05-03:0: +os:OpenBSD 6.4:2019-10-17:0: +os:OpenBSD 6.5:2020-05-19:0: +os:OpenBSD 6.6:2020-10-01:0: +os:OpenBSD 6.7:2021-05-01:0: +# +# Ubuntu - https://wiki.ubuntu.com/Kernel/LTSEnablementStack and +# https://wiki.ubuntu.com/Releases # os:Ubuntu 14.04:2019-05-01:1556661600: os:Ubuntu 14.10:2015-07-01:0: @@ -116,6 +127,7 @@ os:Ubuntu 17.10:2018-07-01:1530396000: os:Ubuntu 18.04:2023-05-01:1682892000: os:Ubuntu 18.10:2019-07-18:1563400800: os:Ubuntu 19.04:2020-01-01:1577833200: +os:Ubuntu 20.04:2025-04-01:1743458400 # # Slackware - https://en.wikipedia.org/wiki/Slackware#Releases # @@ -132,3 +144,12 @@ os:Slackware Linux 12.2:2013-12-09:1386540000: os:Slackware Linux 13.0:2018-07-05:1530738000: os:Slackware Linux 13.1:2018-07-05:1530738000: os:Slackware Linux 13.37:2018-07-05:1530738000: +# +# Fedora - https://fedoraproject.org/wiki/End_of_life +# +os:Fedora release 25:2017-12-12:1513033200 +os:Fedora release 26:2018-05-29:1527544800 +os:Fedora release 27:2018-11-30:1543532400 +os:Fedora release 28:2019-05-28:1558994400 +os:Fedora release 29:2019-11-26:1574722800 +os:Fedora release 30:2020-05-26:1590444000 -- cgit v1.2.3 From ca6326a12bf9af53a6e818bb60d9e09beb5bd485 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20Sj=C3=B6gren?= Date: Mon, 15 Jun 2020 07:40:57 +0000 Subject: Update db/software-eol.db Co-authored-by: Jaimie <59117167+Jaimie85@users.noreply.github.com> --- db/software-eol.db | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) (limited to 'db') diff --git a/db/software-eol.db b/db/software-eol.db index 426560c8..6af4dba5 100644 --- a/db/software-eol.db +++ b/db/software-eol.db @@ -104,14 +104,14 @@ os:NetBSD 9.0::-1: # os:OpenBSD 5.8:2016-09-01:0: os:OpenBSD 5.9:2017-04-11:0: -os:OpenBSD 6.0:2017-09-10:0: -os:OpenBSD 6.1:2018-04-15:0: -os:OpenBSD 6.2:2018-10-18:0: -os:OpenBSD 6.3:2019-05-03:0: -os:OpenBSD 6.4:2019-10-17:0: -os:OpenBSD 6.5:2020-05-19:0: -os:OpenBSD 6.6:2020-10-01:0: -os:OpenBSD 6.7:2021-05-01:0: +os:OpenBSD 6.0:2017-09-10:1505001600: +os:OpenBSD 6.1:2018-04-15:1523750400: +os:OpenBSD 6.2:2018-10-18:1539820800: +os:OpenBSD 6.3:2019-05-03:1556841600: +os:OpenBSD 6.4:2019-10-17:1571270400: +os:OpenBSD 6.5:2020-05-19:1589846400: +os:OpenBSD 6.6:2020-10-01:1601510400: +os:OpenBSD 6.7:2021-05-01:1619827200: # # Ubuntu - https://wiki.ubuntu.com/Kernel/LTSEnablementStack and # https://wiki.ubuntu.com/Releases -- cgit v1.2.3 From 41ad9d380c1255a2b7e77e8e50e19ff650e8db1a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20Sj=C3=B6gren?