aboutsummaryrefslogtreecommitdiffstats
path: root/init-sh
ModeNameSize
-rwxr-xr-xcleanold.sh2601logstatsplain
-rwxr-xr-xcustom.sh12411logstatsplain
-rwxr-xr-xfile_perm.sh317logstatsplain
-rwxr-xr-xgrpuser.sh4278logstatsplain
-rwxr-xr-xlevel0.sh3642logstatsplain
-rwxr-xr-xlevel1.sh3637logstatsplain
-rwxr-xr-xlevel2.sh3647logstatsplain
-rwxr-xr-xlevel3.sh3755logstatsplain
-rwxr-xr-xlevel4.sh5294logstatsplain
-rwxr-xr-xlevel5.sh6001logstatsplain
-rwxr-xr-xlevelsnf.sh5446logstatsplain
-rw-r--r--lib.sh9315logstatsplain
-rw-r--r--lib.sh.usermode7940logstatsplain
-rwxr-xr-xmsec1268logstatsplain
generated by cgit v1.2.1 (git 2.21.0) at 2026-03-23 18:16:53 +0000
cho -e "\t- Check suid root file integrity (backdoor check) : yes." AddRules "CHECK_SUID_MD5=yes" /etc/security/msec/security.conf quiet echo -e "\t- Check suid group file : yes." AddRules "CHECK_SUID_GROUP=no" /etc/security/msec/security.conf quiet echo -e "\t- Check world writable file : yes." AddRules "CHECK_WRITEABLE=yes" /etc/security/msec/security.conf quiet echo -e "\t- Check unowned file : no." AddRules "CHECK_UNOWNED=no" /etc/security/msec/security.conf quiet echo -e "\t- Check promiscuous mode : no." AddRules "CHECK_PROMISC=no" /etc/security/msec/security.conf quiet echo -e "\t- Check listening port : no." AddRules "CHECK_OPEN_PORT=no" /etc/security/msec/security.conf quiet echo -e "\t- Check passwd file integrity : no." AddRules "CHECK_PASSWD=no" /etc/security/msec/security.conf quiet echo -e "\t- Check shadow file integrity : no." AddRules "CHECK_SHADOW=no" /etc/security/msec/security.conf quiet echo -e "\t- Security warning on tty : no." AddRules "TTY_WARN=no" /etc/security/msec/security.conf quiet echo -e "\t- Security warning by mail : no." AddRules "MAIL_WARN=no" /etc/security/msec/security.conf quiet echo -e "\t- Security warning in syslog : yes." AddRules "SYSLOG_WARN=yes" /etc/security/msec/security.conf # end security check export SECURE_LEVEL=2 echo "Setting secure level variable to 2 :" AddRules "SECURE_LEVEL=2" /etc/sysconfig/msec echo "Setting umask to 022 (u=rw,g=r,o=r) :" AddRules "UMASK_ROOT=022" /etc/sysconfig/msec AddRules "UMASK_USER=022" /etc/sysconfig/msec # Xserver echo "Allowing users to connect X server from localhost :" AddBegRules "/usr/X11R6/bin/xhost + localhost" /etc/X11/xinit.d/msec # group echo "Adding system users to specifics groups :" /usr/share/msec/grpuser.sh --refresh grpconv echo -e "done.\n" # icmp echo echo "Enabling icmp echo :" AddRules "net.ipv4.icmp_echo_ignore_all=0" /etc/sysctl.conf AddRules "net.ipv4.icmp_echo_ignore_broadcasts=0" /etc/sysctl.conf # bad error echo "Disabling bad error message Protection :" AddRules "net.ipv4.icmp_ignore_bogus_error_responses=0" /etc/sysctl.conf # log strange packets echo "Disabling logging Spoofed Packets, Source Routed Packets, Redirect Packets :" AddRules "net.ipv4.conf.all.log_martians=0" /etc/sysctl.conf LoadSysctl AllowAutologin # Do not boot on a shell AllowReboot AllowUserList RootSshLogin 2
generated by cgit v1.2.1 (git 2.21.0) at 2026-03-23 18:16:53 +0000