diff options
Diffstat (limited to 'init-sh')
-rwxr-xr-x | init-sh/custom.sh | 2 | ||||
-rwxr-xr-x | init-sh/level1.sh | 6 | ||||
-rwxr-xr-x | init-sh/level2.sh | 4 | ||||
-rwxr-xr-x | init-sh/level3.sh | 4 | ||||
-rwxr-xr-x | init-sh/level4.sh | 4 | ||||
-rwxr-xr-x | init-sh/level5.sh | 4 | ||||
-rw-r--r-- | init-sh/lib.sh | 1 |
7 files changed, 23 insertions, 2 deletions
diff --git a/init-sh/custom.sh b/init-sh/custom.sh index eac0cc8..feb5fdc 100755 --- a/init-sh/custom.sh +++ b/init-sh/custom.sh @@ -65,7 +65,7 @@ fi echo "Do you want your system to daily check Writable file change ?" WaitAnswer; clear if [ ${answer} == "yes" ]; then - AddRules "CHECK_WRITABLE=yes" /etc/security/msec/security.conf + AddRules "CHECK_WRITEABLE=yes" /etc/security/msec/security.conf AddRules "0 0-23 * * * root nice --adjustment=+19 /etc/security/msec/cron-sh/file_check.sh" /etc/crontab fi ### diff --git a/init-sh/level1.sh b/init-sh/level1.sh index dba9f55..b652fc6 100755 --- a/init-sh/level1.sh +++ b/init-sh/level1.sh @@ -22,6 +22,10 @@ AddRules "tty6" /etc/securetty # Security check echo "Updating file check variable : " +echo -e "\t- Check security : yes." + AddRules "CHECK_SECURITY=yes" /etc/security/msec/security.conf quiet +echo -e "\t- Check important permissions : no." + AddRules "CHECK_PERMS=no" /etc/security/msec/security.conf quiet echo -e "\t- Check suid root file : no." AddRules "CHECK_SUID_ROOT=no" /etc/security/msec/security.conf quiet echo -e "\t- Check suid root file integrity (backdoor check) : no." @@ -29,7 +33,7 @@ echo -e "\t- Check suid root file integrity (backdoor check) : no." echo -e "\t- Check suid group file : no." AddRules "CHECK_SUID_GROUP=no" /etc/security/msec/security.conf quiet echo -e "\t- Check world writable file : no." - AddRules "CHECK_WRITABLE=no" /etc/security/msec/security.conf quiet + AddRules "CHECK_WRITEABLE=no" /etc/security/msec/security.conf quiet echo -e "\t- Check unowned file : no." AddRules "CHECK_UNOWNED=no" /etc/security/msec/security.conf quiet echo -e "\t- Check promiscuous mode : no." diff --git a/init-sh/level2.sh b/init-sh/level2.sh index 37bfa93..b5e9706 100755 --- a/init-sh/level2.sh +++ b/init-sh/level2.sh @@ -22,6 +22,10 @@ AddRules "tty6" /etc/securetty # Security check echo "Updating file check variable : " +echo -e "\t- Check security : yes." + AddRules "CHECK_SECURITY=yes" /etc/security/msec/security.conf quiet +echo -e "\t- Check important permissions : no." + AddRules "CHECK_PERMS=no" /etc/security/msec/security.conf quiet echo -e "\t- Check suid root file : yes." AddRules "CHECK_SUID_ROOT=yes" /etc/security/msec/security.conf quiet echo -e "\t- Check suid root file integrity (backdoor check) : yes." diff --git a/init-sh/level3.sh b/init-sh/level3.sh index 5a84b40..39213a4 100755 --- a/init-sh/level3.sh +++ b/init-sh/level3.sh @@ -26,6 +26,10 @@ AddRules "tty6" /etc/securetty quiet # Security check echo "Updating file check variable : " +echo -e "\t- Check security : yes." + AddRules "CHECK_SECURITY=yes" /etc/security/msec/security.conf quiet +echo -e "\t- Check important permissions : yes." + AddRules "CHECK_PERMS=yes" /etc/security/msec/security.conf quiet echo -e "\t- Check suid root file : yes." AddRules "CHECK_SUID_ROOT=yes" /etc/security/msec/security.conf quiet echo -e "\t- Check suid root file integrity (backdoor check) : yes." diff --git a/init-sh/level4.sh b/init-sh/level4.sh index c85b8bb..fac55b6 100755 --- a/init-sh/level4.sh +++ b/init-sh/level4.sh @@ -36,6 +36,10 @@ AddRules "tty6" /etc/securetty # Security check echo "Updating file check variable : " +echo -e "\t- Check security : yes." + AddRules "CHECK_SECURITY=yes" /etc/security/msec/security.conf quiet +echo -e "\t- Check important permissions : yes." + AddRules "CHECK_PERMS=yes" /etc/security/msec/security.conf quiet echo -e "\t- Check suid root file : yes." AddRules "CHECK_SUID_ROOT=yes" /etc/security/msec/security.conf quiet echo -e "\t- Check suid root file integrity (backdoor check) : yes." diff --git a/init-sh/level5.sh b/init-sh/level5.sh index 3a81faa..5804654 100755 --- a/init-sh/level5.sh +++ b/init-sh/level5.sh @@ -27,6 +27,10 @@ echo -e "done.\n\n" # Security check echo "Updating file check variable : " +echo -e "\t- Check security : yes." + AddRules "CHECK_SECURITY=yes" /etc/security/msec/security.conf quiet +echo -e "\t- Check important permissions : yes." + AddRules "CHECK_PERMS=yes" /etc/security/msec/security.conf quiet echo -e "\t- Check suid root file : yes." AddRules "CHECK_SUID_ROOT=yes" /etc/security/msec/security.conf quiet echo -e "\t- Check suid root file integrity (backdoor check) : yes." diff --git a/init-sh/lib.sh b/init-sh/lib.sh index 47bbcec..971a228 100644 --- a/init-sh/lib.sh +++ b/init-sh/lib.sh @@ -174,6 +174,7 @@ echo "Setting spoofing protection : " AddRules "echo 1 > /proc/sys/net/ipv4/conf/all/rp_filter" /etc/rc.d/rc.firewall # default group which must exist on the system +groupadd nogroup >& /dev/null groupadd audio >& /dev/null groupadd xgrp >& /dev/null usermod -G xgrp xfs |