Commit Graph

7214 Commits

Author SHA1 Message Date
Bob Mottram 4efb04dce5 Additional tripwire rules 2017-08-08 13:26:39 +01:00
Bob Mottram 32d89e951f Fix nextcloud leak of version information
This could be of obvious use to adversaries
2017-08-08 11:05:25 +01:00
Bob Mottram 70813b5a65 Setting prosody group 2017-08-07 21:40:19 +01:00
Bob Mottram 5096ba9cc1 Tidying 2017-08-07 21:29:31 +01:00
Bob Mottram 68bbd5e693 Updating gpg keys 2017-08-07 19:04:16 +01:00
Bob Mottram 99d88d8792 Don't update certs on upgrade 2017-08-07 18:45:39 +01:00
Bob Mottram d3b3bd1d9b Try without the pep dance 2017-08-07 18:15:36 +01:00
Bob Mottram c80feb6768 Only update logindefs when needed 2017-08-07 17:31:37 +01:00
Bob Mottram 51de0ff9b3 grep string 2017-08-07 15:17:41 +01:00
Bob Mottram ee6925eeb6 Test for predictable device names 2017-08-07 14:46:08 +01:00
Bob Mottram 90dc589eb9 Removing of bluetooth kernel module 2017-08-07 14:18:59 +01:00
Bob Mottram 8c5aaeddc0 fail2ban isn't useful when logging is turned off most of the time 2017-08-07 13:56:25 +01:00
Bob Mottram fb811406e9 Include utils in logging command
So that functions can be called by logging app routines
2017-08-07 13:42:05 +01:00
Bob Mottram a59a84a0a3 kanboard logging functions 2017-08-07 13:32:16 +01:00
Bob Mottram 22557c6359 Don't repeatedly try to install amd64 kernel 2017-08-07 13:16:47 +01:00
Bob Mottram 0ee00f775c Ownership of ghost binary 2017-08-07 10:51:21 +01:00
Bob Mottram 079c5acc78 Show non-root files in stig result 2017-08-07 10:48:38 +01:00
Bob Mottram b8a873f9d2 Show non-root files on stig test 2017-08-07 10:34:49 +01:00
Bob Mottram b654846c86 Fix typo 2017-08-06 21:21:51 +01:00
Bob Mottram db322c02d3 keyserver database gets cleaned up anyway via the daily sks script 2017-08-06 21:07:02 +01:00
Bob Mottram bb64427344 Reverse logic 2017-08-06 17:12:03 +01:00
Bob Mottram 66f784ed55 Only change xmpp config if needed 2017-08-06 14:34:48 +01:00
Bob Mottram 5950438ced Fix account required 2017-08-06 13:50:52 +01:00
Bob Mottram 267851bd89 Only alter fstab if needed 2017-08-06 12:50:31 +01:00
Bob Mottram 42754613df xmpp logging conditions 2017-08-05 23:30:38 +01:00
Bob Mottram c8de324376 Only change login umask when needed 2017-08-05 23:16:37 +01:00
Bob Mottram f7f323b763 Only change pam values when needed 2017-08-05 23:13:28 +01:00
Bob Mottram c1650ae415 Only update limits when needed 2017-08-05 23:07:31 +01:00
Bob Mottram 7e24becb9c Only disable ctrl-alt-del once 2017-08-05 23:00:46 +01:00
Bob Mottram 259e061dcf Turing rsyslog on or off 2017-08-05 22:23:52 +01:00
Bob Mottram bd86c4b19a Only remove motd instructions once 2017-08-05 22:15:32 +01:00
Bob Mottram c713c613c9 Don't repeatedly config congestion control 2017-08-05 22:11:02 +01:00
Bob Mottram bbcc17f2d1 Only copy files which have changed 2017-08-05 21:16:37 +01:00
Bob Mottram f703a95971 Only copy stig tests script if it changes 2017-08-05 20:41:21 +01:00
Bob Mottram 9cf9388131 Indicate permissions lockdown 2017-08-05 20:24:46 +01:00
Bob Mottram 50867e7770 Clear before lockdown 2017-08-05 20:22:45 +01:00
Bob Mottram 1b6782f12a Remove clears 2017-08-05 20:21:14 +01:00
Bob Mottram a15759e394 Lockdown before tripwire reset 2017-08-05 20:13:11 +01:00
Bob Mottram db091e1d72 Only update files when they change 2017-08-05 20:08:57 +01:00
Bob Mottram 7586c716d4 Only copy cleanup script if it has changed 2017-08-05 18:01:56 +01:00
Bob Mottram 6122296b59 Only copy email archiving script if it has changed 2017-08-05 17:55:02 +01:00
Bob Mottram 5914a8c190 Check inadyn commit 2017-08-05 17:48:08 +01:00
Bob Mottram 8aec3e3da3 Tripwire ignores global node modules 2017-08-05 17:25:27 +01:00
Bob Mottram 6e57b1b33b Don't lockdown on upgrade 2017-08-05 16:59:13 +01:00
Bob Mottram b432410716 Fixing tripwire policy 2017-08-05 16:13:43 +01:00
Bob Mottram b7f63f6ff1 Directory name 2017-08-05 14:27:41 +01:00
Bob Mottram cd96dc6fd7 No routing 2017-08-05 14:21:35 +01:00
Bob Mottram 8f1df8243d tripwire exclusions to avoid triggering on routine updates 2017-08-05 14:10:44 +01:00
Bob Mottram 61d555737e Don't show tripwire code if database file doesn't exist 2017-08-05 13:32:34 +01:00
Bob Mottram d9adff3a9e Option to verify the tripwire code 2017-08-05 13:30:58 +01:00