Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Amazon kernelmodules #24

Merged
merged 88 commits into from
May 30, 2018
Merged

Amazon kernelmodules #24

merged 88 commits into from
May 30, 2018

Commits on Mar 19, 2018

  1. changed command for redhat family to modprobe to properly evaluate test

    Michael Hoffman committed Mar 19, 2018
    Configuration menu
    Copy the full SHA
    ed08668 View commit details
    Browse the repository at this point in the history

  2. added trimming to begin/end of output from modprobe for redhat

    Michael Hoffman committed Mar 19, 2018
    Configuration menu
    Copy the full SHA
    3e2300b View commit details
    Browse the repository at this point in the history

  3. removed modinfo trim

    Michael Hoffman committed Mar 19, 2018
    Configuration menu
    Copy the full SHA
    1128b39 View commit details
    Browse the repository at this point in the history

  4. Merge branch 'master' of https://github.com/dev-sec/cis-dil-benchmark 

    …into linux_command_modprobe
    Michael Hoffman committed Mar 19, 2018
    Configuration menu
    Copy the full SHA
    28ea02b View commit details
    Browse the repository at this point in the history

Commits on Mar 20, 2018

  1. Merge branch 'master' of https://github.com/dev-sec/cis-dil-benchmark 

    …into linux_command_modprobe
    Michael Hoffman committed Mar 20, 2018
    Configuration menu
    Copy the full SHA
    7067df4 View commit details
    Browse the repository at this point in the history

  2. command utilize modprobe for all linux systems

    Michael Hoffman committed Mar 20, 2018
    Configuration menu
    Copy the full SHA
    9e79698 View commit details
    Browse the repository at this point in the history

  3. Merge pull request #8 from crashdummymch/linux_command_modprobe 

    Linux command modprobe
    crashdummymch authored Mar 20, 2018
    Configuration menu
    Copy the full SHA
    dc5472a View commit details
    Browse the repository at this point in the history

  4. Merge pull request #10 from crashdummymch/linux_command_modprobe 

    changed command for redhat family to modprobe to properly evaluate test
    @rarenerd
    rarenerd authored Mar 20, 2018
    Configuration menu
    Copy the full SHA
    c1cfc2b View commit details
    Browse the repository at this point in the history

  5. 5.2.11 and 5.2.12 should be combined. 5.2.12 is ssh idle timeout not … 

    …MAC changed numbering to match cis document
    Michael Hoffman committed Mar 20, 2018
    Configuration menu
    Copy the full SHA
    181d52b View commit details
    Browse the repository at this point in the history

  6. Merge pull request #9 from crashdummymch/ssh_server_configuration 

    Ssh server configuration
    crashdummymch authored Mar 20, 2018
    Configuration menu
    Copy the full SHA
    39e0fb9 View commit details
    Browse the repository at this point in the history

  7. fixed 5.2.11 ciphers are technically no longer part of cis benchmark

    Michael Hoffman committed Mar 20, 2018
    Configuration menu
    Copy the full SHA
    bda0982 View commit details
    Browse the repository at this point in the history

  8. Merge pull request #10 from crashdummymch/ssh_server_configuration 

    fixed 5.2.11 ciphers are technically no longer part of cis benchmark
    crashdummymch authored Mar 20, 2018
    Configuration menu
    Copy the full SHA
    121b24d View commit details
    Browse the repository at this point in the history

Commits on Mar 21, 2018

  1. fix undefined user

    Michael Hoffman committed Mar 21, 2018
    Configuration menu
    Copy the full SHA
    fff2438 View commit details
    Browse the repository at this point in the history

  2. Merge pull request #11 from crashdummymch/undefinedmethod 

    fix undefined user
    crashdummymch authored Mar 21, 2018
    Configuration menu
    Copy the full SHA
    baf114c View commit details
    Browse the repository at this point in the history

  3. updated user to users to match inspec doc

    Michael Hoffman committed Mar 21, 2018
    Configuration menu
    Copy the full SHA
    fd3aaaa View commit details
    Browse the repository at this point in the history

  4. Merge pull request #12 from crashdummymch/undefinedmethod 

    updated user to users to match inspec doc
    crashdummymch authored Mar 21, 2018
    Configuration menu
    Copy the full SHA
    f366c80 View commit details
    Browse the repository at this point in the history

  5. updated regex to detect proper string

    Michael Hoffman committed Mar 21, 2018
    Configuration menu
    Copy the full SHA
    1218aa1 View commit details
    Browse the repository at this point in the history

  6. Merge pull request #13 from crashdummymch/pam_5.3.4_regexupdate 

    updated regex to detect proper string
    crashdummymch authored Mar 21, 2018
    Configuration menu
    Copy the full SHA
    775e069 View commit details
    Browse the repository at this point in the history

  7. control

    Michael Hoffman committed Mar 21, 2018
    Configuration menu
    Copy the full SHA
    0b1b719 View commit details
    Browse the repository at this point in the history

  8. Merge pull request #14 from crashdummymch/ssh_5.2.11_regex 

    control
    crashdummymch authored Mar 21, 2018
    Configuration menu
    Copy the full SHA
    5581595 View commit details
    Browse the repository at this point in the history

Commits on Apr 5, 2018

  1. Undefinedmethod (#14) 

    * fix undefined user

* updated user to users to match inspec doc
    @chris-rock
    crashdummymch authored and chris-rock committed Apr 5, 2018
    Configuration menu
    Copy the full SHA
    24ae483 View commit details
    Browse the repository at this point in the history

Commits on Apr 9, 2018

  1. On both Centos7 and latest Amazon Linux ansible auto creates cron ent… 

    …ries at /var/spool/cron/root.
    Tom Miller committed Apr 9, 2018
    Configuration menu
    Copy the full SHA
    be8c7dc View commit details
    Browse the repository at this point in the history

  2. Add a non-change to kick off CI again.

    Tom Miller committed Apr 9, 2018
    Configuration menu
    Copy the full SHA
    42fe313 View commit details
    Browse the repository at this point in the history

  3. Centos7 uses grub2 by default, add checks for proper file.

    Tom Miller committed Apr 9, 2018
    Configuration menu
    Copy the full SHA
    a4824eb View commit details
    Browse the repository at this point in the history

  4. Update chrony.conf file check for Centos7 standard location.

    Tom Miller committed Apr 9, 2018
    Configuration menu
    Copy the full SHA
    1f1ce31 View commit details
    Browse the repository at this point in the history

  5. Amazon linux has ntp user start the daemon without adding it to sysco… 

    …nfig.
    Tom Miller committed Apr 9, 2018
    Configuration menu
    Copy the full SHA
    50e1c46 View commit details
    Browse the repository at this point in the history

  6. Fixing the regex check.

    Tom Miller committed Apr 9, 2018
    Configuration menu
    Copy the full SHA
    7951b3e View commit details
    Browse the repository at this point in the history

  7. Fixing syntax error for the array declaration.

    Tom Miller committed Apr 9, 2018
    Configuration menu
    Copy the full SHA
    b9ff552 View commit details
    Browse the repository at this point in the history

Commits on Apr 10, 2018

  1. updated regex to detect proper string (#15)

    @chris-rock
    crashdummymch authored and chris-rock committed Apr 10, 2018
    Configuration menu
    Copy the full SHA
    64cfdbc View commit details
    Browse the repository at this point in the history

  2. Add tcp_wrappers package for both Centos7 and Amazon Linux.

    Tom Miller committed Apr 10, 2018
    Configuration menu
    Copy the full SHA
    b594357 View commit details
    Browse the repository at this point in the history

  3. Centos7 uses grub2 instead of grub.

    Tom Miller committed Apr 10, 2018
    Configuration menu
    Copy the full SHA
    d147ce7 View commit details
    Browse the repository at this point in the history

  4. Fix auditd checks for Centos7.

    Tom Miller committed Apr 10, 2018
    Configuration menu
    Copy the full SHA
    ffa2a58 View commit details
    Browse the repository at this point in the history

  5. Fixing grub.conf to grub.cfg for grub2.

    Tom Miller committed Apr 10, 2018
    Configuration menu
    Copy the full SHA
    d93ce5b View commit details
    Browse the repository at this point in the history

Commits on Apr 11, 2018

  1. Should check one of cron or crond not both.

    Tom Miller committed Apr 11, 2018
    Configuration menu
    Copy the full SHA
    db5ad98 View commit details
    Browse the repository at this point in the history

  2. pin inspec (#23)

    @chris-rock
    chris-rock authored Apr 11, 2018
    Configuration menu
    Copy the full SHA
    debf839 View commit details
    Browse the repository at this point in the history

  3. Merge pull request #22 from millerthomasj/crond5.1.1 

    Should check one of cron or crond not both.
    @rarenerd
    rarenerd authored Apr 11, 2018
    Configuration menu
    Copy the full SHA
    09ee38a View commit details
    Browse the repository at this point in the history

