[ { "path": ".editorconfig", "content": "# See: https://editorconfig.org/\n\nroot = true\n\n[*]\nindent_style = space\nindent_size = 4\n" }, { "path": ".github/ISSUE_TEMPLATE/bug_report.md", "content": "---\nname: Bug report\nabout: Create a report to help us improve\n\n---\n\n**Describe the bug**\nA clear and concise description of what the bug is.\n\n**Version**\n - Distribution [e.g. Ubuntu 18.04]\n - Lynis version [e.g. 2.7.0]\n\n**Expected behavior**\nA clear and concise description of what you expected to happen.\n\n**Output**\nIf applicable, add output that you get from the tool or the related section of lynis.log\n\n**Additional context**\nAdd any other context about the problem here.\n" }, { "path": ".github/ISSUE_TEMPLATE/feature_request.md", "content": "---\nname: Feature request\nabout: Suggest an idea for this project\n\n---\n\n**Is your feature request related to a problem? Please describe.**\nA clear and concise description of what the problem is. How would it help you to make things easier? Ex. I'm always frustrated when [...]\n\n**Describe the solution you'd like**\nA clear and concise description of what you want to happen.\n\n**Required changes**\nWhat needs to be changed in Lynis?\n\n**Additional context**\nAdd anything else that you consider to be relevant about the feature request here.\n" }, { "path": ".github/workflows/publiccode-yml-validation.yml", "content": "name: publiccode.yml validation\n\non:\n pull_request:\n paths:\n - publiccode.yml\n push:\n paths:\n - publiccode.yml\n\njobs:\n publiccode_yml_validation:\n runs-on: ubuntu-latest\n steps:\n - uses: actions/checkout@v4\n - uses: italia/publiccode-parser-action@v1\n with:\n publiccode: \"publiccode.yml\"\n" }, { "path": ".gitignore", "content": ".bzr\n.bzrignore\n.DS_Store\ncustom.prf\n*.swp\n" }, { "path": ".travis.yml", "content": "language: bash\n\nbefore_script:\n - sh extras/travis-ci/before_script.sh\n\nscript:\n - cd .. && cd ./lynis-sdk && sh lynis-devkit run unit-tests\n\nnotifications:\n email:\n recipients:\n - lynis-dev@cisofy.com\n on_success: change\n on_failure: always\n" }, { "path": "CHANGELOG.md", "content": "# Lynis Changelog\n\n## Lynis 3.1.7 (not released yet)\n\n### Changed\n- Detection of CachyOS\n- Updated end-of-life-database\n\n---------------------------------------------------------------------------------\n\n## Lynis 3.1.6 (2025-10-22)\n\n### Added\n- Add notice to screen output if end-of-life state is unclear\n- Support for CachyOS, macOS Tahoe, and OpenMandriva Lx\n\n### Changed\n- Releases are now considered to be old if they are 6 months or older\n- Removed generic suggestion for outdated/old Lynis release, instead show to screen output\n- Generic clarifications on variable usage for operating system and its version \n- Updated end-of-life database\n- Updated Japanese translation\n- For Debian and similar systems ignore kernel packages with 'rc' state\n- ACCT-9634 - Define default auditd log file location\n- FIRE-4586 - Also accept NFLOG as a logging target for iptables\n- MALW-3280 - Adjusted detection of Wazuh agent\n\n---------------------------------------------------------------------------------\n\n## Lynis 3.1.5 (2025-07-29)\n\n### Added\n- Support for OpenWrt\n- Bitdefender detection on Linux\n- Detection of openSUSE Tumbleweed-Slowroll\n\n### Changed\n- Corrected detection of service manager SMF\n- Extended GetHostID function to allow HostID and HostID2 creation on OpenWrt\n- Check modules also under /usr/lib/modules.d\n\n---------------------------------------------------------------------------------\n\n## Lynis 3.1.4 (2025-01-28)\n\n### Changed\n- Update of translations: Portuguese\n- Add macOS Sequoia\n- Update of EOL database\n- Bugfix for using slashes in parameters (SafeInput function)\n- Simplified copyright line and meta data in files\n- Support for powerpc64le in authentication section\n- Don't show error \"kadmin.local: unable to get default realm\"\n\n---------------------------------------------------------------------------------\n\n## Lynis 3.1.3 (2024-12-16)\n\nThis release introduces additional documentation in the form of blog articles\nto support the (missing) control information on the website. \n\n### Added\n- Detection of Buildroot, Fedora Linux Asahi Remix, Garden Linux, Peppermint OS\n- Support for blog posts and articles to enhance suggestions\n\n### Changed\n- BOOT-5264 - Changed output of systemd-analyze test and added link\n- FILE-6398 - Test temporarily disabled as on modern kernels JDB support is built-in\n- FIRE-4508 - Several changes to expand the test, make it more generic, resolve minor issues\n- KRNL-5622 - Test if systemctl binary is set\n- Several improvements for busybox\n- Update of translations: Italian, Russian, Spanish\n\n---------------------------------------------------------------------------------\n\n## Lynis 3.1.2 (2024-09-26)\n\n### Added\n- Detection of ALT Linux\n- Detection of Athena OS\n- Detection of Container-Optimized OS from Google\n- Detection of Koozali SME Server\n- Detection of Nobara Linux\n- Detection of Open Source Media Center (OSMC)\n- Detection of PostmarketOS\n- CRYP-7932 - macOS FileVault encryption test\n- FILE-6398 - Check if JBD (Journal Block Device) driver is loaded\n- FINT-4344 - Wazuh system running state\n- PKGS-7305 - Query macOS Apps in /Applications and CoreServices\n- File added: .editorconfig, which is used by editors to standardize formatting\n\n### Changed\n- Correction of software EOL database and inclusion of AIX entries\n- Support sysctl value perf_event_paranoid -> 2|3\n- Update of translations: German, Portuguese, Turkish\n- Grammar and spell improvements\n- Improved package detection on Alpine Linux\n- Slackware support to check installed packges (functionPackageIsInstalled())\n- Added words prosecute/report to LEGAL_BANNER_STRINGS\n- Busybox support: Replace newer tr command syntax with older ascii specific operations\n- Added Wazuh as a malware scanner/antivirus and rootkit detection tool\n- Updated PHP versions and removed PHP 5 (deprecated)\n- AUTH-9262 - Corrected message with advised PAM libary (libpam-passwdqc)\n- CONT-8104 - Checking for errors, not only warning in docker info output\n- DBS-1826 - PostgreSQL detection improved for AlmaLinux, Rocky Linux, and FreeBSD\n- FILE-6344 - Test kernel version (major/minor)\n- INSE-8000 - Added inetd package and service name used in ubuntu 24.04\n- KRNL-5622 - Use systemctl get-default instead of following link\n- KRNL-5820 - Accept ulimit with -H parameter also\n- LOGG-2144 - Check for wazuh-agent presence on Linux systems\n- MACF-6234 - Test if semanage binary is available\n- MALW-3200 - ESET Endpoint Antivirus added\n- MALW-3280 - McAfee Antivirus for Linux deprecated\n- MALW-3291 - Check if Microsoft Defender Antivirus is installe\n- NETW-3200 - Added regex to allow both /bin/true as /bin/false\n- PKGS-7303 - Added version numbers to brew packages\n- PKGS-7370 - Cron job check for debsums improved\n- PKGS-7392 - Improved filtering of apt-check output (Ubuntu 24.04 may give an error)\n- PKGS-7410 - Added kernel name for Hardkernel odroid XU4\n\n---------------------------------------------------------------------------------\n\n## Lynis 3.1.1 (2024-03-17)\n\n### Added\n- Detection of ArcoLinux\n\n### Changed\n- DBS-1882 - Redis configuration file path added for FreeBSD (/usr/local/etc/redis.conf)\n- DBS-1882 - Check /snap directory location for Redis configuration file\n\n---------------------------------------------------------------------------------\n\n## Lynis 3.1.0 (2024-03-11)\n\n### Added\n- Translation: Indonesian\n\n### Changed\n- MALW-3280 - Correction to detect com.avast.daemon\n- OS detection added for Guix System, macOS Ventura (13.x)/Sonoma (14.x), NXP LSDK, OpenEmbedded \"nodistro\", and The Yocto Projects distro \"Poky\"\n- Updated Amazon Linux EOL dates and addition of Amazon Linux 2023\n- STATUS_NOT_ACTIVE variable added to translation files\n- End-of-life dates updated\n- Fixing missing or erroneous test number comments\n- Detection of SentinelOne corrected\n- Wazuh for file integrity and tooling\n- Updated parsing output of arch-audit\n- Added support for SentinelOne detection\n- Replacing deprecated option -i for xargs\n- Path detection for PostgreSQL improved\n\n---------------------------------------------------------------------------------\n\n## Lynis 3.0.9 (2023-08-03)\n\n### Changed\n- DBS-1820 - Added newer style format for Mongo authorization setting\n- FILE-6410 - Locations added for plocate\n- SSH-7408 - Only test Compression if sshd version < 7.4\n- Improved fetching timestamp\n- Minor changes such as typos\n\n---------------------------------------------------------------------------------\n\n## Lynis 3.0.8 (2022-05-17)\n\n### Added\n- MALW-3274 - Detect McAfee VirusScan Command Line Scanner\n- PKGS-7346 Check Alpine Package Keeper (apk)\n- PKGS-7395 Check Alpine upgradeable packages\n- EOL for Alpine Linux 3.14 and 3.15\n\n### Changed\n- AUTH-9408 - Check for pam_faillock as well (replacement for pam_tally2)\n- FILE-7524 - Test enhanced to support symlinks\n- HTTP-6643 - Support ModSecurity version 2 and 3\n- KRNL-5788 - Only run relevant tests and improved logging\n- KRNL-5820 - Additional path for security/limits.conf\n- KRNL-5830 - Check for /var/run/needs_restarting (Slackware)\n- KRNL-5830 - Add a presence check for /boot/vmlinuz\n- PRNT-2308 - Bugfix that prevented test from storing values correctly\n- Extended location of PAM files for AARCH64\n- Some messages in log improved\n\n---------------------------------------------------------------------------------\n\n## Lynis 3.0.7 (2022-01-18)\n\n### Added\n- MALW-3290 - Show status of malware components\n- OS detection for RHEL 6 and Funtoo Linux\n- Added service manager openrc\n\n### Changed\n- DBS-1804 - Added alias for MariaDB\n- FINT-4316 - Support for newer Ubuntu versions\n- MALW-3280 - Added Trend Micro malware agent\n- NETW-3200 - Allow unknown number of spaces in modprobe blacklists\n- PKGS-7320 - Support for Garuda Linux and arch-audit\n- Several improvements for busybox shell\n- Russian translation of Lynis extended\n\n---------------------------------------------------------------------------------\n\n## Lynis 3.0.6 (2021-07-22)\n\n### Added\n- OS detection: Artix Linux, macOS Monterey, NethServer, openSUSE MicroOS\n- Check for outdated translation files\n\n### Changed\n- DBS-1826 - Check if PostgreSQL is being used\n- DBS-1828 - Test multiple PostgreSQL configuration file(s)\n- KRNL-5830 - Sort kernels by version instead of modification date\n- PKGS-7410 - Don't show exception for systems using LXC\n- GetHostID function: fallback options added for Linux systems\n- Fix: macOS Big Sur detection\n- Fix: show correct text when egrep is missing\n- Fix: variable name for PostgreSQL\n- German and Spanish translations extended\n\n---------------------------------------------------------------------------------\n\n## Lynis 3.0.5 (2021-07-02)\n\n### Added\n- OS detection of Arch Linux 32, BunsenLabs Linux, and Rocky Linux\n- CRYP-8006 - Check MemoryOverwriteRequest bit to protect against cold-boot attacks (Linux)\n\n### Changed\n- ACCT-9622 - Corrected typo\n- HRDN-7231 - When calling wc, use the short -l flag instead of --lines (Busybox compatibility)\n- PKGS-7320 - extended to Arch Linux 32\n- Generation of host identifiers (hostid/hostid2) extended\n- Linux host identifiers are now using ip as preferred input source\n- Improved logging in several areas\n\n---------------------------------------------------------------------------------\n\n## Lynis 3.0.4 (2021-05-11)\n\n### Added\n- ACCT-9670 - Detection of cmd tooling\n- ACCT-9672 - Test cmd configuration file\n- BOOT-5140 - Check for ELILO boot loader presence\n- OS detection of AlmaLinux, Garuda Linux, Manjaro (ARM), and others\n\n### Changed\n- BOOT-5104 - Add service manager detection support for runit\n- FILE-6430 - Report suggestion only when at least one kernel module is not in the blacklist\n- FIRE-4540 - Corrected nftables empy ruleset test\n- LOGG-2138 - Do not check for klogd when metalog is being used\n- TIME-3185 - Improved support for Debian stretch\n- Corrected issue when Lynis is not executed directly from lynis directory\n\n---------------------------------------------------------------------------------\n\n## Lynis 3.0.3 (2021-01-07)\n\n### Added\n- HRDN-7231 - Check for registered non-native binary formats\n- OS detection of Parrot GNU/Linux\n\n### Changed\n- DBS-1816 - Force test to check only password authentication\n- KRNL-5677 - Support for NetBSD\n- Bugfix: command 'configure settings' did not work as intended\n\n---------------------------------------------------------------------------------\n\n## Lynis 3.0.2 (2020-12-24)\n\n### Added\n- AUTH-9284 - Scan for locked user accounts in /etc/passwd\n- LOGG-2153 - Loghost configuration\n- TOOL-5130 - Check for active Suricata daemon\n- OS detection of Flatcar, IPFire, Mageia, NixOS, ROSA Linux, SLES (extended), Void Linux, Zorin OS\n- OS detection of OpenIndiana (Hipster and Legacy), Shillix, SmartOS, Tribblix, and others\n- EOL dates for Alpine, macOS, Mageia, OmniosCE, and Solaris 11\n- Support for Solaris svcs (service manager)\n- Enumeration of Solaris services\n\n### Changed\n- ACCT-9626 - Detect sysstat systemd unit\n- AUTH-9230 - Only fail if both SHA_CRYPT_MIN_ROUNDS and SHA_CRYPT_MAX_ROUNDS are undefined\n- BOOT-5184 - Support for Solaris\n- KRNL-5830 - Improved reboot test by ignoring known bad values\n- KRNL-5830 - Ignore rescue kernel such as on CentOS systems\n- KRNL-5830 - Detection of Alpine Linux kernel\n- NETW-2400 - Compatibility change for hostname check\n- NETW-3012 - Support for Solaris\n- PKGS-7410 - Don't show exception if no kernels were found on the disk\n- TIME-3185 - Supports now checking files at multiple locations (systemd)\n- ParseNginx function: Support include on absolute paths\n- ParseNginx function: Ignore empty included wildcards\n- Set 'RHEL' as OS_NAME for Red Hat Enterprise Linux\n- HostID: Use first e1000 interface and break after match\n- Translations extended and updated\n- Test if pgrep exists before using it\n- Better support for busybox shell\n- Small code enhancements\n\n---------------------------------------------------------------------------------\n\n## Lynis 3.0.1 (2020-10-05)\n\n### Added\n- Detection of Alpine Linux\n- Detection of CloudLinux\n- Detection of Kali Linux\n- Detection of Linux Mint\n- Detection of macOS Big Sur (11.0)\n- Detection of Pop!_OS\n- Detection of PHP 7.4\n- Malware detection tool: Microsoft Defender ATP\n- New flag: --slow-warning to allow tests more time before showing a warning\n- Test TIME-3185 to check systemd-timesyncd synchronized time\n- rsh host file permissions\n\n### Changed\n- AUTH-9229 - Added option for LOCKED accounts and bugfix for older bash versions\n- BOOT-5122 - Presence check for grub.d added\n- CRYP-7902 - Added support for certificates in DER format\n- CRYP-7931 - Added data to report\n- CRYP-7931 - Redirect errors (e.g. when swap is not encrypted)\n- FILE-6430 - Don't grep nonexistent modprobe.d files\n- FIRE-4535 - Set initial firewall state\n- INSE-8312 - Corrected text on screen\n- KRNL-5728 - Handle zipped kernel configuration correctly\n- KRNL-5830 - Improved version detection for non-symlinked kernel\n- MALW-3280 - Extended detection of BitDefender\n- TIME-3104 - Find more time synchronization commands\n- TIME-3182 - Corrected detection of time peers\n- Fix: hostid generation routine would sometimes show too short IDs\n- Fix: language detection\n- Generic improvements for macOS\n- German translation updated\n- End-of-life database updated\n- Several minor code enhancements\n\n---------------------------------------------------------------------------------\n\n## Lynis 3.0.0 (2020-06-18)\n\nThis is a major release of Lynis and includes several big changes.\nSome of these changes may break your current usage of the tool, so test before\ndeployment!\n\n### Security issues\nThis release resolves two security issues\n* CVE-2020-13882 - Discovered by Sander Bos, code submission by Katarina Durechova\n* CVE-2019-13033 - Discovered by Sander Bos\n\n### Breaking change: Non-interactive by default\nLynis now runs non-interactive by default, to be more in line with the Unix\nphilosophy. So the previously used '--quick' option is now default, and the tool\nwill only wait when using the '--wait' option.\n\n### Breaking change: Deprecated options\n- Option: -c\n- Option: --check-update/--info\n- Option: --dump-options\n- Option: --license-key\n\n### Breaking change: Profile options\nThe format of all profile options are converted (from key:value to key=value).\nYou may have to update the changes you made in your custom.prf.\n\n### Security\nAn important focus area for this release is on security. We added several\nmeasures to further tighten any possible misuse.\n\n## New: DevOps, Forensics, and pentesting mode\nThis release adds initial support to allow defining a specialized type of audit.\nUsing the relevant options, the scan will change base on the intended goal.\n\n### Added\n- Security: test PATH and warn or exit on discovery of dangerous location\n- Security: additional safeguard by testing if common system tools are available\n- Security: test parameters and arguments for presence of control characters\n- Security: filtering out unexpected characters from profiles\n- Security: test if setuid bit is set on Lynis binary\n- New function: DisplayException\n- New function: DisplayWarning\n- New function: Equals\n- New function: GetReportData\n- New function: HasCorrectFilePermissions\n- New function: Readonly\n- New function: SafeFile\n- New function: SafeInput\n- New option: --usecwd - run from the current working directory\n- New profile option: disable-plugin - disables a single plugin\n- New profile option: ssl-certificate-paths-to-ignore - ignore a path\n- New test: AUTH-9229 - check used password hashing methods\n- New test: AUTH-9230 - check group password hashing rounds\n- New test: BOOT-5109 - test presence rEFInd boot loader\n- New test: BOOT-5264 - run systemd-analyze security\n- New test: CRYP-7930 - test for LUKS encryption\n- New test: CRYP-7931 - determine if system uses encrypted swap\n- New test: CRYP-8004 - presence of hardware random number generator\n- New test: CRYP-8005 - presence of software random number generator\n- New test: DBS-1828 - PostgreSQL configuration files\n- New test: FILE-6394 - test virtual memory swappiness (Linux)\n- New test: FINT-4316 - presence of AIDE database and size test\n- New test: FINT-4340 - check dm-integrity status (Linux)\n- New test: FINT-4341 - verify status of dm-verity (Linux)\n- New test: INSE-8314 - test for NIS client\n- New test: INSE-8316 - test for NIS server\n- New test: NETW-2400 - test hostname for valid characters and length\n- New test: NETW-2706 - check DNSSEC (systemd)\n- New test: NETW-3200 - determine enabled network protocols\n- New test: PHP-2382 - detect listen option in PHP (FPM)\n- New test: PROC-3802 - check presence of prelink tooling\n- New test: TIME-3180 - report if ntpctl cannot communicate with OpenNTPD\n- New test: TIME-3181 - check status of OpenNTPD time synchronisation\n- New test: TIME-3182 - check OpenNTPD has working peers\n- New report key: openssh_daemon_running\n- New command: lynis generate systemd-units\n- Sending USR1 signal to Lynis process will show active status\n- Measure timing of tests and report slow tests (10+ seconds)\n- Initial support for Clear Linux OS\n- Initial support for PureOS\n- Support for X Binary Package (xbps)\n- Added end-of-life data for Arch Linux and Debian\n- Detection and end-of-life data added for Amazon Linux\n- Detection of linux-lts on Arch Linux\n- Translations: Russian added\n\n### Changed\n- Function: CheckItem() now returns only exit code (ITEM_FOUND is dropped)\n- Function: IsRunning supports the --user flag to define a related user\n- Function: PackageIsInstalled extended with pacman support\n- Profiles: unused options removed\n- Profiles: message is displayed when old format \"key:value\" is used\n- Binaries: skip pacman when it is the game instead of package manager\n- Security: the 'nounset' (set -u) parameter is now activated by default\n- AUTH-9228 - HP-UX support\n- AUTH-9234 - NetBSD support\n- AUTH-9252 - corrected permission check\n- AUTH-9266 - skip .pam-old files in /etc/pam.d\n- AUTH-9268 - Perform test also on DragonFly, FreeBSD, and NetBSD\n- AUTH-9282 - fix: temporary variable was overwritten\n- AUTH-9408 - added support for pam_tally2 to log failed logins\n- AUTH-9489 - test removed as it is merged with AUTH-9218\n- BANN-7126 - additional words for login banner are accepted\n- BOOT-5122 - check for defined password in all GRUB configuration files\n- CONT-8106 - support newer 'docker info' output\n- CRYP-7902 - optionally check also certificates provided by packages\n- CRYP-8002 - gather kernel entropy on Linux systems\n- FILE-6310 - support for HP-UX\n- FILE-6330 - corrected description\n- FILE-6374 - changed log and allow root location to be changed\n- FILE-6374 - corrected condition to find 'defaults' flag in /etc/fstab\n- FILE-6430 - minor code improvements and show suggestion with more details\n- FILE-7524 - optimized file permissions testing\n- FINT-4328 - corrected text in log\n- FINT-4334 - improved process detection for lfd\n- HOME-9304 - improved selection for normal users\n- HOME-9306 - improved selection for normal users\n- INSE-8050 - added com.apple.ftp-proxy and improved text output\n- INSE-8050 - corrected function call for showing suggestion\n- INSE-8116 - added rsync service\n- INSE-8314 - changed text of suggestion\n- INSE-8318 - test for TFTP client tools\n- INSE-8320 - test for TFTP server tools\n- INSE-8342 - renamed to INSE-8304\n- KRNL-5788 - don't complain about missing /vmlinuz for Raspi\n- KRNL-5820 - extended check to include limits.d directory\n- KRNL-5830 - skip test partially when running non-privileged\n- KRNL-5830 - detect required reboots on Raspbian\n- KRNL-6000 - check more sysctls\n- LOGG-2154 - added support for rsyslog configurations\n- LOGG-2190 - skip mysqld related entries\n- MACF-6234 - SELinux tests extended\n- MAIL-8804 - replaced static strings with translation-aware strings\n- MALW-3280 - Kaspersky detection added\n- MALW-3280 - CrowdStrike falcon-sensor detection added\n- NAME-4402 - check if /etc/hosts exists before performing test\n- NAME-4404 - improved screen and log output\n- NAME-4408 - corrected Report function call\n- NETW-3032 - small rewrite of test and extended with addrwatch\n- PHP-2372 - don't look in the cli configuration files\n- PKGS-7388 - only perform check for Debian/Ubuntu/Mint\n- PKGS-7410 - use multiple package managers when available\n- PKGS-7410 - added support for Zypper to test number of kernels\n- PRNT-2308 - check also for Port and SSLListen statements\n- PROC-3602 - allow different root directory\n- PROC-3612 - show 'Not found' instead of 'OK'\n- PROC-3614 - show 'Not found' instead of 'OK'\n- PROC-3802 - limit to Linux only (prelink package check)\n- SCHD-7702 - removed hardening points\n- SINT-7010 - limit test to only macOS systems\n- SSH-7402 - detect other SSH daemons like dropbear\n- SSH-7406 - strip OpenSSH patch version and remove characters (carriage return)\n- SSH-7408 - changed text in suggestion and report\n- SSH-7408 - added forced-commands-only option\n- SSH-7408 - VerifyReverseMapping removed (deprecated)\n- SSH-7408 - corrected OpenSSH server version check\n- STRG-1840 - renamed to USB-1000\n- STRG-1842 - added default authorized devices and renamed to USB-2000\n- TIME-3104 - use find to discover files in cron directories\n- TOOL-5002 - differentiate between a discovered binary and running process\n- TOOL-5160 - added support for OSSEC agent daemon\n- Perform additional check to ensure pacman package manager is used\n- Use 'pre-release/release' (was: 'dev/final') with 'lynis show release'\n- Use only locations from PATH environment variable, unless it is not defined\n- Show tip to use 'lynis generate hostids' when host IDs are missing\n- The 'show changelog' command works again for newer versions\n- Several code cleanups, simplification of commands, and code standardization\n- Tests using lsof may ignore individual threads (if supported)\n- Corrected end-of-life detection for CentOS 7 and CentOS 8\n- Tests can require detected package manager (--package-manager-required)\n- Do not show tool tips when quiet option is used\n- Improved screen output in several tests\n- Extended output of 'lynis update info'\n- Improved support for NetBSD\n- Test if profiles are readable\n- systemd service file adjusted\n- bash completion script extended\n- Updated man page\n\n---------------------------------------------------------------------------------\n\n## Lynis 2.7.5 (2019-06-24)\n\n### Added\n- Danish translation\n- Slackware end-of-life information\n- Detect BSD-style (rc.d) init in Linux systems\n- Detection of Bro and Suricata (IDS)\n\n### Changed\n- Corrected end-of-life entries for CentOS 5 and 6\n- AUTH-9204 - change name to check in /etc/passwd file for QNAP devices\n- AUTH-9268 - AIX enhancement to use correct find statement\n- FILE-6310 - Filter on correct field for AIX\n- NETW-3012 - set ss command as preferred option for Linux and changed output format\n- List of PHP ini file locations has been extended\n- Removed several pieces of the code as part of cleanup and code health\n- Extended help\n\n---------------------------------------------------------------------------------\n\n## Lynis 2.7.4 (2019-04-21)\n\nThis is a bigger release than usual, including several new tests created by\nCapashenn (GitHub). It is a coincidence that it is released exactly one month\nafter the previous version and on Easter. No easter eggs, only improvements!\n\n### Added\n- FILE-6324 - Discover XFS mount points\n- INSE-8000 - Installed inetd package\n- INSE-8100 - Installed xinetd package\n- INSE-8102 - Status of xinet daemon\n- INSE-8104 - xinetd configuration file\n- INSE-8106 - xinetd configuration for inactive daemon\n- INSE-8200 - Usage of TCP wrappers\n- INSE-8300 - Presence of rsh client\n- INSE-8302 - Presence of rsh server\n- Detect equery binary detection\n- New 'generate' command\n\n### Changed\n- AUTH-9278 - Test LDAP in all PAM components on Red Hat and other systems\n- PKGS-7410 - Add support for DPKG-based systems to gather installed kernel packages\n- PKGS-7420 - Detect toolkit to automatically download and apply upgrades\n- PKGS-7328 - Added global Zypper option --non-interactive\n- PKGS-7330 - Added global Zypper option --non-interactive\n- PKGS-7386 - Only show warning when vulnerable packages were discovered\n- PKGS-7392 - Skip test for Zypper-based systems\n- Minor changes to improve text output, test descriptions, and logging\n- Changed CentOS identifiers in end-of-life database\n- AIX enhancement for IsRunning function\n- Extended PackageIsInstalled function\n- Improve text output on AIX systems\n- Corrected lsvg binary detection\n\n---------------------------------------------------------------------------------\n\n## Lynis 2.7.3 (2019-03-21)\n\n### Added\n- Detection for Lynis being scheduled (e.g. cronjob)\n\n### Changed\n- HTTP-6624 - Improved logging for test\n- KRNL-5820 - Changed color for default fs.suid_dumpable value\n- LOGG-2154 - Adjusted test to search in configuration file correctly\n- NETW-3015 - Added support for ip binary\n- SQD-3610 - Description of test changed\n- SQD-3613 - Corrected description in code\n- SSH-7408 - Increased values for MaxAuthRetries\n- Improvements to allow tailored tool tips in future\n- Corrected detection of blkid binary\n- Minor textual changes and cleanups\n\n---------------------------------------------------------------------------------\n\n## Lynis 2.7.2 (2019-03-07)\n\n### Added\n- AUTH-9409 - Support for doas (OpenBSD)\n- AUTH-9410 - Test file permissions of doas configuration\n- BOOT-5117 - Support for systemd-boot boot loader added\n- BOOT-5177 - Simplify service filter and allow multiple dots in service names\n- BOOT-5262 - Check OpenBSD boot daemons\n- BOOT-5263 - Test permissions for boot files and scripts\n- Support for end-of-life detection of the operating system\n- New 'lynis show eol' command\n- Korean translation\n\n### Changed\n- AUTH-9252 - Adds support for files in sudoers.d\n- AUTH-9252 - Test extended to check file and directory ownership\n- BOOT-5122 - Use NONE instead of WARNING if no password is set\n- FIRE-4540 - Modify test to better measure rules\n- KRNL-5788 - Resolve false positive warning on missing /vmlinuz\n- NETW-2704 - Ignore inline comments in /etc/resolv.conf\n- PKGS-7388 - Improve detection for security archive\n- RPi/Raspian path to PAM_FILE_LOCATIONS\n\n---------------------------------------------------------------------------------\n\n## Lynis 2.7.1 (2019-01-30)\n\n### Added\n- Support for macOS Mojave\n- Translation: Slovak\n\n### Changed\n- AUTH-9282 - Improve support for Red Hat and clones\n- FIRE-4534 - Additional support for Hands Off!, LuLu, and Radio Silence\n- LOGG-2190 - Added MariaDB filter for deleted files (tested on CentOS)\n- SHLL-6230 - Add /etc/bash.bashrc.local to umask check\n- Removed shift statement that did not work on all operating systems\n- Minor cleanups and enhancements\n- Small improvements to logging\n\n---------------------------------------------------------------------------------\n\n## Lynis 2.7.0 (2018-10-26)\n\n### Added\n- MACF-6240 - Detection of TOMOYO binary\n- MACF-6242 - Status of TOMOYO framework\n- SSH-7406 - OpenSSH server version detection\n- TOOL-5160 - Check active OSSEC analysis daemon\n\n### Changed\n- Changed several warning labels on screen\n- AUTH-9308 - More generic sulogin for systemd rescue.service\n- OS detection now ignores quotes for getting the OS ID.