diff options
| -rw-r--r-- | conf/level.audit_daily | 105 | ||||
| -rw-r--r-- | conf/level.audit_weekly | 105 | ||||
| -rw-r--r-- | conf/perm.audit_daily | 3 | ||||
| -rw-r--r-- | conf/perm.audit_weekly | 3 | ||||
| -rwxr-xr-x | src/msec/msecgui.py | 2 |
5 files changed, 218 insertions, 0 deletions
diff --git a/conf/level.audit_daily b/conf/level.audit_daily new file mode 100644 index 0000000..330ef3a --- /dev/null +++ b/conf/level.audit_daily @@ -0,0 +1,105 @@ +BASE_LEVEL=audit_daily +CHECK_WRITABLE=daily +MAIL_EMPTY_CONTENT=no +CHECK_PERMS=no +CHECK_PERMS_ENFORCE=no +CHECK_SECTOOL=daily +CHECK_SECTOOL_LEVEL=3 +CHECK_USER_FILES=daily +CHECK_CHKROOTKIT=daily +CHECK_SUID_ROOT=daily +SYSLOG_WARN=yes +ENABLE_AT_CRONTAB= +CHECK_PASSWD=daily +CHECK_SUID_MD5=daily +CHECK_SHOSTS=daily +MAIL_USER=root +CHECK_SHADOW=daily +CHECK_UNOWNED=daily +CHECK_USERS=daily +CHECK_GROUPS=daily +NOTIFY_WARN=yes +CHECK_OPEN_PORT=daily +CHECK_FIREWALL=daily +CHECK_RPM_PACKAGES=daily +CHECK_RPM_INTEGRITY=daily +MAIL_WARN=yes +CHECK_SECURITY=yes +TTY_WARN=yes +CHECK_SGID=daily +CHECK_PROMISC=daily +CHECK_ON_BATTERY=yes +ACCEPT_BOGUS_ERROR_RESPONSES= +ACCEPT_BROADCASTED_ICMP_ECHO= +ACCEPT_ICMP_ECHO= +ALLOW_AUTOLOGIN= +ALLOW_CURDIR_IN_PATH= +ALLOW_REBOOT= +ALLOW_REMOTE_ROOT_LOGIN= +ALLOW_ROOT_LOGIN= +ALLOW_SUDO_TO_WHEEL= +ALLOW_USER_LIST= +ALLOW_XAUTH_FROM_ROOT= +ALLOW_XSERVER_TO_LISTEN= +ALLOW_X_CONNECTIONS= +AUTHORIZE_SERVICES= +CREATE_SERVER_LINK= +ENABLE_CONSOLE_LOG= +ENABLE_DNS_SPOOFING_PROTECTION= +ENABLE_IP_SPOOFING_PROTECTION= +ENABLE_LOG_STRANGE_PACKETS= +ENABLE_MSEC_CRON= +ENABLE_PAM_ROOT_FROM_WHEEL= +ENABLE_PAM_WHEEL_FOR_SU= +ENABLE_PASSWORD= +ENABLE_STARTUP_MSEC= +ENABLE_STARTUP_PERMS= +ENABLE_SULOGIN= +EXCLUDE_REGEXP= +FIX_UNOWNED= +LOG_RETENTION= +PASSWORD_HISTORY= +PASSWORD_LENGTH= +ROOT_UMASK= +SECURE_TMP= +SHELL_HISTORY_SIZE= +SHELL_TIMEOUT= +USER_UMASK= +WIN_PARTS_UMASK= +ACCEPT_BOGUS_ERROR_RESPONSES= +ACCEPT_BROADCASTED_ICMP_ECHO= +ACCEPT_ICMP_ECHO= +ALLOW_AUTOLOGIN= +ALLOW_CURDIR_IN_PATH= +ALLOW_REBOOT= +ALLOW_REMOTE_ROOT_LOGIN= +ALLOW_ROOT_LOGIN= +ALLOW_SUDO_TO_WHEEL= +ALLOW_USER_LIST= +ALLOW_XAUTH_FROM_ROOT= +ALLOW_XSERVER_TO_LISTEN= +ALLOW_X_CONNECTIONS= +AUTHORIZE_SERVICES= +CREATE_SERVER_LINK= +ENABLE_CONSOLE_LOG= +ENABLE_DNS_SPOOFING_PROTECTION= +ENABLE_IP_SPOOFING_PROTECTION= +ENABLE_LOG_STRANGE_PACKETS= +ENABLE_MSEC_CRON= +ENABLE_PAM_ROOT_FROM_WHEEL= +ENABLE_PAM_WHEEL_FOR_SU= +ENABLE_PASSWORD= +ENABLE_STARTUP_MSEC= +ENABLE_STARTUP_PERMS= +ENABLE_SULOGIN= +EXCLUDE_REGEXP= +FIX_UNOWNED= +LOG_RETENTION= +PASSWORD_HISTORY= +PASSWORD_LENGTH= +ROOT_UMASK= +SECURE_TMP= +SHELL_HISTORY_SIZE= +SHELL_TIMEOUT= +USER_UMASK= +WIN_PARTS_UMASK= diff --git a/conf/level.audit_weekly b/conf/level.audit_weekly new file mode 100644 index 0000000..a9e8090 --- /dev/null +++ b/conf/level.audit_weekly @@ -0,0 +1,105 @@ +BASE_LEVEL=audit_weekly +CHECK_WRITABLE=weekly +MAIL_EMPTY_CONTENT=no +CHECK_PERMS=no +CHECK_PERMS_ENFORCE=no +CHECK_SECTOOL=weekly +CHECK_SECTOOL_LEVEL=3 +CHECK_USER_FILES=weekly +CHECK_CHKROOTKIT=weekly +CHECK_SUID_ROOT=weekly +SYSLOG_WARN=yes +ENABLE_AT_CRONTAB= +CHECK_PASSWD=weekly +CHECK_SUID_MD5=weekly +CHECK_SHOSTS=weekly +MAIL_USER=root +CHECK_SHADOW=weekly +CHECK_UNOWNED=weekly +CHECK_USERS=weekly +CHECK_GROUPS=weekly +NOTIFY_WARN=yes +CHECK_OPEN_PORT=weekly +CHECK_FIREWALL=weekly +CHECK_RPM_PACKAGES=weekly +CHECK_RPM_INTEGRITY=weekly +MAIL_WARN=yes +CHECK_SECURITY=yes +TTY_WARN=yes +CHECK_SGID=weekly +CHECK_PROMISC=weekly +CHECK_ON_BATTERY=yes +ACCEPT_BOGUS_ERROR_RESPONSES= +ACCEPT_BROADCASTED_ICMP_ECHO= +ACCEPT_ICMP_ECHO= +ALLOW_AUTOLOGIN= +ALLOW_CURDIR_IN_PATH= +ALLOW_REBOOT= +ALLOW_REMOTE_ROOT_LOGIN= +ALLOW_ROOT_LOGIN= +ALLOW_SUDO_TO_WHEEL= +ALLOW_USER_LIST= +ALLOW_XAUTH_FROM_ROOT= +ALLOW_XSERVER_TO_LISTEN= +ALLOW_X_CONNECTIONS= +AUTHORIZE_SERVICES= +CREATE_SERVER_LINK= +ENABLE_CONSOLE_LOG= +ENABLE_DNS_SPOOFING_PROTECTION= +ENABLE_IP_SPOOFING_PROTECTION= +ENABLE_LOG_STRANGE_PACKETS= +ENABLE_MSEC_CRON= +ENABLE_PAM_ROOT_FROM_WHEEL= +ENABLE_PAM_WHEEL_FOR_SU= +ENABLE_PASSWORD= +ENABLE_STARTUP_MSEC= +ENABLE_STARTUP_PERMS= +ENABLE_SULOGIN= +EXCLUDE_REGEXP= +FIX_UNOWNED= +LOG_RETENTION= +PASSWORD_HISTORY= +PASSWORD_LENGTH= +ROOT_UMASK= +SECURE_TMP= +SHELL_HISTORY_SIZE= +SHELL_TIMEOUT= +USER_UMASK= +WIN_PARTS_UMASK= +ACCEPT_BOGUS_ERROR_RESPONSES= +ACCEPT_BROADCASTED_ICMP_ECHO= +ACCEPT_ICMP_ECHO= +ALLOW_AUTOLOGIN= +ALLOW_CURDIR_IN_PATH= +ALLOW_REBOOT= +ALLOW_REMOTE_ROOT_LOGIN= +ALLOW_ROOT_LOGIN= +ALLOW_SUDO_TO_WHEEL= +ALLOW_USER_LIST= +ALLOW_XAUTH_FROM_ROOT= +ALLOW_XSERVER_TO_LISTEN= +ALLOW_X_CONNECTIONS= +AUTHORIZE_SERVICES= +CREATE_SERVER_LINK= +ENABLE_CONSOLE_LOG= +ENABLE_DNS_SPOOFING_PROTECTION= +ENABLE_IP_SPOOFING_PROTECTION= +ENABLE_LOG_STRANGE_PACKETS= +ENABLE_MSEC_CRON= +ENABLE_PAM_ROOT_FROM_WHEEL= +ENABLE_PAM_WHEEL_FOR_SU= +ENABLE_PASSWORD= +ENABLE_STARTUP_MSEC= +ENABLE_STARTUP_PERMS= +ENABLE_SULOGIN= +EXCLUDE_REGEXP= +FIX_UNOWNED= +LOG_RETENTION= +PASSWORD_HISTORY= +PASSWORD_LENGTH= +ROOT_UMASK= +SECURE_TMP= +SHELL_HISTORY_SIZE= +SHELL_TIMEOUT= +USER_UMASK= +WIN_PARTS_UMASK= diff --git a/conf/perm.audit_daily b/conf/perm.audit_daily new file mode 100644 index 0000000..c95a594 --- /dev/null +++ b/conf/perm.audit_daily @@ -0,0 +1,3 @@ +# msec not enabled, so let's user handle the permissions +### +/ current.current current diff --git a/conf/perm.audit_weekly b/conf/perm.audit_weekly new file mode 100644 index 0000000..c95a594 --- /dev/null +++ b/conf/perm.audit_weekly @@ -0,0 +1,3 @@ +# msec not enabled, so let's user handle the permissions +### +/ current.current current diff --git a/src/msec/msecgui.py b/src/msec/msecgui.py index 4b32067..820a8fa 100755 --- a/src/msec/msecgui.py +++ b/src/msec/msecgui.py @@ -64,6 +64,8 @@ level_descriptions = { "fileserver": _("""This profile is targeted on storage-oriented servers, such as FTP, SAMBA or NFS servers, or database servers, which do not receive accesses from unauthorized Internet users."""), "webserver": _("""This profile is similar to the 'Fileserver', but it assumes that the server receives connection from unauthorized Internet users."""), + "audit_daily": _("""This profile is intended for the users who do not rely on msec to change system settings, and use it for periodic checks only. It configures all periodic checks to run once a day."""), + "audit_weekly": _("""This profile is similar to the 'audit_daily' profile, but it runs all checks weekly."""), } # level order. Levels will appear in this order, the unspecified levels will appear last |