  4. Merge pull request #16 from millerthomasj/update1.3.2 

    On both Centos7 and latest Amazon Linux ansible auto creates cron ent…
    @rarenerd
    rarenerd authored Apr 11, 2018
    Configuration menu
    Copy the full SHA
    24e5727 View commit details
    Browse the repository at this point in the history

  5. Merge pull request #17 from millerthomasj/update_1_4_secure_boot_sett… 

    …ings

Centos7 uses grub2 by default, add checks for proper file.
    @rarenerd
    rarenerd authored Apr 11, 2018
    Configuration menu
    Copy the full SHA
    a9ffe88 View commit details
    Browse the repository at this point in the history

  6. Merge pull request #18 from millerthomasj/ntpdRunAsUser 

    Ntpd run as user
    @rarenerd
    rarenerd authored Apr 11, 2018
    Configuration menu
    Copy the full SHA
    1433aac View commit details
    Browse the repository at this point in the history

  7. Merge pull request #19 from millerthomasj/chrony2.2 

    Add additional filepath for chrony.conf on Centos7.
    @rarenerd
    rarenerd authored Apr 11, 2018
    Configuration menu
    Copy the full SHA
    bfc6ad7 View commit details
    Browse the repository at this point in the history

  8. Merge pull request #20 from millerthomasj/tcpwrappers2.4.1 

    Add tcp_wrappers package for both Centos7 and Amazon Linux.
    @rarenerd
    rarenerd authored Apr 11, 2018
    Configuration menu
    Copy the full SHA
    4896578 View commit details
    Browse the repository at this point in the history

  9. Merge pull request #21 from millerthomasj/auditd4.1 

    Add auditd fixes for Centos7
    @rarenerd
    rarenerd authored Apr 11, 2018
    Configuration menu
    Copy the full SHA
    09c9f7c View commit details
    Browse the repository at this point in the history

  10. Each MAC entry should be an element in the list.

    Tom Miller committed Apr 11, 2018
    Configuration menu
    Copy the full SHA
    221e29f View commit details
    Browse the repository at this point in the history

  11. Check if each MAC is approved instead of specific sets of MACs.

    Tom Miller committed Apr 11, 2018
    Configuration menu
    Copy the full SHA
    7ddd08e View commit details
    Browse the repository at this point in the history

  12. Trying to get syntax right to iterate over array.

    Tom Miller committed Apr 11, 2018
    Configuration menu
    Copy the full SHA
    d0c5b46 View commit details
    Browse the repository at this point in the history

  13. Ensuring the MACs list is proper.

    Tom Miller committed Apr 11, 2018
    Configuration menu
    Copy the full SHA
    c686e75 View commit details
    Browse the repository at this point in the history

  14. Fixing linting error.

    Tom Miller committed Apr 11, 2018
    Configuration menu
    Copy the full SHA
    1b5abcb View commit details
    Browse the repository at this point in the history

  15. Fix checking of password quality items.

    Tom Miller committed Apr 11, 2018
    Configuration menu
    Copy the full SHA
    a62d1d1 View commit details
    Browse the repository at this point in the history

  16. Trying to get the check right.

    Tom Miller committed Apr 11, 2018
    Configuration menu
    Copy the full SHA
    3f0a7fb View commit details
    Browse the repository at this point in the history

  17. Try using whether a package is installed as the identifier.

    Tom Miller committed Apr 11, 2018
    Configuration menu
    Copy the full SHA
    fb4079b View commit details
    Browse the repository at this point in the history

  18. pwquality requires a different package on amazon and centos7.

    Tom Miller committed Apr 11, 2018
    Configuration menu
    Copy the full SHA
    5924655 View commit details
    Browse the repository at this point in the history

  19. Adding a whole section for cracklib checks also.

    Tom Miller committed Apr 11, 2018
    Configuration menu
    Copy the full SHA
    c22d8ac View commit details
    Browse the repository at this point in the history

  20. Missing an end to a describe.

    Tom Miller committed Apr 11, 2018
    Configuration menu
    Copy the full SHA
    6df71ba View commit details
    Browse the repository at this point in the history

  21. Working on regex check for password quality.

    Tom Miller committed Apr 11, 2018
    Configuration menu
    Copy the full SHA
    ddb92e6 View commit details
    Browse the repository at this point in the history

  22. Got the regex right.

    Tom Miller committed Apr 11, 2018
    Configuration menu
    Copy the full SHA
    5590d21 View commit details
    Browse the repository at this point in the history