\n\n---------------------------------------------------------------------------------\n\n## Lynis 2.6.9 (2018-09-19)\n\n### Changed\n- Man page has been updated\n- Command 'lynis show options' provides up-to-date list\n- Option '--dump-options' is deprecated\n- Several options and commands have been extended with more examples\n- OS detection now supports openSUSE specific distribution names\n- Changed command output when using 'lynis audit system remote'\n- DBS-1882 - added /usr/local/redis/etc path and QNAP support\n- PKGS-7322 - updated solution text\n- KRNL-5788 - ignore exception when no vmlinuz file was discovered\n- TIME-3104 - extended logging for test\n\n---------------------------------------------------------------------------------\n\n## Lynis 2.6.8 (2018-08-23)\n\n### Changed\n- BOOT-5104 - improved parsing of boot parameters to init process\n- PHP-2372 - test all PHP files for expose_php and improved logging\n- Alpine Linux detection for Docker audit\n- Docker check now tests also for CMD, ENTRYPOINT, and USER configuration\n- Improved display in Docker output for showing which keys are used for signing\n\n---------------------------------------------------------------------------------\n\n## Lynis 2.6.7 (2018-08-09)\n\n### Changed\n- BOOT-5104 - Added busybox as a service manager\n- KRNL-5677 - Limit PAE and no-execute test to AMD64 hardware only\n- LOGG-2190 - Ignore /dev/zero and /dev/[aio] as deleted files\n- SSH-7408 - Changed classification of SSH root login with keys\n- Docker scan uses new format for maintainer value\n- New URL structure on CISOfy website implemented for Lynis controls\n\n---------------------------------------------------------------------------------\n\n## Lynis 2.6.6 (2018-07-06)\n\n### Changed\n* New format of changelog (https://keepachangelog.com/en/1.0.0/)\n* KRNL-5830 - Improved log text about running kernel version\n\n### Fixed\n* Under some condition no hostid2 value was reported\n* Solved 'extra operand' issue with tr command\n\n---------------------------------------------------------------------------------\n\nLynis 2.6.5 (2018-06-26)\n\nTests:\n------\n\n* [MAIL-8804] - Exim configuration test\n* [NETW-2704] - Use FQDN to test status of a nameserver instead of own IP address\n* [SSH-7402] - Improved test to allow configurations with a Match block\n\n---------------------------------------------------------------------------------\n\nLynis 2.6.4 (2018-05-02)\n\nChanges:\n--------\n* Several contributions merged, including grammar improvements\n* Initial support for Ubuntu 18.04 LTS\n* Small enhancements for usage\n\nTests:\n------\n* [AUTH-9308] - Made 'sulogin' more generic for systemd rescue shell\n* [DNS-1600] - Initial work on DNSSEC validation testing\n* [NETW-2704] - Added support for local resolver 127.0.0.53\n* [PHP-2379] - Suhosin test disabled\n* [SSH-7408] - Removed 'DELAYED' from OpenSSH Compression setting\n* [TIME-3160] - Improvements to detect step-tickers file and entries\n\n---------------------------------------------------------------------------------\n\nLynis 2.6.3 (2018-03-07)\n\nChanges:\n--------\n* Change in routine for host identifiers\n\nTests:\n------\n* [CRYP-7902] - Do prevalidation for certificates before testing them\n* [HRDN-7222] - Enhanced compiler permission test\n* [NAME-4402] - Improved test to filter out empty lines\n* [PKGS-7384] - Changes to detect yum-utils package and related tooling\n\nPlugins:\n--------\n* [PLGN-2680] - cron file permissions\n\n---------------------------------------------------------------------------------\n\nLynis 2.6.2 (2018-02-13)\n\nChanges:\n--------\n* Bugfix for Arch Linux (binary detection)\n* Textual changes for several tests\n* Update of tests database\n\n---------------------------------------------------------------------------------\n\nLynis 2.6.1 (2018-01-26)\n\nChanges:\n--------\n* Tests can have more than 1 required OS (e.g. Linux OR NetBSD)\n* Added 'system-groups' option to profile (Enterprise users)\n* Overhaul of default profile and migrate to new style (setting=value)\n* Show warning if old profile options are used\n* Improved detection of binaries\n* New group 'usb' for tests related to USB devices\n\nTests:\n------\n* [FILE-6363] - New test for /var/tmp (sticky bit)\n* [MAIL-8802] - Added exim4 process name to improve detection of Exim\n* [NETW-3030] - Changed name of dhcp client name process and added udhcpc\n* [SSH-7408] - Restored UsePrivilegeSeparation\n* [TIME-3170] - Added chrony configuration file for NetBSD\n\n---------------------------------------------------------------------------------\n\nLynis 2.6.0 (2018-01-18)\n\nChanges:\n--------\n* Binary paths are now sorted\n* Greek language added\n* systemd detection improved\n* VirtualBox detection extended\n* Several code enhancements\n\nTests:\n------\n* [PHP-2379] - Small enhancement to resolve error on screen in some cases\n* [MALW-3280] - Improved detection for BitDefender tooling\n\n---------------------------------------------------------------------------------\n\nLynis 2.5.9 (2018-01-12)\n\nChanges:\n--------\n* Don't show upgrade notice when being quiet/silent\n* Added --noplugins as an alias to skip execution of plugins\n* Use PATH variable for path detection, with predefined list as a backup\n\nTests:\n------\n* [KRNL-6000] - Multiple values are now allowed per sysctl key\n* [KRNL-6000] - Individual tests can be skipped (skip-test=KRNL-6000:)\n* [KRNL-6000] - Solution text has been added\n\n---------------------------------------------------------------------------------\n\nLynis 2.5.8 (2017-12-28)\n\nChanges:\n--------\n* Check for empty files improved on several locations\n* New allow-auto-purge setting in profile for short-lived systems\n* Additional checks for log and report file\n* Changes to support time synchronization in old and newer systemd releases\n* Enhanced output for systems other than Linux\n\nPlugins:\n--------\n* New class (hardware) added and enabled in default profile\n\n---------------------------------------------------------------------------------\n\nLynis 2.5.7 (2017-10-29)\n\nChanges:\n--------\n* Update of Portuguese translation\n* Added --silent as alias for --quiet\n* Reduced screen output when running non-privileged\n* IsRunning function now allows full name process match\n\n---------------------------------------------------------------------------------\n\nLynis 2.5.6 (2017-10-27)\n\nChanges:\n--------\n* Added additional keywords for banners\n* DirectAdmin extensions\n* Enhancements to process detection\n* Spanish translation extended\n* Extended HP-UX support\n* Only show relevant messages in report\n\nTests:\n------\n* [NETW-2705] - Allow local resolvers to bypass requirement for 2+ name servers\n* [SSH-7408] - Define default 'delayed' compression as a sane value for SSH tests\n* [SHLL-6220] - Improved detection of shell settings\n\n---------------------------------------------------------------------------------\n\nLynis 2.5.5 (2017-09-07)\n\nChanges:\n--------\n* Minor release to solve errors on screen\n\nTests:\n------\n* CRYP-7902 - certificate validation changed\n\n---------------------------------------------------------------------------------\n\nLynis 2.5.4 (2017-09-05)\n\nChanges:\n--------\n* Improve systemd detection\n* Detect Linux Mint version\n* Older versions of Mac OS X are detected as well\n* Norwegian translation added\n* PAM plugin extended\n\nTests:\n------\n* CRYP-7902 - certificate validation changed\n* FIRE-4508 - Improved screen output\n* PKGS-7380 - NetBSD vulnerability detection adjusted\n* TOOL-5002 - Improved detection of Ansible directories and files\n\n---------------------------------------------------------------------------------\n\nLynis 2.5.3 (2017-08-17)\n\nChanges:\n--------\n* DirectAdmin location added\n* Small adjustments to text\n* Enhanced detection for LXC and LXC\n* Added /opt/apache as a target location\n* Default log directory set for HP-UX\n* Screen output improvements\n\nTests:\n------\n* CRYP-7902 - Prevent test from showing error on screen\n* FILE-6310 - Detection of mount point now match exact name\n* HRDN-7230 - Show single line when no malware scanner was detected\n* NETW-3006 - Updated detection of MAC addresses on Linux\n* PKGS-2379 - Improvement for OpenBSD usage of PHP suhosin\n* TOOL-5002 - Detection capabilities for Ansible added\n\n---------------------------------------------------------------------------------\n\nLynis 2.5.2 (2017-07-10)\n\nChanges:\n--------\n- Support for PHP on CloudLinux\n- Check for presence of locale binary\n- Suhosin detection improvements\n- Generic code improvements\n- Changed 'lynis audit system remote' routine\n- Support for macOS High Sierra\n- French translation updated\n\nLynis Enterprise:\n-----------------\n- Allow 'tags' and 'system-customer-name' to be specified via Lynis client\n\nTests:\n------\n* CONT-8102 - Check for dockerd instead of docker -d\n* FIRE-4594 - Check for presence Advanced Policy Firewall (APF)\n* PKGS-2379 - New test for PHP suhosin extension status\n* PKGS-7370 - Only use debsums on Debian\n* KRNL-6000 - Added kernel.dmesg_restrict testing\n\n---------------------------------------------------------------------------------\n\nLynis 2.5.1 (2017-05-31)\n\nChanges:\n--------\n- Hebrew translation by Dolev Farhi\n- Improved detection of SSL certificate files\n- Minor changes to improve logging and results\n\nTests:\n------\n* BOOT-5104 - Added support for macOS\n* FIRE-4524 - Determine if CSF is in testing mode\n* HTTP-6716 - Improved log message\n\n---------------------------------------------------------------------------------\n\nLynis 2.5.0 (2017-05-03)\n\nDuring the development of this release, the project got informed about a flaw\nthat possibly could be abused by a local attacker. Even with the small risk of\nsuccess, upgrading is highly recommended. See details on\n[CVE-2017-8108](https://cisofy.com/security/cve/cve-2017-8108/)\n\nThis release is a special maintenance release with focus on cleaning up the code\nfor readability and future expansion.\n\nChanges:\n--------\n* Use ROOTDIR variable instead of fixed paths\n* Introduction of IsEmpty and HasData functions for readability of code\n* Renamed some variables to better indicate their purpose (counting, data type)\n* Removal of unused code and comments\n* Deleted unused tests from database file\n* Correct levels of indentation\n* Support for older mac OS X versions (Lion and Mountain Lion)\n* Initialized variables for more binaries\n* Additional sysctls are tested\n\nTests:\n------\n* MALW-3280 - Extended test with Symantec components\n* PKGS-7332 - Detection of macOS ports tool and installed packages\n* TOOL-5120 - Snort detection\n* TOOL-5122 - Snort configuration file\n\n---------------------------------------------------------------------------------\n\nLynis 2.4.8 (2017-03-29)\n\nChanges:\n* More PHP paths added\n* Minor changes to text\n* Show atomic test in report\n\nTests:\n------\n* MAIL-8820 - New Postfix configuration check\n* TOOL-5002 - Extended Puppet detection\n\n---------------------------------------------------------------------------------\n\nLynis 2.4.7 (2017-03-22)\n\nChanges:\n* Minor code cleanups\n\nTests:\n------\n* BANN-7126 - Added more words to test for\n* CUPS-2308 - Improve logging for CUPS configuration test, removed exception handler\n* HTTP-6641 - Support detection for Apache module mod_reqtimeout\n* PKGS-7388 - Minor change to detect security repositories\n\n---------------------------------------------------------------------------------\n\nLynis 2.4.6 (2017-03-15)\n\nChanges:\n--------\n* Added FileInstalledByPackage function (dpkg and rpm supported)\n* Mark Arch Linux version as rolling release (instead of unknown)\n* Support for Manjaro Linux\n* Escape files when testing if they are readable\n* Code cleanups\n\nTests:\n------\n* CRYP-7902 - Test more certificates names, but only if they are not part of a package\n* FILE-7524 - Reduce standard screen output for file permissions check\n* MALW-3280 - Added Avira detection as a malware scanner\n* NAME-4018 - Only perform name services test when resolv.conf file exists\n* PKGS-7387 - Check all repositories if they use GPG signing\n* SCHD-7704 - Permission checks\n* TIME-3104 - Check permissions before open files\n\n---------------------------------------------------------------------------------\n\nLynis 2.4.5 (2017-03-09)\n\nChanges:\n--------\n* Allow host alias to be specified in profile\n* Code readability enhancements\n* Solaris support has been improved\n\nTests:\n------\n* AUTH-9328 - Add missing 0027 and 0077 umasks\n* BOOT-5104 - Add initsplash and minor code enhancements\n* DBS-1882 - Include Redis configuration file\n* FIRE-4502 - Improved detection for iptables modules when using OpenVZ\n* PKGS-7381 - Enhanced package audit for FreeBSD\n\n---------------------------------------------------------------------------------\n\nLynis 2.4.4 (2017-03-01)\n\nChanges:\n--------\n* Fix for upload function to be used from profile\n* Reduce screen output for mail section, unless --verbose is used\n* Code cleanups and removed 'update release' command\n\nTests:\n------\n* AUTH-9308 - Improved test for sulogin string (Debian systems)\n* FILE-6372 - Properly deal with comment on lines in /etc/fstab\n* MAIL-8817 - New test to check Postfix configuration for errors\n* SSH-7408 - Corrected SSH check\n\n---------------------------------------------------------------------------------\n\nLynis 2.4.3 (2017-02-22)\n\nChanges:\n--------\n* Colored output can now be tuned with profile (colors=yes/no)\n* Allow data upload to be set as a profile option\n\nTests:\n------\n* AUTH-9308 - Improved test for sulogin string\n* MAIL-8818 - Test if Linux version is known before comparing in Postfix banner\n* TIME-3116 - Skip stratum 16 items for time pools\n* TIME-3148 - New test to detect TZ variable\n\n---------------------------------------------------------------------------------\n\nLynis 2.4.2 (2017-02-15)\n\nChanges:\n--------\n* Properly detect SSH daemon version\n\nTests:\n------\n* AUTH-9208 - Removed double logging\n* AUTH-9222 - Improve logging for double groups\n* AUTH-9226 - Improve logging for double groups\n* BOOT-5177 - Sort systemctl unit files to make them unique\n* DBS-1818 - New test to detect MongoDB\n* DBS-1820 - New test for MongoDB authentication\n* FIRE-4512 - Lowered minimum number of iptables firewall rules\n* FIRE-4586 - Fix applied when searching for \"-j LOG\"\n* HRDN-7222 - Changed reporting key of world executable compilers\n* SSH-7408 - Added filtering for PermitRootLogin (prohibit-password, OpenSSH 7.0)\n\n---------------------------------------------------------------------------------\n\nLynis 2.4.1 (2017-02-09)\n\nChanges:\n--------\n* Generic code improvements\n* Improved the update check and display\n* Finish, Portuguese, and Turkish translation\n* Extended support and tests for DragonFlyBSD\n* Option to configure hostid and hostid2 in profile\n* Support for Trend Micro and Cylance (macOS)\n* Remove comments at end of nginx configuration\n* Used machine ID to create host ID when no SSH keys are available\n* Added detection of iptables-save to binaries\n\nTests:\n------\n* FIRE-4586 - Check logging for firewall components\n* KRNL-5788 - Remove exception and style improvements\n* KRNL-5830 - Improved logging\n\n---------------------------------------------------------------------------------\n\nLynis 2.4.0 (2016-10-27)\n\nExactly one month after previous release, the Lynis project is proud to announce\na new release. This release had the specific focus to improve support for macOS\nusers. Thanks to testers and contributors to make this possible.\n\nNew:\n----\n* New group \"system integrity\" added\n* Support for clamconf utility\n* Chinese translation (language=cn)\n* New command \"upload-only\" to upload just the data instead of a full audit\n* Enhanced support for macOS, including HostID2 generation for macOS\n* Support for CoreOS\n* Detection for pkg binary (FreeBSD)\n* New command: lynis show hostids (show host ID)\n* New command: lynis show environment (hardware, VM, or container type)\n* New command: lynis show os (show operating system details)\n\nChanges:\n--------\n* Several new sysctl values have been added to the default profile\n* Existing tests have been enhanced to support macOS\n\nTests:\n------\n* AUTH-9234 - Support for macOS user gathering\n* BOOT-5139 - Support for machine roles in LILO test\n* BOOT-5202 - Improve uptime detection for macOS and others\n* FIRE-4518 - Improve pf detection and mark as root-only test\n* FIRE-4530 - Don't show error on screen for missing IPFW sysctl key\n* FIRE-4534 - Check Little Snitch on macOS\n* INSE-8050 - Test for insecure services on macOS\n* MACF-6208 - Allow non-privileged execution and filter permission issues\n* MALW-3280 - Detection for Avast and Bitdefender daemon on macOS\n* NETW-3004 - Support for macOS\n* PKGS-7381 - Improve test for pkg audit on FreeBSD\n* TIME-3104 - Chrony support extended\n\nPlugins (community and commercial):\n-----------------------------------\n* PLGN-1430 - Gather installed software packages for macOS\n* PLGN-4602 - Support for Clam definition check on macOS\n\n---------------------------------------------------------------------------------\n\nLynis 2.3.4 (2016-09-27)\n\nChanges:\n--------\n* Skip update message when using the 'show' helper\n* Instead of opening the log file, you can now use 'lynis show details' followed\n by the test ID. It will show the relevant section.\n* Several tests have extended log details\n* Many style improvements as part of ongoing refactoring of the code\n* Detection of nftables improved\n* Replaced cut, sed, tr and others commands with binary variable (for forensics\n and future intrusion checking capabilities)\n* Swedish translation provided by Peter Carlsson\n* Support for arch-audit to scan for presence of vulnerable packages on Arch Linux\n* OS detection improved\n\nTests:\n------\n* CONT-8107 - New test checking number of Docker containers\n* CRYP-7902 - Gather more details regarding certificates\n* DBS-1816 - Define skip reason\n* FILE-6344 - Adjusted /proc test for hidepid option\n* FILE-6362 - Removed warning and add skip reason\n* FIRE-4520 - Change test to use detected binary\n* FIRE-4520 - New test to check for empty nftables ruleset\n* KRNL-5820 - Corrected function and style improvements\n* LOGG-2146 - Textual change\n* NAME-4408 - Check localhost to IP mapping\n* PKGS-7320 - Test for arch-audit tool\n* PKGS-7322 - Check vulnerable packages on Arch Linux\n* PKGS-7381 - Extended vulnerable package detection for FreeBSD\n* TIME-3104 - timedatectl test now detects NTP synchronization properly\n\n\n---------------------------------------------------------------------------------\n\nLynis 2.3.3 (2016-08-23)\n\n\nUpgrade note\n------------\nCustomized profiles that included sysctl settings need to be altered. See\ndefault.prf for the correct format of the lines.\n\n\nAdditions\n---------\n* OpenStack detection\n* Option to disable automatic refresh of software repository\n\n\nLanguages\n---------\n* Japanese translation added, contributed by Yukio Takahara\n\n\nFixes\n-----\n* Some tests did not show a warning text\n* Typo in man page for tests-from-group\n\n\nParameters\n----------\n* New --bin-dirs to define binary directories to scan\n* New option --root-dir to specify a different file system to scan\n\n\nNginx\n-----\n* Rewrite of configuration parsing\n\n\nPHP\n---\n* Support for PHP 5.6\n\n\nRedis\n-----\n* Redis test to detect configuration files\n* Test Redis configuration for several best practices\n* Perform permission check on Redis configuration files\n\n\nExperimental features (in development)\n--------------------------------------\n* --bin-dirs - set what directories should be scanned for binaries\n* --root-dir - define the root of the file system, to allow forensics\n\n\nSettings\n--------\n* Many settings have a new alias (with dashes instead underscores)\n* New setting 'show-report-solution' to show solution in report\n\n\nFunctions\n---------\n* ExitFatal can now exit program with optional text\n* IsNotebook can detect if system is a notebook (or not)\n* ShowSymlinkPath and FileIsReadable test for at least one argument\n* StoreNginxSettings will save parsed nginx configuration\n\n\nTests\n-----\n* BOOT-5108 - Support for Syslinux bootloader\n* DBS-1882 - Redis configuration detection\n* DBS-1884 - Redis 'requirepass' check\n* DBS-1886 - Redis 'rename-command CONFIG' check\n* DBS-1888 - Redis 'bind localhost' check\n* FILE-6374 - Improved logging\n* KRNL-5830 - Improved logging for detected Linux kernels\n* KRNL-6000 - Support for multiple profiles and new format style\n* LOGG-2190 - Ignore MySQL files in /tmp from early MySQL 5.x releases\n* LOGG-2192 - New test to check opened log files that are empty\n\nLynis Enterprise integration\n----------------------------\n* Tag 'redis-server' is added for systems running Redis\n\n\n---------------------------------------------------------------------------------\n\nLynis 2.3.2 (2016-08-09)\n\n\nCategories and Groups\n---------------------\nTests are now grouped by their focus area and named 'groups' accordingly.\nBesides groups, each test will belong to a category (performance, privacy, or\nsecurity).\n\nCommands: lynis show categories, lynis show groups\nOptions: --tests-from-category, --tests-from-group\n\nNote: You might need to change your scripts if you previously defined the group\nof tests to scan.\n\n\nDevelopment\n\n-----------\nA new 'strict' option is available in the profiles and by default enabled for\nthe initialization phases of Lynis. It will perform a strict code check for the\ntests, to detect any uninitialized variables, improving code quality.\n\n\nHelpers\n-------\nWith 'lynis update check' you can now check for updates. This is the preferred\nnew method.\n\nThe command 'lynis show changelog' allows reviewing the changes. Optionally a\nrelease can be specified as additional argument.\n\n\nLanguages\n---------\nInitial translation for German has been contributed by Kai Raven. The Italian\ntranslation by Stefano Marty (stefanomarty). Hungarian translation by Zoltan\nPaldi (paldiz)\n\n\nProfiles\n--------\nParsing of the profiles has been improved, which prevented some settings from\noverriding default settings.\n\nTests\n------\n* AUTH-9212 - Added prerequisite to log\n* AUTH-9216 - Simplified test and make it more efficient\n* AUTH-9218 - Clean ups and improve readability\n* AUTH-9226 - Style, text, and removed warning\n* AUTH-9228 - Provide just a suggestion instead of warning\n* AUTH-9268 - Improve test for readability\n* AUTH-9328 - Test /etc/profile.d for umask setting\n* AUTH-9406 - Readability and code style changes\n* CONT-8102 - Determine if all Docker tests should be performed\n* DBS-1880 - Initial support for Redis server\n* HTTP-6720 - Readability improvement of test\n* KRNL-5830 - Readability and style improvements, ignore rescue images\n* MAIL-8818 - Style and refactoring\n* PHP-2211 - Readability improvement and code style changes\n* PHP-2374 - Changed text and cleanups\n* PHP-2376 - Log result to log file instead of report\n* PKGS-7383 - Simplified test\n* PKGS-7388 - Style and readability improvements\n* TIME-3106 - Corrected string to test for status\n* TOOL-5102 - Split of fail2ban tests\n* TOOL-5104 - Test for enabled fail2ban jails\n\n\nLanguages\n---------\nTranslation of Spanish (es) added\nProper display of text strings when accented characters are used\nMore text strings added\n\n\nGeneral\n-------\n* Added bold and header as new colors\n* Changed header and footer of screen output\n* Allow atomic tests to be skipped (e.g. SSH-7408)\n* Extended tests database with category (lynis show tests)\n* By default Lynis will now run in 'quick mode' and not break after each\nsection. You can get this behavior by adding the --wait option.\n\n\nFunctions\n---------\n* RemoveColors - New test to clear colors\n* DisplayError - Display error on screen in uniform format and colors\n Use an optional exit code to quit the program\n* SkipAtomicTest - This function is now properly working with lowercase strings\n\n\nWebsite\n-------\nSeveral controls on the website are added or updated, including:\n* FILE-6344\n* FINT-4315\n* FINT-4402\n* HTTP-6714\n* MACF-6234\n* NAME-4018\n* NAME-4402\n* PHP-2374\n* PROC-3612\n* TIME-3106\n\n---------------------------------------------------------------------------------\n\n\nLynis 2.3.1 (2016-07-14)\n-----------------------------------------------\n\nThis is a minor patch to improve upon findings in version 2.3.0.\n\nChanges:\n- Convert all skipped tests to uppercase\n- Only add license key when it is defined\n- Updated French translation\n- Exclude custom.prf from tarball (download via website)\n\n\n--------------------------------------------------------------\n\n\nLynis 2.3.0 (2016-07-13)\n-----------------------------------------------\n\nWe are excited to announce this major release of auditing tool Lynis. Several big\nchanges have been made to core functions of Lynis. These changes are the next of\nsimplification improvements we made. There is a risk of breaking your existing\nconfiguration. See the tips below to upgrade.\n\nThis release will soon also be available in our software repository. For more\ndetails see https://packages.cisofy.com to install and upgrade Lynis.\n\n\nUpgrade tips\n============\n\nDefault profile and custom profiles:\nSettings of multiple profiles can now be merged. Instead of making changes to\ndefault.prf, copy your changes to custom.prf. Use 'lynis show profiles' to show\nany detected profiles. Only include your changes in custom.prf, to keep the\nconfiguration clean and tidy. They will then overwrite the defaults. Use\n'lynis show settings' to see if they are applied.\n\nCheck your cron jobs:\nWhen using --quiet, the output will be really quiet now. Use --show-warnings-only\nif you still want to see the warnings. Lynis will now exit with error 0, even\nwhen warnings have been found. Use option error-on-warnings=yes (custom.prf) to\nexit with code 78 when it has any warnings.\n\n\nDetails\n=======\n\nAnsible\n-------\nNew Ansible examples for deployment: https://github.com/CISOfy/lynis-ansible\n\n\nDatabases\n---------\nLynis will check also for DB2 instances and report the status.\n\n\nDeveloper Mode\n--------------\nWith this release the developer mode is introduced. It can be activated with the\n--developer option, or developer-mode=yes in profile. In development mode, some\ndetails are displayed on screen, to help testing of existing or new tests.\n\nTo get easy access, a new profile has been added (developer.prf).\n\nExamples:\nlynis audit system --profile developer.prf\nlynis audit system --developer\n\nA new software development kit (SDK) for Lynis is available on GitHub. This will\nhelp contributors and developers to test software quality, including linting and\nrunning unit tests. The devkit also supports building DEB and RPM files for easy\ndeployment. The repository can be found on https://github.com/CISOfy/lynis-sdk\n\n\nDocumentation\n-------------\nTemplate files have been updated to provide better examples on how to create\ncustom tests and plugins.\n\nTo simplify the usage of Lynis, a new helper utility has been added: show.\nThis helper will show help, or values (e.g. version, plugin directories, etc).\nSome examples include: lynis show options, lynis show commands, lynis show\nversion, etc. See lynis show for all available details.\n\n\nFile Systems\n------------\nThe XFS file system detection has been added. Mount points /dev/shm and /var/tmp\nare now checked for their options. Comparison of the mount options has been\nimproved. A new test has been added to check if /var/tmp has been bound to /tmp.\n\n\nLanguage Support\n----------------\nLynis now supports language translations, with the language profile option.\nInitial languages: Dutch (nl), English (en), French (fr).\n\nYou can help by translating the language files in the db directory.\n\n\nMac OS X Improvements\n---------------------\nPackage manager Brew has been added\n\n\nnginx\n-----\nShow suggestion when weak protocol is used, like SSLv2 or SSLv3. The protocols\nare now also parsed and stored as details in the report file.\n\n\nPackages\n--------\nSystems running CentOS, Debian, openSUSE, RHEL, Ubuntu and others, may now use\nour own software repository: https://packages.cisofy.com\n\nPerformance\n-----------\nSeveral performance improvements have been implemented. This includes rewriting\ntests to invoke less commands and enhanced hardware detection at the beginning.\n\n\nPlugins\n-------\nYou can set the plugin directory now also via a profile. First match wins.\nPriority: 1) argument, 2) profile, 3) default\n\n--plugindir is now an alias for --plugin-dir\n\n\nProfiles\n--------\nLynis now support multiple profiles. By using a file 'custom.prf', it allows to\ninherit values first from default.prf, then merge it with custom.prf.\n\nSeveral tests have been altered to support multiple profiles.\n\nNew profile options:\n quick=yes|no (similar to --quick)\n developer (see Developer section)\n check-value\n\n\nRemote scanning\n---------------\nAlthough Lynis is a aimed on running on local hosts, there is still an ongoing\ndemand for running remote scans. With 'lynis audit system remote' tips are now\nprovides to perform such a scan via SSH.\n\n\nSoftware\n--------\nZypper calls are now marked with a non-interactive flag to prevent it waiting for\nany interactive input.\n\n\nSolaris\n-------\nImprove execution for Solaris systems.\n\n\nSSH\n---\nThe configuration of SSH is now parsed from the SSH daemon directly. This enables\nhandling with new defaults more easily, as OpenSSH sometimes introduces new keys,\nor change their default value between versions.\n\n\nSystemd\n-------\nAdded support for detecting systemd and reporting it as a service manager. The\nsystemd plugin has been released as a community plugin.\n\n\nUploads\n-------\nSolved a bug which added the proxy configuration twice.\n\nProfile options: upload-tool and upload-tool-arguments\n\n\nGeneral Improvements\n--------------------\nThe screen output has been improved, to show more meaningful things when some\nparameters are missing. Several old variables and lines have been cleaned up.\n\nThe Display function now allows the --debug flag. This helps in showing some\nlines on screen, which would normally be hidden (e.g. items not found or\nmatched).\n\nLogging has been improved in different areas, like cleaning up and add more\nrelevant messages where needed.\n\nThe interface colors have been changed, to make it more obvious how the software\ncan be used. Also the wait line between categories have been altered, to properly\ndisplay on systems with a white background.\n\nWhen no auditor name has been specified, it will say that instead of unknown.\n\nFunctions file has been cleaned up, including adding developer debug information\nwhen old functions are still be used. Later on these functions will be deleted,\nand therefore placed at the bottom.\n\n\nProgram Options\n---------------\n* --developer - Enable developer mode\n* --verbose - Show more details on screen, reduce in normal mode\n* --show-warnings-only - Only show warnings on screen\n* --skip-plugins - Disable running any plugins (alias: --no-plugins)\n* --quiet - Changed: become really quiet\n* --config - Removed: use 'lynis show profiles' instead\n\n\nFunctions\n---------\n* AddSetting - New function to store settings (lynis show settings)\n* ContainsString - New function to search for a string in another one\n* Display - Added --debug, showing details on screen in debug mode\n - Reset indentation for lines which are too long\n* DisplayToolTip - New function to display tooltips\n* IsDebug - Check for usage of --debug\n* IsDeveloperMode - Status for development and debugging (--developer)\n* IsDeveloperVersion - Check if release is still under development\n* IsRunning - Added return state\n* IsVerbose - Check for usage of --verbose\n* IsOwnedByRoot - Check ownership of files and directories\n* IsWorldWritable - Improved test with additional details\n* PortIsListening - Check if a service it listening to a specified port\n* SkipAtomicTest - Allow smaller tests to be skipped (e.g. SSH-7408)\n\n\nTests\n-----\n* AUTH-9234 - Test for minimal UID in /etc/login.defs when available\n* AUTH-9254 - Allow allow root to use this test, due to permissions\n* AUTH-9262 - Restructure of test, support for pwquality PAM\n* AUTH-9288 - Only check for accounts which have a maximum password age set\n* AUTH-9308 - Check for systemd targets\n* BANN-7119 - /etc/motd test disabled\n* BANN-7122 - /motd content test disabled\n* BOOT-5122 - Extended GRUB password check\n* BOOT-5184 - Improve file permissions check for CentOS 7 machines\n* DBS-1860 - Check for status of DB2\n* CRYP-7902 - Improved logging\n* FILE-6354 - Restrict searching in /tmp to mount point only\n* FILE-6372 - Properly checking for /etc/fstab now, ignore comments\n* FILE-6374 - Added /dev/shm and /var/tmp\n* FILE-6374 - New test for /var/tmp\n* FILE-6430 - New test for detecting specific filesystems\n* FILE-7524 - Support for multiple profiles\n* HTTP-6632 - Fix for proper detection of Apache modules\n* HTTP-6642 - Test disabled\n* HTTP-6710 - Trigger suggestion when weak protocols SSLv2/SSLv3 are used\n* KRNL-5788 - Support for kernel with grsecurity patches (linux-image-grsec)\n* KRNL-5820 - Improved logging for test\n* KRNL-6000 - Allow multiple profiles to be used, store more details\n* LOGG-2190 - Improvements for Fail2Ban and cron-related files\n* NETW-3014 - Support for multiple profiles\n* PKGS-7303 - Added Brew package manager\n* PKGS-7354 - Test for DNF repoquery plugin before using it\n* PKGS-7381 - Check for vuln.xml file\n* PRNT-2306 - Check if files are readable before parsing them\n* PROC-3612 - Removed wchan output to prevent grsecurity issues\n* SCHD-7702 - Test for running cron daemon\n* SCHD-7704 - Test ownership of cronjob files\n* SSH-7408 - Show weak configurations of SSH on screen as a suggestion\n* TOOL-5102 - Test for Fail2ban tooling\n* TOOL-5190 - Test for intrusion detection or prevention system\n\n\nPlugins\n-------\n* PLGN-1602 - Marked as root-only\n* PLGN-2612 - Marked as root-only\n* PLGN-2804 - Marked as root-only\n* PLGN-3202 - Marked as root-only\n\n\n--------------------------------------------------------------\n\nLynis 2.2.0 (2016-03-18)\n\nWe are proud to present this new release of Lynis. It is a major upgrade, and the\nresult of many months of work. This version includes new features and tests, and\nmany small enhancements. We encourage all to test and upgrade to this latest\nrelease.\n\n* Highlights\n------------\nThe biggest change in this release is the optimization of several functions. It\nallows for better detection, and dealing with the quirks, of every single\noperating system. Some functions were fortified to handle unexpected results\nbetter, like missing a particular binary, or not returning the hostname.\n\nThis release also enables tests to be shorter, by adding new functions. Some\nfunctions were renamed or slightly changed, to provide more value to the tooling.\nAnother big change in this release is a wide set of optimizations and quality\ntesting. Outdated pieces were removed, or rewritten, to support features seen in\nnewer distributions.\n\nIn the area of compliance, adjustments have been made to start supporting more\nin-depth testing for this. Ideal for companies who have a particular compliance\nneed, or want to test and enforce the system hardening levels of their systems.\n\nLast but not least, many small changes make this software easier to use. On\nour website we added new guides to provide help and support.\n\nWe like to thank our contributors, in particular Kamil Boratyński, Steve Bosek,\nand Eric Light. Their contributions helped us greatly shaping this release.\n\n\nBelow are the changes per category:\n\n* Automation tools\n------------------\nDetection for CFEngine has been improved. Also additional logging and reporting\nof automation tools.\n\n* Authentication\n----------------\nDepending on the operating system, Lynis now tries to determine if failed logins\nare properly logged. This includes checking for /etc/login.defs file [AUTH-9408].