PCI-DSS compliant Debian 10/11/12 hardening
Find a file
Thibault Dewailly 5cd2b48fa8 Merge pull request #5 in IAAS/cis-hardening from dev/thibault.dewailly/fixedLicense to master
* commit 'a7f418d8a2d5b90a7257542b1dd16fd4238721ca':
  Corrected script names, added License, Completed README and corrected bug with too long logger messages
2016-04-19 13:53:08 +02:00
bin Corrected script names, added License, Completed README and corrected bug with too long logger messages 2016-04-19 09:31:01 +02:00
etc Corrected script names, added License, Completed README and corrected bug with too long logger messages 2016-04-19 09:31:01 +02:00
lib Corrected script names, added License, Completed README and corrected bug with too long logger messages 2016-04-19 09:31:01 +02:00
src
tmp/backups
.gitignore
LICENSE Corrected script names, added License, Completed README and corrected bug with too long logger messages 2016-04-19 09:31:01 +02:00
README Corrected script names, added License, Completed README and corrected bug with too long logger messages 2016-04-19 09:31:01 +02:00

# CIS Debian 7 Hardening git repository
# Authors : Thibault Dewailly, OVH <thibault.dewailly@corp.ovh.com>
# This is the code base which will be used to fill CIS hardening requirements

# Hardening scripts :
# bin/hardening : Every script has a .cfg associated, status must be defined here

# Configuration
# etc/hardening.cfg : Global variables defined such as backup directory, or log level
# etc/conf.d        : Folder with all .cfg associated to hardening scripts

# Status parameter will define on each script if it has to be disabled (do nothing), audit (RO), enabled (RW)
# Enabled will perform audit and most of the time correct your system accordingly. 
# There is exceptions as it is difficult to know how you want to correct that.

# Main script : 
# bin/hardening.sh : Will execute hardening according to configuration
# Options are :
# --apply     : Will apply hardening when scripts have status enabled (RW), and audit points where status is audit (RO)
# --audit     : Will audit hardening when scripts have status enabled or audit (RO) 
# --audit-all : Apply audit (RO) on all scripts