= Date: Tue, 16 Jun 2020 09:05:55 +0200 Subject: update all EOL dates to seconds to epoch MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Thomas Sjögren --- db/software-eol.db | 97 +++++++++++++++++++++++++++--------------------------- 1 file changed, 49 insertions(+), 48 deletions(-) (limited to 'db') diff --git a/db/software-eol.db b/db/software-eol.db index 6af4dba5..d55cfdaa 100644 --- a/db/software-eol.db +++ b/db/software-eol.db @@ -8,6 +8,7 @@ # 4) converted date (seconds since epoch) or -1 # # Date can be converted on Linux using: date "+%s" --date=2020-01-01 +# Seconds since epoch can be verified using: date -d @1467324000 +'%Y-%m-%d' # # Notes: # For rolling releases or releases that do not (currently have an EOL date, leave field three empty and set field four to -1. @@ -40,55 +41,55 @@ os:Debian 10:2022-01-01:1640991600: # # FreeBSD - https://www.freebsd.org/security/unsupported.html # -os:FreeBSD 9.3:2014-12-31:0: -os:FreeBSD 10.0:2015-02-28:0: -os:FreeBSD 10.1:2016-12-31:0: -os:FreeBSD 10.2:2016-12-31:0: -os:FreeBSD 10.3:2018-04-30:0: -os:FreeBSD 10.4:2018-10-31:0: -os:FreeBSD 11.0:2017-11-30:0: -os:FreeBSD 11.1:2018-09-30:0: +os:FreeBSD 9.3:2014-12-31:1419980400: +os:FreeBSD 10.0:2015-02-28:1425078000: +os:FreeBSD 10.1:2016-12-31:1483138800: +os:FreeBSD 10.2:2016-12-31:1483138800: +os:FreeBSD 10.3:2018-04-30:1525039200: +os:FreeBSD 10.4:2018-10-31:1540940400: +os:FreeBSD 11.0:2017-11-30:1511996400: +os:FreeBSD 11.1:2018-09-30:1538258400: os:FreeBSD 11.2:2019-10-31:1572476400: os:FreeBSD 12.0:2020-02-29:1582930800: # # NetBSD - https://www.netbsd.org/support/security/release.html and # https://www.netbsd.org/releases/formal.html # -os:NetBSD 2.0:2008-01-19:0: -os:NetBSD 2.0.1:2008-01-19:0: -os:NetBSD 2.0.2:2008-01-19:0: -os:NetBSD 2.0.3:2008-01-19:0: -os:NetBSD 2.1:2008-01-19:0: -os:NetBSD 3.0:2009-09-29:0: -os:NetBSD 3.0.1:2009-09-29:0: -os:NetBSD 3.0.2:2009-09-29:0: -os:NetBSD 3.1:2009-09-29:0: -os:NetBSD 4.0:2012-11-17:0: -os:NetBSD 4.0.1:2012-11-17:0: -os:NetBSD 5.0:2015-11-17:0: -os:NetBSD 5.0.1:2015-10-17:0: -os:NetBSD 5.0.2:2015-10-17:0: -os:NetBSD 5.1:2015-10-17:0: -os:NetBSD 5.1.1:2015-10-17:0: -os:NetBSD 5.1.2:2015-10-17:0: -os:NetBSD 5.1.3:2015-10-17:0: -os:NetBSD 5.1.4:2015-10-17:0: -os:NetBSD 5.1.5:2015-10-17:0: -os:NetBSD 5.2.1:2015-10-17:0: -os:NetBSD 5.2.2:2015-10-17:0: -os:NetBSD 5.2.3:2015-10-17:0: -os:NetBSD 6.0:2017-09-17:0: -os:NetBSD 6.0.1:2017-09-17:0: -os:NetBSD 6.0.2:2017-09-17:0: -os:NetBSD 6.0.3:2017-09-17:0: -os:NetBSD 6.0.4:2017-09-17:0: -os:NetBSD 6.0.5:2017-09-17:0: -os:NetBSD 6.1:2017-09-17:0: -os:NetBSD 6.1.1:2017-09-17:0: -os:NetBSD 6.1.2:2017-09-17:0: -os:NetBSD 6.1.3:2017-09-17:0: -os:NetBSD 6.1.4:2017-09-17:0: -os:NetBSD 6.1.5:2017-09-17:0: +os:NetBSD 2.0:2008-01-19:1200697200: +os:NetBSD 2.0.1:2008-01-19:1200697200: +os:NetBSD 2.0.2:2008-01-19:1200697200: +os:NetBSD 2.0.3:2008-01-19:1200697200: +os:NetBSD 2.1:2008-01-19:1200697200: +os:NetBSD 3.0:2009-09-29:1254175200: +os:NetBSD 3.0.1:2009-09-29:1254175200: +os:NetBSD 3.0.2:2009-09-29:1254175200: +os:NetBSD 3.1:2009-09-29:1254175200: +os:NetBSD 4.0:2012-11-17:1353106800: +os:NetBSD 4.0.1:2012-11-17:1353106800: +os:NetBSD 5.0:2015-11-17:1447714800: +os:NetBSD 5.0.1:2015-10-17:1445032800: +os:NetBSD 5.0.2:2015-10-17:1445032800: +os:NetBSD 5.1:2015-10-17:1445032800: +os:NetBSD 5.1.1:2015-10-17:1445032800: +os:NetBSD 5.1.2:2015-10-17:1445032800: +os:NetBSD 5.1.3:2015-10-17:1445032800: +os:NetBSD 5.1.4:2015-10-17:1445032800: +os:NetBSD 5.1.5:2015-10-17:1445032800: +os:NetBSD 5.2.1:2015-10-17:1445032800: +os:NetBSD 5.2.2:2015-10-17:1445032800: +os:NetBSD 5.2.3:2015-10-17:1445032800: +os:NetBSD 6.0:2017-09-17:1505599200: +os:NetBSD 6.0.1:2017-09-17:1505599200: +os:NetBSD 6.0.2:2017-09-17:1505599200: +os:NetBSD 6.0.3:2017-09-17:1505599200: +os:NetBSD 6.0.4:2017-09-17:1505599200: +os:NetBSD 6.0.5:2017-09-17:1505599200: +os:NetBSD 6.1:2017-09-17:1505599200: +os:NetBSD 6.1.1:2017-09-17:1505599200: +os:NetBSD 6.1.2:2017-09-17:1505599200: +os:NetBSD 6.1.3:2017-09-17:1505599200: +os:NetBSD 6.1.4:2017-09-17:1505599200: +os:NetBSD 6.1.5:2017-09-17:1505599200: os:NetBSD 7.0:2020-03-14:1584162000: os:NetBSD 7.0.1:2020-03-14:1584162000: os:NetBSD 7.0.2:2020-03-14:1584162000: @@ -102,8 +103,8 @@ os:NetBSD 9.0::-1: # # OpenBSD - https://en.wikipedia.org/wiki/OpenBSD_version_history # -os:OpenBSD 5.8:2016-09-01:0: -os:OpenBSD 5.9:2017-04-11:0: +os:OpenBSD 5.8:2016-09-01:1472680800: +os:OpenBSD 5.9:2017-04-11:1491861600: os:OpenBSD 6.0:2017-09-10:1505001600: os:OpenBSD 6.1:2018-04-15:1523750400: os:OpenBSD 6.2:2018-10-18:1539820800: @@ -117,9 +118,9 @@ os:OpenBSD 6.7:2021-05-01:1619827200: # https://wiki.ubuntu.com/Releases # os:Ubuntu 14.04:2019-05-01:1556661600: -os:Ubuntu 14.10:2015-07-01:0: -os:Ubuntu 15.04:2016-01-01:0: -os:Ubuntu 15.10:2016-07-01:0: +os:Ubuntu 14.10:2015-07-01:1435701600: +os:Ubuntu 15.04:2016-01-01:1451602800: +os:Ubuntu 15.10:2016-07-01:1467324000: os:Ubuntu 16.04:2021-05-01:1619820000: os:Ubuntu 16.10:2017-07-01:1498860000: os:Ubuntu 17.04:2018-01-01:1514761200: -- cgit v1.2.3 From 78e7ce36afbbcba56fd65723f4d455de4d19ed6e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20Sj=C3=B6gren?= Date: Thu, 18 Jun 2020 10:15:13 +0200 Subject: add RHEL 6,7,8 EOL dates MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit (cherry picked from commit 6ce0aa41c64f8146716de25d613e66cf53f08b0e) Signed-off-by: Thomas Sjögren --- db/software-eol.db | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'db') diff --git a/db/software-eol.db b/db/software-eol.db index d55cfdaa..beb4eff1 100644 --- a/db/software-eol.db +++ b/db/software-eol.db @@ -114,6 +114,12 @@ os:OpenBSD 6.5:2020-05-19:1589846400: os:OpenBSD 6.6:2020-10-01:1601510400: os:OpenBSD 6.7:2021-05-01:1619827200: # +# Red Hat Enterprise Linux - https://access.redhat.com/labs/plcc/ +# +os:Red Hat Enterprise Linux Server release 6:2020-11-30:1606690800: +os:Red Hat Enterprise Linux 7:2024-06-30:1719698400: +os:Red Hat Enterprise Linux 8:2029-05-07:1872799200: +# # Ubuntu - https://wiki.ubuntu.com/Kernel/LTSEnablementStack and # https://wiki.ubuntu.com/Releases # -- cgit v1.2.3 From 6aa63f1c95190b5c7b198f3a28473c93c5676b7a