\nMerged previous password check for Solaris into test AUTH-9228. User ids on AIX\nwill be gathered and added to the report [AUTH-9234].\n\nNew plugin is introduced to analyze PAM settings. It including items like:\n\n- Two-factor authentication methods\n- Minimum password length, password strength and protection status against brute\n force cracking\n- Password history\n\nReport option: auth_failed_logins_logged\n\n* Boot\n------\nAdded detection for Mac OSX boot loader. Initial support to test UEFI settings,\nincluding Secure Boot option. Options boot_uefi_booted and\nboot_uefi_booted_secure added to report file\n\n* Compliance\n------------\nThis release prepares for upcoming extensions to assist with compliance testing.\nThe profile has a new option, which can be used to define what standards should\nbe tested for, if any test is available. The related option is:\ncompliance_standards\n\nRight now these standards can be selected:\n- CIS benchmarks\n- HIPAA\n- ISO27001/ISO27002\n- PCI DSS\n\nNote that additional tests will be implemented in future releases and then tagged\nto these particular standards.\n\n* DNS and Name services\n-----------------------\nSupport added for Unbound DNS caching tool [NAME-4034], including a configuration\ncheck [NAME-4036].\n\nRecord if a name caching utility is being used like nscd or Unbound. Also logging\nto report as field name_cache_used\n\n* Firewalls\n-----------\nTest for IPFW firewall on FreeBSD has been improved: status of pflogd will no\nlonger be displayed, when pf is not available.\n\nNew test FIRE-4532 introduced for detection of the Mac OS X application firewall.\nAlso, the status of application firewalls is audited now.\n\nFIRE-4508 is another new test, which tests chains of iptables and their default\npolicy (ACCEPT or DROP). This release also supports the upcoming nftables\ntechnology with new test FIRE-4536. It is expected that it will replace iptables\nlater on, so this test will perform a status check. Additional FIRE-4548 will\nperform a version detection of the userland utility nft and determine if there\nare any rules configured.\n\nRenamed FIRE-4511 to FIRE-4502.\n\n* File Integrity Monitoring\n---------------------------\nTest added to include osqueryd as a supported tool.\n\n* Hardware\n----------\nDetection of firewire is enhanced (both ohci and core detected).\n\n* Logging\n---------\nExtended the test syslog-ng logging to remote systems. The log Lynis itself\nproduces is also enhanced, to be more detailed for several tests.\n\n* Malware\n---------\nESET and LMD (Linux Malware Detect) have been added. Discovered malware scanners\nare also logged to the report.\n\n* Mount points\n--------------\nFILE-6374 is expanded to test for multiple common mount points and define best\npractice mount flags.\n\n* Networking\n------------\nBest practices for IPv6 configuration on Linux are now collected. Also network\ninterface names from most operating systems.\n\n* Operating systems\n-------------------\nImproved support for Debian 8 systems, and displaying Gentoo for Gentoo-based\nsystems. Detection of VMware release has been added. Boot loader exception is not\nlonger displayed when only a subset of tests is performed. FreeBSD systems can\nnow use service command to gather information about enabled services.\n\nSeveral paths have been added to allow better detection on systems running\nFreeBSD and others.\n\n* Passwords\n-----------\nAUTH-9286 change has been extended to both capture minimum and password age.\n\n* Proxy support\n---------------\nA proxy can now be specified in the profile, to allow uploads via a HTTP or SOCKS\nproxy.\n\n* Service Managers\n------------------\nSystemV init is now detected.\n\n* Software and Packages\n-----------------------\nNow information will be logged when vulnerable software packages were found.\nSupport for DNF (Dandified YUM) for Fedora systems has been added. This is done\nin several tests: PKGS-7350 (installed packages), PKGS-7352 (security notices),\nPKGS-7354 (integrity tests).\n\n* SSH\n-----\nMultiple configuration tests of SSH are now merged into SSH-7408. This enables\neasier testing later on and reduces repetition.\n\n* Virtual machines and Containers\n---------------------------------\nDetection of virtual machines has been extended in several ways. Now VMware tools\n(vmtoolsd) are detected and machine state is improved with tools like Puppet\nFacter, dmidecode, and lscpu. Properly detect Docker on CoreOS systems, where it\nbefore gave error as it found directory /usr/libexec/docker. Check file\npermissions for Docker files, like the socket file [CONT-8108].\n\n* Individual tests\n------------------\n[AUTH-9204] Exclude NIS entries to avoid false positives\n[AUTH-9230] Removed test as it was merged into AUTH-9228\n[AUTH-9234] Support for AIX added\n[AUTH-9288] Test for expired passwords\n[AUTH-9328] Show correct message when no umask is found in /etc/profile. It also\n includes improved logging, and support for other operating systems.\n[BOOT-5104] Rewrote test to detect SysV init and other service managers\n[BOOT-5106] New test to test boot loader on Mac OS X\n[BOOT-5180] Only gets executed if runlevel 2 is found\n[CONT-8108] New test to test for Docker file permissions\n[DBS-1816] Removed suggestion\n[FILE-6310] Add more details to test when a symlinked path has been found\n[FILE-6410] Added /var/lib/locatedb as search path\n[FINT-4338] Added osquery test\n[FIRE-4508] Added chains test for iptables\n[FIRE-4511] Renamed to FIRE-4502\n[FIRE-4536] Support for nftables detection\n[FIRE-4538] Basic configuration check for for nftables\n[HOME-9310] Use POSIX compatible flags to avoid errors on BusyBox\n[HTTP-6622] Determine Apache version and log to report\n[HTTP-6624] Ignore wildcard and default entries as ServerName for Apache\n[LOGG-2154] Additional support for log destinations for syslog-ng\n[MALW-3278] New test to detect LMD (Linux Malware Detect)\n[NAME-4406] Changed logic for localhost check and more detailed logging\n[NETW-2600] IPv6 configuration check for Linux\n[NETW-3032] Added ARP monitoring software test\n[PKGS-7308] Split package name and version for RPM based package manager\n[PKGS-7350] Support for installed packages via Fedora DNF package manager (Dandified YUM)\n[PKGS-7352] Query security notices for DNF\n[PKGS-7354] Perform integrity tests for package database (DNF)\n[SHLL-6230] Test for umask values in shell configuration files (e.g. rc files)\n[STRG-1842] New test for checking authorized USB devices\n[TIME-3104] Show only suggestion on FreeBSD systems if ntpdate is configured\n[TIME-3170] New test to check NTP configuration files\n\n* Functions\n-----------\n[CreateTempFile] Create a temporary file\n[DigitsOnly] New function to extract only numbers from a text string\n[DisplayManual] New function to show text on screen without any markup\n[ExitCustom] New function to allow program to exit with a different exit code, depending on outcome\n[GetHostID] If no MAC address is found, use SSH keys for creation of a host identifier\n[IsWordWritable] Changed return codes for easier usage of the function\n[LogText] Replaces the older logtext function\n[RandomString] Creates a random string of characters\n[RemoveTempFiles] Remove any created temporary files\n[Report] Replaces the older report function\n[ReportSuggestion] Allows two additional parameters to store details\n (text and external reference to a solution)\n[ReportWarning] Like ReportSuggestion() has additional parameters\n[ShowComplianceFinding] Display compliance findings\n[ShowSymlinkPath] Ensure readlink is available\n\n* General improvements\n----------------------\n- When using pentest mode, it will continue without any delays (=quick mode).\n- Plugins execution is improved, with improved logged and counting of active\n plugins.\n- Data uploads: provide help when self-signed certificates are used.\n- Improved output for tests which before showed results as a warning, instead of\n just as a suggestion.\n- Lynis now uses different exit codes, depending on errors or finding warnings.\n This helps with automation and any custom scripting you want to apply.\n- Preparations to allow compressing the Lynis report file and enhance uploads.\n- Added --config option to show what settings file or profile is used.\n- Tool tips are displayed, to make Lynis even easier to use.\n- Show a warning if the release is older than four months.\n- PID file has additional checks, including cleanups.\n\n\n* Plugins\n---------\n[PAM] New plugin available in all versions of Lynis\n[PLGN-2602] Replaced mktemp commands with CreateTempFile function\n[PLGN-2804] Limit report output of EXT file systems to 1 item per line\n\n--------------------------------------------------------------\n\nLynis 2.1.1 (2015-07-22)\n\nThis release adds a lot of improvements, with focus on performance, and\nadditional support for common Linux distributions and external utilities.\nWe recommend to use this latest version.\n\n* Operating system enhancements\n-------------------------------\nSupport for systems like CentOS, openSUSE, Slackware is improved.\n\n* Performance\n-------------\nPerformance tuning has been applied, to speed up execution of the audit on\nsystems with many files. This also includes code cleanups.\n\n* Automatic updates\n-------------------\nInitial work on an automatic updater has been implemented. This way Lynis\ncan be scheduled for automatic updating from a trusted source.\n\n* Internal functions\n--------------------\nNot all systems have readlink, or the -f option of readlink. The\nShowSymlinkPath function has been extended with a Python based check, which\nis often available.\n\n* Software support\n------------------\nApache module directory /usr/lib64/apache has been added, which is used on\nopenSUSE.\n\nSupport for Chef has been added.\n\nAdded tests for CSF's lfd utility for integrity monitoring on directories and\nfiles. Related tests are FINT-4334 and FINT-4336.\n\nAdded support for Chrony time daemon and timesync daemon. Additionally NTP\nsynchronization status is checked when it is enabled.\n\nImproved single user mode protection on the rescue.service file.\n\n* Other\n-------\nCheck for user permissions has been extended.\nPython binary is now detected, to help with symlink detection.\nSeveral new legal terms have been added, which are used for usage in banners.\nIn several files old tests have been removed, to further clean up the code.\n\n* Bug fixes\n---------\nNginx test showed error when access_log had multiple parameters.\nTests using locate won't be performed if not present.\nFix false positive match on Squid unsafe ports [SQD-3624].\nThe hardening index is now also inserted into the report if it is not displayed\non screen.\n\n* Functions\n---------\nAdded AddSystemGroup function\n\n* New tests\n---------\nSeveral new tests have been added:\n* [PKGS-7366] Scan for debsecan utility on Debian systems\n* [PKGS-7410] Determine amount of installed kernel packages\n* [TIME-3106] Check synchronization status of NTP on systemd based systems\n* [CONT-8102] Docker daemon status and gather basic details\n* [CONT-8104] Check docker info for any Docker warnings\n* [CONT-8106] Check total, running and unused Docker containers\n\n* Plugins\n---------\n* [PLGN-2602] Disabled by default, as it may be too slow for some machines\n* [PLGN-3002] Extended with /sbin/nologin\n\n* Documentation\n---------------\nA new document has been created to help with the process of upgrading Lynis.\nIt is available at https://cisofy.com/documentation/lynis/upgrading/\n\n--------------------------------------------------------------\n\n\nLynis 2.1.0 (2015-04-16)\n\n* General\n---------\nScreen output has been improved to provide additional information.\n\n* OS support\n------------\nCUPS detection on Mac OS has been improved. AIX systems will now use csum\nutility to create host ID. Group check have been altered on AIX, to include\nthe -n ALL. Core dump check on Linux is extended to check for actual values\nas well.\n\n* Software\n----------\nMcAfee detection has been extended by detecting a running cma binary.\nImproved detection of pf firewall on BSD and Mac OS. Security patch checking\nwith zypper extended.\n\n* Session timeout\n-----------------\nTests to determine shell time out setting have been extended to account for\nAIX, HP-UX and other platforms. It will now determine also if variable is\nexported as a readonly variable. Related compliance section PCI DSS 8.1.8\nhas been extended.\n\n* Documentation\n---------------\n- New document: Getting started with Lynis\n https://cisofy.com/documentation/lynis/get-started/\n\n* Plugins (Enterprise)\n----------------------\n- Update to file integrity plugin\n Changes to PLGN-2606 (capabilities check)\n\nNew configuration plugins:\n* PLGN-4802 (SSH settings)\n* PLGN-4804 (login.defs)\n\nDownload link: https://cisofy.com/download/lynis/\n\n--------------------------------------------------------------\n\n\nLynis 2.0.0 (2015-02-25)\n\n\nThe first release within the 2.x branch! It includes several new features, to\nsimplify or improve auditing on Unix based systems, including BSD, Linux,\nMac OS and more traditional systems like AIX, HPUX and Solaris.\n\nNew features and many improvements are the reason for the bump to a major\nrelease, also a beginning of a new era. Many tools to audit or harden systems\nhave being released, yet none have been maintained over a long period of time.\n\nLynis Support and Feedback\n--------------------------\nThis software is supported and under development by CISOfy. By providing a\ndual license, this software is kept up-to-date and enhanced. Both customers\nand the community, benefit from this licensing. This release is available\nthanks to your input and feedback.\n\nLynis Helpers\n-------------\nNew in this release is the support for helpers. Small utilities which enhance\nLynis by providing a single goal. The first helper available is to audit\nDocker build files.\n\nLynis Improved OS support\n-------------------------\nMany changes have been implemented to better support Linux, FreeBSD, NetBSD\nDragonBSD and OpenBSD in particular. Upcoming releases will include smaller\n\"improvement rounds\" for other systems as well.\n\nLynis New technologies\n----------------------\nMore utilities and technologies are supported now. Technologies and tools\nlike systemd, Docker, nftables.\n\nLynis Lynis Enterprise\n----------------------\nAs this code is shared, customers have an additional option to define to\nwhat server they want to upload the audit results. Also, commercial plugins\nhave been bundled.\n\nLynis New parameters\n--------------------\nSeveral new options have been added:\n* --dump-options (see all options)\n* --report-file (define a different location for the report file)\n\nLynis General\n-------------\nDocumentation on the website has been extended: https://cisofy.com/support/\nThe man page, Lynis binary and several tests have improved texts.\n\nThis release is exceptional in that it includes many changes. We have done\na lot of testing on different platforms. You could expect this software to be\nstable. Still, an assumption is no guarantee and especially no substitution\nfor testing in your own environment. If you encounter issues, please report\nthem via one of the links above in this changelog.\n\n\nEnjoy this new release!\n\n\n================================================================================\n\nLynis 1.6.4 (2014-11-04)\n\nNew:\n- Boot loader detection for AIX [BOOT-5102]\n- Detection of getcap and lsvg binary\n- Added filesystem_ext to report\n- Detect rootsh\n\nChanges:\n- Hide errors when RPM database is faulty and show suggestion instead [PKGS-7308]\n- Allow OpenBSD to gather information on listening network ports [NETW-3012]\n- Don't trigger warning for Shellshock when doing segfault test [SHLL-6290]\n- Do not run Apache test on OpenBSD and strip control chars [HTTP-6624]\n- Extended AIDE test with configuration validation test [FIND-4314]\n- Improved Shellshock test regarding non-Linux support [SHLL-6290]\n- Added support for gathering volume groups on AIX [FILE-6311]\n- Properly parse PAM lines and add them to report [AUTH-9264]\n- Support for boot loader detection on OpenBSD [BOOT-5159]\n- Added uptime detection for OpenBSD systems [BOOT-5202]\n- Support for volume groups on AIX [FILE-6312]\n- Redirect errors when searching for readlink binary\n\n---------------------------------------------------------------------------------\n\nLynis 1.6.3 (2014-10-14)\n\nNew:\n- Added tests for Shellshock bash vulnerability [SHLL-6290]\n- Added test to determine if Snoopy is used [ACCT-9636]\n- New test for qdaemon configuration file [PRNT-2416]\n- Test for GRUB boot loader password [BOOT-5122]\n- New test for qdaemon printer jobs [PRNT-2420]\n- Added ClamXav test for Mac OS X [MALW-3288]\n- Gentoo vulnerable packages test [PKGS-7393]\n- New test for qdaemon status [PRNT-2418]\n- Gentoo package listing [PKGS-7304]\n- Running Lynis without root permissions will start non-privileged scan\n- Systemd service and timer example file added\n- Added grub2-install to binaries\n\nChanges:\n- Adjustments so insecure SSL protocols are detected in nginx config [HTTP-6710]\n- Directories will be skipped when searching for nginx log files [HTTP-6720]\n- Only gather unique name servers from /etc/resolv.conf [NAME-2704]\n- Properly detect mod_evasive on Gentoo and others [HTTP-6640]\n- Improved swap partition detection in /etc/fstab [FILE-6336]\n- Improvements to kernel detection (e.g. Gentoo) [KRNL-5830]\n- Test for built-in security options in YUM [PKGS-7386]\n- Improved boot loader detection for GRUB2 [BOOT-5121]\n- Split GRUB test into two tests [BOOT-5122]\n- Added Mac OS uptime check [BOOT-5202]\n- Improved GetHostID function for systems having only ip binary\n- Improved testing for symlinked binary directories\n- Minor adjustments to log output\n- Renamed dev directory to extras\n\n---------------------------------------------------------------------------------\n\nLynis 1.6.2 (2014-09-22)\n\n New:\n - IsVirtualMachine function to check if system is running in VM\n\n VM types: Bochs CPU emulation, IBM z/VM, KVM, Linux Containers,\n libvirt LXC driver (Linux Containers), Microsoft Virtual PC, OpenVZ,\n Oracle VM VirtualBox, QEMU, Systemd Namespace container,\n User-Mode Linux (UML), VMware products, XEN\n\n - Detection for SaltStack configuration management tooling\n - ShowSymlinkPath function to check path behind a symlink\n - Check of configuration options of pacman [PKGS-7314]\n - Support for drill binary to check for Lynis update\n - FileIsEmpty function to check for empty files\n - Detect updates for Arch Linux [PKGS-7312]\n - Add detection for machine ID (systemd)\n - Added linux_config_file to report\n - Bash completion script for Lynis\n - Added detection of ss binary\n\n Changes:\n - Extended system reboot check, to enable it for most Linux versions[KRNL-5830]\n - Improved inetd test to avoid false positive with xinetd process [INSE-8002]\n - Permissions check has been adjusted to allow packaging and pentest mode\n - Added detection for compressed Linux config file [KRNL-5728]\n - Added support for compressed Linux config file [KRNL-5730]\n - Store PID file in home directory of the user, if needed\n - Added usage of ss to gather listening ports [NETW-3012]\n - Additional permission added to CUPS check [PRNT-2307]\n - Extended telnet in inetd test [INSE-8016]\n - Fix for reading at.deny file [SCHD-7720]\n - Removed individual warnings [BOOT-5184]\n - Several improvements for Arch Linux\n\n---------------------------------------------------------------------------------\n\nLynis 1.6.1 (2014-09-09)\n\n New:\n - Added --pentest parameter to run a non-privileged scans (e.g. for pentesting)\n - Show skipped tests in report if they require root and scan is non-privileged\n\n Changes:\n - Improved vulnerable packages test on Debian based systems (apt-check) [PKGS-7392]\n - Don't show warnings for 'swap' in 4th column fstab file [FILE-6336]\n - Remove warning for old files in /tmp [FILE-6354]\n - CheckUpdates function will have better output when no connection is available\n - Changes to parameters and functions, to allow penetration tests with Lynis\n - Test for actual files in /etc/modprobe.d before grepping in it\n - Improved chown command when file permissions are incorrect\n - Changed output of update test, show when status is unknown\n - No scanning of symlinked directories (binaries test)\n - Extended SafePerms function to also check for UID\n - Several tests will have root-only bit set now\n - Improved netstat tests on Arch Linux\n\n---------------------------------------------------------------------------------\n\nLynis 1.6.0 (2014-08-27)\n\n New:\n - Added several new plugins to default profile\n - HostID detection for AIX\n\n Changes:\n - Improvements for log file\n - GetHostID function improved\n - Improved detection of security repository for Debian based systems [PKGS-7388]\n - Set default values for update check, to avoid error message on screen\n - Cleanup for mail section, adding IMAP and POP3 protocols\n\n---------------------------------------------------------------------------------\n\nLynis 1.5.9 (2014-07-31)\n\n New:\n - New NetBSD test for vulnerable software packages [PKGS-7380]\n - Test if Debian based systems need a reboot [KRNL-5830]\n - Test for running Sendmail daemon [MAIL-8880]\n - Test for availability of mtree [FINT-4330]\n - Check for lp daemon (printing) [PRNT-2314]\n - Added Qmail status detection [MAIL-8860]\n - New NetBSD boot loader test [BOOT-5126]\n - Added test for automation tools like Cfengine and Puppet [TOOL-5002]\n - Added KRNL-5830 control to website\n - Added detection for Puppet\n - Added tooling category\n\n Changes:\n - Security repository test extended with /etc/apt/sources.list.d [PKGS-7388]\n - Added exception case for CUPS configuration (listen statement) [PRNT-2308]\n - Improved detection of TMOUT setting in shell profile file [SHLL-6220]\n - Perform promiscuous interfaces test for NetBSD as well [NETW-3014]\n - Perform swap partition parameters test on all systems [FILE-6336]\n - Also check password file on DragonFlyBSD and NetBSD [AUTH-9208]\n - Show message regarding toor user for all systems [AUTH-9204]\n - Check for available interfaces on NetBSD as well [NETW-3004]\n - Extended UFS file system test with FFS support [FILE-6329]\n - Improvements for step-tickers file test [TIME-3160]\n - Perform sockstat test for NetBSD [NETW-3012]\n - Gather IP addresses for NetBSD [NETW-3008]\n - Test MAC addresses on NetBSD [NETW-3006]\n - Added /usr/X11R7/bin directory to search for binaries\n - Improved full qualified domain name (FQDN) check for Linux\n - Don't show follow-up hints when there are no warnings or suggestions\n - Improved IsRunning function to better target processes\n - Several smaller adjustments in text and descriptions\n - Extended ReportException function with logging text\n - Improved GetHostID function for NetBSD and Solaris\n - Added printing_daemon and mail_daemon to report\n - Binaries extended with tools like kstat, puppet\n\n---------------------------------------------------------------------------------\n\nLynis 1.5.8 (2014-07-24)\n\n New:\n - Testing for commercial anti-virus solutions like McAfee and Sophos [MALW-3280]\n - New control text for MALW-3280 - http://cisofy.com/controls/MALW-3280/\n\n Changes:\n - Extended GRUB test with encrypted password (SHA1) [BOOT-5121]\n - Check /etc/profile for multiple umask values [AUTH-9328]\n - Extended PHP disabled functions test [PHP-2320]\n - Add gpgcheck parameter to YUM test [PKGS-7387]\n - Squid configuration file permissions test adjusted and control added to website [SQD-3613]\n - Logging has been extended and exceptional event text adjusted\n\n---------------------------------------------------------------------------------\n\nLynis 1.5.7 (2014-07-09)\n\n New:\n - Implementation of SafePerms function\n - Added notification when exceptions are found\n\n Changes:\n - Fix for error_log handling in nginx\n\n---------------------------------------------------------------------------------\n\nLynis 1.5.6 (2014-06-12)\n\n New:\n - Test for PHP binary and PHP version\n - Don't perform register_global test for systems running PHP 5.4.0 and later [PHP-2368]\n - Debug function (can be activated via --debug or profile)\n\n Changes:\n - Extended IsRunning function\n - Removed suggestion from secure shell test [SHLL-6202]\n - Check for idle session handlers [SHLL-6220]\n - Also check for apache2 binary (file instead of directory)\n - New report values: session_timeout_enabled and session_timeout_method\n - New report value for plugins: plugins_enabled\n - Fixed test to determine active TCP sessions on Linux [NETW-3012]\n\n---------------------------------------------------------------------------------\n\nLynis 1.5.5 (2014-06-08)\n\n New:\n - Check for nginx access logging [HTTP-6712]\n - Check for missing error logs in nginx [HTTP-6714]\n - Check for debug mode in nginx [HTTP-6716]\n\n Changes:\n - Extended SSL test for nginx when using listen statements\n - Allow debugging via profile (config:debug:yes)\n - Check if discovered httpd file is actually a file\n - Improved temporary file creation related to security notice\n - Adjustments to screen output\n\n Security Note:\n This releases solves two issues regarding the usage of temporary\n files (predictability of the file names). You are advised to upgrade\n to this version as soon as possible. For more information see the\n our blog post: http://linux-audit.com/lynis-security-notice-154-and-older/\n\n---------------------------------------------------------------------------------\n\nLynis 1.5.4 (2014-06-04)\n\n New:\n - Check additional configuration files for nginx [HTTP-6706]\n - Analysis of nginx settings [HTTP-6708]\n - New test for SSL configuration of nginx [HTTP-6710]\n\n Changes:\n - Altered SMBD version check for Mac OS\n - Small adjustments to report for readability\n\n---------------------------------------------------------------------------------\n\nLynis 1.5.3 (2014-05-19)\n\n New:\n - Support for zypper package manager\n - Gather installed packages with Zypper on SuSE systems [PKGS-728]\n - Check for vulnerable packages with Zypper package manager [PKGS-7330]\n\n Changes:\n - Check for aide.conf also in /etc [FINT-4315]\n - Adjusted screen output for unreliable NTP peers [TIME-3120]\n - Adjusted check kernel test for non-Linux systems [KRNL-5730]\n - Improved screen output on AIX systems with echo command\n\n---------------------------------------------------------------------------------\n\nLynis 1.5.2 (2014-05-05)\n\n New:\n - Support for runlevel in binaries test\n\n Changes:\n - Added suggestion for kernel availability check [KRNL-5788]\n - Added suggestion for services at startup and proper binary call [BOOT-5180]\n - Added suggestion to configure accounting on FreeBSD [ACCT-2754]\n - Added suggestion to configure Linux process accounting [ACCT-9622]\n - Several new controls listed on website\n - Adjusted hardening index if total score was zero\n - Added suggestion for auditd.conf file [ACCT-9632]\n - Removed suggestion for audit log file [ACCT-9634]\n - Removed warning from NTP falsetickers test, added data to report [TIME-3132]\n - Removed warning from NTP selected time source test [TIME-3124]\n\n---------------------------------------------------------------------------------\n\nLynis 1.5.1 (2014-04-22)\n\n Changes:\n - Extended reporting with running databases and frameworks\n - Adjusted Oracle status in test [DBS-1840]\n - Extended grsecurity test [RBAC-6272]\n - Redirect rpcinfo errors to /dev/null\n - Adjusted color scheme\n\n---------------------------------------------------------------------------------\n\nLynis 1.5.0 (2014-04-10)\n\n New:\n - Support for Amazon Linux\n - NTP check for step-tickers file (Red Hat and clones) [TIME-3160]\n\n Changes:\n - Minor textual changes in description of several controls\n - Removed several warnings (usage of suggestions instead)\n - Website has now more information for several controls\n - Extended detection for Oracle Linux\n - Updated the FAQ and README files\n\n---------------------------------------------------------------------------------\n\nLynis 1.4.9 (2014-04-03)\n\n New:\n - Added links in report to related control documentation on website\n - Detect Linux I/O kernel scheduler [KRNL-5730]\n\n Changes:\n - Check for non-unique accounts on several platforms [AUTH-9208]\n - Set initial discover value for PAM modules to zero [AUTH-9268]\n\n---------------------------------------------------------------------------------\n\nLynis 1.4.8 (2014-03-27)\n\n Changes:\n - Adjusted resolv.conf domain setting in report [NAME-4016]\n - Extend account test with /var/log/pacct [ACCT-9620]\n - Added suggestion to DNS domain name test [NAME-4028]\n - Changed text strings of ZFS test [FILE-6330]\n - Extend LILO password test [BOOT-5139]\n - Set default value for pf firewall\n\n---------------------------------------------------------------------------------\n\nLynis 1.4.7 (2014-03-21)\n\n New:\n - New configuration item to set group name\n - Search for AIDE configuration file (aide.conf) [FINT-4315]\n - Check for usage of SHA256/SHA512 in AIDE configuration [FINT-4316]\n - Added grep to list of binaries\n\n Changes:\n - Added suggestion when using NIS or NIS+ [NAME-4302]\n - Clean-up of unneeded plugin section\n - Small typo fix\n\n---------------------------------------------------------------------------------\n\nLynis 1.4.6 (2014-03-14)\n\n New:\n - Check for GPG signing in yum.conf [PKGS-7387]\n - Check CUPS configuration file permissions [PRNT-2307]\n\n Changes:\n - Screen cleanup\n\n---------------------------------------------------------------------------------\n\nLynis 1.4.5 (2014-03-08)\n\n New:\n - Support for Chakra Linux\n - Support for pacman binary (package manager)\n - Query installed packages on systems with pacman [PKGS-7310]\n\n Changes:\n - Avoid logging to screen when falsetickets are found [TIME-3132]\n - Skipping FIFO file on Solaris systems when checking for cron jobs [TIME-3104]\n - Extended uptime test for Solaris systems [BOOT-5202]\n - Added /usr/lib/security to PAM locations to scan\n - Report cronjobs to report [SCHD-7704]\n - HostID support for Solaris\n - Improved color scheme\n - Extended logging\n\n---------------------------------------------------------------------------------\n\nLynis 1.4.4 (2014-03-03)\n\n New:\n - Detect tune2fs binary\n - Added ExitFatal() function\n - Added egrep binary to binaries\n - Initial plugin support (phase 1)\n - Added InsertPluginSection() function\n\n Changes:\n - Adjusted disabled functions tests to properly find functions [PHP-2320]\n - Extended time test with egrep binary replace for Solaris [TIME-3104]\n - Adjusted color for SNMP test when warning is found [SNMP-3306]\n - Adjusted text for PHP risky functions [PHP-2320]\n - Refer to discovered binaries for ifconfig, lsmod, tune2fs\n - Test plugin directory when provided by --plugin-dir\n - Scan report extended with plugin information\n - Extended help for Enterprise options\n - Improved IsRunning() function\n - Extended color scheme\n\n---------------------------------------------------------------------------------\n\nLynis 1.4.3 (2014-02-23)\n\n New:\n - Support for ClearOS\n - Data upload for Lynis Enterprise users (--upload)\n - Added debug variable for troubleshooting purposes\n - Scan profile option license_key\n\n Changes:\n - Skip password check for Red Hat or clones [AUTH-9282]\n - Extended single user login protection [AUTH-9308]\n - Adjusted repolist check for yum based systems [PKGS-7383]\n - Inserted sleep time when update is found\n - Extended report output\n\n---------------------------------------------------------------------------------\n\nLynis 1.4.2 (2014-02-19)\n\n Changes:\n - Ignore interfaces aliases for HostID\n - Extended umask tests with pam_umask entries [AUTH-9328]\n - Check for suppressed version on Squid [SQD-3680]\n\n---------------------------------------------------------------------------------\n\nLynis 1.4.1 (2014-02-15)\n\n New:\n --plugin-dir parameter\n\n Changes:\n - Added 64 bits locations for Apache modules\n - Add start of new category to logfile\n - Extended sysstat test with /etc/cron.d/sysstat [ACCT-9626]\n - Extended cron job tests with entries start with asterisk (*) [SCHD-7704]\n - Additional check for multiple umask entries (like RHEL 6.x) [AUTH-9328]\n - Adjusted PHP test for register_globals (explicit test) [PHP-2368]\n - Small adjustments for upcoming plugin support\n - Extended man page\n\n---------------------------------------------------------------------------------\n\nLynis 1.4.0 (2014-01-29)\n\n Changes:\n - Removed some warnings, to prevent double messages\n - Extended accounting check for Linux [ACCT-9622]\n - Added consistency check to time test [TIME-3124]\n - Added support for anacron jobs [SCHD-7704]\n - Rewrite of YUM repository test [PKGS-7383]\n - Use binary variables for hostid creation\n - AIX version