  23. More work on the password options regex.

    Tom Miller committed Apr 11, 2018
    Configuration menu
    Copy the full SHA
    1ecc1b3 View commit details
    Browse the repository at this point in the history

  24. Fixed regex for cracklib adding back in if statement for package.

    Tom Miller committed Apr 11, 2018
    Configuration menu
    Copy the full SHA
    2785545 View commit details
    Browse the repository at this point in the history

  25. Fix linting issues, added an inline ignore to large block length for … 

    …this control.
    Tom Miller committed Apr 11, 2018
    Configuration menu
    Copy the full SHA
    6d18432 View commit details
    Browse the repository at this point in the history

  26. fixed differences in rhel and rhel6/7 for kernel module tests

    Michael Hoffman committed Apr 11, 2018
    Configuration menu
    Copy the full SHA
    31daeff View commit details
    Browse the repository at this point in the history

  27. Merge pull request #15 from crashdummymch/1_1_redhat 

    1 1 redhat
    crashdummymch authored Apr 11, 2018
    Configuration menu
    Copy the full SHA
    7acf3e7 View commit details
    Browse the repository at this point in the history

  28. fixed family

    Michael Hoffman committed Apr 11, 2018
    Configuration menu
    Copy the full SHA
    9e1c1a5 View commit details
    Browse the repository at this point in the history

  29. Merge pull request #16 from crashdummymch/1_1_redhat 

    fixed family
    crashdummymch authored Apr 11, 2018
    Configuration menu
    Copy the full SHA
    8dcbde9 View commit details
    Browse the repository at this point in the history

  30. updated vfat for redhat family

    Michael Hoffman committed Apr 11, 2018
    Configuration menu
    Copy the full SHA
    9939093 View commit details
    Browse the repository at this point in the history

  31. Merge pull request #17 from crashdummymch/1_1_redhat 

    updated vfat for redhat family
    crashdummymch authored Apr 11, 2018
    Configuration menu
    Copy the full SHA
    5a67d98 View commit details
    Browse the repository at this point in the history

  32. added comments

    Michael Hoffman committed Apr 11, 2018
    Configuration menu
    Copy the full SHA
    b75e51a View commit details
    Browse the repository at this point in the history

  33. Merge pull request #18 from crashdummymch/1_1_redhat 

    added comments
    crashdummymch authored Apr 11, 2018
    Configuration menu
    Copy the full SHA
    186c471 View commit details
    Browse the repository at this point in the history

Commits on Apr 12, 2018

  1. Add just a bashrc file for Centos7 and check for file existence befor… 

    …e checking for values in it.
    Tom Miller committed Apr 12, 2018
    Configuration menu
    Copy the full SHA
    6019a65 View commit details
    Browse the repository at this point in the history

  2. Fix file existence syntax.

    Tom Miller committed Apr 12, 2018
    Configuration menu
    Copy the full SHA
    045ec81 View commit details
    Browse the repository at this point in the history

  3. Wrap block in if statement.

    Tom Miller committed Apr 12, 2018
    Configuration menu
    Copy the full SHA
    1b5acef View commit details
    Browse the repository at this point in the history

  4. Fix style issues for rubocop.

    Tom Miller committed Apr 12, 2018
    Configuration menu
    Copy the full SHA
    edfab36 View commit details
    Browse the repository at this point in the history

  5. Remove ruby-version from commit.

    Tom Miller committed Apr 12, 2018
    Configuration menu
    Copy the full SHA
    1211296 View commit details
    Browse the repository at this point in the history

  6. Remove Gemfile.lock.

    Tom Miller committed Apr 12, 2018
    Configuration menu
    Copy the full SHA
    659e808 View commit details
    Browse the repository at this point in the history

Commits on Apr 13, 2018

  1. Merge pull request #24 from millerthomasj/sshd5.2.12 

    Allowed MACs should allow for greater security
    @rarenerd
    rarenerd authored Apr 13, 2018
    Configuration menu
    Copy the full SHA
    8fa4f35 View commit details
    Browse the repository at this point in the history

  2. Merge pull request #25 from millerthomasj/pam5.3 

    Update password quality checks for pam.
    @rarenerd
    rarenerd authored Apr 13, 2018
    Configuration menu
    Copy the full SHA
    e5f6d89 View commit details
    Browse the repository at this point in the history

  3. Merge pull request #27 from millerthomasj/umask5.4.4 

    Update umask checks for Centos7 and Amazon Linux.
    @rarenerd
    rarenerd authored Apr 13, 2018
    Configuration menu
    Copy the full SHA
    e9b4698 View commit details
    Browse the repository at this point in the history