Mon Sep 17 00:00:00 2001 From: Alexander Lackner Date: Sat, 20 Jun 2020 02:12:57 +0200 Subject: Update language files (de, de-AT, en) --- db/languages/de | 37 ++++++++++++++++++++++--------------- db/languages/de-AT | 1 + db/languages/en | 10 +++++----- 3 files changed, 28 insertions(+), 20 deletions(-) create mode 120000 db/languages/de-AT (limited to 'db') diff --git a/db/languages/de b/db/languages/de index 34b909e2..e1465aa2 100644 --- a/db/languages/de +++ b/db/languages/de @@ -1,38 +1,45 @@ -GEN_PHASE="Phase" +ERROR_NO_LICENSE="Kein Lizenzschlüssel eingerichtet" +ERROR_NO_UPLOAD_SERVER="Kein Upload-Server eingerichtet" GEN_CHECKING="Überprüfung" GEN_CURRENT_VERSION="Aktuelle Version" GEN_DEBUG_MODE="Debug-Modus" -GEN_INITIALIZE_PROGRAM="Initiiere Programm" +GEN_INITIALIZE_PROGRAM="Initialisiere Programm" +GEN_LATEST_VERSION="Aktuellste Version" +GEN_PHASE="Phase" GEN_PLUGINS_ENABLED="Plugins aktiviert" -GEN_VERBOSE_MODE="Ausführlicher Modus" GEN_UPDATE_AVAILABLE="Aktualisierung verfügbar" +GEN_VERBOSE_MODE="Ausführlicher Modus" GEN_WHAT_TO_DO="Was zu tun ist" -NOTE_EXCEPTIONS_FOUND="Abweichungen gefunden" NOTE_EXCEPTIONS_FOUND_DETAILED="Einige außergewöhnliche Ereignisse oder Informationen wurden gefunden" +NOTE_EXCEPTIONS_FOUND="Abweichungen gefunden" NOTE_PLUGINS_TAKE_TIME="Beachte: Plugins beinhalten eingehendere Tests und können mehrere Minuten benötigen, bis sie abgeschlossen sind" +NOTE_SKIPPED_TESTS_NON_PRIVILEGED="Übersprungene Tests aufgrund nicht privilegiertem Modus" SECTION_CUSTOM_TESTS="Benutzerdefinierte Tests" +SECTION_DATA_UPLOAD="Daten hochladen" +SECTION_INITIALIZING_PROGRAM="Initialisiere Programm" SECTION_MALWARE="Malware" SECTION_MEMORY_AND_PROCESSES="Speicher und Prozesse" +SECTION_SYSTEM_TOOLS="Systemwerkzeuge" +STATUS_DISABLED="DEAKTIVIERT" STATUS_DONE="FERTIG" +STATUS_ENABLED="AKTIVIERT" +STATUS_ERROR="FEHLER" +STATUS_FAILED="FEHLERHAFT" STATUS_FOUND="GEFUNDEN" -STATUS_YES="JA" STATUS_NO="NEIN" -STATUS_OFF="AUS" -STATUS_OK="OK" -STATUS_ON="AN" STATUS_NONE="NICHTS" +STATUS_NOT_CONFIGURED="NICHT KONFIGURIERT" STATUS_NOT_FOUND="NICHT GEFUNDEN" STATUS_NOT_RUNNING="LÄUFT NICHT" +STATUS_OFF="AUS" +STATUS_OK="OK" +STATUS_ON="AN" STATUS_RUNNING="LÄUFT" STATUS_SKIPPED="ÜBERSPRUNGEN" STATUS_SUGGESTION="VORSCHLAG" STATUS_UNKNOWN="UNBEKANNT" STATUS_WARNING="WARNUNG" -TEXT_YOU_CAN_HELP_LOGFILE="Sie können durch Übermittlung Ihrer Logdatei helfen" +STATUS_WEAK="SCHWACH" +STATUS_YES="JA" TEXT_UPDATE_AVAILABLE="Aktualisierung verfügbar" -NOTE_SKIPPED_TESTS_NON_PRIVILEGED="Übersprungene Tests aufgrund nicht privilegiertem Modus" -STATUS_DISABLED="DEAKTIVIERT" -STATUS_ENABLED="AKTIVIERT" -STATUS_ERROR="FEHLER" -ERROR_NO_LICENSE="Kein Lizenzschlüssel eingerichtet" -ERROR_NO_UPLOAD_SERVER="Kein Upload-Server eingerichtet" +TEXT_YOU_CAN_HELP_LOGFILE="Sie können durch Übermittlung Ihrer Logdatei helfen" diff --git a/db/languages/de-AT