detection changed\n - Added rpcinfo to binaries check\n - Ignore LANG global setting\n - Improved logging\n\n---------------------------------------------------------------------------------\n\nLynis 1.3.9 (2014-01-09)\n\n Changes:\n - Additional support for Mac OS\n - Support for shasum binary\n - Performance adjustment for lsof tests\n - Extended interface check for hostid creation\n - Improved NSCD detection [NAME-4032]\n - Bug fix for passwdqc [AUTH-9262]\n - Extended vulnerable packages test [PKGS-7392]\n - Hide possible sysctl errors [KRNL-5820]\n\n---------------------------------------------------------------------------------\n\nLynis 1.3.8 (2013-12-25)\n\n New:\n - New parameter --view-categories to display available test categories\n - Added /etc/hosts check (duplicates) [NAME-4402]\n - Added /etc/hosts check (hostname) [NAME-4404]\n - Added /etc/hosts check (localhost mapping) [NAME-4406]\n - Portmaster test for possible port upgrades [PKGS-7378]\n - Check for SPARC improve boot loader (SILO) [BOOT-5142]\n - NFS client access test [STRG-1930]\n - Check system uptime [BOOT-5202]\n - YUM repolist check [PKGS-7383]\n - Contributors file added\n\n Changes:\n - Improved locate database check and reporting [FILE-6410]\n - Improved PAE/No eXecute test for Linux kernel [KRNL-5677]\n - Disabled NIS domain name from test [NAME-4028]\n - Extended NIS domain test to check BSD sysctl value [NAME-4306]\n - Extended PAM tools check with PAM paths [AUTH-9262]\n - Adjusted Apache check to avoid skipping it [HTTP-6622]\n - Extended USB state testing [STRG-1840]\n - Extended Firewire state testing [STRG-1846]\n - Extended core dump test [KRNL-5820]\n - Added /lib/i386-linux-gnu/security to PAM directories\n - Added /usr/X11R6/bin directory to binary paths\n - Improved readability of screen output\n - Improved logging for several tests\n - Improved Debian version detection\n - Added warning to BIND test [NAME-4206]\n - Extended binaries with showmount and yum\n - Updated man page\n\n---------------------------------------------------------------------------------\n\nLynis 1.3.7 (2013-12-10)\n\n New:\n - Function FileExists() and SearchItem()\n\n Changes:\n - Adjusted yum-security check [PKGS-7386]\n - Improved check for iptables binary check\n - Extended report with the tests executed and skipped\n\n---------------------------------------------------------------------------------\n\nLynis 1.3.6 (2013-12-03)\n\n New:\n - Support for the dntpd time daemon\n - New Apache test for modules [HTTP-6632]\n - Apache test for mod_evasive [HTTP-6640]\n - Apache test for mod_qos [HTTP-6641]\n - Apache test for mod_spamhaus [HTTP-6642]\n - Apache test for ModSecurity [HTTP-6643]\n - Check for installed package audit tool [PKGS-7398]\n - Added initial support for new pkgng and related tools [PKGS-7381]\n - Check for ssh-keyscan binary\n - ZFS support for FreeBSD [FILE-6330]\n - Test for passwordless accounts [AUTH-9283]\n - Initial OS support for DragonFly BSD\n - Initial OS support for TrueOS (FreeBSD based)\n - Initial OS support for elementary OS (Luna)\n - GetHostID for DragonFly, FreeBSD, NetBSD and OpenBSD\n - Check for DHCP client [NETW-3030]\n - Initial support for OSSEC (system integrity) [FINT-4328]\n - New parameter --log-file to adjust log file location\n - New function IsRunning() to check status of processes\n - New function RealFilename() to determine file name\n - New function CheckItem() for parsing files\n - New function ReportManual() and ReportException() to simplify code\n - New function DirectoryExists() to check existence of a directory\n - Support for dntpd [TIME-3104]\n\n Changes:\n - Extended pf checks for FreeBSD/OpenBSD and others [FIRE-4518]\n - Extended test to gather listening network ports for Linux [NETW-3012]\n - Adjusted lsof statement to ignore warnings (e.g. fuse) [LOGG-2180] [LOGG-2190]\n - Added suggestion for discovered shells on FreeBSD [AUTH-9218]\n - Extended core dump test with additional details [KRNL-5820]\n - Properly display suggestion if portaudit is not installed [PKGS-7382]\n - Ignore message if no packages are installed (pkg_info) [PKGS-7320]\n - Also try using apt-check on Debian systems [PKGS-7392]\n - Adjusted logging for RPM binary on systems not using it [PKGS-7308]\n - Extended search in cron directories for rdate/ntpdate [TIME-3104]\n - Adjusted PHP check to find ini files [PHP-2211]\n - Skip Apache test for NetBSD [HTTP-6622]\n - Skip test http version check for NetBSD [HTTP-6624]\n - Additional check to suppress sort error [HTTP-6626]\n - Improved the way binaries are checked (less disk reads)\n - Adjusted ReportWarning() function to skip impact rating\n - Improved report on screen by leaving out date/time and type\n - Redirect errors while checking for OpenSSL version\n - Extended reporting with firewall status and software\n - Adjusted naming of some operating systems to make them more consistent\n - Extended update check by using host binary if dig is not installed\n - Count number of installed binaries/packages and report them\n - Report about log rotation tool and status\n - Updated man page\n\n---------------------------------------------------------------------------------\n\nLynis 1.3.5 (2013-11-19)\n\n New:\n - OS detection for Mageia Linux, PCLinuxOS, Sabayon Linux and Scientific Linux\n - Added some initial systemd support (e.g. boot services)\n - Test to display if any known MAC framework is implemented [MACF-6290]\n\n Changes:\n - Improved support for Slackware Linux (OS and version detection)\n - Added systemd support (boot and running services) for Linux systems [BOOT-5177]\n - Added systemd support (default runlevel) for Linux systems [KRNL-5622]\n - Extended USB storage check in modprobe.d directory [STRG-1840]\n - Improved output, reporting and check for kernel update [KRNL-5788]\n - Optimized code and output of test to check writable scripts [BOOT-5184]\n - Fixed detection for writable scripts [BOOT-5184]\n - Improved detection IPv6 addresses for Slackware and others [NETW-3008]\n - Minor addition to SSH PermitRootLogin check [SSH-7412]\n - Extended cronjob tests, reporting and logging [SCHD-7704]\n - Extended umask check in /etc/profile [AUTH-9328]\n - Added suggestion about BIND version [NAME-4210]\n - Merged test NTP daemon test TIME-3108 into TIME-3104\n - Improved support for Arch Linux (output, detection)\n - Extended common list of directories with SSL certificates in profile\n - New function GetHostID() to determine an unique identifier of the machine\n - Added a tests_custom file template\n - Perform file permissions test on tests_custom file\n - Improved OS detection and extended logging on several tests\n - Several layout improvements\n - Extended update check functions and output\n - Cleaned up reporting and extended it with exceptions\n\n---------------------------------------------------------------------------------\n\nLynis 1.3.4 (2013-11-08)\n\n New:\n - OS detection support for Arch Linux\n - Support for systemd journal\n\n Changes:\n - Test for files in /etc/modprobe.d directory [STRG-1840]\n - Extended log daemon detection with systemd journal [LOGG-2130]\n - Adjusted hardening value for compiler GCC [HRDN-7222]\n - Extended IsWorldWritable and IsWorldExecutable functions to support symlinks\n - Adjusted PHP test for disabled functions [PHP-2320]\n - Extended testing for PHP files in other directories [PHP-2211]\n - Improved screen output for several tests and extended logging\n\n---------------------------------------------------------------------------------\n\nLynis 1.3.3 (2013-10-24)\n\n New:\n - Added NTP configuration type to report [TIME-3104]\n\n Changes:\n - Do not warn on empty shells for FreeBSD systems [AUTH-9218]\n - Extended checks for presence NTP client or daemon [TIME-3104]\n - Extended logging\n\n---------------------------------------------------------------------------------\n\nLynis 1.3.2 (2013-10-09)\n\n New:\n - Test for PowerDNS authoritative servers (master/slave status) [NAME-4238]\n\n Changes:\n - CUPS test extended with hardening rules [PRNT-2308]\n - Added hardening points to sticky bit on /tmp [FILE-6362]\n - Extended Ubuntu security packages check [PKGS-7392]\n - Improved update check, show when no check is performed\n - Added additional check for binaries, so checks on CentOS work correctly\n - Added word 'restricted' to banner strings\n - Adjusted wording for Debian packages purge [PKGS-7346]\n - Corrected listing of purgable packages [PKGS-7346]\n - Adjusted yum-plugin-security check due to package changes [PKGS-7386]\n\n---------------------------------------------------------------------------------\n\nLynis 1.3.1 (2013-10-02)\n\n Changes:\n - Updated generic references in files\n - Fixed detection of several binaries (AFICK/awk)\n - Performance tweaks when checking for binaries\n - Fixed core dump check and dumpable sysctl [KRNL-5820]\n - Force test to always to check for binaries [FILE-7502]\n - Changed detection to egrep [DBS-1840]\n - Adjusted variable checking for Solaris [HOME-9310]\n - Adjusted search in modprobe directory [STRG-1840] [STRG-1846]\n\n---------------------------------------------------------------------------------\n\nLynis 1.3.0 (2011-12-25)\n\n New:\n - Profile option: ignore_home_dir\n - TCP wrappers category added\n - Tooling category added\n - Initial extensions to support plugins in the future\n - Test for unpurged Debian packages [PKGS-7346]\n - Test for compiler permissions [HRDN-7222]\n\n Changes:\n - Converted all dates to ISO format and updated copyright lines\n - Correct suggestion for file integrity tool [FINT-4350]\n - Added hint when RPM list is empty on DPKG based systems [PKGS-7308]\n - Changed logging for /etc/security/limits.conf file [KRNL-5820]\n - Fixed incorrect warning for single user mode [AUTH-9308]\n - Improved output for stratum 16 time servers [TIME-3116]\n - Added suggestion and screen output for kernel hardening [KRNL-6000]\n - Screen layout optimizations and log file improvements\n - Improved list/layout of scan options\n - Improved binary check for compilers\n - Added configuration option in scan profile (show_tool_tips, default true)\n\n---------------------------------------------------------------------------------\n\nLynis 1.2.9 (2009-12-15)\n\n New:\n - Support for Squid3\n - Added Squid unsafe ports check [SQD-3624]\n - Added Squid configuration file permission check [SQD-3613]\n - Added Squid test: reply_body_max_size option [SQD-3630]\n - Added /etc/init.d/rc and /etc/init.d/rcS to umask test [AUTH-9328]\n - Check PHP option allow_url_include [PHP-2378]\n\n Changes:\n - Extended possible Squid configuration file locations\n - Added additional sysctl keys to default profile\n - Fixed typo in squid.conf checks\n - Improved descriptions, logging and reporting for several tests\n - Corrected /etc/security/limits.conf path in test [KRNL-5820]\n - Updated man page, limited lines to 80 chars\n\n---------------------------------------------------------------------------------\n\nLynis 1.2.8 (2009-12-08)\n\n New:\n - Squid support added\n - Squid daemon detection [SQD-3602]\n - Squid configuration file search [SQD-3604]\n - Squid version detection [SQD-3606]\n - Check /etc/motd banner [BANN-7122]\n - Check /etc/issue.net file [BANN-7128]\n - Check contents in /etc/issue.net [BANN-7130]\n - Solaris single user mode login check (/etc/default/sulogin) [AUTH-9304]\n - HP-UX boot authentication check [AUTH-9306]\n - Linux single user mode authentication check [AUTH-9308]\n - Solaris account locking policy check [AUTH-9340]\n\n Changes:\n - Added prerequisite to SSH test, so the test is skipped properly [SSH-7440]\n - Check for /etc/issue symlink [BANN-7124]\n - Added file check for possible harmful shells found [AUTH-9218]\n - Add user home directories to report [HOME-9302]\n - Extended Linux run level test with support for Debian/Ubuntu [KRNL-5622]\n - Added /lib64/security to PAM test [AUTH-9262]\n - Extended security repository check [PKGS-7388]\n - Iptables check should not check for a module in a Linux config [FIRE-4511]\n - Ignore APC ups daemon when scanning for CUPS [PRNT-2304]\n - Improved kernel logger daemon check [LOGG-2138]\n - Added auditctl to binary check [ACCT-9630]\n - Log used auditd ruleset [ACCT-9630]\n - Corrected logging of Solaris c2audit module [ACCT-9656]\n - Fixed warning function for Solaris passwordless accounts [AUTH-9254]\n - Commented kern.randompid in default profile\n - For sysctl the parameter -n will be used on Linux systems\n - Changed syslog daemon detection and state\n - Extended report file\n\n---------------------------------------------------------------------------------\n\nLynis 1.2.7 (2009-11-01)\n\n New:\n - Added Kernel Hardening section\n - Sysctl audit support in scan profile and related test [KRNL-6000]\n - SSH option StrictModes test [SSH-7416]\n - Password aging limit check [AUTH-9286]\n - Ubuntu packages check (apt-show-versions) [PKGS-7394]\n - Check for metalog daemon [LOGG-2210]\n - USB storage driver state check [STRG-1840]\n - Firewire storage driver state check [STRG-1846]\n - PostgreSQL process check [DBS-1826]\n - Oracle process check [DBS-1840]\n - Default umask check [AUTH-9328]\n - Check for rsyslog daemon [LOGG-2230]\n - RFC 3195 compliant daemon check [LOGG-2240]\n - Qmail SMTP daemon check [MAIL-8940]\n - Test for separation of /tmp and /home from root file system [FILE-6310]\n - SSH AllowUsers and AllowGroups usage check [SSH-7440]\n - AIX support, thanks to Michael Smerdka\n\n Changes:\n - Fixed crontabs path [SCHD-7704]\n - Extended locate database paths for Linux and FreeBSD [FILE-6410]\n - pflog detection fix [FIRE-4518]\n - Skip /proc/meminfo for non Linux systems [PROC-3602]\n - Extended text with rsyslogd [LOGG-2130]\n - Ignore comment and empty lines for group tests [AUTH-9222/9226]\n - Show firewall as active when iptables is available in config file [FIRE-4511]\n - Variable fix for SNMP daemon configuration file [SNMP-3304]\n - Freshclam check fix [MALW-3286]\n - Fixed waiting search for NIS domain [NAME-4306]\n - Check for a maximum of 1 search statement in /etc/resolv.conf [NAME-4018]\n - Apache test improved [HTTP-6622]\n - Skip klogd test if rsyslogd is available [LOGG-2138]\n - Added additional CUPS location to search paths\n - Only execute PAM test for systems with PAM [AUTH-9268]\n - Fixed logging of sudoers file location [AUTH-9250]\n - Improved FreeBSD support for NTP client check [TIME-3104]\n - Redirect warning \"Unknown host\" when DNS domain name is empty [NAME-4028]\n - Redirect warning when host name is empty\n - Fixed warning color [AUTH-9226]\n - Fixed FreeBSD COPYRIGHT file test [BANN-7113]\n - Changed text for sudoers text [AUTH-9250]\n - Improved text for DNS search domain [NAME-4016]\n - Skip nginx configuration test if nginx is not available [HTTP-6704]\n - Removed portsclean suggestion [PKGS-7348]\n - Fixed non unique IDs\n - Fixed cosmetic issue when using Debian with default dash shell\n - Improved hostname detection for HP-UX\n - Added additional php.ini file locations\n - Moved Linux default shell check to OS detection functions\n - Fixed CUPS daemon test [PRNT-2304]\n - Also check for uppercase chars in issue file [BANN-7126]\n\n---------------------------------------------------------------------------------\n\nLynis 1.2.6 (2009-04-05)\n\n New:\n - Sudoers file permissions check [AUTH-9252]\n - Core dumps configuration check for Linux [KRNL-5820]\n - PHP disabled functions check [PHP-2320]\n - PHP enable_dl function check [PHP-2374]\n - PHP allow_url_fopen function check [PHP-2376]\n - OpenBSD smtpd status check [MAIL-8920]\n - /etc/issue check [BANN-7124]\n - /etc/issue legal keywords check [BANN-7126]\n - Show suggestions in report\n\n Changes:\n - Extended support for Red Hat, CentOS and Fedora\n - Extended ACL test to test for default mount options as well [FILE-6368]\n - Exim status test fixed [MAIL-8812]\n - Corrected yum security check [PKGS-7386]\n - Replaced LDAP test AUTH-9238 with [AUTH-9402]\n - Removed backquotes when locate database is not available [FILE-6410]\n - Added /etc/openldap to search path for OpenLDAP\n - Fixed typo in crontab path [SCHD-7704]\n - Don't show message \"No volume groups found\" if LVM isn't used [FILE-6310]\n - Corrected Syslog-NG status [LOGG-2132]\n - Moved TODO to dev directory\n\n---------------------------------------------------------------------------------\n\nLynis 1.2.5 (2009-03-27)\n\n New:\n - slapd.conf check [LDAP-2224]\n - atd status test [SCHD-7718]\n - Check LDAP module in PAM [AUTH-9278]\n - Check Dovecot status check [MAIL-8838]\n - Check log directories from newsyslog.conf [LOGG-2162]\n - Check log directories from static list [LOGG-2170]\n - Check log directories from logrotate configuration [LOGG-2150]\n - syslog check for remote logging [LOGG-2154]\n - Open log files check [LOGG-2180]\n - Deleted file check [LOGG-2190]\n - Solaris active kernel modules check [KRNL-5770]\n - Solaris audit daemon status check [ACCT-9650]\n - Solaris audit daemon service status [ACCT-9652]\n - Solaris audit daemon BSM check [ACCT-9654]\n - Solaris audit logging location check [ACCT-9662]\n - Solaris audit statistics check [ACCT-9672]\n - Check for installed compiler [HRDN-7202]\n - BIND process check [NAME-4202]\n - BIND configuration file check [NAME-4204]\n - BIND configuration consistency check [NAME-4206]\n - BIND version check via DNS [NAME-4210]\n - Default domain check (/etc/resolv.conf) [NAME-4016]\n - Search domains in /etc/resolv.conf check [NAME-4018]\n - Parse /etc/resolv.conf options [NAME-4020]\n - Solaris /etc/nodename check [NAME-4026]\n - DNS domain checks [NAME-4028]\n - NSCD status check [NAME-4032]\n - PowerDNS presence check [NAME-4230]\n - PowerDNS configuration file check [NAME-4232]\n - PowerDNS backend check [NAME-4236]\n - ypbind status check [NAME-4302]\n - Log specific defined SSH daemon options [SSH-7408]\n - SSH protocol version check [SSH-7414]\n - NIS domain checks [NAME-4304]\n - Check pending at jobs [SCHD-7724]\n - LVM volume group scan [FILE-6310]\n - LVM volumes check [FILE-6312]\n - Locate database check [FILE-6410]\n - nginx configuration file check [HTTP-6704]\n - Exim status check [MAIL-8802]\n - Postfix status check [MAIL-8814]\n\n Changes:\n - atd needs to run before testing at files [SCHD-7720]\n - Removed Solaris OS requirement from logrotate test [LOGG-2148]\n - Sanitized output from logrotate test [LOGG-2148]\n - Skip comment fields in loghost check [LOGG-2152]\n - Changed auditd tests to Linux only\n - Binary scan optimized and partially combined with other check\n - Only perform iptables tests if kernel module is active\n - Don't show message when /etc/shells can't be found [SHLL-6211]\n - Check /var/spool/cron/crontabs first, if it exists [SCHD-7704]\n - Renumbered FreeBSD test SHLL-7225 [SHLL-6202]\n - Renumbered malware test MALW-3292 [HRDN-7230]\n - Improved grep on process status [PRNT-2304]\n - Ignore comment lines for nginx log file check [HTTP-6720]\n - Added file check for nginx log files [HTTP-6720]\n - Display IP addresses only of NTP tests [TIME-3124]\n - Fixed Postfix configuration directory path [MAIL-8816]\n - Redirected output of yum package duplicate check [PKGS-7384]\n - Ignore comment lines for lilo test [BOOT-5139]\n - Fixed incorrect iptables status and correct logging [FIRE-4511]\n - Check SNMP configuration only if SNMP daemon runs [SNMP-3304]\n - Don't scan PAM directories which are symlinks [AUTH-9268]\n - Changed hardening category to hardening_tools\n - Adjusted hardening points of several tests\n - Log and display improvements for several tests\n\n---------------------------------------------------------------------------------\n\nLynis 1.2.4 (2009-03-17)\n\n New:\n - NTP daemon process test [TIME-3108]\n - NTP association ID's check from peer list [TIME-3112]\n - NTP time source candidates test [TIME-3128]\n - NTP falseticker check [TIME-3132]\n - NTP protocol version check [TIME-3136]\n - Stratum 16 ntp peers check [TIME-3116]\n - Unreliable ntp peers check [TIME-3120]\n - Preferred NTP time source test [TIME-3124]\n - auditd presence check [ACCT-9628]\n - auditd rules check [ACCT-9630]\n - auditd configuration file check [ACCT-9632]\n - auditd log file location check [ACCT-9634]\n - cupsd status check [PRNT-2304]\n - cupsd configuration file check [PRNT-2306]\n - cupsd address configuration test [PRNT-2308]\n - pam.conf configuration check [AUTH-9264]\n - pam.d configuration file scan [AUTH-9266]\n - PAM modules check [AUTH-9268]\n - rpcinfo query [STRG-1902]\n - NFS version number check [STRG-1904]\n - NFS protocol and port number check [STRG-1906]\n - NFS status check [STRG-1920]\n - NFS exports check [STRG-1926]\n - NFS empty /etc/exports [STRG-1928]\n - SSH PermitRootLogin option check [SSH-7412]\n - at.allow and at.deny check [SCHD-7720]\n - File integrity tool check [FINT-4350]\n - nginx process check [HTTP-6702]\n - nginx log file test [HTTP-6720]\n - ClamAV clamscan presence test [MALW-3282]\n - ClamAV daemon check [MALW-3284]\n - ClamAV freshclam check [MALW-3286]\n - Check for presence malware scanner [MALW-3292]\n - clamscan, ntpq binary check\n - NTP daemon role and profile option\n - Parameter --tests-category, to scan one or more categories\n - Category added (Storage: NFS)\n - Added hardening points to tests\n - Display hardening index to report\n\n Changes:\n - Extended logrotate test [LOGG-2148]\n - Added check for inetd.conf before performing test [INSE-8016]\n - Added /var/spool/crontabs to search path [TIME-3104]\n - Added log line to sysstat test [ACCT-9626]\n - Improved screen output on Solaris\n - Checking for both rdate and ntpdate in cron files [TIME-3104]\n - Changed yum-security package check [PKGS-7386]\n - Change output if dig isn't available [NETW-2705]\n - Added IPv6 support and output adjustment [NETW-2704]\n - Cosmetic change for host based firewall check [FIRE-4590]\n - Corrected output in log file [PKGS-7388]\n - Corrected passwd options for Red Hat [AUTH-9282]\n - Changed text if everything is ok (no warnings)\n - Log improvements\n\n---------------------------------------------------------------------------------\n\nLynis 1.2.3 (2009-03-02)\n\n New:\n - Added syslog-NG daemon check [LOGG-2132]\n - Added klogd status test [LOGG-2138]\n - Added check to determine minilogd presence [LOGG-2142]\n - Added logrotate configuration test [LOGG-2146]\n - Added check for loghost entry on Solaris machines [LOGG-2152]\n - Added ipf test for Solaris [FIRE-4526]\n - Added uname -n test (Solaris) [NAME-4024]\n - Added ssh daemon configuration file check [SSH-7404]\n - Added BSD newsyslog.conf file check [LOGG-2160]\n - Added inetd status check [INSE-8002]\n - Added inetd.conf configuration check [INSE-8004]\n - Added check for inetd.conf when inetd is not active [INSE-8006]\n - Added telnet check via inetd [INSE-8016]\n - Added ACL check on root file system [FILE-6368]\n - Added check for firewall/packet filter on system [FIRE-4590]\n - Added lograte file check [LOGG-2148]\n - Added snmp daemon status test [SNMP-3302]\n - Added snmp configuration file test [SNMP-3304]\n - Added default snmp community strings test [SNMP-3306]\n - Added categories: Insecure services and SNMP\n - Added binary searches for awk, ipf\n\n Changes:\n - Changed profile name in default profile\n - Added path /usr/ucb to binary paths\n - Changed color to white if slapd is not running [LDAP-2219]\n - Changed test PKG-7345 into PKGS-7345\n - Changed logging for several tests [PKGS-7302] [NETW-3004]\n - Extended FAQ\n - Changed default profile header\n\n Fixes:\n - Hostname detection under Solaris\n - Disabled tests PROC-3612 PROC3614 for Solaris machines\n - Disabled NTP check in cron.d directory on Solaris [TIME-3104]\n - Added result at line when querying system users [AUTH-9234]\n - Counters (N+1) fixed for some shells, like Solaris\n - Removed unneeded line for Solaris test [PROC-3604]\n - Disabled grsecurity test for Solaris [RBAC-6272]\n - Correct display of files with spaces [FILE-6354]\n - Changed several tests so they work correctly with Solaris\n\n---------------------------------------------------------------------------------\n\nLynis 1.2.2 (2009-02-15)\n\n New:\n - Support for MySQL client\n - New test: Test for empty MySQL root password [DBS-1816]\n - New test: SSH daemon status test [SSH-7402]\n - New test: sysstat account information [ACCT-9626]\n - New test: connections in WAIT state [NETW-3028]\n - Lynis displays a warning now, if current version is really outdated\n - New parameter option (log_tests_incorrect_os) to minimize logging\n\n Changes:\n - Several adjustments to default profile\n - Fixed option 'skip_test_always' to let it function properly\n - Fixed passwd check for SuSE systems [AUTH-9282]\n - Added error redirect for dpkg test [PKG-7345]\n - Improved NTP test and messages, excluded check when using xen [TIME-3104]\n - Extended DNS nameserver check with local resolver [NETW-2704]\n - Skip double nameserver check when a local resolver is found [NETW-2705]\n - Renamed tests_nameserver to tests_nameservices\n - Improved log output [AUTH-9218]\n\n Notes:\n - Custom profiles should be compared to the default profile, due small changes\n in the structure.\n\n---------------------------------------------------------------------------------\n\nLynis 1.2.1 (2008-09-05)\n\n New:\n - Added support for Samba\n - Added support for SELinux framework\n - New test: SELinux presence test [MACF-6232]\n - New test: SELinux status checks [MACF-6234]\n - New test: password PAM availability check [AUTH-9262]\n - New test: expire date check for accounts [AUTH-9282]\n - Added new option --tests, to run a small set of tests only\n\n Changes:\n - Report and logging messages improved\n - Output reduced when using --tests\n - Added suggestion to PHP expose_php option [PHP-2372]\n - Improved log message for PHP register_globals option [PHP-2368]\n - Added virtual host count to log file [HTTP-6626]\n - Improved Red Hat and clones detection and display\n - Fix: Improved promiscuous detection for Linux [NETW-3015]\n - Fix: AUTH-9204 test triggered on group ids as well\n - Fix: Only display unique MAC addresses [NETW-3006]\n - Extended Postfix test [MAIL-8818]\n - Don't show /proc/meminfo if not present [PROC-3602]\n - Don't show YABOOT information if not present [BOOT-5155]\n - Improved portaudit test (FreeBSD) [PKGS-7382]\n - Improved portsclean test (FreeBSD) [PKGS-7348]\n - Added --quiet and --tests options to help and man page\n\n---------------------------------------------------------------------------------\n\nLynis 1.2.0 (2008-08-26)\n\n New:\n - New test: Passwordless Solaris accounts test [AUTH-9254]\n - New test: AFICK file integrity [FINT-4310]\n - New test: AIDE file integrity [FINT-4314]\n - New test: Osiris file integrity [FINT-4318]\n - New test: Samhain file integrity [FINT-4322]\n - New test: Tripwire file integrity [FINT-4326]\n - New tests: NIS and NIS+ authentication test [AUTH-9240/42]\n - Initial support added for AFICK, AIDE, Osiris, Samhain, Tripwire\n\n Changes:\n - Changed text of grsecurity test [RBAC-6272]\n - Optimized FreeBSD boot services test [BOOT-5165]\n - Optimized UID 0 test [AUTH-9204]\n - Extended login shells test [AUTH-9218]\n - PID file message extended and small output improvement\n - A log entry will be written when PID files are removed\n - Added operating system name to log file when a test is skipped\n - Added file available check when using --view-manpage\n - Most program variables are initialized now for future additions\n\n---------------------------------------------------------------------------------\n\nLynis 1.1.9 (2008-08-09)\n\n New:\n - New test: AppArmor framework check [MACF-6204]\n - New test: FreeBSD boot loader test [BOOT-5124]\n - New test: PHP option register_globals [PHP-2368]\n - New test: Promiscuous network interfaces (Linux) [NETW-3015]\n - Report option 'bootloader' added to several tests\n - Added readlink binary check\n\n Changes:\n - Extended file check (IsWorldWritable) for symlinks\n - Show result if no default gateway is found [NETW-3001]\n - Added /usr/local/etc to sudoers test [AUTH-9250]\n - Improved FreeBSD banner output [BANN-7113]\n - Removed incorrect line at promiscuous interface test [NETW-3014]\n - Fix: Show only once the GRUB test output [BOOT-5121]\n - Fix: Typo in NTP test [TIME-3104]\n - Fix: Skip NTP test in /etc/cron.d if empty [TIME-3104]\n - Fix: Initialize values when performing an update check without connection\n - Fix: Solaris id function has been fixed\n - Disabled FreeBSD double packages tests, due minor issues [PKGS-7303]\n - Changed LDAP/MySQL running states [LDAP-2219] [DBS-1804]\n - Replaced ifconfig calls with IFCONFIGBINARY\n - Renamed tests_auditing to tests_mac_frameworks\n - Several tests improved with extended logging\n\n---------------------------------------------------------------------------------\n\nLynis 1.1.8 (2008-07-16)\n\n New:\n - Mac OS X support extended and new options added\n\n Changes:\n - Extended default profile\n - Improved several screen output lines\n - User ID check improved, so it works better with older Solaris versions\n - Hostname in output and reports will contain only host now, not FQDN\n - Added extra php.ini locations to tests_php\n - Replaced 'ps' in tests with PSBINARY value for better support\n - Added output to zones test [VIRT-1902]\n - Updated description [AUTH-9218]\n - Extended ntp daemon/ntpdate check [TIME-3104]\n - Added suggestion to bootable scripts check [BOOT_5184]\n - Bugfix and improvement for FreeBSD portsclean test [PKGS-7348]\n - Added Mac OS support to MAC address gathering test [NETW-3006]\n - Added MAC OS support to inet and inet6 addresses test [NETW-3008]\n - Extended PHP expose_php test to support additional options [PHP-2372]\n - Improved LDAP test so it skips correctly on Mac OS AUTH-9238]\n - Bugfix: MySQL status check gave incorrect output [DBS-1804]\n\n---------------------------------------------------------------------------------\n\nLynis 1.1.7 (2008-06-28)\n\n New:\n - New test: check for unused iptables rules [FIRE-4513]\n - New test: checking for dead and zombie processes [PROC-3612]\n - New test: checking for heavy IO waiting processes [PROC-3614]\n - Initial HP-UX support (untested)\n - Initial AIX support (untested)\n - Added iptables binary check\n - Added dig check, for DNS related tests\n - Added option --no-colors to remove all colors from screen output\n - Added option --reverse-colors for optimizing output at light backgrounds\n (Konsole, MacOS terminal etc)\n\n Changes:\n - Improved grpck test for SuSE [AUTH-9216]\n - Added dig availability check to DNS test [NETW-2704]\n - Bugfix: Fixed iptables test if the binary is not located in /sbin [FIRE-4512]\n - Bugfix: Improved yum-utils check to display suggestions correctly [PKGS-7384]\n - Bugfix: Fixed prerequisites for grpck test [AUTH-9216]\n - Improved MySQL check [DBS-1804]\n - Changed color at chkconfig boot services test [BOOT-5177]\n - Added missing prerequisites output to portaudit test [PKGS-7382]\n - Test output for FreeBSD mounts (UFS) improved [FILE-6329]\n - Extended OpenLDAP test to avoid finding itself in ps output [LDAP-2219]\n - Several tests have their warning reporting improved\n - Improved SuSE Linux detection\n - Improved syslog-ng detection\n - Adjusted README with link to online (extended) documentation\n\n---------------------------------------------------------------------------------\n\nLynis 1.1.6 (2008-06-19)\n\n New:\n - New test: Check writable startup scripts [BOOT-5184]\n - New test: Syslog-NG consistency check [LOGG-2134]\n - New test: Check yum-utils package and scanning package database [PKGS-7384]\n - New test: Test for empty ruleset when iptables is loaded [FIRE-4512]\n - New test: Check for expired SSL certificates [CRYP-7902]\n - New test: Check for LDAP authentication support [AUTH-9238]\n - New test: Read available crontab/cron files [SCHD-7704]\n - New test: Query Solaris running zones [VIRT-1902]\n - New test: Check availability sudoers file for future tests [AUTH-9250]\n - New test: Query all home directories from passwd file [HOME-9302]\n - Syslog-NG support added (binary and version check)\n - Added new sections: Scheduling, Time and Synchronization, Virtualization\n\n Changes:\n - Extended several tests with suggestions and warnings\n - Extended GRUB test with GRUB2 check [BOOT-5121]\n - Extended iptables firewall test [FIRE-4511]\n - Fixed incorrect variable at Linux kernel config display [KRNL-5728]\n - Fixed display for file system test [FILE-6023]\n - Reassigned some ID's to match others in category\n - Improvement of several logging sections and profile options\n - Assigned ID to Ubuntu security update check\n - Assigned ID to pwck test for Solaris [AUTH-9230]\n - Assigned ID to FreeBSD unused distfiles check [PKGS-7348]\n - Assigned ID to RPM package query test [PKGS-7308]\n - Assigned ID to /tmp sticky bit test [FILE-6362]\n - Assigned ID to old temporary files check [FILE-6354]\n - Assigned ID to passwd ID 0 test [AUTH-9204]\n - Assigned ID to FreeBSD swap partitions [FILE-6332]\n - Assigned ID to FreeBSD swap mount options [FILE-6336]\n - Assigned ID to nameserver tests [NETW-2704 and NETW-2705]\n - Assigned ID to pf consistency check [FIRE-4520]\n - Assigned ID to Postfix configuration check [MAIL-8816]\n - Assigned ID to Postfix banner check [MAIL-8818]\n - Assigned ID to FreeBSD promiscuous port test [NETW-3014]\n - Assigned ID to file permissions check [FILE-7524]\n\n---------------------------------------------------------------------------------\n\nLynis 1.1.5 (2008-06-10)\n\n New:\n - Assigned ID to Apache configuration file test [HTTP-6624]\n - Added pause_between_tests to profile file, to regulate the speed of a scan\n - Assigned ID to dpkg test and solved issue with colon in package names [PKG-7345]\n - Assigned ID to Solaris package test [PKG-7306]\n - New test: which gathers virtual hosts from Apache configuration files [HTTP-6626]\n - New test: read all loaded kernel modules (Linux) [KRNL-5726]\n - New test: query available FreeBSD network interfaces [NETW-3004]\n - New test: query available IPv4 and IPv6 network addresses [NETW-3008]\n - New test: for MAC addresses [NETW-3006]\n - New test: check if a Linux kernel configuration file is available [KRNL-5728]\n - New test: check boot services for Debian/Ubuntu [BOOT-5180]\n - Added Lynx, Nmap, Wget version to log file\n - Added support for Oracle enterprise Linux (Unbreakable Linux)\n - Added new function ReportWarning for better logging to report file\n\n Changes:\n - Improved FreeBSD pkg_info output, logging output and report data [PKG-7302]\n - Changed shell history file test, searching files with maxdepth 1 [HOME-9310]\n - Extended iptables test, to check Linux kernel configuration file [FIRE-4511]\n - Added report warning to promiscuous test [NETW-3014]\n - Fixed yellow color when being used at text display\n - Several logging improvements and cleanups\n\n---------------------------------------------------------------------------------\n\nLynis 1.1.4 (2008-05-31)\n\n New:\n - Added option to disable Lynis upgrade availability test (profile option)\n - Added new option --check-update, to display (update) information\n - Added stub for malware and file permissions database\n - New section 'LDAP Services'\n - Support for OpenLDAP added\n - Place holders for new tests are added\n - Default profile extended\n - [FILE-6023] Added test for Linux ext2, ext3, ext4 file systems\n - [BOOT-5155] Added check for YABOOT boot loader\n\n Changes:\n - [BANN-7119] Improved MOTD banner check\n - Improved Apache tests for SuSE and Debian systems\n - Debian/Ubuntu file tests improved\n - Extended man page\n\n---------------------------------------------------------------------------------\n\nLynis 1.1.3 (2008-05-21)\n\n New:\n - Added security updates check for Fedora, RHEL 5.x, CentOS 5.x\n - Added Linux kernel version check\n - Most stable tests have an unique ID now\n - Skipped tests have their reason to skip logged\n - Added /etc/lynis/plugins to searchable plugin directory targets\n - Added Register() function, to handle tests, prerequisites and counter\n - Added new crypto tests\n - Added profile option \"test_skip_always\" to blacklist a specific test\n\n Changes:\n - Extended default profile location for FreeBSD\n - Extended accounting test to include pacct as well\n - Improved tests from categories: shells\n - Disabled skel tests\n - Several tests log their warnings into the report file now\n - Changed Linux default runlevel test\n - Extended man page\n\n Fixes:\n - Auditor name didn't get logged properly to report file.