Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:Hoog
lynis
tests_network_allowed_ports
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File tests_network_allowed_ports of Package lynis
#!/bin/bash ################################################################################# # # Author: Thomas Biege <thomas@suse.de> # # Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are # welcome to redistribute it under the terms of the GNU General Public License. # See LICENSE file for usage of this software. # ################################################################################# # # Verifies open network ports. # ################################################################################# # # TODO: # ################################################################################ # InsertSection "Networking" # ################################################################################# # # Test : NETW-3085 # Description : Verifies open network ports. Register --test-no NETW-3085 --weight L --network NO --description "Verifies open network ports." if [ ${SKIPTEST} -eq 0 ]; then ALLOWED_PORTS=( 22 25 80 111 443 ) TMP=$(mktemp /tmp/lynis.XXXXXX) STR="${ALLOWED_PORTS[@]:0}" Display --indent 2 --text "- Starting verifying open network ports ($STR)..." logtext "Test: Checking open network ports" logtext "Allowed ports: $STR" netstat -an | grep -i listen > $TMP PORTS=($(cat $TMP | awk '{ print $4 }' | sed 's/.*://;s/ACC//' | sort -un)) IDX_P=0 LEN_P=${#PORTS[@]} NUM_NOTOK=0 while [ $IDX_P -lt $LEN_P ] do IDX_A=0 LEN_A=${#ALLOWED_PORTS[@]} PORTOK=0 while [ $IDX_A -lt $LEN_A ] do # echo "${PORTS[$IDX_P]} vs. ${ALLOWED_PORTS[$IDX_A]}" if [ ${PORTS[$IDX_P]} == ${ALLOWED_PORTS[$IDX_A]} ] then PORTOK=1 break fi ((IDX_A++)) done if [ $PORTOK -eq 0 ] then ((NUM_NOTOK++)) P=${PORTS[$IDX_P]} Display --indent 4 --text "Open port ${P} not allowed" --result WARNING --color RED fi ((IDX_P++)) done HPMAX=$LEN_A HP=$(expr $LEN_A - $NUM_NOTOK) if [ $HP -lt 0 ]; then HP=0; fi AddHP $HP $HPMAX rm -f $TMP fi # ################################################################################# # wait_for_keypress # #================================================================================
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor