Usage
Usage: ./lunar.sh -[a|A|s|S|d|p|c|l|h|c|V] -[u]
-a: Run in audit mode (no changes made to system)
-A: Run in audit mode (no changes made to system)
[includes filesystem checks which take some time]
-s: Run in selective mode (only run tests you want to)
-d: Print information for a specific test
-S: List functions available to selective mode
-l: Run in lockdown mode (changes made to system)
-L: Run in lockdown mode (changes made to system)
[includes filesystem checks which take some time]
-c: Show changes previously made to system
-p: Show previously versions of file
-u: Undo lockdown (changes made to system)
-h: Display usage
-V: Display version
-v: Verbose mode [used with -a and -A]
[Provides more information about the audit taking place]
Examples
Run in Audit Mode:
./lunar.sh -a
Run in Audit Mode and provide more information:
./lunar.sh -a -v
Display previous backups:
./lunar.sh -b
Previous backups:
21_12_2012_19_45_05 21_12_2012_20_35_54 21_12_2012_21_57_25
Restore from previous backup:
./lunar.sh -u 21_12_2012_19_45_05
List tests:
./lunar.sh -S
Only run apache based tests:
./lunar.sh -s audit_apache
Print documentation regarding apache based tests:
./lunar.sh -d audit_apache
# SYSTEM INFORMATION:
Platform: i386
Vendor: Apple
Name: Darwin
Version: 10.12
Update: 3
Checking: If node is managed
Notice: Node is not managed
# Module: audit_apache
# Solaris:
# The action in this section describes disabling the Apache 1.x and 2.x web
# servers provided with Solaris 10. Both services are disabled by default.
# Run control scripts for Apache 1 and the NCA web servers still exist,
# but the services will only be started if the respective configuration
# files have been set up appropriately, and these configuration files do not
# exist by default.
# Even if the system is a Web server, the local site may choose not to use
# the Web server provided with Solaris in favor of a locally developed and
# supported Web environment. If the machine is a Web server, the administrator
# is encouraged to search the Web for additional documentation on Web server
# security.
# Linux:
# HTTP or web servers provide the ability to host web site content.
# The default HTTP server shipped with CentOS Linux is Apache.
# The default HTTP proxy package shipped with CentOS Linux is squid.
# Unless there is a need to run the system as a web server, or a proxy it is
# recommended that the package(s) be deleted.
# Refer to Section(s) 3.11,14 Page(s) 66-9 CIS CentOS Linux 6 Benchmark v1.0.0
# Refer to Section(s) 2.2.10 Page(s) 110 CIS Ubuntu Linux 16.04 Benchmark v1.0.0
# Refer to Section(s) 3.11,14 Page(s) 79-81 CIS RHEL 5 Benchmark v2.1.0
# Refer to Section(s) 3.11,14 Page(s) 69-71 CIS RHEL 6 Benchmark v1.2.0
# Refer to Section(s) 2.2.10,13 Page(s) 110,113 CIS RHEL 7 Benchmark v2.1.0
# Refer to Section(s) 6.10,13 Page(s) 59,61 CIS SLES 11 Benchmark v1.0.0
# Refer to Section(s) 2.4.14.7 Page(s) 56-7 CIS OS X 10.5 Benchmark v1.1.0
# Refer to Section(s) 2.10 Page(s) 21-2 CIS Solaris 11.1 v1.0.0
# Refer to Section(s) 2.2.11 Page(s) 30-2 CIS Solaris 10 v5.1.0
# Refer to Section(s) 2.2.10,13 Page(s) 102,105 CIS Amazon Linux Benchmark v2.0.0