b/db/languages/de-AT new file mode 120000 index 00000000..c42e816f --- /dev/null +++ b/db/languages/de-AT @@ -0,0 +1 @@ +de \ No newline at end of file diff --git a/db/languages/en b/db/languages/en index 716a584c..3a430644 100644 --- a/db/languages/en +++ b/db/languages/en @@ -10,8 +10,8 @@ GEN_PLUGINS_ENABLED="Plugins enabled" GEN_UPDATE_AVAILABLE="update available" GEN_VERBOSE_MODE="Verbose mode" GEN_WHAT_TO_DO="What to do" -NOTE_EXCEPTIONS_FOUND="Exceptions found" NOTE_EXCEPTIONS_FOUND_DETAILED="Some exceptional events or information was found" +NOTE_EXCEPTIONS_FOUND="Exceptions found" NOTE_PLUGINS_TAKE_TIME="Note: plugins have more extensive tests and may take several minutes to complete" NOTE_SKIPPED_TESTS_NON_PRIVILEGED="Skipped tests due to non-privileged mode" SECTION_CUSTOM_TESTS="Custom tests" @@ -26,14 +26,14 @@ STATUS_ENABLED="ENABLED" STATUS_ERROR="ERROR" STATUS_FAILED="FAILED" STATUS_FOUND="FOUND" -STATUS_OFF="OFF" -STATUS_OK="OK" -STATUS_ON="ON" STATUS_NO="NO" STATUS_NONE="NONE" STATUS_NOT_CONFIGURED="NOT CONFIGURED" STATUS_NOT_FOUND="NOT FOUND" STATUS_NOT_RUNNING="NOT RUNNING" +STATUS_OFF="OFF" +STATUS_OK="OK" +STATUS_ON="ON" STATUS_RUNNING="RUNNING" STATUS_SKIPPED="SKIPPED" STATUS_SUGGESTION="SUGGESTION" @@ -41,5 +41,5 @@ STATUS_UNKNOWN="UNKNOWN" STATUS_WARNING="WARNING" STATUS_WEAK="WEAK" STATUS_YES="YES" -TEXT_YOU_CAN_HELP_LOGFILE="You can help by providing your log file" TEXT_UPDATE_AVAILABLE="update available" +TEXT_YOU_CAN_HELP_LOGFILE="You can help by providing your log file" -- cgit v1.2.3 From 4a71989d2e519391b52bbf050851699724db3744 Mon Sep 17 00:00:00 2001 From: Alexander L Date: Sat, 20 Jun 2020 14:20:58 +0200 Subject: Update en Sorting --- db/languages/en | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'db') diff --git a/db/languages/en b/db/languages/en index 3a430644..7b697896 100644 --- a/db/languages/en +++ b/db/languages/en @@ -10,8 +10,8 @@ GEN_PLUGINS_ENABLED="Plugins enabled" GEN_UPDATE_AVAILABLE="update available" GEN_VERBOSE_MODE="Verbose mode" GEN_WHAT_TO_DO="What to do" -NOTE_EXCEPTIONS_FOUND_DETAILED="Some exceptional events or information was found" NOTE_EXCEPTIONS_FOUND="Exceptions found" +NOTE_EXCEPTIONS_FOUND_DETAILED="Some exceptional events or information was found" NOTE_PLUGINS_TAKE_TIME="Note: plugins have more extensive tests and may take several minutes to complete" NOTE_SKIPPED_TESTS_NON_PRIVILEGED="Skipped tests due to non-privileged mode" SECTION_CUSTOM_TESTS="Custom tests" -- cgit v1.2.3 From dfb02e41791d9cc11aef47aaa3874fc63c512da8 Mon Sep 17 00:00:00 2001 From: Alexander L Date: Sat, 20 Jun 2020 14:23:17 +0200 Subject: Update de Sorting --- db/languages/de | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'db') diff --git a/db/languages/de b/db/languages/de index e1465aa2..ef6711c8 100644 --- a/db/languages/de +++ b/db/languages/de @@ -10,8 +10,8 @@ GEN_PLUGINS_ENABLED="Plugins