\n - Changed Debian/Ubuntu kernel update test, so it won't be tested on others\n - Exim test failed, due to using an incorrect variable name\n\n---------------------------------------------------------------------------------\n\nLynis 1.1.2 (2008-05-11)\n\n New:\n - Added memory test for Solaris (tested on OpenSolaris)\n - Password file consistency check for Solaris\n - 32/64 bits OS mode check for Solaris\n - Added Slackware detection\n - Plugin support (see documentation)\n - Added monolithic/modular test for Linux kernels\n\n Changes:\n - Improved LILO test and removed double message\n - Fixed incorrect message when using --help parameter\n - Improved portaudit test (FreeBSD) to show unique packages only\n - Updated man page, FAQ, extended documentation with plugin information\n - Added several php.ini file locations (MacOS X, OpenBSD, OpenSuSE)\n\n ** Special release notes [package/ports]: **\n - Added several default paths to check for usable INCLUDE directory. This\n should make packaging Lynis easier for downstream package providers.\n - When no profile is set, Lynis will check first /etc/lynis/default.prf,\n before setting default.prf (in current work directory) as profile to use.\n - New directory added to be installed for future versions: plugins\n\n---------------------------------------------------------------------------------\n\nLynis 1.1.1 (2008-04-13)\n\n New:\n - Added Solaris package manager (pkginfo) to obtain installed packages\n - Added new option to profile to whitelist promiscuous interfaces (if_promisc)\n - Added vulnerable packages check for Debian/Ubuntu\n - Added package database consistency check for Debian/Ubuntu\n\n Changes:\n - Only perform boot.conf check for OpenBSD when running on i386\n - Changed RemovePIDFile to prevent incorrect file presence check (ie on OpenBSD)\n - Better OS detection and display output for Ubuntu systems\n - Improved text alignment (display) and logging\n - Commented out some of the default profile options\n - Updated FAQ, readme, man page\n\n Bug fixes:\n - Added missing space at OS detection function\n - Fixed /etc/group tests to ignore commented lines\n - Fixed sticky bit checking on /tmp, so it won't give incorrect results on\n SuSE/Debian systems\n\n---------------------------------------------------------------------------------\n\nLynis 1.1.0 (2008-04-09)\n\n New:\n - Added test: default gateway (Linux/BSD)\n - Added boot tasks to report file (boottask)\n - Added vulnerable packages to report file (vulnerable_package)\n\n Changes:\n - Fixed some typos\n - Several improvements in log output\n - Changed display of operating system version (Linux)\n - Fixed PHP check\n\n---------------------------------------------------------------------------------\n\nLynis 1.0.9 (2008-03-24)\n\n New:\n - Added --quiet option (currently not 100% quiet yet)\n - Added a spec file to the project page (see web site)\n - Added small INSTALL document\n\n Changes:\n - Changed check for PHP (php.ini location)\n - Added available shells from /etc/shells to report file\n - Updated man page\n - Fixed option in main help window for --man option\n - Code improvement, splitting up sections to separated files\n\n---------------------------------------------------------------------------------\n\nLynis 1.0.8 (2008-02-10)\n\n New:\n - Added pf filter rule test\n - Added our PID to PID file\n - Added warnings, real users, mount points, total tests to report file\n\n Changes:\n - Changed Apache configuration file test\n - Changed old temporary files check\n - Changed test to include ubuntu security repository\n - Moved UID check to avoid PID creation as non root user\n - Moved most functions to separated files and several code cleanups\n - Improved logging output\n - Extended FreeBSD (Copyright file) test\n - Changed indentation for many tests\n - Changed some typos in notice/warning messages\n\n---------------------------------------------------------------------------------\n\nLynis 1.0.7 (2008-01-28)\n\n New:\n - Test: UFS mount point check (FreeBSD)\n - Test: Check swap partitions (FreeBSD)\n - Test: find old files in /tmp\n - Test: check presence iptables\n - Test: check CPU PAE/NX support (Linux)\n - Added profile options check\n - Added option to skip Debian security repository check (profile option)\n - Support for Red Hat and CentOS\n\n Changes:\n - Changed report log location to /var/log instead of current work directory\n - Changed --help (and -h) to display general help, instead of man page\n - Renamed -man option to --man\n - Extended profile file (see default.prf)\n - Cleaned up code (rewritten several parts of static code to dynamic\n functions)\n - Added more comments to the program, for curious auditors, developers and\n users. Also regrouped parts of text and cleaned useless white spaces.\n - General program output improved (spaces, indentation)\n - Logging extended\n - Updated lynis.spec file (contrib)\n - FAQ and README files extended and updated\n\n Bugfixes:\n - Changed postfix banner check (thanks to Henk Bokhoven for reporting)\n - Extended skel directory test, with -A (ls) option to check hidden files\n (used with most Linux variants)\n\n Development:\n - Added new mirror\n - Updated year number in program and support files\n - Added new function Display, to use indentation within lines\n - Added function RemovePIDFile before some exit routines, to clean up PID file\n - Extracted profile support, parameter support to separated files\n - Created file tests_ports_packages for Ports and Packages\n - Deleted lynis.spec file, since it was not working and will be rewritten later\n\n---------------------------------------------------------------------------------\n\nLynis 1.0.6 (2007-12-26)\n\n New:\n - Added Solaris real users test\n - Added hostname check\n\n Changes:\n - Added chkconfig binary test and changed related services test\n - Added 'xargs' to version checks, to replace unwanted chars\n - Added more breaks to log file.\n - Added sorting to rpm/dpkg listings\n - FAQ extended\n\n---------------------------------------------------------------------------------\n\nLynis 1.0.5 (2007-12-02)\n\n New:\n - Test: unique group names\n - Test: unique group IDs\n - Added check for rpm, chkrootkit and rkhunter binary\n - Added function to cleanup at manual interrupt (INT)\n - Support added to run Lynis as cronjob (--cronjob)\n - Fedora support added\n - Added umask 027, to tighten up file permissions\n\n Changes:\n - Changed FreeBSD ttys test\n - Changed grpck test, to operate in read-only mode\n - Changed Postfix test, to check for mail_name value as well\n - Changed GPL line in script which said GPL v2\n - Extended README\n - Show latest update version, if available, at the end of the screen output\n - Lots of code cleanup (see Development)\n - Some log improvements\n - Changed date notation in changelog to preferred European format (with dots\n instead of slashes)\n\n Development:\n - New function (ShowResult) to avoid repeating the same result line\n within the script for standard status values\n - Moved program consts to file (include/consts)\n - Moved functions to file (include/functions)\n - Moved OS detection to file (include/osdetection)\n - Added NEVERBREAK to avoid user input (cronjob support)\n\n---------------------------------------------------------------------------------\n\nLynis 1.0.4 (2007-11-27)\n\n New:\n - Test: query real system users (FreeBSD/Linux)\n - Added PID file usage, to warn for unclean program states.\n - Added SSHd version test\n\n Changes:\n - Updated documentation\n - Changed sticky bit test (/tmp), to skip symlinks\n - Changed /etc/motd test, to skip symlinks\n - More code cleanup\n - Logging extended and improved\n - Screen output slightly changed\n\n---------------------------------------------------------------------------------\n\nLynis 1.0.3 (2007-11-19)\n\n New:\n - Added check for sockstat\n - Test: added test for GRUB and password option\n - Test: query listening ports (sockstat)\n\n Changes:\n - Fixed NTPd check (bug)\n - Extended help for 'double installed package' check (BSD systems, pkg_info)\n - Extended Debian kernel update check\n - Improved OpenBSD support\n - Improved Linux specific detection support (Cobalt, CPU Builders, Debian,\n E-Smith, Slackware, SuSE/OpenSuSE, Turbo Linux, Yellowdog and others)\n - Improved screen output\n - Extended logging, with status/impact flags\n - [Bugfix] chkconfig test improved\n - [Bugfix] Fixed sticky bit test at Debian\n - Extended documentation and changelog file\n\n---------------------------------------------------------------------------------\n\nLynis 1.0.2 (2007-11-15)\n\n New:\n - Test: Added check for NTP daemon or client\n - Test: file permissions (profile option)\n - Added -Q (--quick) parameter, to run the program without needing user\n input after every few sections.\n\n Changes:\n - Extended documentation (README file) and performed spell check\n - Improved screen output (colors, parameter handling and display)\n - Cleaned up source code and fixed some bad typos\n - Added much more delimiter lines to logfile\n - Added version numbers to logfile for used binaries/tools\n - Updated list of parameters within Lynis help\n\n---------------------------------------------------------------------------------\n\nLynis 1.0.1 (2007-11-12)\n\n New:\n - Test: check Exim configuration file location\n - Test: added memory check (/proc/meminfo)\n - Test: run grpck to check group files (if available)\n - Test: boot option check for OpenBSD boot loader\n - Test: check if pf (Software: firewall) is active\n - Test: check LILO password\n - Test: check presence of old distfiles (FreeBSD)\n - Added check for binaries: httpd, kldstat, openssl, (s)locate\n - Added version check for: exim, openssl\n - Added -V (--version) parameter, to show version number\n - Added breaks between tests\n\n Changes:\n - [bug] Changed skel directory check\n - Fixed display Apache configuration file\n\n---------------------------------------------------------------------------------\n\nLynis 1.0.0 (2007-11-08)\n\n New:\n - Support for CentOS (Tested: 5 Final)\n - Support for Debian (Tested: 4.0)\n - Support for FreeBSD (Tested: 6.2)\n - Support for Mac OS X (Tested: 10.4)\n - Test: Apache (ServerTokens option)\n - Test: PHP (expose_php option)\n - Test: Postfix (smtpd_banner option)\n - Test: check valid shells\n - Test: query pkg_info/RPM based systems\n - Test: query pkg_info for double installed packages\n - Test: query chkprintcap (FreeBSD)\n - Test: scan binary directories\n - Test: check administrator accounts\n - Test: check permissions /etc/motd\n - Test: read nameservers from /etc/resolv.conf\n - Test: query nameservers and test connectivity\n - Test: check promiscuous interfaces (FreeBSD)\n - Test: check sticky bit on /tmp directory\n - Test: check debian.org security branch in /etc/apt/sources.list\n - Test: check kernel update on Debian\n - Test: query default Linux run level\n - Test: query chkconfig to see which services start at boot\n - Test /etc/COPYRIGHT banner check for FreeBSD\n - Support for program parameters\n - Builtin integrity checks\n - Color enhanced output for readability\n - Support for profiles/templates\n - Report file creation (for reporting/monitoring)\n - Extended logfile creation (with system suggestions)\n - Added lynis.spec file for RPM creation\n - Created project page at website\n - Added documentation (README), ToDo list (TODO)\n - Man page lynis(8)\n\n Changes:\n - No changes\n\n Bugfixes:\n - No bugfixes\n\n\n==========================================================================================\n Lynis - Security Auditing and System Hardening for Linux and UNIX - https://cisofy.com\n" }, { "path": "CODE_OF_CONDUCT.md", "content": "# Contributor Covenant Code of Conduct\n\n## Our Pledge\n\nIn the interest of fostering an open and welcoming environment, we as contributors and maintainers pledge to making participation in our project and our community a harassment-free experience for everyone, regardless of age, body size, disability, ethnicity, gender identity and expression, level of experience, nationality, personal appearance, race, religion, or sexual identity and orientation.\n\n## Our Standards\n\nExamples of behavior that contributes to creating a positive environment include:\n\n* Using welcoming and inclusive language\n* Being respectful of differing viewpoints and experiences\n* Gracefully accepting constructive criticism\n* Focusing on what is best for the community\n* Showing empathy towards other community members\n\nExamples of unacceptable behavior by participants include:\n\n* The use of sexualized language or imagery and unwelcome sexual attention or advances\n* Trolling, insulting/derogatory comments, and personal or political attacks\n* Public or private harassment\n* Publishing others' private information, such as a physical or electronic address, without explicit permission\n* Other conduct which could reasonably be considered inappropriate in a professional setting\n\n## Our Responsibilities\n\nProject maintainers are responsible for clarifying the standards of acceptable behavior and are expected to take appropriate and fair corrective action in response to any instances of unacceptable behavior.\n\nProject maintainers have the right and responsibility to remove, edit, or reject comments, commits, code, wiki edits, issues, and other contributions that are not aligned to this Code of Conduct, or to ban temporarily or permanently any contributor for other behaviors that they deem inappropriate, threatening, offensive, or harmful.\n\n## Scope\n\nThis Code of Conduct applies both within project spaces and in public spaces when an individual is representing the project or its community. Examples of representing a project or community include using an official project e-mail address, posting via an official social media account, or acting as an appointed representative at an online or offline event. Representation of a project may be further defined and clarified by project maintainers.\n\n## Enforcement\n\nInstances of abusive, harassing, or otherwise unacceptable behavior may be reported by contacting the project team at github@cisofy.com. The project team will review and investigate all complaints, and will respond in a way that it deems appropriate to the circumstances. The project team is obligated to maintain confidentiality with regard to the reporter of an incident. Further details of specific enforcement policies may be posted separately.\n\nProject maintainers who do not follow or enforce the Code of Conduct in good faith may face temporary or permanent repercussions as determined by other members of the project's leadership.\n\n## Attribution\n\nThis Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4, available at [http://contributor-covenant.org/version/1/4][version]\n\n[homepage]: http://contributor-covenant.org\n[version]: http://contributor-covenant.org/version/1/4/\n" }, { "path": "CONTRIBUTING.md", "content": "\n# Contributions\n\n## Helping out\n\n### Run the latest version from GitHub\nRun the tool in debug mode (use lynis audit system --profile developer.prf) and see if it shows any error.\n\n### Report bugs\nCreate a GitHub issue on the issue tracker.\n\n### Suggest changes (pull request)\nWhen you find something that can be improved, fork the project and create a pull request.\n\n### Translations\nSee the db/languages directory.\n\n\n## Developer Guidelines\n\nTo ensure all pull requests can be easily checked and merged, here are some tips:\n* Your code should work on other platforms running the bourne shell (/bin/sh), not just BASH.\n* Properly document your code where needed. Besides the 'what', focus on explaining the 'why'.\n* Check the log information (lynis.log) of your new test or changed code, so that it provides helpful details for others.\n\n\n## Code Guidelines\n\n### General\nIndentation should be 4 spaces (no tab character).\n\n### Comments\nComments: use # sign followed by a space. When needed, create a comment block.\nBlank lines: allowed, one line maximum.\n\n### Functions\nAll functions use CamelCase to clearly show a difference between shell built-in commands, or external commands.\n\n### Variables\nVariables should be capitalized, with underscore as word separator (e.g. PROCESS_EXISTS=1).\n\n\n## Pull Requests\nWe welcome any contribution to improve Lynis. Contributions to the Lynis project can\nbe submitted as a pull request. The upstream project can be found in our [GitHub repository](https://github.com/CISOfy/lynis).\n\nBy submitting a [Pull Request](https://help.github.com/articles/using-pull-requests/)\nto this repository, you agree that you:\n\n1. Own the contribution that you are providing or have obtained permission from\n the contribution owner\n\n2. Allow your contribution to be licensed under the license of the target\n project (GPLv3)\n\n3. Allow your contribution to be freely distributed to the Lynis community\n\n4. Allow the project the [Unlimited Rights](#Unlimited-Rights) to your contribution\n\nIf you have questions regarding development, send us an e-mail at [lynis-dev](mailto:lynis-dev@cisofy.com).\n\n\n## Unlimited Rights\nOur project is licensed under GPLv3. By providing a contribution to the project,\nit will be used for the purpose of the project. Unlimited rights includes the\nrights to use, modify, reproduce, release, perform, display, or disclose computer\nsoftware or computer software documentation in whole or in part, in any manner\nand for any purpose whatsoever, and to have or authorize others to do so.\n\nIf you want to be named in as a contributor in the CONTRIBUTOR file, then include\nthis notation in your pull request. Preferred format: Full Name, and your e-mail\naddress).\n\n" }, { "path": "CONTRIBUTORS.md", "content": "# Lynis - CONTRIBUTORS\n\n==========================================================================================\n\nThe Lynis project is very thankful to the individuals who contributed to the project.\n\n Want to contribute as well? Here are some suggestions:\n\n - Create new tests for your favorite software packages\n - Translate Lynis into your native language\n - Report (unexpected) screen errors\n - Share missing results and findings\n - Check for grammar issues\n\n See [CONTRIBUTING.md](https://github.com/CISOfy/lynis/blob/master/CONTRIBUTING.md) for more details.\n\n==========================================================================================\n\n\n## Package Maintainers\n\n* Arch Linux - Levente Polyak\n* Debian / Ubuntu - Francisco Manuel Garcia Claramonte\n* Fedora / EPEL - Athmane Madjoudj\n* FreeBSD port - Lars Engels\n* NetBSD - Stephen Borrill\n* Slackware - Eric Hameleers\n* OpenBSD port - Gonzalo Rodriguez\n\n\n## Special Contributors\n\nThese people made a significant impact to the development of Lynis:\n\n* Michael Boelen, The Netherlands (original author)\n* Alexander Lobodzinski, Germany\n* Bodine Wilson\n* Brian Ginsbach\n* C.J. Collier, US\n* Charlie Heselton, US\n* Dave Vehrs\n* David Marzal Cánovas, Spain\n* Eric Light, New Zealand\n* Kamil Boratyński, Poland\n* Mike Slifcak, US\n* Mikko Lehtisalo, Finland\n* Steve Bosek, France\n* Thomas Siebel, Germany\n* Thomas Sjögren, Sweden\n* Topi Miettinen, Finland\n* Zach Crownover\n\n\n## Translators\n------------------------------------------\n\n* Chinese - Shawn - citypw (GitHub)\n* Dutch - Michael Boelen, mboelen (GitHub)\n* Finnish - Juha, Newman101 (GitHub)\n* French - DocEmmetBrown (GitHub)\n* German - Kai Raven\n* Hebrew - Dolev Farhi, dolevf (GitHub)\n* Hungarian - Zoltan Paldi, paldiz (GitHub)\n* Italian - Stefano Marty, stefanomarty (GitHub)\n* Japanese - Yukio Takahara, port80takahara (GitHub)\n* Portuguese - Dayvidson (GitHub)\n* Spanish - Jesus Christian Cruz Acono, compermisos (GitHub)\n* Swedish - Peter Carlsson, PCarlsson (GitHub)\n* Turkish - Orhan Biyiklioglu, biyiklioglu (GitHub)\n\n\nThanks to all people who contributed code and suggestions for over almost a decade!\n\n\n==========================================================================================\n Lynis - Security Auditing and System Hardening for Linux and UNIX - https://cisofy.com\n" }, { "path": "FAQ", "content": "\n================================================================================\n\n Lynis - Frequently Asked Questions\n\n================================================================================\n\n Author: 2007-2013, Michael Boelen (michael.boelen@cisofy.com)\n 2013-now, CISOfy development team\n Description: Security and system auditing tool\n Web site: https://cisofy.com/lynis/\n GitHub: https://github.com/CISOfy/lynis\n Support address: lynis-dev@cisofy.com\n Development: May 2007 - Now\n Support: See README file and https://cisofy.com/support/\n Documentation: See web site, README, FAQ and CHANGELOG file\n\n================================================================================\n\n[+] General\n-------------------------------\n\n Q: I don't understand the program (output), what to do?\n A: Keep reading this FAQ. Also useful are the README file and the log file\n (default: /var/log/lynis.log). Or check out the documentation on the\n website: https://cisofy.com/support/\n\n Q: I can't find any configuration file for Lynis, where is it?\n A: Lynis uses profiles. A profile is similar to a configuration file and\n determines how a security scan should be performed. Profiles are usually\n stored in /etc/lynis or can be found using 'lynis show profiles'.\n\n Q: My version is outdated, what can I do to upgrade?\n Check out the upgrade guide: https://cisofy.com/documentation/lynis/upgrading/\n\n Q: Why is there no port/package for my operating system?\n A: Because there is no maintainer for it yet. If you have the time to keep\n the port/package current for your preferred operating system, let us know.\n\n Q: What to do with the report files?\n A: The output could be used for monitoring (baseline checks). For users of the\n Lynis Enterprise Suite, they will be used to upload data.\n\n\n\n[+] Bugs or issues\n-------------------------------\n Q: Where can I report an issue or bug?\n A: GitHub, or use the developer e-mail address lynis-dev@cisofy.com\n\n\n\n[+] Usage problems\n-------------------------------\n Q: Lynis hangs while testing the group files (grpck)\n A: Run the grpck command manually. It will most likely need user input, to\n repair incorrect groups.\n\n Q: Lynis doesn't display all messages on a white background\n A: White text is used for general (and important) messages. Most terminals\n have a dark background, so it gives extra attention to the message. However\n if you have a white background (for example Mac OS X), you can run Lynis\n with --no-colors to strip colors or --reverse-colors to reverse the color\n scheme. Another option is to change your terminal colors within Mac OS.\n\n Q: Some tests take very long to finish, what to do?\n A: Use a second console (or connection) and check the output of ps/lsof etc,\n to see the status of the active subroutine. If a specific test hangs for a\n very long time, try to kill that specific process (ie grpck) and see if\n Lynis continues. Afterwards, run the command manually to see the cause.\n Check the log file for additional information. Usually the last few lines\n will indicate what test is stuck.\n\n Q: When running Lynis, it shows me the usage help even while using correct\n parameters, why?\n A: This can happen with alternative shells. Try using a different shell to\n invoke Lynis (example: bash lynis audit system).\n\n Q: One or more tests are giving incorrect output. How to solve that?\n A: Check the log file. If that also has incorrect data, let us know via GitHub\n or use the developer e-mail address.\n\n Q: The program takes long to complete and also uses too much resources. Can it\n be tuned?\n A: The time it takes to complete depends on the amount of tests to run.\n However the resources it take can be slightly lowered by increasing the\n pause_between_tests profile option. Keep in mind this increases the total\n length of the scan to complete.\n\n\n\n[+] Network related issues\n-------------------------------\n\n Q: Lynis reports promiscuous interfaces, but they are needed for normal operation,\n how can I hide this warning?\n A: Whitelist the interface in the profile file (if_promisc).\n\n\n================================================================================\n" }, { "path": "HAPPY_USERS.md", "content": "# Happy users of the Lynis project\n\n## Community\n\nSince 2007, the Lynis project helped many system administrators and security\nprofessionals to scan their systems and perform system hardening. Happy users\nand contributors are the foundation of a healthy project.\n\n\n## Your contribution\n\nAre you also using Lynis? Contribute to the project by let others know:\n1) What you like about the tool\n2) How you use it\n\nYour addition to the guestbook below will help existing and new users learn more\nabout how Lynis can help them.\n\n### How to\n\nCreate a pull request and add your name above the first entry. Thanks!\n\n\n## Our guestbook\n\n\n* YOUR NAME AND STORY\n\n\n* Michael Boelen - September 2019\nThe development of Lynis learned me a lot about Linux and Unix security. It is\ninstalled on all my systems to uncover unexpected configuration issues. The\nvaluable feedback and contributions give me the energy to continue to work on\nits development, even after 12+ years!\n\n* Catalyst.net IT - January 2020\nLynis gave us great insight in to the security state of our systems, as well as where we can improve.\n\n* David Osipov - October 2021\nLynis opened my eyes on Linux security hardening best practices. As a newbie, I learn a lot about Linux system architecture while trying to harden my system.\n" }, { "path": "INSTALL", "content": "\n================================================================================\n\n Lynis - Installation instructions\n\n================================================================================\n\n Author: 2007-2013, Michael Boelen (michael.boelen@cisofy.com)\n 2013-now, CISOfy development team\n Description: Security and system auditing tool\n Web site: https://cisofy.com\n Support: See 'Support' and https://cisofy.com/support/\n Documentation: See web site, README, FAQ and CHANGELOG file\n\n================================================================================\n\n\n[+] Run directly\n-------------------------------\n\n Lynis can be executed directly (unpack tarball, enter lynis directory).\n\n # sh lynis\n or\n # ./lynis\n\n Root privileges are preferred for full audits.\n\n\n\n[+] Installation\n-------------------------------\n\n If you want to install Lynis, see the README file (section: Installation) for\n more tips about how to install or create a custom package.\n\n Packages are available via https://packages.cisofy.com\n\n\n\n[+] Documentation\n-------------------------------\n\n Documentation about Lynis can be found in the man page (man lynis, or\n lynis --man-page), README file and website. Also the FAQ file covers some\n often asked questions.\n\n\n================================================================================\n" }, { "path": "LICENSE", "content": "\n GNU GENERAL PUBLIC LICENSE\n Version 3, 29 June 2007\n\n Copyright (C) 2007 Free Software Foundation, Inc. \n Everyone is permitted to copy and distribute verbatim copies\n of this license document, but changing it is not allowed.\n\n Preamble\n\n The GNU General Public License is a free, copyleft license for\nsoftware and other kinds of works.\n\n The licenses for most software and other practical works are designed\nto take away your freedom to share and change the works. By contrast,\nthe GNU General Public License is intended to guarantee your freedom to\nshare and change all versions of a program--to make sure it remains free\nsoftware for all its users. We, the Free Software Foundation, use the\nGNU General Public License for most of our software; it applies also to\nany other work released this way by its authors. You can apply it to\nyour programs, too.\n\n When we speak of free software, we are referring to freedom, not\nprice. Our General Public Licenses are designed to make sure that you\nhave the freedom to distribute copies of free software (and charge for\nthem if you wish), that you receive source code or can get it if you\nwant it, that you can change the software or use pieces of it in new\nfree programs, and that you know you can do these things.\n\n To protect your rights, we need to prevent others from denying you\nthese rights or asking you to surrender the rights. Therefore, you have\ncertain responsibilities if you distribute copies of the software, or if\nyou modify it: responsibilities to respect the freedom of others.\n\n For example, if you distribute copies of such a program, whether\ngratis or for a fee, you must pass on to the recipients the same\nfreedoms that you received. You must make sure that they, too, receive\nor can get the source code. And you must show them these terms so they\nknow their rights.\n\n Developers that use the GNU GPL protect your rights with two steps:\n(1) assert copyright on the software, and (2) offer you this License\ngiving you legal permission to copy, distribute and/or modify it.\n\n For the developers' and authors' protection, the GPL clearly explains\nthat there is no warranty for this free software. For both users' and\nauthors' sake, the GPL requires that modified versions be marked as\nchanged, so that their problems will not be attributed erroneously to\nauthors of previous versions.