Open pyllyukko opened 6 years ago
[ ] Check individual hardenings with lynis show details TEST-ID
lynis show details TEST-ID
[ ] boot_services
[ ] kernel
[ ] memory_processes
[ ] authentication
[x] shells
[x] filesystems
[ ] storage
[ ] storage_nfs
[ ] nameservices
[ ] ports_packages
[ ] networking
[ ] printers_spools
[ ] mail_messaging
[ ] firewalls
[ ] webservers
[x] ssh
[ ] snmp
[ ] databases
[ ] ldap
[ ] php
[ ] squid
[ ] logging
[ ] insecure_services
[x] banners
[ ] scheduling
[ ] accounting
sysstat
auditd
[ ] time
[ ] crypto
[ ] virtualization
[ ] containers
[ ] mac_frameworks
[ ] file_integrity
[ ] tooling
[ ] malware
[x] file_permissions
permfile
permdir
[ ] homedirs
HOME-9310
[x] kernel_hardening
[ ] hardening
/etc/shells
remove_shells()
configure_umask()
PASS_MIN_DAYS
/etc/login.defs
PASS_MAX_DAYS
Implemented in #43. Although with LXC you can't test everything. At least the following can't properly be tested:
sysctl
[ ] Check individual hardenings with
lynis show details TEST-ID
[ ] boot_services
[ ]
kernel[ ] memory_processes
[ ] authentication
[x] shells
[x] filesystems
[ ] storage
[ ]
storage_nfs[ ]
nameservices[ ]
ports_packages[ ] networking
[ ]
printers_spools[ ] mail_messaging
[ ] firewalls
[ ] webservers
[x] ssh
[ ] snmp
[ ]
databases[ ]
ldap[ ] php
[ ]
squid[ ] logging
[ ] insecure_services
[x] banners
[ ] scheduling
[ ] accounting
sysstat
auditd
[ ] time
[ ] crypto
[ ] virtualization
[ ]
containers[ ] mac_frameworks
[ ]
file_integrity[ ]
tooling[ ]
malware[x] file_permissions
permfile
&permdir
in the profile[ ]
homedirsHOME-9310
[x] kernel_hardening
[ ]
hardeningshells/etc/shells
->remove_shells()
configure_umask()
authentication
PASS_MIN_DAYS
option in/etc/login.defs
PASS_MAX_DAYS