aktiviert" GEN_UPDATE_AVAILABLE="Aktualisierung verfügbar" GEN_VERBOSE_MODE="Ausführlicher Modus" GEN_WHAT_TO_DO="Was zu tun ist" -NOTE_EXCEPTIONS_FOUND_DETAILED="Einige außergewöhnliche Ereignisse oder Informationen wurden gefunden" NOTE_EXCEPTIONS_FOUND="Abweichungen gefunden" +NOTE_EXCEPTIONS_FOUND_DETAILED="Einige außergewöhnliche Ereignisse oder Informationen wurden gefunden" NOTE_PLUGINS_TAKE_TIME="Beachte: Plugins beinhalten eingehendere Tests und können mehrere Minuten benötigen, bis sie abgeschlossen sind" NOTE_SKIPPED_TESTS_NON_PRIVILEGED="Übersprungene Tests aufgrund nicht privilegiertem Modus" SECTION_CUSTOM_TESTS="Benutzerdefinierte Tests" -- cgit v1.2.3 From 06b3cbe52909fefab3800b7eafd1dcd348f79486 Mon Sep 17 00:00:00 2001 From: Michael Boelen Date: Sun, 21 Jun 2020 12:36:36 +0200 Subject: Reordered items --- db/software-eol.db | 48 +++++++++++++++++++++++++----------------------- 1 file changed, 25 insertions(+), 23 deletions(-) (limited to 'db') diff --git a/db/software-eol.db b/db/software-eol.db index beb4eff1..997ad72e 100644 --- a/db/software-eol.db +++ b/db/software-eol.db @@ -39,6 +39,15 @@ os:Debian 8:2020-06-30:1593468000: os:Debian 9:2022-01-01:1640991600: os:Debian 10:2022-01-01:1640991600: # +# Fedora - https://fedoraproject.org/wiki/End_of_life +# +os:Fedora release 25:2017-12-12:1513033200 +os:Fedora release 26:2018-05-29:1527544800 +os:Fedora release 27:2018-11-30:1543532400 +os:Fedora release 28:2019-05-28:1558994400 +os:Fedora release 29:2019-11-26:1574722800 +os:Fedora release 30:2020-05-26:1590444000 +# # FreeBSD - https://www.freebsd.org/security/unsupported.html # os:FreeBSD 9.3:2014-12-31:1419980400: @@ -120,22 +129,6 @@ os:Red Hat Enterprise Linux Server release 6:2020-11-30:1606690800: os:Red Hat Enterprise Linux 7:2024-06-30:1719698400: os:Red Hat Enterprise Linux 8:2029-05-07:1872799200: # -# Ubuntu - https://wiki.ubuntu.com/Kernel/LTSEnablementStack and -# https://wiki.ubuntu.com/Releases -# -os:Ubuntu 14.04:2019-05-01:1556661600: -os:Ubuntu 14.10:2015-07-01:1435701600: -os:Ubuntu 15.04:2016-01-01:1451602800: -os:Ubuntu 15.10:2016-07-01:1467324000: -os:Ubuntu 16.04:2021-05-01:1619820000: -os:Ubuntu 16.10:2017-07-01:1498860000: -os:Ubuntu 17.04:2018-01-01:1514761200: -os:Ubuntu 17.10:2018-07-01:1530396000: -os:Ubuntu 18.04:2023-05-01:1682892000: -os:Ubuntu 18.10:2019-07-18:1563400800: -os:Ubuntu 19.04:2020-01-01:1577833200: -os:Ubuntu 20.04:2025-04-01:1743458400 -# # Slackware - https://en.wikipedia.org/wiki/Slackware#Releases # os:Slackware Linux 8.1:2012-08-01:1343768400: @@ -152,11 +145,20 @@ os:Slackware Linux 13.0:2018-07-05:1530738000: os:Slackware Linux 13.1:2018-07-05:1530738000: os:Slackware Linux 13.37:2018-07-05:1530738000: # -# Fedora - https://fedoraproject.org/wiki/End_of_life +# Ubuntu - https://wiki.ubuntu.com/Kernel/LTSEnablementStack and +# https://wiki.ubuntu.com/Releases # -os:Fedora release 25:2017-12-12:1513033200 -os:Fedora release 26:2018-05-29:1527544800 -os:Fedora release 27:2018-11-30:1543532400 -os:Fedora release 28:2019-05-28:1558994400 -os:Fedora release 29:2019-11-26:1574722800 -os:Fedora release 30:2020-05-26:1590444000 +os:Ubuntu 14.04:2019-05-01:1556661600: +os:Ubuntu 14.10:2015-07-01:1435701600: +os:Ubuntu 15.04:2016-01-01:1451602800: +os:Ubuntu 15.10:2016-07-01:1467324000: +os:Ubuntu 16.04:2021-05-01:1619820000: +os:Ubuntu 16.10:2017-07-01:1498860000: +os:Ubuntu 17.04:2018-01-01:1514761200: +os:Ubuntu 17.10:2018-07-01:1530396000: +os:Ubuntu 18.04:2023-05-01:1682892000: +os:Ubuntu 18.10:2019-07-18:1563400800: +os:Ubuntu 19.04:2020-01-01:1577833200: +os:Ubuntu 20.04:2025-04-01:1743458400 +# +# EOF \ No newline at end of file -- cgit v1.2.3 From f855fe7a047956336a0484e669d8202fd0cbfa04 Mon Sep 17 00:00:00 2001 From: Michael Boelen Date: Sun, 21 Jun 2020 12:40:03 +0200 Subject: Added Linux Mint --- db/software-eol.db | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'db') diff --git a/db/software-eol.db b/db/software-eol.db index 997ad72e..5b74ad08 100644 --- a/db/software-eol.db +++ b/db/software-eol.db @@ -61,6 +61,12 @@ os:FreeBSD 11.1:2018-09-30:1538258400: os:FreeBSD 11.2:2019-10-31:1572476400: os:FreeBSD 12.0:2020-02-29:1582930800: # +# Linux Mint +# +os:Linux Mint 18:2021-04-01:1617228000: +os:Linux Mint 19:2023-04-01:1680300000: +os:Linux Mint 20:2025-04-01:1743458400: +# # NetBSD - https://www.netbsd.org/support/security/release.html and # https://www.netbsd.org/releases/formal.html # -- cgit v1.2.3 From 22644edc5031022a294711bf0714f25d47483ab7 Mon Sep 17 00:00:00 2001 From: Michael Boelen Date: Sun, 21 Jun 2020 12:40:43 +0200 Subject: Added missing colons --- db/software-eol.db | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) (limited to 'db') diff --git a/db/software-eol.db b/db/software-eol.db index 5b74ad08..a5a1101e 100644 --- a/db/software-eol.db +++ b/db/software-eol.db @@ -41,12 +41,12 @@ os:Debian 10:2022-01-01:1640991600: # # Fedora - https://fedoraproject.org/wiki/End_of_life # -os:Fedora release 25:2017-12-12:1513033200 -os:Fedora release 26:2018-05-29:1527544800 -os:Fedora release 27:2018-11-30:1543532400 -os:Fedora release 28:2019-05-28:1558994400 -os:Fedora release 29:2019-11-26:1574722800 -os:Fedora release 30:2020-05-26:1590444000 +os:Fedora release 25:2017-12-12:1513033200: +os:Fedora release 26:2018-05-29:1527544800: +os:Fedora release 27:2018-11-30:1543532400: +os:Fedora release 28:2019-05-28:1558994400: +os:Fedora release 29:2019-11-26:1574722800: +os:Fedora release 30:2020-05-26:1590444000: # # FreeBSD - https://www.freebsd.org/security/unsupported.html # @@ -165,6 +165,6 @@ os:Ubuntu 17.10:2018-07-01:1530396000: os:Ubuntu 18.04:2023-05-01:1682892000: os:Ubuntu 18.10:2019-07-18:1563400800: os:Ubuntu 19.04:2020-01-01:1577833200: -os:Ubuntu 20.04:2025-04-01:1743458400 +os:Ubuntu 20.04:2025-04-01:1743458400: # # EOF \ No newline at end of file -- cgit v1.2.3 From e3ccca4ac0dbedaf98cba26a3ec9bc630125d530 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20Sj=C3=B6gren?