\n\n Some devices are designed to deny users access to install or run\nmodified versions of the software inside them, although the manufacturer\ncan do so. This is fundamentally incompatible with the aim of\nprotecting users' freedom to change the software. The systematic\npattern of such abuse occurs in the area of products for individuals to\nuse, which is precisely where it is most unacceptable. Therefore, we\nhave designed this version of the GPL to prohibit the practice for those\nproducts. If such problems arise substantially in other domains, we\nstand ready to extend this provision to those domains in future versions\nof the GPL, as needed to protect the freedom of users.\n\n Finally, every program is threatened constantly by software patents.\nStates should not allow patents to restrict development and use of\nsoftware on general-purpose computers, but in those that do, we wish to\navoid the special danger that patents applied to a free program could\nmake it effectively proprietary. To prevent this, the GPL assures that\npatents cannot be used to render the program non-free.\n\n The precise terms and conditions for copying, distribution and\nmodification follow.\n\n TERMS AND CONDITIONS\n\n 0. Definitions.\n\n \"This License\" refers to version 3 of the GNU General Public License.\n\n \"Copyright\" also means copyright-like laws that apply to other kinds of\nworks, such as semiconductor masks.\n\n \"The Program\" refers to any copyrightable work licensed under this\nLicense. Each licensee is addressed as \"you\". \"Licensees\" and\n\"recipients\" may be individuals or organizations.\n\n To \"modify\" a work means to copy from or adapt all or part of the work\nin a fashion requiring copyright permission, other than the making of an\nexact copy. The resulting work is called a \"modified version\" of the\nearlier work or a work \"based on\" the earlier work.\n\n A \"covered work\" means either the unmodified Program or a work based\non the Program.\n\n To \"propagate\" a work means to do anything with it that, without\npermission, would make you directly or secondarily liable for\ninfringement under applicable copyright law, except executing it on a\ncomputer or modifying a private copy. Propagation includes copying,\ndistribution (with or without modification), making available to the\npublic, and in some countries other activities as well.\n\n To \"convey\" a work means any kind of propagation that enables other\nparties to make or receive copies. Mere interaction with a user through\na computer network, with no transfer of a copy, is not conveying.\n\n An interactive user interface displays \"Appropriate Legal Notices\"\nto the extent that it includes a convenient and prominently visible\nfeature that (1) displays an appropriate copyright notice, and (2)\ntells the user that there is no warranty for the work (except to the\nextent that warranties are provided), that licensees may convey the\nwork under this License, and how to view a copy of this License. If\nthe interface presents a list of user commands or options, such as a\nmenu, a prominent item in the list meets this criterion.\n\n 1. Source Code.\n\n The \"source code\" for a work means the preferred form of the work\nfor making modifications to it. \"Object code\" means any non-source\nform of a work.\n\n A \"Standard Interface\" means an interface that either is an official\nstandard defined by a recognized standards body, or, in the case of\ninterfaces specified for a particular programming language, one that\nis widely used among developers working in that language.\n\n The \"System Libraries\" of an executable work include anything, other\nthan the work as a whole, that (a) is included in the normal form of\npackaging a Major Component, but which is not part of that Major\nComponent, and (b) serves only to enable use of the work with that\nMajor Component, or to implement a Standard Interface for which an\nimplementation is available to the public in source code form. A\n\"Major Component\", in this context, means a major essential component\n(kernel, window system, and so on) of the specific operating system\n(if any) on which the executable work runs, or a compiler used to\nproduce the work, or an object code interpreter used to run it.\n\n The \"Corresponding Source\" for a work in object code form means all\nthe source code needed to generate, install, and (for an executable\nwork) run the object code and to modify the work, including scripts to\ncontrol those activities. However, it does not include the work's\nSystem Libraries, or general-purpose tools or generally available free\nprograms which are used unmodified in performing those activities but\nwhich are not part of the work. For example, Corresponding Source\nincludes interface definition files associated with source files for\nthe work, and the source code for shared libraries and dynamically\nlinked subprograms that the work is specifically designed to require,\nsuch as by intimate data communication or control flow between those\nsubprograms and other parts of the work.\n\n The Corresponding Source need not include anything that users\ncan regenerate automatically from other parts of the Corresponding\nSource.\n\n The Corresponding Source for a work in source code form is that\nsame work.\n\n 2. Basic Permissions.\n\n All rights granted under this License are granted for the term of\ncopyright on the Program, and are irrevocable provided the stated\nconditions are met. This License explicitly affirms your unlimited\npermission to run the unmodified Program. The output from running a\ncovered work is covered by this License only if the output, given its\ncontent, constitutes a covered work. This License acknowledges your\nrights of fair use or other equivalent, as provided by copyright law.\n\n You may make, run and propagate covered works that you do not\nconvey, without conditions so long as your license otherwise remains\nin force. You may convey covered works to others for the sole purpose\nof having them make modifications exclusively for you, or provide you\nwith facilities for running those works, provided that you comply with\nthe terms of this License in conveying all material for which you do\nnot control copyright. Those thus making or running the covered works\nfor you must do so exclusively on your behalf, under your direction\nand control, on terms that prohibit them from making any copies of\nyour copyrighted material outside their relationship with you.\n\n Conveying under any other circumstances is permitted solely under\nthe conditions stated below. Sublicensing is not allowed; section 10\nmakes it unnecessary.\n\n 3. Protecting Users' Legal Rights From Anti-Circumvention Law.\n\n No covered work shall be deemed part of an effective technological\nmeasure under any applicable law fulfilling obligations under article\n11 of the WIPO copyright treaty adopted on 20 December 1996, or\nsimilar laws prohibiting or restricting circumvention of such\nmeasures.\n\n When you convey a covered work, you waive any legal power to forbid\ncircumvention of technological measures to the extent such circumvention\nis effected by exercising rights under this License with respect to\nthe covered work, and you disclaim any intention to limit operation or\nmodification of the work as a means of enforcing, against the work's\nusers, your or third parties' legal rights to forbid circumvention of\ntechnological measures.\n\n 4. Conveying Verbatim Copies.\n\n You may convey verbatim copies of the Program's source code as you\nreceive it, in any medium, provided that you conspicuously and\nappropriately publish on each copy an appropriate copyright notice;\nkeep intact all notices stating that this License and any\nnon-permissive terms added in accord with section 7 apply to the code;\nkeep intact all notices of the absence of any warranty; and give all\nrecipients a copy of this License along with the Program.\n\n You may charge any price or no price for each copy that you convey,\nand you may offer support or warranty protection for a fee.\n\n 5. Conveying Modified Source Versions.\n\n You may convey a work based on the Program, or the modifications to\nproduce it from the Program, in the form of source code under the\nterms of section 4, provided that you also meet all of these conditions:\n\n a) The work must carry prominent notices stating that you modified\n it, and giving a relevant date.\n\n b) The work must carry prominent notices stating that it is\n released under this License and any conditions added under section\n 7. This requirement modifies the requirement in section 4 to\n \"keep intact all notices\".\n\n c) You must license the entire work, as a whole, under this\n License to anyone who comes into possession of a copy. This\n License will therefore apply, along with any applicable section 7\n additional terms, to the whole of the work, and all its parts,\n regardless of how they are packaged. This License gives no\n permission to license the work in any other way, but it does not\n invalidate such permission if you have separately received it.\n\n d) If the work has interactive user interfaces, each must display\n Appropriate Legal Notices; however, if the Program has interactive\n interfaces that do not display Appropriate Legal Notices, your\n work need not make them do so.\n\n A compilation of a covered work with other separate and independent\nworks, which are not by their nature extensions of the covered work,\nand which are not combined with it such as to form a larger program,\nin or on a volume of a storage or distribution medium, is called an\n\"aggregate\" if the compilation and its resulting copyright are not\nused to limit the access or legal rights of the compilation's users\nbeyond what the individual works permit. Inclusion of a covered work\nin an aggregate does not cause this License to apply to the other\nparts of the aggregate.\n\n 6. Conveying Non-Source Forms.\n\n You may convey a covered work in object code form under the terms\nof sections 4 and 5, provided that you also convey the\nmachine-readable Corresponding Source under the terms of this License,\nin one of these ways:\n\n a) Convey the object code in, or embodied in, a physical product\n (including a physical distribution medium), accompanied by the\n Corresponding Source fixed on a durable physical medium\n customarily used for software interchange.\n\n b) Convey the object code in, or embodied in, a physical product\n (including a physical distribution medium), accompanied by a\n written offer, valid for at least three years and valid for as\n long as you offer spare parts or customer support for that product\n model, to give anyone who possesses the object code either (1) a\n copy of the Corresponding Source for all the software in the\n product that is covered by this License, on a durable physical\n medium customarily used for software interchange, for a price no\n more than your reasonable cost of physically performing this\n conveying of source, or (2) access to copy the\n Corresponding Source from a network server at no charge.\n\n c) Convey individual copies of the object code with a copy of the\n written offer to provide the Corresponding Source. This\n alternative is allowed only occasionally and noncommercially, and\n only if you received the object code with such an offer, in accord\n with subsection 6b.\n\n d) Convey the object code by offering access from a designated\n place (gratis or for a charge), and offer equivalent access to the\n Corresponding Source in the same way through the same place at no\n further charge. You need not require recipients to copy the\n Corresponding Source along with the object code. If the place to\n copy the object code is a network server, the Corresponding Source\n may be on a different server (operated by you or a third party)\n that supports equivalent copying facilities, provided you maintain\n clear directions next to the object code saying where to find the\n Corresponding Source. Regardless of what server hosts the\n Corresponding Source, you remain obligated to ensure that it is\n available for as long as needed to satisfy these requirements.\n\n e) Convey the object code using peer-to-peer transmission, provided\n you inform other peers where the object code and Corresponding\n Source of the work are being offered to the general public at no\n charge under subsection 6d.\n\n A separable portion of the object code, whose source code is excluded\nfrom the Corresponding Source as a System Library, need not be\nincluded in conveying the object code work.\n\n A \"User Product\" is either (1) a \"consumer product\", which means any\ntangible personal property which is normally used for personal, family,\nor household purposes, or (2) anything designed or sold for incorporation\ninto a dwelling. In determining whether a product is a consumer product,\ndoubtful cases shall be resolved in favor of coverage. For a particular\nproduct received by a particular user, \"normally used\" refers to a\ntypical or common use of that class of product, regardless of the status\nof the particular user or of the way in which the particular user\nactually uses, or expects or is expected to use, the product. A product\nis a consumer product regardless of whether the product has substantial\ncommercial, industrial or non-consumer uses, unless such uses represent\nthe only significant mode of use of the product.\n\n \"Installation Information\" for a User Product means any methods,\nprocedures, authorization keys, or other information required to install\nand execute modified versions of a covered work in that User Product from\na modified version of its Corresponding Source. The information must\nsuffice to ensure that the continued functioning of the modified object\ncode is in no case prevented or interfered with solely because\nmodification has been made.\n\n If you convey an object code work under this section in, or with, or\nspecifically for use in, a User Product, and the conveying occurs as\npart of a transaction in which the right of possession and use of the\nUser Product is transferred to the recipient in perpetuity or for a\nfixed term (regardless of how the transaction is characterized), the\nCorresponding Source conveyed under this section must be accompanied\nby the Installation Information. But this requirement does not apply\nif neither you nor any third party retains the ability to install\nmodified object code on the User Product (for example, the work has\nbeen installed in ROM).\n\n The requirement to provide Installation Information does not include a\nrequirement to continue to provide support service, warranty, or updates\nfor a work that has been modified or installed by the recipient, or for\nthe User Product in which it has been modified or installed. Access to a\nnetwork may be denied when the modification itself materially and\nadversely affects the operation of the network or violates the rules and\nprotocols for communication across the network.\n\n Corresponding Source conveyed, and Installation Information provided,\nin accord with this section must be in a format that is publicly\ndocumented (and with an implementation available to the public in\nsource code form), and must require no special password or key for\nunpacking, reading or copying.\n\n 7. Additional Terms.\n\n \"Additional permissions\" are terms that supplement the terms of this\nLicense by making exceptions from one or more of its conditions.\nAdditional permissions that are applicable to the entire Program shall\nbe treated as though they were included in this License, to the extent\nthat they are valid under applicable law. If additional permissions\napply only to part of the Program, that part may be used separately\nunder those permissions, but the entire Program remains governed by\nthis License without regard to the additional permissions.\n\n When you convey a copy of a covered work, you may at your option\nremove any additional permissions from that copy, or from any part of\nit. (Additional permissions may be written to require their own\nremoval in certain cases when you modify the work.) You may place\nadditional permissions on material, added by you to a covered work,\nfor which you have or can give appropriate copyright permission.\n\n Notwithstanding any other provision of this License, for material you\nadd to a covered work, you may (if authorized by the copyright holders of\nthat material) supplement the terms of this License with terms:\n\n a) Disclaiming warranty or limiting liability differently from the\n terms of sections 15 and 16 of this License; or\n\n b) Requiring preservation of specified reasonable legal notices or\n author attributions in that material or in the Appropriate Legal\n Notices displayed by works containing it; or\n\n c) Prohibiting misrepresentation of the origin of that material, or\n requiring that modified versions of such material be marked in\n reasonable ways as different from the original version; or\n\n d) Limiting the use for publicity purposes of names of licensors or\n authors of the material; or\n\n e) Declining to grant rights under trademark law for use of some\n trade names, trademarks, or service marks; or\n\n f) Requiring indemnification of licensors and authors of that\n material by anyone who conveys the material (or modified versions of\n it) with contractual assumptions of liability to the recipient, for\n any liability that these contractual assumptions directly impose on\n those licensors and authors.\n\n All other non-permissive additional terms are considered \"further\nrestrictions\" within the meaning of section 10. If the Program as you\nreceived it, or any part of it, contains a notice stating that it is\ngoverned by this License along with a term that is a further\nrestriction, you may remove that term. If a license document contains\na further restriction but permits relicensing or conveying under this\nLicense, you may add to a covered work material governed by the terms\nof that license document, provided that the further restriction does\nnot survive such relicensing or conveying.\n\n If you add terms to a covered work in accord with this section, you\nmust place, in the relevant source files, a statement of the\nadditional terms that apply to those files, or a notice indicating\nwhere to find the applicable terms.\n\n Additional terms, permissive or non-permissive, may be stated in the\nform of a separately written license, or stated as exceptions;\nthe above requirements apply either way.\n\n 8. Termination.\n\n You may not propagate or modify a covered work except as expressly\nprovided under this License. Any attempt otherwise to propagate or\nmodify it is void, and will automatically terminate your rights under\nthis License (including any patent licenses granted under the third\nparagraph of section 11).\n\n However, if you cease all violation of this License, then your\nlicense from a particular copyright holder is reinstated (a)\nprovisionally, unless and until the copyright holder explicitly and\nfinally terminates your license, and (b) permanently, if the copyright\nholder fails to notify you of the violation by some reasonable means\nprior to 60 days after the cessation.\n\n Moreover, your license from a particular copyright holder is\nreinstated permanently if the copyright holder notifies you of the\nviolation by some reasonable means, this is the first time you have\nreceived notice of violation of this License (for any work) from that\ncopyright holder, and you cure the violation prior to 30 days after\nyour receipt of the notice.\n\n Termination of your rights under this section does not terminate the\nlicenses of parties who have received copies or rights from you under\nthis License. If your rights have been terminated and not permanently\nreinstated, you do not qualify to receive new licenses for the same\nmaterial under section 10.\n\n 9. Acceptance Not Required for Having Copies.\n\n You are not required to accept this License in order to receive or\nrun a copy of the Program. Ancillary propagation of a covered work\noccurring solely as a consequence of using peer-to-peer transmission\nto receive a copy likewise does not require acceptance. However,\nnothing other than this License grants you permission to propagate or\nmodify any covered work. These actions infringe copyright if you do\nnot accept this License. Therefore, by modifying or propagating a\ncovered work, you indicate your acceptance of this License to do so.\n\n 10. Automatic Licensing of Downstream Recipients.\n\n Each time you convey a covered work, the recipient automatically\nreceives a license from the original licensors, to run, modify and\npropagate that work, subject to this License. You are not responsible\nfor enforcing compliance by third parties with this License.\n\n An \"entity transaction\" is a transaction transferring control of an\norganization, or substantially all assets of one, or subdividing an\norganization, or merging organizations. If propagation of a covered\nwork results from an entity transaction, each party to that\ntransaction who receives a copy of the work also receives whatever\nlicenses to the work the party's predecessor in interest had or could\ngive under the previous paragraph, plus a right to possession of the\nCorresponding Source of the work from the predecessor in interest, if\nthe predecessor has it or can get it with reasonable efforts.\n\n You may not impose any further restrictions on the exercise of the\nrights granted or affirmed under this License. For example, you may\nnot impose a license fee, royalty, or other charge for exercise of\nrights granted under this License, and you may not initiate litigation\n(including a cross-claim or counterclaim in a lawsuit) alleging that\nany patent claim is infringed by making, using, selling, offering for\nsale, or importing the Program or any portion of it.\n\n 11. Patents.\n\n A \"contributor\" is a copyright holder who authorizes use under this\nLicense of the Program or a work on which the Program is based. The\nwork thus licensed is called the contributor's \"contributor version\".\n\n A contributor's \"essential patent claims\" are all patent claims\nowned or controlled by the contributor, whether already acquired or\nhereafter acquired, that would be infringed by some manner, permitted\nby this License, of making, using, or selling its contributor version,\nbut do not include claims that would be infringed only as a\nconsequence of further modification of the contributor version. For\npurposes of this definition, \"control\" includes the right to grant\npatent sublicenses in a manner consistent with the requirements of\nthis License.\n\n Each contributor grants you a non-exclusive, worldwide, royalty-free\npatent license under the contributor's essential patent claims, to\nmake, use, sell, offer for sale, import and otherwise run, modify and\npropagate the contents of its contributor version.\n\n In the following three paragraphs, a \"patent license\" is any express\nagreement or commitment, however denominated, not to enforce a patent\n(such as an express permission to practice a patent or covenant not to\nsue for patent infringement). To \"grant\" such a patent license to a\nparty means to make such an agreement or commitment not to enforce a\npatent against the party.\n\n If you convey a covered work, knowingly relying on a patent license,\nand the Corresponding Source of the work is not available for anyone\nto copy, free of charge and under the terms of this License, through a\npublicly available network server or other readily accessible means,\nthen you must either (1) cause the Corresponding Source to be so\navailable, or (2) arrange to deprive yourself of the benefit of the\npatent license for this particular work, or (3) arrange, in a manner\nconsistent with the requirements of this License, to extend the patent\nlicense to downstream recipients. \"Knowingly relying\" means you have\nactual knowledge that, but for the patent license, your conveying the\ncovered work in a country, or your recipient's use of the covered work\nin a country, would infringe one or more identifiable patents in that\ncountry that you have reason to believe are valid.\n\n If, pursuant to or in connection with a single transaction or\narrangement, you convey, or propagate by procuring conveyance of, a\ncovered work, and grant a patent license to some of the parties\nreceiving the covered work authorizing them to use, propagate, modify\nor convey a specific copy of the covered work, then the patent license\nyou grant is automatically extended to all recipients of the covered\nwork and works based on it.\n\n A patent license is \"discriminatory\" if it does not include within\nthe scope of its coverage, prohibits the exercise of, or is\nconditioned on the non-exercise of one or more of the rights that are\nspecifically granted under this License. You may not convey a covered\nwork if you are a party to an arrangement with a third party that is\nin the business of distributing software, under which you make payment\nto the third party based on the extent of your activity of conveying\nthe work, and under which the third party grants, to any of the\nparties who would receive the covered work from you, a discriminatory\npatent license (a) in connection with copies of the covered work\nconveyed by you (or copies made from those copies), or (b) primarily\nfor and in connection with specific products or compilations that\ncontain the covered work, unless you entered into that arrangement,\nor that patent license was granted, prior to 28 March 2007.\n\n Nothing in this License shall be construed as excluding or limiting\nany implied license or other defenses to infringement that may\notherwise be available to you under applicable patent law.\n\n 12. No Surrender of Others' Freedom.\n\n If conditions are imposed on you (whether by court order, agreement or\notherwise) that contradict the conditions of this License, they do not\nexcuse you from the conditions of this License. If you cannot convey a\ncovered work so as to satisfy simultaneously your obligations under this\nLicense and any other pertinent obligations, then as a consequence you may\nnot convey it at all. For example, if you agree to terms that obligate you\nto collect a royalty for further conveying from those to whom you convey\nthe Program, the only way you could satisfy both those terms and this\nLicense would be to refrain entirely from conveying the Program.\n\n 13. Use with the GNU Affero General Public License.\n\n Notwithstanding any other provision of this License, you have\npermission to link or combine any covered work with a work licensed\nunder version 3 of the GNU Affero General Public License into a single\ncombined work, and to convey the resulting work. The terms of this\nLicense will continue to apply to the part which is the covered work,\nbut the special requirements of the GNU Affero General Public License,\nsection 13, concerning interaction through a network will apply to the\ncombination as such.\n\n 14. Revised Versions of this License.\n\n The Free Software Foundation may publish revised and/or new versions of\nthe GNU General Public License from time to time. Such new versions will\nbe similar in spirit to the present version, but may differ in detail to\naddress new problems or concerns.\n\n Each version is given a distinguishing version number. If the\nProgram specifies that a certain numbered version of the GNU General\nPublic License \"or any later version\" applies to it, you have the\noption of following the terms and conditions either of that numbered\nversion or of any later version published by the Free Software\nFoundation. If the Program does not specify a version number of the\nGNU General Public License, you may choose any version ever published\nby the Free Software Foundation.\n\n If the Program specifies that a proxy can decide which future\nversions of the GNU General Public License can be used, that proxy's\npublic statement of acceptance of a version permanently authorizes you\nto choose that version for the Program.\n\n Later license versions may give you additional or different\npermissions. However, no additional obligations are imposed on any\nauthor or copyright holder as a result of your choosing to follow a\nlater version.\n\n 15. Disclaimer of Warranty.\n\n THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY\nAPPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT\nHOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM \"AS IS\" WITHOUT WARRANTY\nOF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO,\nTHE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\nPURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM\nIS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF\nALL NECESSARY SERVICING, REPAIR OR CORRECTION.\n\n 16. Limitation of Liability.\n\n IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING\nWILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS\nTHE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY\nGENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE\nUSE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF\nDATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD\nPARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS),\nEVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF\nSUCH DAMAGES.\n\n 17. Interpretation of Sections 15 and 16.\n\n If the disclaimer of warranty and limitation of liability provided\nabove cannot be given local legal effect according to their terms,\nreviewing courts shall apply local law that most closely approximates\nan absolute waiver of all civil liability in connection with the\nProgram, unless a warranty or assumption of liability accompanies a\ncopy of the Program in return for a fee.\n\n END OF TERMS AND CONDITIONS\n\n How to Apply These Terms to Your New Programs\n\n If you develop a new program, and you want it to be of the greatest\npossible use to the public, the best way to achieve this is to make it\nfree software which everyone can redistribute and change under these terms.\n\n To do so, attach the following notices to the program. It is safest\nto attach them to the start of each source file to most effectively\nstate the exclusion of warranty; and each file should have at least\nthe \"copyright\" line and a pointer to where the full notice is found.\n\n \n Copyright (C) \n\n This program is free software: you can redistribute it and/or modify\n it under the terms of the GNU General Public License as published by\n the Free Software Foundation, either version 3 of the License, or\n (at your option) any later version.\n\n This program is distributed in the hope that it will be useful,\n but WITHOUT ANY WARRANTY; without even the implied warranty of\n MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n GNU General Public License for more details.\n\n You should have received a copy of the GNU General Public License\n along with this program. If not, see .\n\nAlso add information on how to contact you by electronic and paper mail.\n\n If the program does terminal interaction, make it output a short\nnotice like this when it starts in an interactive mode:\n\n Copyright (C) \n This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.\n This is free software, and you are welcome to redistribute it\n under certain conditions; type `show c' for details.\n\nThe hypothetical commands `show w' and `show c' should show the appropriate\nparts of the General Public License. Of course, your program's commands\nmight be different; for a GUI interface, you would use an \"about box\".\n\n You should also get your employer (if you work as a programmer) or school,\nif any, to sign a \"copyright disclaimer\" for the program, if necessary.\nFor more information on this, and how to apply and follow the GNU GPL, see\n.\n\n The GNU General Public License does not permit incorporating your program\ninto proprietary programs. If your program is a subroutine library, you\nmay consider it more useful to permit linking proprietary applications with\nthe library. If this is what you want to do, use the GNU Lesser General\nPublic License instead of this License. But first, please read\n.\n" }, { "path": "README", "content": "\n================================================================================\n\n Lynis - README\n\n================================================================================\n\n Author: 2007-2013, Michael Boelen\n 2013-2016, CISOfy\n Description: Security and system auditing tool\n Web site: https://cisofy.com/lynis/\n Development: May 2007 - Now\n Support policy: See section 'Support'\n Documentation: See web site, README, FAQ and CHANGELOG file\n\n================================================================================\n\n\n *** NOTE ***\n\n The website contains the latest documentation\n\n See https://cisofy.com/documentation/lynis/\n\n\n\n[+] Introduction\n-------------------------------\n\n Lynis is an auditing tool which tests and gathers (security) information from\n Unix based systems. The audience for this tool are security and system\n auditors, network specialists and system maintainers.\n\n Some of the (future) features and usage options:\n - System and security audit checks\n - Compliance testing\n - File integrity monitoring\n - System and file forensics\n - Usage of templates/baselines (reporting and monitoring)\n - Extended debugging features\n\n Everyone is free to use Lynis under the conditions of the GPL v3 license (see\n LICENSE file).\n\n ========================\n Quick facts\n ========================\n - Name: Lynis\n - Type: audit, security, hardening, forensics tool\n - License: GPL v3\n - Language: Shell script\n - Author: Michael Boelen, CISOfy\n - Web site: https://cisofy.com\n - Required permissions: root preferred, not needed\n - Other requirements: write access to /tmp\n\n\n\n[+] Installation\n-------------------------------\n\n Lynis doesn't have to be installed, so it can be used directly from a\n (removable) disk. If you want the program to be installed, use one of the\n following methods:\n\n - Create a custom directory (ie. /usr/local/lynis) and unpack the tarball\n (tar xfvz lynis-version.tar.gz) into this directory.\n - Create a RPM package by using the lynis.spec file (see web site)\n run 'rpmbuild -ta lynis-version.tar.gz' (= build RPM package)\n run 'rpm -ivh ' (= install RPM package)\n\n See online documentation for detailed instructions.\n\n\n\n[+] Supported systems\n-------------------------------\n\n Since the complexity of auditing different systems and platforms, Lynis is\n developed on BSD and Linux.\n\n This tool is tested or confirmed to work with at least:\n AIX, Linux, FreeBSD, OpenBSD, macOS, Solaris. See the website for the full\n list of tested operating systems.\n\n\n\n[+] Usage\n-------------------------------\n\n See online documentation for more information about using Lynis.\n\n\n\n[+] Development and Bugs\n-------------------------------\n\n Found an issue, or do you have a great idea? Let us know:\n\n * GitHub - https://github.com/CISOfy/lynis\n * E-mail - lynis-dev@cisofy.com\n\n Contributions are appreciated and can be done via GitHub. See CONTRIBUTING.md\n for more information about how to submit them.\n\n\n[+] Support\n-------------------------------\n\n Lynis is tested on most common operating systems. The documentation (README,\n FAQ) and the debugging information (/var/log/lynis.log), should cover most\n questions and problems. Bugs can be reported via GitHub, or sending an e-mail\n to the lynis-dev address above.\n\n Commercial features and support is available via CISOfy. This includes support\n for compliance testing, a web-based interface, reporting, and more.\n \n For more information see https://cisofy.com/lynis-enterprise/ or use the\n contact details at https://cisofy.com/contact/\n\n\n\n[+] Upgrade to Lynis Enterprise\n-------------------------------\n\n Individuals and companies which use this software for more than 10 systems, should\n think about the value of this tool in their job. To support ongoing development on\n this tool we have a commercial version available. Lynis Enterprise Suite uses\n Lynis to audit systems, but also provides malware scanning, intrusion detection\n and has additional guidance. For all features, please see our website:\n https://cisofy.com/lynis-enterprise/\n\n\n\n[+] Thanks\n-------------------------------\n\n Thanks to the community for using and supporting open source software.\n Many comments, bugs/patches and questions are the key to success and ongoing\n motivation in developing tools like this.\n\n\n\n================================================================================\n" }, { "path": "README.md", "content": "\n\n[![Linux Security Expert badge](https://badges.linuxsecurity.expert/tools/ranking/lynis.svg)](https://linuxsecurity.expert/tools/lynis/)\n[![Build Status](https://travis-ci.org/CISOfy/lynis.svg?branch=master)](https://travis-ci.org/CISOfy/lynis)\n[![CII Best Practices](https://bestpractices.coreinfrastructure.org/projects/96/badge)](https://bestpractices.coreinfrastructure.org/projects/96)\n[Documentation]\n\n[Documentation]: https://cisofy.com/documentation/lynis/\n\nDo you like this software? **Star the project** and become a [stargazer](https://github.com/CISOfy/lynis/stargazers).\n\n----\n\n# lynis\n\n> Lynis - Security auditing and hardening tool, for UNIX-based systems.\n\nLynis is a security auditing tool for systems based on UNIX like Linux, macOS, BSD, and others. It performs an **in-depth security scan** and runs on the system itself. The primary goal is to test security defenses and **provide tips for further system hardening**. It will also scan for general system information, vulnerable software packages, and possible configuration issues. Lynis was commonly used by system administrators and auditors to assess the security defenses of their systems. Besides the \"blue team,\" nowadays penetration testers also have Lynis in their toolkit.\n\nWe believe software should be **simple**, **updated on a regular basis**, and **open**. You should be able to trust, understand, and have the option to change the software. Many agree with us, as the software is being used by thousands every day to protect their systems.\n\n## Goals\n\nThe main goals of Lynis include:\n- Automated security auditing\n- Compliance testing (e.g. ISO27001, PCI-DSS, HIPAA)\n- Vulnerability detection\n\nThe software (also) assists with:\n- Configuration and asset management\n- Software patch management\n- System hardening\n- Penetration testing (privilege escalation)\n- Intrusion detection\n\n### Audience\n\nTypical users of the software:\n- System administrators\n- Auditors\n- Security officers\n- Penetration testers\n- Security professionals\n\n## Installation\n\nThere are multiple options available to install Lynis.\n\n### Software package\n\nFor systems running Linux, BSD, and macOS, there is typically a package available. This is the preferred method of obtaining Lynis, as it is quick to install and easy to update. The Lynis project itself also provides [packages](https://packages.cisofy.com/) in RPM or DEB format suitable for systems systems running:\n`CentOS`, `Debian`, `Fedora`, `OEL`, `openSUSE`, `RHEL`, `Ubuntu`, and others.\n\nSome distributions may also have Lynis in their software repository: [![Repology](https://repology.org/badge/tiny-repos/lynis.svg)](https://repology.org/project/lynis/versions)\n\nNote: Some distributions don't provide an up-to-date version. In that case it is better to use the CISOfy software repository, download the tarball from the website, or download the latest GitHub release.\n\n### Git\n\nThe very latest developments can be obtained via git.\n\n1. Clone or download the project files (**no compilation nor installation** is required) ;\n\n git clone https://github.com/CISOfy/lynis\n\n2. Execute:\n\n cd lynis && ./lynis audit system\n\nIf you want to run the software as `root` (or sudo), we suggest changing the ownership of the files. Use `chown -R 0:0` to recursively alter the owner and group and set it to user ID `0` (`root`). Otherwise Lynis will warn you about the file permissions. After all, you are executing files owned by a non-privileged user.\n\n\n## Documentation\n\nHave a look at the [Lynis documentation](https://cisofy.com/documentation/lynis/) to learn more about the configuration and usage of Lynis. When you are interested in reading more articles about Linux security, then check out the [Linux security blog](https://linux-audit.com/) named Linux Audit. For some suggestions by Lynis, this is also the source used to learn more about specific findings.\n\n## Customization\n\nIf you want to create your own tests, have a look at the [Lynis software development kit](https://github.com/CISOfy/lynis-sdk).\n\n## Security\n\nWe participate in the [CII best practices](https://www.bestpractices.dev/en/projects/96) badge program of the Linux Foundation.\n\n## Media and Awards\n\nLynis is collecting some awards along the way and we are proud of that.\n\n* 2016\n * [Best of Open Source Software Awards 2016](http://www.infoworld.com/article/3121251/open-source-tools/bossie-awards-2016-the-best-open-source-networking-and-security-software.html#slide13).\n * Article by TechRepublic, considering Lynis a \"must-have\" tool: [How to quickly audit a Linux system from the command line](http://www.techrepublic.com/article/how-to-quickly-audit-a-linux-system-from-the-command-line/)\n * [![ToolsWatch Best Tools (top 10)](https://www.toolswatch.org/badges/toptools/2016.svg)](https://www.toolswatch.org/2017/02/2016-top-security-tools-as-voted-by-toolswatch-org-readers/)\n\n* 2015\n * [![ToolsWatch Best Tools (second place)](https://www.toolswatch.org/badges/toptools/2015.svg)](https://www.toolswatch.org/2016/02/2015-top-security-tools-as-voted-by-toolswatch-org-readers/)\n * [Best of Open Source Software Awards 2015](http://www.idgenterprise.com/news/press-release/infoworld-announces-the-2015-best-of-open-source-software-awards/) ([mirror](https://web.archive.org/web/20210313082124/https://www.idg.com/news/infoworld-announces-the-2015-best-of-open-source-software-awards/)).\n\n* 2014\n * [![ToolsWatch Best Tools (third place)](https://www.toolswatch.org/badges/toptools/2014.svg)](https://www.toolswatch.org/2015/01/2014-top-security-tools-as-voted-by-toolswatch-org-readers/)\n\n* 2013\n * [![ToolsWatch Best Tools (sixth place)](https://www.toolswatch.org/badges/toptools/2013.svg)](https://www.toolswatch.org/2013/12/2013-top-security-tools-as-voted-by-toolswatch-org-readers/)\n\n## Contribute\n\n> We love contributors.\n\nDo you have something to share? Want to help out with translating Lynis into your own language? Create an issue or pull request on GitHub, or send us an e-mail: lynis-dev@cisofy.com.\n\nMore details can be found in the [Contributors Guide](https://github.com/CISOfy/lynis/blob/master/CONTRIBUTING.md).\n\nYou can also simply contribute to the project by _starring_ the project and show your appreciation that way.\n\nThanks!\n\n## License\n\n> GPLv3\n\n## Enterprise version for companies\n\nThis software component is also part of an enterprise solution and focuses on companies. Same quality, yet with more functionality.\n\nFocus areas include compliance (`PCI DSS`, `HIPAA`, `ISO27001`, and others). The Enterprise version comes with:\n* a web interface;\n* dashboard and reporting;\n* hardening snippets;\n* improvement plan (based on risk);\n* commercial support.\n" }, { "path": "SECURITY.md", "content": "# Security Policy\n\n## Supported Versions\n\n| Version | Supported |\n| ------- | ------------------ |\n| 3.x.x | :white_check_mark: |\n| 2.x.x | :white_check_mark: |\n| < 2.x | :x: |\n\n## Reporting a Vulnerability\n\nTo report a vulnerability, use security@cisofy.com\n\nSee our [security page](https://cisofy.com/security/) for more details.\n\n## Preferred language\n\nEnglish\n\n## Acknowledgments\n\nhttps://cisofy.com/security/#thanks\n\n## Other\n\nSee the latest 'security.txt' at https://cisofy.com/.well-known/security.txt\n" }, { "path": "TODO.md", "content": "\n# To Do\n\nThere are always thing to do, right?!\n\nLike to help? See CONTRIBUTING.md for more details.\n\n## Remove deprecated tools\n\nRemove usage of `egrep` and `fgrep`. Replace with `grep` or `grep -E`.\n\n### Rationale:\nThe egrep/fgrep commands are deprecated. Although often linked on Linux distributions, here is an example where `egrep` is missing on an embedded Linux distribution: https://github.com/CISOfy/lynis/issues/1191\n\n[The Open Group Base Specifications Issue 7, 2018 edition](https://pubs.opengroup.org/onlinepubs/9699919799/)\n\n> This grep has been enhanced in an upwards-compatible way to provide the exact functionality of the historical egrep and fgrep commands as well. It was the clear intention of the standard developers to consolidate the three greps into a single command." }, { "path": "db/languages/az", "content": "ERROR_NO_LICENSE=\"Lisenziya açarı konfiqurasiya edilmeyib\"\nERROR_NO_UPLOAD_SERVER=\"Yükləmə sunucusu konfiqurasiya edilmeyib\"\nGEN_CHECKING=\"Yoxlanır\"\nGEN_CURRENT_VERSION=\"Cari versiya\"\nGEN_DEBUG_MODE=\"Səhv ayıklama rejimi\"\nGEN_INITIALIZE_PROGRAM=\"Proqram koşuluyor\"\nGEN_LATEST_VERSION=\"Son versiya\"\nGEN_PHASE=\"faza\"\nGEN_PLUGINS_ENABLED=\"Konfiqur edilen uzantılar\"\nGEN_UPDATE_AVAILABLE=\"Yeniləmə mövcud\"\nGEN_VERBOSE_MODE=\"Etraflı\"\nGEN_WHAT_TO_DO=\"edilecekler\"\nNOTE_EXCEPTIONS_FOUND_DETAILED=\"Bazı istisnai durumlar və məlumatlar tapıldı\"\nNOTE_EXCEPTIONS_FOUND=\"İstisnalar tapıldı\"\nNOTE_PLUGINS_TAKE_TIME=\"Qeyd: Uzantılar daha ətraflı testlər içermektedir və tamamlanmaları uzun davam edəbilər\"\nNOTE_SKIPPED_TESTS_NON_PRIVILEGED=\"Səlahiyyət lazımlı testlər\"\n#SECTION_ACCOUNTING=\"Accounting\"\n#SECTION_BANNERS_AND_IDENTIFICATION=\"Banners and identification\"\n#SECTION_BASICS=\"Basics\"\n#SECTION_BOOT_AND_SERVICES=\"Boot and services\"\n#SECTION_CONTAINERS=\"Containers\"\n#SECTION_CRYPTOGRAPHY=\"Cryptography\"\nSECTION_CUSTOM_TESTS=\"Xususi testlər\"\n#SECTION_DATABASES=\"Databases\"\n#SECTION_DATA_UPLOAD=\"Data upload\"\n#SECTION_DOWNLOADS=\"Downloads\"\n#SECTION_EMAIL_AND_MESSAGING=\"Software: e-mail and messaging\"\n#SECTION_FILE_INTEGRITY=\"Software: file integrity\"\n#SECTION_FILE_PERMISSIONS=\"File Permissions\"\n#SECTION_FILE_SYSTEMS=\"File systems\"\n#SECTION_FIREWALLS=\"Software: firewalls\"\n#SECTION_GENERAL=\"General\"\n#SECTION_HARDENING=\"Hardening\"\n#SECTION_HOME_DIRECTORIES=\"Home directories\"\n#SECTION_IMAGE=\"Image\"\n#SECTION_INITIALIZING_PROGRAM=\"Initializing program\"\n#SECTION_INSECURE_SERVICES=\"Insecure services\"\n#SECTION_KERNEL_HARDENING=\"Kernel Hardening\"\n#SECTION_KERNEL=\"Kernel\"\n#SECTION_LDAP_SERVICES=\"LDAP Services\"\n#SECTION_LOGGING_AND_FILES=\"Logging and files\"\nSECTION_MALWARE=\"Pis proqram\"\nSECTION_MEMORY_AND_PROCESSES=\"Yaddaş ve prosesler\"\n#SECTION_NAME_SERVICES=\"Name services\"\n#SECTION_NETWORKING=\"Networking\"\n#SECTION_PERMISSIONS=\"Permissions\"\n#SECTION_PORTS_AND_PACKAGES=\"Ports and packages\"\n#SECTION_PRINTERS_AND_SPOOLS=\"Printers and Spools\"\n#SECTION_PROGRAM_DETAILS=\"Program Details\"\n#SECTION_SCHEDULED_TASKS=\"Scheduled tasks\"\n#SECTION_SECURITY_FRAMEWORKS=\"Security frameworks\"\n#SECTION_SHELLS=\"Shells\"\n#SECTION_SNMP_SUPPORT=\"SNMP Support\"\n#SECTION_SOFTWARE=\"Software\"\n#SECTION_SQUID_SUPPORT=\"Squid Support\"\n#SECTION_SSH_SUPPORT=\"SSH Support\"\n#SECTION_STORAGE=\"Storage\"\n#SECTION_SYSTEM_INTEGRITY=\"Software: System integrity\"\n#SECTION_SYSTEM_TOOLING=\"Software: System tooling\"\n#SECTION_SYSTEM_TOOLS=\"System tools\"\n#SECTION_TIME_AND_SYNCHRONIZATION=\"Time and Synchronization\"\n#SECTION_USB_DEVICES=\"USB Devices\"\n#SECTION_USERS_GROUPS_AND_AUTHENTICATION=\"Users, Groups and Authentication\"\n#SECTION_VIRTUALIZATION=\"Virtualization\"\n#SECTION_WEBSERVER=\"Software: webserver\"\n#STATUS_ACTIVE=\"ACTIVE\"\n#STATUS_CHECK_NEEDED=\"CHECK NEEDED\"\n#STATUS_DEBUG=\"DEBUG\"\n#STATUS_DEFAULT=\"DEFAULT\"\n#STATUS_DIFFERENT=\"DIFFERENT\"\nSTATUS_DISABLED=\"Təsirsiz\"\nSTATUS_DONE=\"Bitdi\"\nSTATUS_ENABLED=\"Təsirli\"\nSTATUS_ERROR=\"Səhv\"\n#STATUS_EXPOSED=\"EXPOSED\"\n#STATUS_FAILED=\"FAILED\"\n#STATUS_FILES_FOUND=\"FILES FOUND\"\nSTATUS_FOUND=\"Tapıldı\"\n#STATUS_HARDENED=\"HARDENED\"\n#STATUS_INSTALLED=\"INSTALLED\"\n#STATUS_LOCAL_ONLY=\"LOCAL ONLY\"\n#STATUS_MEDIUM=\"MEDIUM\"\n#STATUS_NON_DEFAULT=\"NON DEFAULT\"\nSTATUS_NONE=\"Yox\"\nSTATUS_NOT_ACTIVE=\"NOT ACTIVE\"\n#STATUS_NOT_CONFIGURED=\"NOT CONFIGURED\"\n#STATUS_NOT_DISABLED=\"NOT DISABLED\"\n#STATUS_NOT_ENABLED=\"NOT ENABLED\"\nSTATUS_NOT_FOUND=\"Tapılmadı\"\nSTATUS_NOT_RUNNING=\"Çalışmayıb\"\n#STATUS_NO_UPDATE=\"NO UPDATE\"\nSTATUS_NO=\"Xeyr\"\nSTATUS_OFF=\"Bağlı\"\nSTATUS_OK=\"Əvət\"\nSTATUS_ON=\"Açıq\"\n#STATUS_PARTIALLY_HARDENED=\"PARTIALLY HARDENED\"\n#STATUS_PROTECTED=\"PROTECTED\"\nSTATUS_RUNNING=\"İşleyib\"\nSTATUS_SKIPPED=\"Atlandı\"\nSTATUS_SUGGESTION=\"Teklif\"\nSTATUS_UNKNOWN=\"Bilinmeyib\"\n#STATUS_UNSAFE=\"UNSAFE\"\n#STATUS_UPDATE_AVAILABLE=\"UPDATE AVAILABLE\"\nSTATUS_WARNING=\"Xəbərdarlıq\"\n#STATUS_WEAK=\"WEAK\"\nSTATUS_YES=\"Bəli\"\nTEXT_UPDATE_AVAILABLE=\"yeniləmə mövcud\"\nTEXT_YOU_CAN_HELP_LOGFILE=\"qeydləri gönderib kömek eyleyin\"\n#SECTION_KERBEROS=\"Kerberos\"\n" }, { "path": "db/languages/cn", "content": "ERROR_NO_LICENSE=\"没有配置的许可证密钥\"\nERROR_NO_UPLOAD_SERVER=\"没有配置的上传服务器\"\nGEN_CHECKING=\"检查中\"\nGEN_CURRENT_VERSION=\"当前版本\"\nGEN_DEBUG_MODE=\"调试模式\"\nGEN_INITIALIZE_PROGRAM=\"程序初始化中\"\nGEN_LATEST_VERSION=\"最新版本\"\nGEN_PHASE=\"阶段\"\nGEN_PLUGINS_ENABLED=\"插件已开启\"\nGEN_UPDATE_AVAILABLE=\"有可以更新的版本\"\nGEN_VERBOSE_MODE=\"详述模式\"\nGEN_WHAT_TO_DO=\"做什么\"\nNOTE_EXCEPTIONS_FOUND_DETAILED=\"发现一些异常的事件或者信息\"\nNOTE_EXCEPTIONS_FOUND=\"发现异常\"\nNOTE_PLUGINS_TAKE_TIME=\"注意:插件有更多的测试可能会需要几分钟才能完成\"\nNOTE_SKIPPED_SKIPPED_TESTS_NON_PRIVILEGED=\"因非特权模式而跳过的测试\"\nNOTE_SKIPPED_TESTS_NON_PRIVILEGED=\"因非特权模式而跳过的测试\"\n#SECTION_ACCOUNTING=\"Accounting\"\n#SECTION_BANNERS_AND_IDENTIFICATION=\"Banners and identification\"\n#SECTION_BASICS=\"Basics\"\n#SECTION_BOOT_AND_SERVICES=\"Boot and services\"\n#SECTION_CONTAINERS=\"Containers\"\n#SECTION_CRYPTOGRAPHY=\"Cryptography\"\nSECTION_CUSTOM_TESTS=\"自定义测试\"\n#SECTION_DATABASES=\"Databases\"\n#SECTION_DATA_UPLOAD=\"Data upload\"\n#SECTION_DOWNLOADS=\"Downloads\"\n#SECTION_EMAIL_AND_MESSAGING=\"Software: e-mail and messaging\"\n#SECTION_FILE_INTEGRITY=\"Software: file integrity\"\n#SECTION_FILE_PERMISSIONS=\"File Permissions\"\n#SECTION_FILE_SYSTEMS=\"File systems\"\n#SECTION_FIREWALLS=\"Software: firewalls\"\n#SECTION_GENERAL=\"General\"\n#SECTION_HARDENING=\"Hardening\"\n#SECTION_HOME_DIRECTORIES=\"Home directories\"\n#SECTION_IMAGE=\"Image\"\n#SECTION_INITIALIZING_PROGRAM=\"Initializing program\"\n#SECTION_INSECURE_SERVICES=\"Insecure services\"\n#SECTION_KERNEL_HARDENING=\"Kernel Hardening\"\n#SECTION_KERNEL=\"Kernel\"\n#SECTION_LDAP_SERVICES=\"LDAP Services\"\n#SECTION_LOGGING_AND_FILES=\"Logging and files\"\nSECTION_MALWARE=\"恶意软件\"\nSECTION_MEMORY_AND_PROCESSES=\"内存与进程\"\n#SECTION_NAME_SERVICES=\"Name services\"\n#SECTION_NETWORKING=\"Networking\"\n#SECTION_PERMISSIONS=\"Permissions\"\n#SECTION_PORTS_AND_PACKAGES=\"Ports and packages\"\n#SECTION_PRINTERS_AND_SPOOLS=\"Printers and Spools\"\n#SECTION_PROGRAM_DETAILS=\"Program Details\"\n#SECTION_SCHEDULED_TASKS=\"Scheduled tasks\"\n#SECTION_SECURITY_FRAMEWORKS=\"Security frameworks\"\n#SECTION_SHELLS=\"Shells\"\n#SECTION_SNMP_SUPPORT=\"SNMP Support\"\n#SECTION_SOFTWARE=\"Software\"\n#SECTION_SQUID_SUPPORT=\"Squid Support\"\n#SECTION_SSH_SUPPORT=\"SSH Support\"\n#SECTION_STORAGE=\"Storage\"\n#SECTION_SYSTEM_INTEGRITY=\"Software: System integrity\"\n#SECTION_SYSTEM_TOOLING=\"Software: System tooling\"\n#SECTION_SYSTEM_TOOLS=\"System tools\"\n#SECTION_TIME_AND_SYNCHRONIZATION=\"Time and Synchronization\"\n#SECTION_USB_DEVICES=\"USB Devices\"\n#SECTION_USERS_GROUPS_AND_AUTHENTICATION=\"Users, Groups and Authentication\"\n#SECTION_VIRTUALIZATION=\"Virtualization\"\n#SECTION_WEBSERVER=\"Software: webserver\"\n#STATUS_ACTIVE=\"ACTIVE\"\n#STATUS_CHECK_NEEDED=\"CHECK NEEDED\"\n#STATUS_DEBUG=\"DEBUG\"\n#STATUS_DEFAULT=\"DEFAULT\"\n#STATUS_DIFFERENT=\"DIFFERENT\"\nSTATUS_DISABLED=\"禁用\"\nSTATUS_DONE=\"完成\"\nSTATUS_ENABLED=\"可用\"\nSTATUS_ERROR=\"错误\"\n#STATUS_EXPOSED=\"EXPOSED\"\n#STATUS_FAILED=\"FAILED\"\n#STATUS_FILES_FOUND=\"FILES FOUND\"\nSTATUS_FOUND=\"找到\"\n#STATUS_HARDENED=\"HARDENED\"\n#STATUS_INSTALLED=\"INSTALLED\"\n#STATUS_LOCAL_ONLY=\"LOCAL ONLY\"\n#STATUS_MEDIUM=\"MEDIUM\"\n#STATUS_NON_DEFAULT=\"NON DEFAULT\"\nSTATUS_NONE=\"没有\"\nSTATUS_NOT_ACTIVE=\"NOT ACTIVE\"\n#STATUS_NOT_CONFIGURED=\"NOT CONFIGURED\"\n#STATUS_NOT_DISABLED=\"NOT DISABLED\"\n#STATUS_NOT_ENABLED=\"NOT ENABLED\"\nSTATUS_NOT_FOUND=\"没有找到\"\nSTATUS_NOT_RUNNING=\"没有运行\"\n#STATUS_NO_UPDATE=\"NO UPDATE\"\nSTATUS_NO=\"不是\"\nSTATUS_OFF=\"关闭\"\nSTATUS_OK=\"正常\"\nSTATUS_ON=\"开启\"\n#STATUS_PARTIALLY_HARDENED=\"PARTIALLY HARDENED\"\n#STATUS_PROTECTED=\"PROTECTED\"\nSTATUS_RUNNING=\"运行\"\nSTATUS_SKIPPED=\"跳过\"\nSTATUS_SUGGESTION=\"建议\"\nSTATUS_UNKNOWN=\"未知\"\n#STATUS_UNSAFE=\"UNSAFE\"\n#STATUS_UPDATE_AVAILABLE=\"UPDATE AVAILABLE\"\nSTATUS_WARNING=\"警告\"\n#STATUS_WEAK=\"WEAK\"\nSTATUS_YES=\"是\"\nTEXT_UPDATE_AVAILABLE=\"有可以更新的版本\"\nTEXT_YOU_CAN_HELP_LOGFILE=\"你可以通过记录日志来帮忙\"\n#SECTION_KERBEROS=\"Kerberos\"\n" }, { "path": "db/languages/da", "content": "ERROR_NO_LICENSE=\"Ingen licensnøgle konfigureret\"\nERROR_NO_UPLOAD_SERVER=\"Ingen upload server konfigureret\"\nGEN_CHECKING=\"Tjekker\"\nGEN_CURRENT_VERSION=\"Nuværende version\"\nGEN_DEBUG_MODE=\"Fejlfindingstilstand\"\nGEN_INITIALIZE_PROGRAM=\"Initialiserer program\"\nGEN_LATEST_VERSION=\"Seneste version\"\nGEN_PHASE=\"Fase\"\nGEN_PLUGINS_ENABLED=\"Plugins aktiverede\"\nGEN_UPDATE_AVAILABLE=\"opdatering tilgængelig\"\nGEN_VERBOSE_MODE=\"Detaljeret tilstand\"\nGEN_WHAT_TO_DO=\"At gøre\"\nNOTE_EXCEPTIONS_FOUND_DETAILED=\"Nogle usædvanlige hændelser eller information var fundet\"\nNOTE_EXCEPTIONS_FOUND=\"Undtagelser fundet\"\nNOTE_PLUGINS_TAKE_TIME=\"Bemærk: plugins har mere omfattende tests og kan tage flere minutter at fuldføre\"\nNOTE_SKIPPED_TESTS_NON_PRIVILEGED=\"Sprang over tests på grund af ikke-privilegeret tilstand\"\n#SECTION_ACCOUNTING=\"Accounting\"\n#SECTION_BANNERS_AND_IDENTIFICATION=\"Banners and identification\"\n#SECTION_BASICS=\"Basics\"\n#SECTION_BOOT_AND_SERVICES=\"Boot and services\"\n#SECTION_CONTAINERS=\"Containers\"\n#SECTION_CRYPTOGRAPHY=\"Cryptography\"\nSECTION_CUSTOM_TESTS=\"Brugerdefinerede Tests\"\n#SECTION_DATABASES=\"Databases\"\n#SECTION_DATA_UPLOAD=\"Data upload\"\n#SECTION_DOWNLOADS=\"Downloads\"\n#SECTION_EMAIL_AND_MESSAGING=\"Software: e-mail and messaging\"\n#SECTION_FILE_INTEGRITY=\"Software: file integrity\"\n#SECTION_FILE_PERMISSIONS=\"File Permissions\"\n#SECTION_FILE_SYSTEMS=\"File systems\"\n#SECTION_FIREWALLS=\"Software: firewalls\"\n#SECTION_GENERAL=\"General\"\n#SECTION_HARDENING=\"Hardening\"\n#SECTION_HOME_DIRECTORIES=\"Home directories\"\n#SECTION_IMAGE=\"Image\"\n#SECTION_INITIALIZING_PROGRAM=\"Initializing program\"\n#SECTION_INSECURE_SERVICES=\"Insecure services\"\n#SECTION_KERNEL_HARDENING=\"Kernel Hardening\"\n#SECTION_KERNEL=\"Kernel\"\n#SECTION_LDAP_SERVICES=\"LDAP Services\"\n#SECTION_LOGGING_AND_FILES=\"Logging and files\"\nSECTION_MALWARE=\"Malware\"\nSECTION_MEMORY_AND_PROCESSES=\"Hukommelse og Processer\"\n#SECTION_NAME_SERVICES=\"Name services\"\n#SECTION_NETWORKING=\"Networking\"\n#SECTION_PERMISSIONS=\"Permissions\"\n#SECTION_PORTS_AND_PACKAGES=\"Ports and packages\"\n#SECTION_PRINTERS_AND_SPOOLS=\"Printers and Spools\"\n#SECTION_PROGRAM_DETAILS=\"Program Details\"\n#SECTION_SCHEDULED_TASKS=\"Scheduled tasks\"\n#SECTION_SECURITY_FRAMEWORKS=\"Security frameworks\"\n#SECTION_SHELLS=\"Shells\"\n#SECTION_SNMP_SUPPORT=\"SNMP Support\"\n#SECTION_SOFTWARE=\"Software\"\n#SECTION_SQUID_SUPPORT=\"Squid Support\"\n#SECTION_SSH_SUPPORT=\"SSH Support\"\n#SECTION_STORAGE=\"Storage\"\n#SECTION_SYSTEM_INTEGRITY=\"Software: System integrity\"\n#SECTION_SYSTEM_TOOLING=\"Software: System tooling\"\n#SECTION_SYSTEM_TOOLS=\"System tools\"\n#SECTION_TIME_AND_SYNCHRONIZATION=\"Time and Synchronization\"\n#SECTION_USB_DEVICES=\"USB Devices\"\n#SECTION_USERS_GROUPS_AND_AUTHENTICATION=\"Users, Groups and Authentication\"\n#SECTION_VIRTUALIZATION=\"Virtualization\"\n#SECTION_WEBSERVER=\"Software: webserver\"\n#STATUS_ACTIVE=\"ACTIVE\"\n#STATUS_CHECK_NEEDED=\"CHECK NEEDED\"\n#STATUS_DEBUG=\"DEBUG\"\n#STATUS_DEFAULT=\"DEFAULT\"\n#STATUS_DIFFERENT=\"DIFFERENT\"\nSTATUS_DISABLED=\"DEAKTIVERET\"\nSTATUS_DONE=\"FÆRDIG\"\nSTATUS_ENABLED=\"AKTIVERET\"\nSTATUS_ERROR=\"FEJL\"\n#STATUS_EXPOSED=\"EXPOSED\"\n#STATUS_FAILED=\"FAILED\"\n#STATUS_FILES_FOUND=\"FILES FOUND\"\nSTATUS_FOUND=\"FUNDET\"\n#STATUS_HARDENED=\"HARDENED\"\n#STATUS_INSTALLED=\"INSTALLED\"\n#STATUS_LOCAL_ONLY=\"LOCAL ONLY\"\n#STATUS_MEDIUM=\"MEDIUM\"\n#STATUS_NON_DEFAULT=\"NON DEFAULT\"\nSTATUS_NONE=\"INGEN\"\nSTATUS_NO=\"NEJ\"\nSTATUS_NOT_ACTIVE=\"NOT ACTIVE\"\n#STATUS_NOT_CONFIGURED=\"NOT CONFIGURED\"\n#STATUS_NOT_DISABLED=\"NOT DISABLED\"\nSTATUS_NOT_ENABLED=\"IKKE AKTIVERET\"\nSTATUS_NOT_FOUND=\"IKKE FUNDET\"\nSTATUS_NOT_RUNNING=\"KØRER IKKE\"\n#STATUS_NO_UPDATE=\"NO UPDATE\"\nSTATUS_OFF=\"FRA\"\nSTATUS_OK=\"OK\"\nSTATUS_ON=\"TIL\"\n#STATUS_PARTIALLY_HARDENED=\"PARTIALLY HARDENED\"\n#STATUS_PROTECTED=\"PROTECTED\"\nSTATUS_RUNNING=\"KØRER\"\nSTATUS_SKIPPED=\"SPRUNGET OVER\"\nSTATUS_SUGGESTION=\"FORSLAG\"\nSTATUS_UNKNOWN=\"UKENDT\"\n#STATUS_UNSAFE=\"UNSAFE\"\n#STATUS_UPDATE_AVAILABLE=\"UPDATE AVAILABLE\"\nSTATUS_WARNING=\"ADVARSEL\"\nSTATUS_WEAK=\"SVAG\"\nSTATUS_YES=\"JA\"\nTEXT_UPDATE_AVAILABLE=\"opdatering tilgængelig\"\nTEXT_YOU_CAN_HELP_LOGFILE=\"Du kan hjælpe ved at bidrage med din logfil\"\n#SECTION_KERBEROS=\"Kerberos\"\n" }, { "path": "db/languages/de", "content": "ERROR_NO_LICENSE=\"Kein Lizenzschlüssel eingerichtet\"\nERROR_NO_UPLOAD_SERVER=\"Kein Upload-Server eingerichtet\"\nGEN_CHECKING=\"Überprüfung\"\nGEN_CURRENT_VERSION=\"Aktuelle Version\"\nGEN_DEBUG_MODE=\"Debug-Modus\"\nGEN_INITIALIZE_PROGRAM=\"Initialisiere Programm\"\nGEN_LATEST_VERSION=\"Aktuellste Version\"\nGEN_PHASE=\"Phase\"\nGEN_PLUGINS_ENABLED=\"Plugins aktiviert\"\nGEN_UPDATE_AVAILABLE=\"Aktualisierung verfügbar\"\nGEN_VERBOSE_MODE=\"Ausführlicher Modus\"\nGEN_WHAT_TO_DO=\"Was zu tun ist\"\nNOTE_EXCEPTIONS_FOUND=\"Abweichungen gefunden\"\nNOTE_EXCEPTIONS_FOUND_DETAILED=\"Einige außergewöhnliche Ereignisse oder Informationen wurden gefunden\"\nNOTE_PLUGINS_TAKE_TIME=\"Beachte: Plugins beinhalten eingehendere Tests und können mehrere Minuten benötigen, bis sie abgeschlossen sind\"\nNOTE_SKIPPED_TESTS_NON_PRIVILEGED=\"Übersprungene Tests aufgrund nicht privilegiertem Modus\"\nSECTION_ACCOUNTING=\"Accounting\"\nSECTION_BANNERS_AND_IDENTIFICATION=\"Banner und Identifizierung\"\nSECTION_BASICS=\"Grundlegendes\"\nSECTION_BOOT_AND_SERVICES=\"Systemstart und Dienste\"\nSECTION_CONTAINERS=\"Container\"\nSECTION_CRYPTOGRAPHY=\"Kryptographie\"\nSECTION_CUSTOM_TESTS=\"Benutzerdefinierte Tests\"\nSECTION_DATA_UPLOAD=\"Daten hochladen\"\nSECTION_DATABASES=\"Datenbanken\"\nSECTION_DOWNLOADS=\"Downloads\"\nSECTION_EMAIL_AND_MESSAGING=\"Software: E-Mail und Messaging\"\nSECTION_FILE_INTEGRITY=\"Software: Dateintegrität\"\nSECTION_FILE_PERMISSIONS=\"Dateiberechtigungen\"\nSECTION_FILE_SYSTEMS=\"Dateisysteme\"\nSECTION_FIREWALLS=\"Software: Firewalls\"\nSECTION_GENERAL=\"Allgemein\"\nSECTION_HARDENING=\"Härtung\"\nSECTION_HOME_DIRECTORIES=\"Heimatverzeichnisse\"\nSECTION_IMAGE=\"Image\"\nSECTION_INITIALIZING_PROGRAM=\"Initialisiere Programm\"\nSECTION_INSECURE_SERVICES=\"Unsichere Dienste\"\nSECTION_KERNEL=\"Kernel\"\nSECTION_KERNEL_HARDENING=\"Kernelhärtung\"\nSECTION_LDAP_SERVICES=\"LDAP Dienste\"\nSECTION_LOGGING_AND_FILES=\"Logs und Logdateien\"\nSECTION_MALWARE=\"Software: Malware\"\nSECTION_MEMORY_AND_PROCESSES=\"Software: Speicher und Prozesse\"\nSECTION_NAME_SERVICES=\"Namensauflösung\"\nSECTION_NETWORKING=\"Netzwerk\"\nSECTION_PERMISSIONS=\"Berechtigungen\"\nSECTION_PORTS_AND_PACKAGES=\"Ports und Pakete\"\nSECTION_PRINTERS_AND_SPOOLS=\"Drucker und Warteschlange\"\nSECTION_PROGRAM_DETAILS=\"Programmdetails\"\nSECTION_SCHEDULED_TASKS=\"Geplante Aufgaben\"\nSECTION_SECURITY_FRAMEWORKS=\"Sicherheitsframeworks\"\nSECTION_SHELLS=\"Shells\"\nSECTION_SNMP_SUPPORT=\"SNMP Unterstützung\"\nSECTION_SOFTWARE=\"Software\"\nSECTION_SQUID_SUPPORT=\"Squid\"\nSECTION_SSH_SUPPORT=\"SSH\"\nSECTION_STORAGE=\"Speicher\"\nSECTION_SYSTEM_INTEGRITY=\"Software: Systemintegrität\"\nSECTION_SYSTEM_TOOLING=\"Software: Systemwerkzeuge\"\nSECTION_SYSTEM_TOOLS=\"Systemwerkzeuge\"\nSECTION_TIME_AND_SYNCHRONIZATION=\"Zeit und Zeitsynchronisierung\"\nSECTION_USB_DEVICES=\"USB Geräte\"\nSECTION_USERS_GROUPS_AND_AUTHENTICATION=\"Benutzer, Gruppen und Authentifizierung\"\nSECTION_VIRTUALIZATION=\"Virtualisierung\"\nSECTION_WEBSERVER=\"Software: Webserver\"\nSTATUS_ACTIVE=\"AKTIV\"\nSTATUS_CHECK_NEEDED=\"ÜBERPRÜFUNG BENÖTIGT\"\nSTATUS_DEBUG=\"DEBUG\"\nSTATUS_DEFAULT=\"STANDARD\"\nSTATUS_DIFFERENT=\"UNTERSCHIEDLICH\"\nSTATUS_DISABLED=\"DEAKTIVIERT\"\nSTATUS_DONE=\"FERTIG\"\nSTATUS_ENABLED=\"AKTIVIERT\"\nSTATUS_ERROR=\"FEHLER\"\nSTATUS_EXPOSED=\"VERWUNDBAR\"\nSTATUS_FAILED=\"FEHLERHAFT\"\nSTATUS_FILES_FOUND=\"DATEIEN GEFUNDEN\"\nSTATUS_FOUND=\"GEFUNDEN\"\nSTATUS_HARDENED=\"GEHÄRTET\"\nSTATUS_INSTALLED=\"INSTALLIERT\"\nSTATUS_LOCAL_ONLY=\"NUR LOKAL\"\nSTATUS_MEDIUM=\"MITTEL\"\nSTATUS_NO=\"NEIN\"\nSTATUS_NO_UPDATE=\"KEINE AKTUALISIERUNG\"\nSTATUS_NON_DEFAULT=\"NICHT STANDARD\"\nSTATUS_NONE=\"NICHTS\"\nSTATUS_NOT_ACTIVE=\"NOT ACTIVE\"\nSTATUS_NOT_CONFIGURED=\"NICHT KONFIGURIERT\"\nSTATUS_NOT_DISABLED=\"NICHT DEAKTIVIERT\"\nSTATUS_NOT_ENABLED=\"NICHT AKTIVIERT\"\nSTATUS_NOT_FOUND=\"NICHT GEFUNDEN\"\nSTATUS_NOT_RUNNING=\"LÄUFT NICHT\"\nSTATUS_OFF=\"AUS\"\nSTATUS_OK=\"OK\"\nSTATUS_ON=\"AN\"\nSTATUS_PARTIALLY_HARDENED=\"TEILWEISE GEHÄRTET\"\nSTATUS_PROTECTED=\"GESCHÜTZT\"\nSTATUS_RUNNING=\"LÄUFT\"\nSTATUS_SKIPPED=\"ÜBERSPRUNGEN\"\nSTATUS_SUGGESTION=\"VORSCHLAG\"\nSTATUS_UNKNOWN=\"UNBEKANNT\"\nSTATUS_UNSAFE=\"UNSICHER\"\nSTATUS_UPDATE_AVAILABLE=\"AKTUALISIERUNG VERFÜGBAR\"\nSTATUS_WARNING=\"WARNUNG\"\nSTATUS_WEAK=\"SCHWACH\"\nSTATUS_YES=\"JA\"\nTEXT_UPDATE_AVAILABLE=\"Aktualisierung verfügbar\"\nTEXT_YOU_CAN_HELP_LOGFILE=\"Sie können durch Übermittlung Ihrer Logdatei helfen\"\nSECTION_KERBEROS=\"Kerberos\"\n" }, { "path": "db/languages/en", "content": "ERROR_NO_LICENSE=\"No license key configured\"\nERROR_NO_UPLOAD_SERVER=\"No upload server configured\"\nGEN_CHECKING=\"Checking\"\nGEN_CURRENT_VERSION=\"Current version\"\nGEN_DEBUG_MODE=\"Debug mode\"\nGEN_INITIALIZE_PROGRAM=\"Initializing program\"\nGEN_LATEST_VERSION=\"Latest version\"\nGEN_PHASE=\"phase\"\nGEN_PLUGINS_ENABLED=\"Plugins enabled\"\nGEN_UPDATE_AVAILABLE=\"update available\"\nGEN_VERBOSE_MODE=\"Verbose mode\"\nGEN_WHAT_TO_DO=\"What to do\"\nNOTE_EXCEPTIONS_FOUND=\"Exceptions found\"\nNOTE_EXCEPTIONS_FOUND_DETAILED=\"Some exceptional events or information was found\"\nNOTE_PLUGINS_TAKE_TIME=\"Note: plugins have more extensive tests and may take several minutes to complete\"\nNOTE_SKIPPED_TESTS_NON_PRIVILEGED=\"Skipped tests due to non-privileged mode\"\nSECTION_ACCOUNTING=\"Accounting\"\nSECTION_BANNERS_AND_IDENTIFICATION=\"Banners and identification\"\nSECTION_BASICS=\"Basics\"\nSECTION_BOOT_AND_SERVICES=\"Boot and services\"\nSECTION_CONTAINERS=\"Containers\"\nSECTION_CRYPTOGRAPHY=\"Cryptography\"\nSECTION_CUSTOM_TESTS=\"Custom tests\"\nSECTION_DATA_UPLOAD=\"Data upload\"\nSECTION_DATABASES=\"Databases\"\nSECTION_DOWNLOADS=\"Downloads\"\nSECTION_EMAIL_AND_MESSAGING=\"Software: e-mail and messaging\"\nSECTION_FILE_INTEGRITY=\"Software: file integrity\"\nSECTION_FILE_PERMISSIONS=\"File Permissions\"\nSECTION_FILE_SYSTEMS=\"File systems\"\nSECTION_FIREWALLS=\"Software: firewalls\"\nSECTION_GENERAL=\"General\"\nSECTION_HARDENING=\"Hardening\"\nSECTION_HOME_DIRECTORIES=\"Home directories\"\nSECTION_IMAGE=\"Image\"\nSECTION_INITIALIZING_PROGRAM=\"Initializing program\"\nSECTION_INSECURE_SERVICES=\"Insecure services\"\nSECTION_KERNEL=\"Kernel\"\nSECTION_KERNEL_HARDENING=\"Kernel Hardening\"\nSECTION_LDAP_SERVICES=\"LDAP Services\"\nSECTION_LOGGING_AND_FILES=\"Logging and files\"\nSECTION_MALWARE=\"Software: Malware\"\nSECTION_MEMORY_AND_PROCESSES=\"Memory and Processes\"\nSECTION_NAME_SERVICES=\"Name services\"\nSECTION_NETWORKING=\"Networking\"\nSECTION_PERMISSIONS=\"Permissions\"\nSECTION_PORTS_AND_PACKAGES=\"Ports and packages\"\nSECTION_PRINTERS_AND_SPOOLS=\"Printers and Spools\"\nSECTION_PROGRAM_DETAILS=\"Program Details\"\nSECTION_SCHEDULED_TASKS=\"Scheduled tasks\"\nSECTION_SECURITY_FRAMEWORKS=\"Security frameworks\"\nSECTION_SHELLS=\"Shells\"\nSECTION_SNMP_SUPPORT=\"SNMP Support\"\nSECTION_SOFTWARE=\"Software\"\nSECTION_SQUID_SUPPORT=\"Squid Support\"\nSECTION_SSH_SUPPORT=\"SSH Support\"\nSECTION_STORAGE=\"Storage\"\nSECTION_SYSTEM_INTEGRITY=\"Software: System integrity\"\nSECTION_SYSTEM_TOOLING=\"Software: System tooling\"\nSECTION_SYSTEM_TOOLS=\"System tools\"\nSECTION_TIME_AND_SYNCHRONIZATION=\"Time and Synchronization\"\nSECTION_USB_DEVICES=\"USB Devices\"\nSECTION_USERS_GROUPS_AND_AUTHENTICATION=\"Users, Groups and Authentication\"\nSECTION_VIRTUALIZATION=\"Virtualization\"\nSECTION_WEBSERVER=\"Software: webserver\"\nSECTION_KERBEROS=\"Kerberos\"\nSTATUS_ACTIVE=\"ACTIVE\"\nSTATUS_CHECK_NEEDED=\"CHECK NEEDED\"\nSTATUS_DEBUG=\"DEBUG\"\nSTATUS_DEFAULT=\"DEFAULT\"\nSTATUS_DIFFERENT=\"DIFFERENT\"\nSTATUS_DISABLED=\"DISABLED\"\nSTATUS_DONE=\"DONE\"\nSTATUS_ENABLED=\"ENABLED\"\nSTATUS_ERROR=\"ERROR\"\nSTATUS_EXPOSED=\"EXPOSED\"\nSTATUS_FAILED=\"FAILED\"\nSTATUS_FILES_FOUND=\"FILES FOUND\"\nSTATUS_FOUND=\"FOUND\"\nSTATUS_HARDENED=\"HARDENED\"\nSTATUS_INSTALLED=\"INSTALLED\"\nSTATUS_LOCAL_ONLY=\"LOCAL ONLY\"\nSTATUS_MEDIUM=\"MEDIUM\"\nSTATUS_NO=\"NO\"\nSTATUS_NO_UPDATE=\"NO UPDATE\"\nSTATUS_NON_DEFAULT=\"NON DEFAULT\"\nSTATUS_NONE=\"NONE\"\nSTATUS_NOT_ACTIVE=\"NOT ACTIVE\"\nSTATUS_NOT_CONFIGURED=\"NOT CONFIGURED\"\nSTATUS_NOT_DISABLED=\"NOT