Commits on Apr 15, 2018

  1. Adjust modprobe check to remove false positives.

    Tom Miller committed Apr 15, 2018
    Configuration menu
    Copy the full SHA
    de71381 View commit details
    Browse the repository at this point in the history

Commits on Apr 23, 2018

  1. Merge pull request #28 from millerthomasj/modprobeCheck 

    Adjust modprobe check to remove false positives.
    @rarenerd
    rarenerd authored Apr 23, 2018
    Configuration menu
    Copy the full SHA
    09aa3ca View commit details
    Browse the repository at this point in the history

Commits on May 29, 2018

  1. Passwordauth (#19) 

    * updated regex

* updated pamd regex
    crashdummymch authored May 29, 2018
    Configuration menu
    Copy the full SHA
    41f098a View commit details
    Browse the repository at this point in the history

Commits on May 30, 2018

  1. Pam 5.3.4 regexupdate (#20) 

    * Each MAC entry should be an element in the list.

* Check if each MAC is approved instead of specific sets of MACs.

* Trying to get syntax right to iterate over array.

* Ensuring the MACs list is proper.

* Fixing linting error.

* Fix checking of password quality items.

* Trying to get the check right.

* Try using whether a package is installed as the identifier.

* pwquality requires a different package on amazon and centos7.

* Adding a whole section for cracklib checks also.

* Missing an end to a describe.

* Working on regex check for password quality.

* Got the regex right.

* More work on the password options regex.

* Fixed regex for cracklib adding back in if statement for package.

* Fix linting issues, added an inline ignore to large block length for this control.

* Add just a bashrc file for Centos7 and check for file existence before checking for values in it.

* Fix file existence syntax.

* Wrap block in if statement.

* Fix style issues for rubocop.

* Remove ruby-version from commit.

* Remove Gemfile.lock.

* Adjust modprobe check to remove false positives.

* updated 5.3.4 regex to account for sha512 not being first option
    crashdummymch authored May 30, 2018
    Configuration menu
    Copy the full SHA
    b77bf10 View commit details
    Browse the repository at this point in the history

  2. updated amazon is grouped with redhat family which it shouldn't be

    Michael Hoffman committed May 30, 2018
    Configuration menu
    Copy the full SHA
    6e88611 View commit details
    Browse the repository at this point in the history

  3. updated amazon is grouped with redhat family which it shouldn't be (#21)

    crashdummymch authored May 30, 2018
    Configuration menu
    Copy the full SHA
    4cbe9ce View commit details
    Browse the repository at this point in the history

  4. updated amazon is grouped with redhat family which it shouldn't be

    Michael Hoffman committed May 30, 2018
    Configuration menu
    Copy the full SHA
    8004ec4 View commit details
    Browse the repository at this point in the history

  5. Amazon kernelmodules (#22) 

    * updated amazon is grouped with redhat family which it shouldn't be

* updated amazon is grouped with redhat family which it shouldn't be
    crashdummymch authored May 30, 2018
    Configuration menu
    Copy the full SHA
    5bb75f9 View commit details
    Browse the repository at this point in the history

  6. updated amazon is grouped with redhat family which it shouldn't be

    Michael Hoffman committed May 30, 2018
    Configuration menu
    Copy the full SHA
    fb571d0 View commit details
    Browse the repository at this point in the history

  7. Amazon kernelmodules (#23) 

    * updated amazon is grouped with redhat family which it shouldn't be

* updated amazon is grouped with redhat family which it shouldn't be

* updated amazon is grouped with redhat family which it shouldn't be
    crashdummymch authored May 30, 2018
    Configuration menu
    Copy the full SHA
    6cf182d View commit details
    Browse the repository at this point in the history

  8. updated kernel module since library now only uses last line of modinfo

    Michael Hoffman committed May 30, 2018
    Configuration menu
    Copy the full SHA
    cc56231 View commit details
    Browse the repository at this point in the history

  9. Merge branch 'master' of https://github.com/dev-sec/cis-dil-benchmark 

    …into amazon_kernelmodules
    Michael Hoffman committed May 30, 2018
    Configuration menu
    Copy the full SHA
    40c656c View commit details
    Browse the repository at this point in the history

  10. Merge branch 'newmaster' into amazon_kernelmodules

    crashdummymch authored May 30, 2018
    Configuration menu
    Copy the full SHA
    9236969 View commit details
    Browse the repository at this point in the history