= Date: Thu, 25 Jun 2020 15:33:31 +0200 Subject: add SUSE Linux Enterprise Server EOL MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Thomas Sjögren --- db/software-eol.db | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'db') diff --git a/db/software-eol.db b/db/software-eol.db index a5a1101e..c42e244a 100644 --- a/db/software-eol.db +++ b/db/software-eol.db @@ -151,6 +151,11 @@ os:Slackware Linux 13.0:2018-07-05:1530738000: os:Slackware Linux 13.1:2018-07-05:1530738000: os:Slackware Linux 13.37:2018-07-05:1530738000: # +# SuSE - https://www.suse.com/lifecycle/ +# +os:SUSE Linux Enterprise Server 12:2024-10-31:1730329200: +os:SUSE Linux Enterprise Server 15:2028-07-31:1848607200: +# # Ubuntu - https://wiki.ubuntu.com/Kernel/LTSEnablementStack and # https://wiki.ubuntu.com/Releases # @@ -167,4 +172,4 @@ os:Ubuntu 18.10:2019-07-18:1563400800: os:Ubuntu 19.04:2020-01-01:1577833200: os:Ubuntu 20.04:2025-04-01:1743458400: # -# EOF \ No newline at end of file +# EOF -- cgit v1.2.3 From 1da058d6defcbfa4729b99526fdafcd1ae5295ce Mon Sep 17 00:00:00 2001 From: Michael Boelen Date: Tue, 30 Jun 2020 09:01:29 +0200 Subject: Corrected Amazon Linux entries Switched entries and added a note. Due to matching by regular expression, the shortest match would otherwise always win. --- db/software-eol.db | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'db') diff --git a/db/software-eol.db b/db/software-eol.db index c42e244a..2412a203 100644 --- a/db/software-eol.db +++ b/db/software-eol.db @@ -16,8 +16,9 @@ # # Amazon Linux # -os:Amazon Linux:2020-06-30:1593468000: +# Note: shortest entry is listed at end due to regular expression matching being used os:Amazon Linux 2:2023-06-26:1687730400: +os:Amazon Linux:2020-06-30:1593468000: # # Arch Linux # -- cgit v1.2.3 From 38b6105c6061c01b7075a76c23a9e73a962692bf Mon Sep 17 00:00:00 2001 From: Simon Biewald Date: Thu, 9 Jul 2020 18:27:02 +0200 Subject: add new test to test database --- db/tests.db | 1 + 1 file changed, 1 insertion(+) (limited to 'db') diff --git a/db/tests.db b/db/tests.db index 32347102..26fc8f87 100644 --- a/db/tests.db +++ b/db/tests.db @@ -419,6 +419,7 @@ TIME-3170:test:security:time::Check configuration files: TIME-3180:test:security:time::Report if ntpctl cannot communicate with OpenNTPD: TIME-3181:test:security:time::Check status of OpenNTPD time synchronisation TIME-3182:test:security:time::Check OpenNTPD has working peers +TIME-3185:test:security:time::Check systemd-timesyncd synchronized time TOOL-5002:test:security:tooling::Checking for automation tools: TOOL-5102:test:security:tooling::Check for presence of Fail2ban: TOOL-5104:test:security:tooling::Enabled tests for Fail2ban: -- cgit v1.2.3