DISABLED\"\nSTATUS_NOT_ENABLED=\"NOT ENABLED\"\nSTATUS_NOT_FOUND=\"NOT FOUND\"\nSTATUS_NOT_RUNNING=\"NOT RUNNING\"\nSTATUS_OFF=\"OFF\"\nSTATUS_OK=\"OK\"\nSTATUS_ON=\"ON\"\nSTATUS_PARTIALLY_HARDENED=\"PARTIALLY HARDENED\"\nSTATUS_PROTECTED=\"PROTECTED\"\nSTATUS_RUNNING=\"RUNNING\"\nSTATUS_SKIPPED=\"SKIPPED\"\nSTATUS_SUGGESTION=\"SUGGESTION\"\nSTATUS_UNKNOWN=\"UNKNOWN\"\nSTATUS_UNSAFE=\"UNSAFE\"\nSTATUS_UPDATE_AVAILABLE=\"UPDATE AVAILABLE\"\nSTATUS_WARNING=\"WARNING\"\nSTATUS_WEAK=\"WEAK\"\nSTATUS_YES=\"YES\"\nTEXT_UPDATE_AVAILABLE=\"update available\"\nTEXT_YOU_CAN_HELP_LOGFILE=\"You can help by providing your log file\"\n" }, { "path": "db/languages/es", "content": "ERROR_NO_LICENSE=\"No se ha configurado una clave de licencia\"\nERROR_NO_UPLOAD_SERVER=\"No se ha configurado un servidor para subidas\"\nGEN_CHECKING=\"Revisando\"\nGEN_CURRENT_VERSION=\"Versión actual\"\nGEN_DEBUG_MODE=\"Modo de depuración\"\nGEN_INITIALIZE_PROGRAM=\"Iniciando la aplicación\"\nGEN_LATEST_VERSION=\"Última versión\"\nGEN_PHASE=\"fase\"\nGEN_PLUGINS_ENABLED=\"Plugins activados\"\nGEN_UPDATE_AVAILABLE=\"Actualización disponible\"\nGEN_VERBOSE_MODE=\"Modo detallado\"\nGEN_WHAT_TO_DO=\"Qué hacer\"\nNOTE_EXCEPTIONS_FOUND_DETAILED=\"Se encontró alguna excepción o evento extraordinario\"\nNOTE_EXCEPTIONS_FOUND=\"Excepciones encontradas\"\nNOTE_PLUGINS_TAKE_TIME=\"Nota: los plugins contienen pruebas más extensivas y toman más tiempo\"\nNOTE_SKIPPED_TESTS_NON_PRIVILEGED=\"Pruebas omitidas, debido a que el modo no privilegiado está activo\"\nSECTION_ACCOUNTING=\"Contabilidad\"\nSECTION_BANNERS_AND_IDENTIFICATION=\"Banners e identificación\"\nSECTION_BASICS=\"Básicos\"\nSECTION_BOOT_AND_SERVICES=\"Arranque y servicios\"\nSECTION_CONTAINERS=\"Contenedores\"\nSECTION_CRYPTOGRAPHY=\"Criptografía\"\nSECTION_CUSTOM_TESTS=\"Pruebas personalizadas\"\nSECTION_DATA_UPLOAD=\"Subida de datos\"\nSECTION_DATABASES=\"Bases de datos\"\nSECTION_DOWNLOADS=\"Descargas\"\nSECTION_EMAIL_AND_MESSAGING=\"Software: correo electrónico y mensajería\"\nSECTION_FILE_INTEGRITY=\"Software: integridad de ficheros\"\nSECTION_FILE_PERMISSIONS=\"Permisos de ficheros\"\nSECTION_FILE_SYSTEMS=\"Sistemas de ficheros\"\nSECTION_FIREWALLS=\"Software: firewalls\"\nSECTION_GENERAL=\"General\"\nSECTION_HARDENING=\"Bastionado\"\nSECTION_HOME_DIRECTORIES=\"Directorios de inicio\"\nSECTION_IMAGE=\"Imagen\"\nSECTION_INITIALIZING_PROGRAM=\"Inicializando programa\"\nSECTION_INSECURE_SERVICES=\"Servicios inseguros\"\nSECTION_KERBEROS=\"Kerberos\"\nSECTION_KERNEL_HARDENING=\"Bastionado del kernel\"\nSECTION_KERNEL=\"Kernel\"\nSECTION_LDAP_SERVICES=\"Servicios LDAP\"\nSECTION_LOGGING_AND_FILES=\"Logging y ficheros\"\nSECTION_MALWARE=\"Malware\"\nSECTION_MALWARE=\"Software: Malware\"\nSECTION_MEMORY_AND_PROCESSES=\"Memoria y procesos\"\nSECTION_NAME_SERVICES=\"Servicios de nombres\"\nSECTION_NETWORKING=\"Conectividad\"\nSECTION_PERMISSIONS=\"Permisos\"\nSECTION_PORTS_AND_PACKAGES=\"Puertos y paquetes\"\nSECTION_PRINTERS_AND_SPOOLS=\"Impresoras y spools\"\nSECTION_PROGRAM_DETAILS=\"Detalles del programa\"\nSECTION_SCHEDULED_TASKS=\"Tareas programadas\"\nSECTION_SECURITY_FRAMEWORKS=\"Frameworks de seguridad\"\nSECTION_SHELLS=\"Shells\"\nSECTION_SNMP_SUPPORT=\"Soporte SNMP\"\nSECTION_SOFTWARE=\"Software\"\nSECTION_SQUID_SUPPORT=\"Soporte Squid\"\nSECTION_SSH_SUPPORT=\"Soporte SSH\"\nSECTION_STORAGE=\"Almacenamiento\"\nSECTION_SYSTEM_INTEGRITY=\"Software: Integridad del sistema\"\nSECTION_SYSTEM_TOOLING=\"Software: Herramientas del sistema\"\nSECTION_SYSTEM_TOOLS=\"Herramientas del sistema\"\nSECTION_TIME_AND_SYNCHRONIZATION=\"Tiempo y sincronización\"\nSECTION_USB_DEVICES=\"Dispositivos USB\"\nSECTION_USERS_GROUPS_AND_AUTHENTICATION=\"Usuarios, grupos y autenticación\"\nSECTION_VIRTUALIZATION=\"Virtualización\"\nSECTION_WEBSERVER=\"Software: servidor web\"\nSTATUS_ACTIVE=\"ACTIVO\"\nSTATUS_CHECK_NEEDED=\"NECESITA VERIFICACIÓN\"\nSTATUS_DEBUG=\"DEPURACIÓN\"\nSTATUS_DEFAULT=\"POR DEFECTO\"\nSTATUS_DIFFERENT=\"DIFERENTE\"\nSTATUS_DISABLED=\"DESHABILITADO\"\nSTATUS_DONE=\"HECHO\"\nSTATUS_ENABLED=\"HABILITADO\"\nSTATUS_ERROR=\"ERROR\"\nSTATUS_EXPOSED=\"EXPUESTO\"\nSTATUS_FAILED=\"HA FALLADO\"\nSTATUS_FILES_FOUND=\"ARCHIVOS ENCONTRADOS\"\nSTATUS_FOUND=\"ENCONTRADO\"\nSTATUS_HARDENED=\"BASTIONADO\"\nSTATUS_INSTALLED=\"INSTALADO\"\nSTATUS_LOCAL_ONLY=\"SOLO LOCAL\"\nSTATUS_MEDIUM=\"MEDIO\"\nSTATUS_NO_UPDATE=\"SIN ACTUALIZACIÓN\"\nSTATUS_NO=\"NO\"\nSTATUS_NON_DEFAULT=\"NO POR DEFECTO\"\nSTATUS_NONE=\"NINGUNO\"\nSTATUS_NOT_ACTIVE=\"SIN ACTIVAR\"\nSTATUS_NOT_CONFIGURED=\"NO CONFIGURADO\"\nSTATUS_NOT_DISABLED=\"NO DESHABILITADO\"\nSTATUS_NOT_ENABLED=\"NO HABILITADO\"\nSTATUS_NOT_FOUND=\"NO ENCONTRADO\"\nSTATUS_NOT_RUNNING=\"NO ESTÁ CORRIENDO\"\nSTATUS_OFF=\"APAGADO\"\nSTATUS_OK=\"OK\"\nSTATUS_ON=\"ENCENDIDO\"\nSTATUS_PARTIALLY_HARDENED=\"PARCIALMENTE BASTIONADO\"\nSTATUS_PROTECTED=\"PROTEGIDO\"\nSTATUS_RUNNING=\"CORRIENDO\"\nSTATUS_SKIPPED=\"OMITIDO\"\nSTATUS_SUGGESTION=\"SUGERENCIA\"\nSTATUS_UNKNOWN=\"DESCONOCIDO\"\nSTATUS_UNSAFE=\"INSEGURO\"\nSTATUS_UPDATE_AVAILABLE=\"ACTUALIZACIÓN DISPONIBLE\"\nSTATUS_WARNING=\"PELIGRO\"\nSTATUS_WEAK=\"DÉBIL\"\nSTATUS_YES=\"SÍ\"\nTEXT_UPDATE_AVAILABLE=\"Actualización disponible\"\nTEXT_YOU_CAN_HELP_LOGFILE=\"Puedes ayudar compartiendo tu archivo de registro\"\n" }, { "path": "db/languages/fi", "content": "ERROR_NO_LICENSE=\"Lisenssiavainta ei määritetty\"\nERROR_NO_UPLOAD_SERVER=\"Latauspalvelinta ei määritetty\"\nGEN_CHECKING=\"Tarkastetaan\"\nGEN_CURRENT_VERSION=\"Nykyinen versio\"\nGEN_DEBUG_MODE=\"Vikasietotila\"\nGEN_INITIALIZE_PROGRAM=\"Alustetaan ohjelmaa\"\nGEN_LATEST_VERSION=\"Uusin versio\"\nGEN_PHASE=\"vaihe\"\nGEN_PLUGINS_ENABLED=\"Liitännäiset päällä\"\nGEN_UPDATE_AVAILABLE=\"päivitys saatavilla\"\nGEN_VERBOSE_MODE=\"Puhelias tila\"\nGEN_WHAT_TO_DO=\"Mitä tehdä\"\nNOTE_EXCEPTIONS_FOUND_DETAILED=\"Joitakin poikkeuksellisia tapahtumia tai tietoja löytynyt\"\nNOTE_EXCEPTIONS_FOUND=\"Virheitä löytynyt\"\nNOTE_PLUGINS_TAKE_TIME=\"Huomio: liitännäisillä on kattavampia testejä joiden suorittaminen voi viedä muutaman minuutin\"\nNOTE_SKIPPED_TESTS_NON_PRIVILEGED=\"Testejä jätetty suorittamatta ei-etuoikeutetun tilan vuoksi\"\n#SECTION_ACCOUNTING=\"Accounting\"\n#SECTION_BANNERS_AND_IDENTIFICATION=\"Banners and identification\"\n#SECTION_BASICS=\"Basics\"\n#SECTION_BOOT_AND_SERVICES=\"Boot and services\"\n#SECTION_CONTAINERS=\"Containers\"\n#SECTION_CRYPTOGRAPHY=\"Cryptography\"\nSECTION_CUSTOM_TESTS=\"Kustomoidut testit\"\n#SECTION_DATABASES=\"Databases\"\n#SECTION_DATA_UPLOAD=\"Data upload\"\n#SECTION_DOWNLOADS=\"Downloads\"\n#SECTION_EMAIL_AND_MESSAGING=\"Software: e-mail and messaging\"\n#SECTION_FILE_INTEGRITY=\"Software: file integrity\"\n#SECTION_FILE_PERMISSIONS=\"File Permissions\"\n#SECTION_FILE_SYSTEMS=\"File systems\"\n#SECTION_FIREWALLS=\"Software: firewalls\"\n#SECTION_GENERAL=\"General\"\n#SECTION_HARDENING=\"Hardening\"\n#SECTION_HOME_DIRECTORIES=\"Home directories\"\n#SECTION_IMAGE=\"Image\"\n#SECTION_INITIALIZING_PROGRAM=\"Initializing program\"\n#SECTION_INSECURE_SERVICES=\"Insecure services\"\n#SECTION_KERNEL_HARDENING=\"Kernel Hardening\"\n#SECTION_KERNEL=\"Kernel\"\n#SECTION_LDAP_SERVICES=\"LDAP Services\"\n#SECTION_LOGGING_AND_FILES=\"Logging and files\"\nSECTION_MALWARE=\"Haittaohjelma\"\nSECTION_MEMORY_AND_PROCESSES=\"Muisti ja prosessit\"\n#SECTION_NAME_SERVICES=\"Name services\"\n#SECTION_NETWORKING=\"Networking\"\n#SECTION_PERMISSIONS=\"Permissions\"\n#SECTION_PORTS_AND_PACKAGES=\"Ports and packages\"\n#SECTION_PRINTERS_AND_SPOOLS=\"Printers and Spools\"\n#SECTION_PROGRAM_DETAILS=\"Program Details\"\n#SECTION_SCHEDULED_TASKS=\"Scheduled tasks\"\n#SECTION_SECURITY_FRAMEWORKS=\"Security frameworks\"\n#SECTION_SHELLS=\"Shells\"\n#SECTION_SNMP_SUPPORT=\"SNMP Support\"\n#SECTION_SOFTWARE=\"Software\"\n#SECTION_SQUID_SUPPORT=\"Squid Support\"\n#SECTION_SSH_SUPPORT=\"SSH Support\"\n#SECTION_STORAGE=\"Storage\"\n#SECTION_SYSTEM_INTEGRITY=\"Software: System integrity\"\n#SECTION_SYSTEM_TOOLING=\"Software: System tooling\"\n#SECTION_SYSTEM_TOOLS=\"System tools\"\n#SECTION_TIME_AND_SYNCHRONIZATION=\"Time and Synchronization\"\n#SECTION_USB_DEVICES=\"USB Devices\"\n#SECTION_USERS_GROUPS_AND_AUTHENTICATION=\"Users, Groups and Authentication\"\n#SECTION_VIRTUALIZATION=\"Virtualization\"\n#SECTION_WEBSERVER=\"Software: webserver\"\n#STATUS_ACTIVE=\"ACTIVE\"\n#STATUS_CHECK_NEEDED=\"CHECK NEEDED\"\n#STATUS_DEBUG=\"DEBUG\"\n#STATUS_DEFAULT=\"DEFAULT\"\n#STATUS_DIFFERENT=\"DIFFERENT\"\nSTATUS_DISABLED=\"EI PÄÄLLÄ\"\nSTATUS_DONE=\"VALMIS\"\nSTATUS_ENABLED=\"PÄÄLLÄ\"\nSTATUS_ERROR=\"VIRHE\"\n#STATUS_EXPOSED=\"EXPOSED\"\n#STATUS_FAILED=\"FAILED\"\n#STATUS_FILES_FOUND=\"FILES FOUND\"\nSTATUS_FOUND=\"LÖYTYNYT\"\n#STATUS_HARDENED=\"HARDENED\"\n#STATUS_INSTALLED=\"INSTALLED\"\n#STATUS_LOCAL_ONLY=\"LOCAL ONLY\"\n#STATUS_MEDIUM=\"MEDIUM\"\nSTATUS_NO=\"EI\"\n#STATUS_NON_DEFAULT=\"NON DEFAULT\"\nSTATUS_NONE=\"EI MITÄÄN\"\nSTATUS_NOT_ACTIVE=\"NOT ACTIVE\"\n#STATUS_NOT_CONFIGURED=\"NOT CONFIGURED\"\n#STATUS_NOT_DISABLED=\"NOT DISABLED\"\n#STATUS_NOT_ENABLED=\"NOT ENABLED\"\nSTATUS_NOT_FOUND=\"EI LÖYTYNYT\"\nSTATUS_NOT_RUNNING=\"EI OLE KÄYNNISSÄ\"\n#STATUS_NO_UPDATE=\"NO UPDATE\"\nSTATUS_OFF=\"EI PÄÄLLÄ\"\nSTATUS_OK=\"OK\"\nSTATUS_ON=\"PÄÄLLÄ\"\n#STATUS_PARTIALLY_HARDENED=\"PARTIALLY HARDENED\"\n#STATUS_PROTECTED=\"PROTECTED\"\nSTATUS_RUNNING=\"KÄYNNISSÄ\"\nSTATUS_SKIPPED=\"OHITETTU\"\nSTATUS_SUGGESTION=\"EHDOTUS\"\nSTATUS_UNKNOWN=\"TUNTEMATON\"\n#STATUS_UNSAFE=\"UNSAFE\"\n#STATUS_UPDATE_AVAILABLE=\"UPDATE AVAILABLE\"\nSTATUS_WARNING=\"VAROITUS\"\n#STATUS_WEAK=\"WEAK\"\nSTATUS_YES=\"KYLLÄ\"\nTEXT_UPDATE_AVAILABLE=\"päivitys saatavilla\"\nTEXT_YOU_CAN_HELP_LOGFILE=\"Voit auttaa toimittamalla lokitiedoston\"\n#SECTION_KERBEROS=\"Kerberos\"\n" }, { "path": "db/languages/fr", "content": "ERROR_NO_LICENSE=\"Pas de clé de licence configurée\"\nERROR_NO_UPLOAD_SERVER=\"Pas de serveur de transfert configuré\"\nGEN_CHECKING=\"Vérification\"\nGEN_CURRENT_VERSION=\"Version actuelle\"\nGEN_DEBUG_MODE=\"mode débug\"\nGEN_INITIALIZE_PROGRAM=\"Initialisation\"\nGEN_LATEST_VERSION=\"Dernière version\"\nGEN_PHASE=\"phase\"\nGEN_PLUGINS_ENABLED=\"Plugins activés\"\nGEN_UPDATE_AVAILABLE=\"mise à jour disponible\"\nGEN_VERBOSE_MODE=\"mode verbeux\"\nGEN_WHAT_TO_DO=\"Que faire\"\nNOTE_EXCEPTIONS_FOUND=\"Exceptions trouvées\"\nNOTE_EXCEPTIONS_FOUND_DETAILED=\"Des événements ou informations exceptionnels ont été trouvés\"\nNOTE_PLUGINS_TAKE_TIME=\"Note : Les plugins ont des tests plus poussés qui peuvent prendre plusieurs minutes\"\nNOTE_SKIPPED_TESTS_NON_PRIVILEGED=\"Tests ignorés faute de privilèges\"\nSECTION_ACCOUNTING=\"Comptes\"\nSECTION_BANNERS_AND_IDENTIFICATION=\"Bannières et identification\"\nSECTION_BASICS=\"Basics\"\nSECTION_BOOT_AND_SERVICES=\"Démarrage et services\"\nSECTION_CONTAINERS=\"Conteneurs\"\nSECTION_CRYPTOGRAPHY=\"Cryptographie\"\nSECTION_CUSTOM_TESTS=\"Tests personnalisés\"\nSECTION_DATA_UPLOAD=\"Téléchargement de données\"\nSECTION_DATABASES=\"Bases de données\"\nSECTION_DOWNLOADS=\"Téléchargements\"\nSECTION_EMAIL_AND_MESSAGING=\"Logiciel : Email et messagerie\"\nSECTION_FILE_INTEGRITY=\"Logiciel : Intégrité de fichier\"\nSECTION_FILE_PERMISSIONS=\"Permissions de fichier\"\nSECTION_FILE_SYSTEMS=\"Systèmes de fichier\"\nSECTION_FIREWALLS=\"Logiciel : Pare-feu\"\nSECTION_GENERAL=\"Général\"\nSECTION_HARDENING=\"Hardening\"\nSECTION_HOME_DIRECTORIES=\"Dossiers personnels\"\nSECTION_IMAGE=\"Image\"\nSECTION_INITIALIZING_PROGRAM=\"Initialisation du programme\"\nSECTION_INSECURE_SERVICES=\"Services non sécurisés\"\nSECTION_KERNEL=\"Noyau\"\nSECTION_KERNEL_HARDENING=\"Kernel Hardening\"\nSECTION_LDAP_SERVICES=\"Services LDAP\"\nSECTION_LOGGING_AND_FILES=\"Journalisation et fichiers\"\nSECTION_MALWARE=\"Logiciel : Malveillants\"\nSECTION_MEMORY_AND_PROCESSES=\"Mémoire et processus\"\nSECTION_NAME_SERVICES=\"Services de noms\"\nSECTION_NETWORKING=\"Mise en réseau\"\nSECTION_PERMISSIONS=\"Permissions\"\nSECTION_PORTS_AND_PACKAGES=\"Ports et packages\"\nSECTION_PRINTERS_AND_SPOOLS=\"Imprimantes et serveurs d'impression\"\nSECTION_PROGRAM_DETAILS=\"Détails du programme\"\nSECTION_SCHEDULED_TASKS=\"Tâches planifiées\"\nSECTION_SECURITY_FRAMEWORKS=\"Frameworks de sécurité\"\nSECTION_SHELLS=\"Shells\"\nSECTION_SNMP_SUPPORT=\"Prise en charge SNMP\"\nSECTION_SOFTWARE=\"Logiciel\"\nSECTION_SQUID_SUPPORT=\"Prise en charge Squid\"\nSECTION_SSH_SUPPORT=\"Prise en charge SSH\"\nSECTION_STORAGE=\"Stockage\"\nSECTION_SYSTEM_INTEGRITY=\"Logiciel : Intégrité du système\"\nSECTION_SYSTEM_TOOLING=\"Logiciel : System tooling\"\nSECTION_SYSTEM_TOOLS=\"Outils système\"\nSECTION_TIME_AND_SYNCHRONIZATION=\"Heure et synchronisation\"\nSECTION_USB_DEVICES=\"Périphériques USB\"\nSECTION_USERS_GROUPS_AND_AUTHENTICATION=\"Utilisateurs, groupes et authentification\"\nSECTION_VIRTUALIZATION=\"Virtualisation\"\nSECTION_WEBSERVER=\"Logiciel : Serveur web\"\nSTATUS_ACTIVE=\"ACTIF\"\nSTATUS_CHECK_NEEDED=\"VÉRIFICATION NÉCESSAIRE\"\nSTATUS_DEBUG=\"DÉBUG\"\nSTATUS_DEFAULT=\"PAR DÉFAUT\"\nSTATUS_DIFFERENT=\"DIFFÉRENT\"\nSTATUS_DISABLED=\"DÉSACTIVÉ\"\nSTATUS_DONE=\"FAIT\"\nSTATUS_ENABLED=\"ACTIVÉ\"\nSTATUS_ERROR=\"ERREUR\"\nSTATUS_EXPOSED=\"EXPOSÉ\"\nSTATUS_FAILED=\"ÉCHOUÉ\"\nSTATUS_FILES_FOUND=\"FICHIERS TROUVÉS\"\nSTATUS_FOUND=\"TROUVÉ\"\nSTATUS_HARDENED=\"RENFORCÉ\"\nSTATUS_INSTALLED=\"INSTALLÉ\"\nSTATUS_LOCAL_ONLY=\"LOCAL SEULEMENT\"\nSTATUS_MEDIUM=\"MOYEN\"\nSTATUS_NO=\"NON\"\nSTATUS_NO_UPDATE=\"PAS DE MISE A JOUR\"\nSTATUS_NON_DEFAULT=\"PAS PAR DÉFAUT\"\nSTATUS_NONE=\"AUCUN\"\nSTATUS_NOT_ACTIVE=\"NOT ACTIVE\"\nSTATUS_NOT_CONFIGURED=\"NON CONFIGURÉ\"\nSTATUS_NOT_DISABLED=\"NON DESACTIVÉ\"\nSTATUS_NOT_ENABLED=\"NON ACTIVÉ\"\nSTATUS_NOT_FOUND=\"NON TROUVÉ\"\nSTATUS_NOT_RUNNING=\"NON LANCÉ\"\nSTATUS_OFF=\"OFF\"\nSTATUS_OK=\"OK\"\nSTATUS_ON=\"ON\"\nSTATUS_PARTIALLY_HARDENED=\"PARTIELLEMENT RENFORCÉ\"\nSTATUS_PROTECTED=\"PROTÉGÉ\"\nSTATUS_RUNNING=\"EN COURS\"\nSTATUS_SKIPPED=\"IGNORÉ\"\nSTATUS_SUGGESTION=\"SUGGESTION\"\nSTATUS_UNKNOWN=\"INCONNU\"\nSTATUS_UNSAFE=\"RISQUÉ\"\nSTATUS_UPDATE_AVAILABLE=\"MISE A JOUR DISPONIBLE\"\nSTATUS_WARNING=\"AVERTISSEMENT\"\nSTATUS_WEAK=\"FAIBLE\"\nSTATUS_YES=\"OUI\"\nTEXT_UPDATE_AVAILABLE=\"Mise à jour disponible\"\nTEXT_YOU_CAN_HELP_LOGFILE=\"Vous pouvez aider en envoyant votre fichier journal\"\nSECTION_KERBEROS=\"Kerberos\"\n" }, { "path": "db/languages/gr", "content": "ERROR_NO_LICENSE=\"No license key configured\"\nERROR_NO_UPLOAD_SERVER=\"No upload server configured\"\nGEN_CHECKING=\"Γίνεται έλεγχος\"\nGEN_CURRENT_VERSION=\"Τρέχουσα έκδοση\"\nGEN_DEBUG_MODE=\"Debug mode\"\nGEN_INITIALIZE_PROGRAM=\"Initializing program\"\nGEN_LATEST_VERSION=\"Τελευταία έκδοση\"\nGEN_PHASE=\"phase\"\nGEN_PLUGINS_ENABLED=\"Οι προσθήκες είναι ενεργοποιημένες\"\nGEN_UPDATE_AVAILABLE=\"διαθέσιμη ενημέρωση\"\nGEN_VERBOSE_MODE=\"Verbose mode\"\nGEN_WHAT_TO_DO=\"Τι να κάνεις\"\nNOTE_EXCEPTIONS_FOUND_DETAILED=\"Εντοπίστηκαν μερικά εξαιρετικά γεγονότα ή πληροφορίες\"\nNOTE_EXCEPTIONS_FOUND=\"Βρέθηκαν Εξαιρέσεις\"\nNOTE_PLUGINS_TAKE_TIME=\"Note: Τα plugins έχουν πιο εκτεταμένες δοκιμές και μπορεί να διαρκέσουν αρκετά λεπτά για να ολοκληρωθούν\"\nNOTE_SKIPPED_TESTS_NON_PRIVILEGED=\"Παράλειψη δοκιμών λόγω μη προνομιακής λειτουργίας\"\n#SECTION_ACCOUNTING=\"Accounting\"\n#SECTION_BANNERS_AND_IDENTIFICATION=\"Banners and identification\"\n#SECTION_BASICS=\"Basics\"\n#SECTION_BOOT_AND_SERVICES=\"Boot and services\"\n#SECTION_CONTAINERS=\"Containers\"\n#SECTION_CRYPTOGRAPHY=\"Cryptography\"\nSECTION_CUSTOM_TESTS=\"Προσαρμοσμένες δοκιμές\"\n#SECTION_DATABASES=\"Databases\"\n#SECTION_DATA_UPLOAD=\"Data upload\"\n#SECTION_DOWNLOADS=\"Downloads\"\n#SECTION_EMAIL_AND_MESSAGING=\"Software: e-mail and messaging\"\n#SECTION_FILE_INTEGRITY=\"Software: file integrity\"\n#SECTION_FILE_PERMISSIONS=\"File Permissions\"\n#SECTION_FILE_SYSTEMS=\"File systems\"\n#SECTION_FIREWALLS=\"Software: firewalls\"\n#SECTION_GENERAL=\"General\"\n#SECTION_HARDENING=\"Hardening\"\n#SECTION_HOME_DIRECTORIES=\"Home directories\"\n#SECTION_IMAGE=\"Image\"\n#SECTION_INITIALIZING_PROGRAM=\"Initializing program\"\n#SECTION_INSECURE_SERVICES=\"Insecure services\"\n#SECTION_KERNEL_HARDENING=\"Kernel Hardening\"\n#SECTION_KERNEL=\"Kernel\"\n#SECTION_LDAP_SERVICES=\"LDAP Services\"\n#SECTION_LOGGING_AND_FILES=\"Logging and files\"\nSECTION_MALWARE=\"Κακόβουλο λογισμικό\"\nSECTION_MEMORY_AND_PROCESSES=\"Μνήμη και διεργασίες\"\n#SECTION_NAME_SERVICES=\"Name services\"\n#SECTION_NETWORKING=\"Networking\"\n#SECTION_PERMISSIONS=\"Permissions\"\n#SECTION_PORTS_AND_PACKAGES=\"Ports and packages\"\n#SECTION_PRINTERS_AND_SPOOLS=\"Printers and Spools\"\n#SECTION_PROGRAM_DETAILS=\"Program Details\"\n#SECTION_SCHEDULED_TASKS=\"Scheduled tasks\"\n#SECTION_SECURITY_FRAMEWORKS=\"Security frameworks\"\n#SECTION_SHELLS=\"Shells\"\n#SECTION_SNMP_SUPPORT=\"SNMP Support\"\n#SECTION_SOFTWARE=\"Software\"\n#SECTION_SQUID_SUPPORT=\"Squid Support\"\n#SECTION_SSH_SUPPORT=\"SSH Support\"\n#SECTION_STORAGE=\"Storage\"\n#SECTION_SYSTEM_INTEGRITY=\"Software: System integrity\"\n#SECTION_SYSTEM_TOOLING=\"Software: System tooling\"\n#SECTION_SYSTEM_TOOLS=\"System tools\"\n#SECTION_TIME_AND_SYNCHRONIZATION=\"Time and Synchronization\"\n#SECTION_USB_DEVICES=\"USB Devices\"\n#SECTION_USERS_GROUPS_AND_AUTHENTICATION=\"Users, Groups and Authentication\"\n#SECTION_VIRTUALIZATION=\"Virtualization\"\n#SECTION_WEBSERVER=\"Software: webserver\"\n#STATUS_ACTIVE=\"ACTIVE\"\n#STATUS_CHECK_NEEDED=\"CHECK NEEDED\"\n#STATUS_DEBUG=\"DEBUG\"\n#STATUS_DEFAULT=\"DEFAULT\"\n#STATUS_DIFFERENT=\"DIFFERENT\"\nSTATUS_DISABLED=\"DISABLED\"\nSTATUS_DONE=\"DONE\"\nSTATUS_ENABLED=\"ENABLED\"\nSTATUS_ERROR=\"ΣΦΑΛΜΑ\"\n#STATUS_EXPOSED=\"EXPOSED\"\n#STATUS_FAILED=\"FAILED\"\n#STATUS_FILES_FOUND=\"FILES FOUND\"\nSTATUS_FOUND=\"ΒΡΕΘΗΚΕ\"\n#STATUS_HARDENED=\"HARDENED\"\n#STATUS_INSTALLED=\"INSTALLED\"\n#STATUS_LOCAL_ONLY=\"LOCAL ONLY\"\n#STATUS_MEDIUM=\"MEDIUM\"\n#STATUS_NON_DEFAULT=\"NON DEFAULT\"\nSTATUS_NONE=\"ΚΑΝΕΝΑ\"\nSTATUS_NOT_ACTIVE=\"NOT ACTIVE\"\n#STATUS_NOT_CONFIGURED=\"NOT CONFIGURED\"\n#STATUS_NOT_DISABLED=\"NOT DISABLED\"\n#STATUS_NOT_ENABLED=\"NOT ENABLED\"\nSTATUS_NOT_FOUND=\"ΔΕΝ ΒΡΕΘΗΚΕ\"\nSTATUS_NOT_RUNNING=\"ΔΕΝ ΤΡΕΧΕΙ\"\n#STATUS_NO_UPDATE=\"NO UPDATE\"\nSTATUS_NO=\"ΟΧΙ\"\nSTATUS_OFF=\"OFF\"\nSTATUS_OK=\"OK\"\nSTATUS_ON=\"ON\"\n#STATUS_PARTIALLY_HARDENED=\"PARTIALLY HARDENED\"\n#STATUS_PROTECTED=\"PROTECTED\"\nSTATUS_RUNNING=\"ΤΡΕΧΕΙ\"\nSTATUS_SKIPPED=\"ΞΕΠΕΡΑΣΤΗΚΕ\"\nSTATUS_SUGGESTION=\"ΠΡΟΤΑΣΗ\"\nSTATUS_UNKNOWN=\"ΑΓΝΩΣΤΟ\"\n#STATUS_UNSAFE=\"UNSAFE\"\n#STATUS_UPDATE_AVAILABLE=\"UPDATE AVAILABLE\"\nSTATUS_WARNING=\"ΠΡΟΣΟΧΗ\"\n#STATUS_WEAK=\"WEAK\"\nSTATUS_YES=\"ΝΑΙ\"\nTEXT_UPDATE_AVAILABLE=\"διαθέσιμη ενημέρωση\"\nTEXT_YOU_CAN_HELP_LOGFILE=\"Μπορείτε να βοηθήσετε παρέχοντας το αρχείο καταγραφής\"\n#SECTION_KERBEROS=\"Kerberos\"\n" }, { "path": "db/languages/he", "content": "ERROR_NO_LICENSE=\"רישיון לא מוגדר\"\nERROR_NO_UPLOAD_SERVER=\"שרת להעלאת קבצים לא מוגדר\"\nGEN_CHECKING=\"בבדיקה\"\nGEN_CURRENT_VERSION=\"גירסא נוכחית\"\nGEN_DEBUG_MODE=\"מצב ניפוי שגיאות\"\nGEN_INITIALIZE_PROGRAM=\"מאתחל תוכנית\"\nGEN_LATEST_VERSION=\"גירסא אחרונה ועדכנית\"\nGEN_PHASE=\"שלב\"\nGEN_PLUGINS_ENABLED=\"פלאגינים מאופשרים\"\nGEN_UPDATE_AVAILABLE=\"עדכון זמין\"\nGEN_VERBOSE_MODE=\"מצב ארכני\"\nGEN_WHAT_TO_DO=\"לביצוע\"\nNOTE_EXCEPTIONS_FOUND_DETAILED=\"אירועים חריגים או מידע חריג נמצא\"\nNOTE_EXCEPTIONS_FOUND=\"נמצאו אירועים חריגים\"\nNOTE_PLUGINS_TAKE_TIME=\"לידיעה: חלק מהבדיקות יקחו זמן רב יותר מהרגיל\"\nNOTE_SKIPPED_TESTS_NON_PRIVILEGED=\"מדלג על בדיקה עקב אי פריבילגיות\"\n#SECTION_ACCOUNTING=\"Accounting\"\n#SECTION_BANNERS_AND_IDENTIFICATION=\"Banners and identification\"\n#SECTION_BASICS=\"Basics\"\n#SECTION_BOOT_AND_SERVICES=\"Boot and services\"\n#SECTION_CONTAINERS=\"Containers\"\n#SECTION_CRYPTOGRAPHY=\"Cryptography\"\nSECTION_CUSTOM_TESTS=\"בדיקה מותאמות\"\n#SECTION_DATABASES=\"Databases\"\n#SECTION_DATA_UPLOAD=\"Data upload\"\n#SECTION_DOWNLOADS=\"Downloads\"\n#SECTION_EMAIL_AND_MESSAGING=\"Software: e-mail and messaging\"\n#SECTION_FILE_INTEGRITY=\"Software: file integrity\"\n#SECTION_FILE_PERMISSIONS=\"File Permissions\"\n#SECTION_FILE_SYSTEMS=\"File systems\"\n#SECTION_FIREWALLS=\"Software: firewalls\"\n#SECTION_GENERAL=\"General\"\n#SECTION_HARDENING=\"Hardening\"\n#SECTION_HOME_DIRECTORIES=\"Home directories\"\n#SECTION_IMAGE=\"Image\"\n#SECTION_INITIALIZING_PROGRAM=\"Initializing program\"\n#SECTION_INSECURE_SERVICES=\"Insecure services\"\n#SECTION_KERNEL_HARDENING=\"Kernel Hardening\"\n#SECTION_KERNEL=\"Kernel\"\n#SECTION_LDAP_SERVICES=\"LDAP Services\"\n#SECTION_LOGGING_AND_FILES=\"Logging and files\"\nSECTION_MALWARE=\"תוכנה זדונית\"\nSECTION_MEMORY_AND_PROCESSES=\"זיכרון ותהליכים\"\n#SECTION_NAME_SERVICES=\"Name services\"\n#SECTION_NETWORKING=\"Networking\"\n#SECTION_PERMISSIONS=\"Permissions\"\n#SECTION_PORTS_AND_PACKAGES=\"Ports and packages\"\n#SECTION_PRINTERS_AND_SPOOLS=\"Printers and Spools\"\n#SECTION_PROGRAM_DETAILS=\"Program Details\"\n#SECTION_SCHEDULED_TASKS=\"Scheduled tasks\"\n#SECTION_SECURITY_FRAMEWORKS=\"Security frameworks\"\n#SECTION_SHELLS=\"Shells\"\n#SECTION_SNMP_SUPPORT=\"SNMP Support\"\n#SECTION_SOFTWARE=\"Software\"\n#SECTION_SQUID_SUPPORT=\"Squid Support\"\n#SECTION_SSH_SUPPORT=\"SSH Support\"\n#SECTION_STORAGE=\"Storage\"\n#SECTION_SYSTEM_INTEGRITY=\"Software: System integrity\"\n#SECTION_SYSTEM_TOOLING=\"Software: System tooling\"\n#SECTION_SYSTEM_TOOLS=\"System tools\"\n#SECTION_TIME_AND_SYNCHRONIZATION=\"Time and Synchronization\"\n#SECTION_USB_DEVICES=\"USB Devices\"\n#SECTION_USERS_GROUPS_AND_AUTHENTICATION=\"Users, Groups and Authentication\"\n#SECTION_VIRTUALIZATION=\"Virtualization\"\n#SECTION_WEBSERVER=\"Software: webserver\"\n#STATUS_ACTIVE=\"ACTIVE\"\n#STATUS_CHECK_NEEDED=\"CHECK NEEDED\"\n#STATUS_DEBUG=\"DEBUG\"\n#STATUS_DEFAULT=\"DEFAULT\"\n#STATUS_DIFFERENT=\"DIFFERENT\"\nSTATUS_DISABLED=\"לא זמין\"\nSTATUS_DONE=\"סיום\"\nSTATUS_ENABLED=\"זמין\"\nSTATUS_ERROR=\"שגיאה\"\n#STATUS_EXPOSED=\"EXPOSED\"\n#STATUS_FAILED=\"FAILED\"\n#STATUS_FILES_FOUND=\"FILES FOUND\"\nSTATUS_FOUND=\"נמצא\"\n#STATUS_HARDENED=\"HARDENED\"\n#STATUS_INSTALLED=\"INSTALLED\"\n#STATUS_LOCAL_ONLY=\"LOCAL ONLY\"\n#STATUS_MEDIUM=\"MEDIUM\"\n#STATUS_NON_DEFAULT=\"NON DEFAULT\"\nSTATUS_NONE=\"אין כלל\"\nSTATUS_NOT_ACTIVE=\"NOT ACTIVE\"\n#STATUS_NOT_CONFIGURED=\"NOT CONFIGURED\"\n#STATUS_NOT_DISABLED=\"NOT DISABLED\"\n#STATUS_NOT_ENABLED=\"NOT ENABLED\"\nSTATUS_NOT_FOUND=\"לא נמצא\"\nSTATUS_NOT_RUNNING=\"לא רץ\"\n#STATUS_NO_UPDATE=\"NO UPDATE\"\nSTATUS_NO=\"לא\"\nSTATUS_OFF=\"כבוי\"\nSTATUS_OK=\"או קי\"\nSTATUS_ON=\"פועל\"\n#STATUS_PARTIALLY_HARDENED=\"PARTIALLY HARDENED\"\n#STATUS_PROTECTED=\"PROTECTED\"\nSTATUS_RUNNING=\"בהרצה\"\nSTATUS_SKIPPED=\"דולג\"\nSTATUS_SUGGESTION=\"הצעה\"\nSTATUS_UNKNOWN=\"לא ידוע\"\n#STATUS_UNSAFE=\"UNSAFE\"\n#STATUS_UPDATE_AVAILABLE=\"UPDATE AVAILABLE\"\nSTATUS_WARNING=\"אזהרה\"\n#STATUS_WEAK=\"WEAK\"\nSTATUS_YES=\"כן\"\nTEXT_UPDATE_AVAILABLE=\"עדכון זמין\"\nTEXT_YOU_CAN_HELP_LOGFILE=\"ניתן לעזור על ידי שליחת קובץ הלוג\"\n#SECTION_KERBEROS=\"Kerberos\"\n" }, { "path": "db/languages/hu", "content": "ERROR_NO_LICENSE=\"Nincs licenc kulcs konfigurálva\"\nERROR_NO_UPLOAD_SERVER=\"Nincs feltöltő szerver konfigurálva\"\nGEN_CHECKING=\"Checking\"\nGEN_CURRENT_VERSION=\"Jelenlegi verzió\"\nGEN_DEBUG_MODE=\"Debug mode\"\nGEN_INITIALIZE_PROGRAM=\"Initializing program\"\n#GEN_LATEST_VERSION=\"Latest version\"\nGEN_PHASE=\"szakasz\"\nGEN_PLUGINS_ENABLED=\"Bővitmények engedelyézve\"\nGEN_UPDATE_AVAILABLE=\"frissítés elérhető\"\nGEN_VERBOSE_MODE=\"Verbose mode\"\nGEN_WHAT_TO_DO=\"What to do\"\nNOTE_EXCEPTIONS_FOUND_DETAILED=\"Some exceptional events or information was found\"\nNOTE_EXCEPTIONS_FOUND=\"Exceptions found\"\nNOTE_PLUGINS_TAKE_TIME=\"Note: plugins have more extensive tests and may take several minutes to complete\"\nNOTE_SKIPPED_TESTS_NON_PRIVILEGED=\"Skipped tests due to non-privileged mode\"\n#SECTION_ACCOUNTING=\"Accounting\"\n#SECTION_BANNERS_AND_IDENTIFICATION=\"Banners and identification\"\n#SECTION_BASICS=\"Basics\"\n#SECTION_BOOT_AND_SERVICES=\"Boot and services\"\n#SECTION_CONTAINERS=\"Containers\"\n#SECTION_CRYPTOGRAPHY=\"Cryptography\"\nSECTION_CUSTOM_TESTS=\"Egyedi Tesztek\"\n#SECTION_DATABASES=\"Databases\"\n#SECTION_DATA_UPLOAD=\"Data upload\"\n#SECTION_DOWNLOADS=\"Downloads\"\n#SECTION_EMAIL_AND_MESSAGING=\"Software: e-mail and messaging\"\n#SECTION_FILE_INTEGRITY=\"Software: file integrity\"\n#SECTION_FILE_PERMISSIONS=\"File Permissions\"\n#SECTION_FILE_SYSTEMS=\"File systems\"\n#SECTION_FIREWALLS=\"Software: firewalls\"\n#SECTION_GENERAL=\"General\"\n#SECTION_HARDENING=\"Hardening\"\n#SECTION_HOME_DIRECTORIES=\"Home directories\"\n#SECTION_IMAGE=\"Image\"\n#SECTION_INITIALIZING_PROGRAM=\"Initializing program\"\n#SECTION_INSECURE_SERVICES=\"Insecure services\"\n#SECTION_KERNEL_HARDENING=\"Kernel Hardening\"\n#SECTION_KERNEL=\"Kernel\"\n#SECTION_LDAP_SERVICES=\"LDAP Services\"\n#SECTION_LOGGING_AND_FILES=\"Logging and files\"\nSECTION_MALWARE=\"Malware\"\nSECTION_MEMORY_AND_PROCESSES=\"Memória és Folyamatok\"\n#SECTION_NAME_SERVICES=\"Name services\"\n#SECTION_NETWORKING=\"Networking\"\n#SECTION_PERMISSIONS=\"Permissions\"\n#SECTION_PORTS_AND_PACKAGES=\"Ports and packages\"\n#SECTION_PRINTERS_AND_SPOOLS=\"Printers and Spools\"\n#SECTION_PROGRAM_DETAILS=\"Program Details\"\n#SECTION_SCHEDULED_TASKS=\"Scheduled tasks\"\n#SECTION_SECURITY_FRAMEWORKS=\"Security frameworks\"\n#SECTION_SHELLS=\"Shells\"\n#SECTION_SNMP_SUPPORT=\"SNMP Support\"\n#SECTION_SOFTWARE=\"Software\"\n#SECTION_SQUID_SUPPORT=\"Squid Support\"\n#SECTION_SSH_SUPPORT=\"SSH Support\"\n#SECTION_STORAGE=\"Storage\"\n#SECTION_SYSTEM_INTEGRITY=\"Software: System integrity\"\n#SECTION_SYSTEM_TOOLING=\"Software: System tooling\"\n#SECTION_SYSTEM_TOOLS=\"System tools\"\n#SECTION_TIME_AND_SYNCHRONIZATION=\"Time and Synchronization\"\n#SECTION_USB_DEVICES=\"USB Devices\"\n#SECTION_USERS_GROUPS_AND_AUTHENTICATION=\"Users, Groups and Authentication\"\n#SECTION_VIRTUALIZATION=\"Virtualization\"\n#SECTION_WEBSERVER=\"Software: webserver\"\n#STATUS_ACTIVE=\"ACTIVE\"\n#STATUS_CHECK_NEEDED=\"CHECK NEEDED\"\n#STATUS_DEBUG=\"DEBUG\"\n#STATUS_DEFAULT=\"DEFAULT\"\n#STATUS_DIFFERENT=\"DIFFERENT\"\nSTATUS_DISABLED=\"LETILTOTT\"\nSTATUS_DONE=\"KÉSZ\"\nSTATUS_ENABLED=\"ENGEDÉLYEZETT\"\nSTATUS_ERROR=\"HIBA\"\n#STATUS_EXPOSED=\"EXPOSED\"\n#STATUS_FAILED=\"FAILED\"\n#STATUS_FILES_FOUND=\"FILES FOUND\"\nSTATUS_FOUND=\"FOUND\"\n#STATUS_HARDENED=\"HARDENED\"\n#STATUS_INSTALLED=\"INSTALLED\"\n#STATUS_LOCAL_ONLY=\"LOCAL ONLY\"\n#STATUS_MEDIUM=\"MEDIUM\"\n#STATUS_NON_DEFAULT=\"NON DEFAULT\"\nSTATUS_NO=\"NEM\"\nSTATUS_NONE=\"NONE\"\nSTATUS_NOT_ACTIVE=\"NOT ACTIVE\"\n#STATUS_NOT_CONFIGURED=\"NOT CONFIGURED\"\n#STATUS_NOT_DISABLED=\"NOT DISABLED\"\n#STATUS_NOT_ENABLED=\"NOT ENABLED\"\nSTATUS_NOT_FOUND=\"NOT FOUND\"\nSTATUS_NOT_RUNNING=\"NOT RUNNING\"\n#STATUS_NO_UPDATE=\"NO UPDATE\"\nSTATUS_OFF=\"KI\"\nSTATUS_OK=\"OK\"\nSTATUS_ON=\"BE\"\n#STATUS_PARTIALLY_HARDENED=\"PARTIALLY HARDENED\"\n#STATUS_PROTECTED=\"PROTECTED\"\nSTATUS_RUNNING=\"RUNNING\"\nSTATUS_SKIPPED=\"SKIPPED\"\nSTATUS_SUGGESTION=\"JAVASLAT\"\nSTATUS_UNKNOWN=\"UNKNOWN\"\n#STATUS_UNSAFE=\"UNSAFE\"\n#STATUS_UPDATE_AVAILABLE=\"UPDATE AVAILABLE\"\nSTATUS_WARNING=\"FIGYELMEZTETÉS\"\n#STATUS_WEAK=\"WEAK\"\nSTATUS_YES=\"IGEN\"\nTEXT_UPDATE_AVAILABLE=\"frissítés elérhető\"\nTEXT_YOU_CAN_HELP_LOGFILE=\"You can help by providing your log file\"\n#SECTION_KERBEROS=\"Kerberos\"\n" }, { "path": "db/languages/id", "content": "ERROR_NO_LICENSE=\"Tidak ada kunci lisensi yang dikonfigurasi\"\nERROR_NO_UPLOAD_SERVER=\"Tidak ada server unggahan yang dikonfigurasi\"\nGEN_CHECKING=\"Memeriksa\"\nGEN_CURRENT_VERSION=\"Versi sekarang\"\nGEN_DEBUG_MODE=\"Debug mode\"\nGEN_INITIALIZE_PROGRAM=\"Inisialisasi program\"\nGEN_LATEST_VERSION=\"Versi terbaru\"\nGEN_PHASE=\"fase\"\nGEN_PLUGINS_ENABLED=\"Plugin diaktifkan\"\nGEN_UPDATE_AVAILABLE=\"update tersedia\"\nGEN_VERBOSE_MODE=\"Verbose mode\"\nGEN_WHAT_TO_DO=\"Apa yang harus dilakukan\"\nNOTE_EXCEPTIONS_FOUND=\"Pengecualian ditemukan\"\nNOTE_EXCEPTIONS_FOUND_DETAILED=\"Beberapa peristiwa atau informasi luar biasa ditemukan\"\nNOTE_PLUGINS_TAKE_TIME=\"Note: plugin memiliki pengujian yang lebih ekstensif dan mungkin memerlukan waktu beberapa menit untuk menyelesaikannya\"\nNOTE_SKIPPED_TESTS_NON_PRIVILEGED=\"Tes yang dilewati karena mode non-istimewa\"\n#SECTION_ACCOUNTING=\"Accounting\"\n#SECTION_BANNERS_AND_IDENTIFICATION=\"Banners and identification\"\n#SECTION_BASICS=\"Basics\"\n#SECTION_BOOT_AND_SERVICES=\"Boot and services\"\n#SECTION_CONTAINERS=\"Containers\"\n#SECTION_CRYPTOGRAPHY=\"Cryptography\"\nSECTION_CUSTOM_TESTS=\"Tes kustom\"\n#SECTION_DATABASES=\"Databases\"\n#SECTION_DATA_UPLOAD=\"Data upload\"\n#SECTION_DOWNLOADS=\"Downloads\"\n#SECTION_EMAIL_AND_MESSAGING=\"Software: e-mail and messaging\"\n#SECTION_FILE_INTEGRITY=\"Software: file integrity\"\n#SECTION_FILE_PERMISSIONS=\"File Permissions\"\n#SECTION_FILE_SYSTEMS=\"File systems\"\n#SECTION_FIREWALLS=\"Software: firewalls\"\n#SECTION_GENERAL=\"General\"\n#SECTION_HARDENING=\"Hardening\"\n#SECTION_HOME_DIRECTORIES=\"Home directories\"\n#SECTION_IMAGE=\"Image\"\n#SECTION_INITIALIZING_PROGRAM=\"Initializing program\"\n#SECTION_INSECURE_SERVICES=\"Insecure services\"\n#SECTION_KERNEL_HARDENING=\"Kernel Hardening\"\n#SECTION_KERNEL=\"Kernel\"\n#SECTION_LDAP_SERVICES=\"LDAP Services\"\n#SECTION_LOGGING_AND_FILES=\"Logging and files\"\nSECTION_MALWARE=\"Software: Malware\"\nSECTION_MEMORY_AND_PROCESSES=\"Memory and Processes\"\nSECTION_NAME_SERVICES=\"Name services\"\nSECTION_NETWORKING=\"Networking\"\nSECTION_PERMISSIONS=\"Permissions\"\nSECTION_PORTS_AND_PACKAGES=\"Ports and packages\"\nSECTION_PRINTERS_AND_SPOOLS=\"Printers and Spools\"\nSECTION_PROGRAM_DETAILS=\"Program Details\"\nSECTION_SCHEDULED_TASKS=\"Scheduled tasks\"\nSECTION_SECURITY_FRAMEWORKS=\"Security frameworks\"\nSECTION_SHELLS=\"Shells\"\nSECTION_SNMP_SUPPORT=\"SNMP Support\"\nSECTION_SOFTWARE=\"Software\"\nSECTION_SQUID_SUPPORT=\"Squid Support\"\nSECTION_SSH_SUPPORT=\"SSH Support\"\nSECTION_STORAGE=\"Storage\"\nSECTION_SYSTEM_INTEGRITY=\"Software: System integrity\"\nSECTION_SYSTEM_TOOLING=\"Software: System tooling\"\nSECTION_SYSTEM_TOOLS=\"System tools\"\nSECTION_TIME_AND_SYNCHRONIZATION=\"Time and Synchronization\"\nSECTION_USB_DEVICES=\"USB Devices\"\nSECTION_USERS_GROUPS_AND_AUTHENTICATION=\"Users, Groups and Authentication\"\nSECTION_VIRTUALIZATION=\"Virtualization\"\nSECTION_WEBSERVER=\"Software: webserver\"\nSTATUS_ACTIVE=\"ACTIVE\"\nSTATUS_CHECK_NEEDED=\"CHECK NEEDED\"\nSTATUS_DEBUG=\"DEBUG\"\nSTATUS_DEFAULT=\"DEFAULT\"\nSTATUS_DIFFERENT=\"DIFFERENT\"\nSTATUS_DISABLED=\"DISABLED\"\nSTATUS_DONE=\"DONE\"\nSTATUS_ENABLED=\"ENABLED\"\nSTATUS_ERROR=\"ERROR\"\nSTATUS_EXPOSED=\"EXPOSED\"\nSTATUS_FAILED=\"FAILED\"\nSTATUS_FILES_FOUND=\"FILES FOUND\"\nSTATUS_FOUND=\"FOUND\"\nSTATUS_HARDENED=\"HARDENED\"\nSTATUS_INSTALLED=\"INSTALLED\"\nSTATUS_LOCAL_ONLY=\"LOCAL ONLY\"\nSTATUS_MEDIUM=\"MEDIUM\"\nSTATUS_NO=\"NO\"\nSTATUS_NO_UPDATE=\"NO UPDATE\"\nSTATUS_NON_DEFAULT=\"NON DEFAULT\"\nSTATUS_NONE=\"NONE\"\nSTATUS_NOT_CONFIGURED=\"NOT CONFIGURED\"\nSTATUS_NOT_DISABLED=\"NOT DISABLED\"\nSTATUS_NOT_ENABLED=\"NOT ENABLED\"\nSTATUS_NOT_FOUND=\"NOT FOUND\"\nSTATUS_NOT_RUNNING=\"NOT RUNNING\"\nSTATUS_OFF=\"OFF\"\nSTATUS_OK=\"OK\"\nSTATUS_ON=\"ON\"\nSTATUS_PARTIALLY_HARDENED=\"PARTIALLY HARDENED\"\nSTATUS_PROTECTED=\"PROTECTED\"\nSTATUS_RUNNING=\"RUNNING\"\nSTATUS_SKIPPED=\"SKIPPED\"\nSTATUS_SUGGESTION=\"SUGGESTION\"\nSTATUS_UNKNOWN=\"UNKNOWN\"\nSTATUS_UNSAFE=\"UNSAFE\"\nSTATUS_UPDATE_AVAILABLE=\"UPDATE TERSEDIA\"\nSTATUS_WARNING=\"WARNING\"\nSTATUS_WEAK=\"WEAK\"\nSTATUS_YES=\"YES\"\nTEXT_UPDATE_AVAILABLE=\"update tersedia\"\nTEXT_YOU_CAN_HELP_LOGFILE=\"Anda dapat membantu dengan memberikan file log Anda\"\n#SECTION_KERBEROS=\"Kerberos\"\n#STATUS_NOT_ACTIVE=\"NOT ACTIVE\"\n" }, { "path": "db/languages/it", "content": "ERROR_NO_LICENSE=\"Nessuna chiave di licenza configurata\"\nERROR_NO_UPLOAD_SERVER=\"Nessun server di upload configurato\"\nGEN_CHECKING=\"Controllo\"\nGEN_CURRENT_VERSION=\"Versione corrente\"\nGEN_DEBUG_MODE=\"Modalità Debug\"\nGEN_INITIALIZE_PROGRAM=\"Inizializzando il programma\"\nGEN_LATEST_VERSION=\"Versione ultima\"\nGEN_PHASE=\"fase\"\nGEN_PLUGINS_ENABLED=\"Plugin abilitati\"\nGEN_UPDATE_AVAILABLE=\"aggiornamento disponibile\"\nGEN_VERBOSE_MODE=\"Modalità Verbose\"\nGEN_WHAT_TO_DO=\"Cosa fare\"\nNOTE_EXCEPTIONS_FOUND_DETAILED=\"Sono stati rilevati alcuni eventi o informazioni eccezionali\"\nNOTE_EXCEPTIONS_FOUND=\"Trovate Eccezioni\"\nNOTE_PLUGINS_TAKE_TIME=\"Nota: i plugin sono sottoposti a test più estesi e possono richiedere alcuni minuti per il completamento\"\nNOTE_SKIPPED_TESTS_NON_PRIVILEGED=\"Test saltati a causa della modalità di esecuzione non privilegiata\"\nSECTION_ACCOUNTING=\"Accounting\"\nSECTION_BANNERS_AND_IDENTIFICATION=\"Banners e identificazione\"\nSECTION_BASICS=\"Basi\"\nSECTION_BOOT_AND_SERVICES=\"Avvio e servizi\"\nSECTION_CONTAINERS=\"Container\"\nSECTION_CRYPTOGRAPHY=\"Crittografia\"\nSECTION_CUSTOM_TESTS=\"Test su misura (Custom)\"\nSECTION_DATABASES=\"Database\"\nSECTION_DATA_UPLOAD=\"Caricamenti dati\"\nSECTION_DOWNLOADS=\"Scaricamenti\"\nSECTION_EMAIL_AND_MESSAGING=\"Software: e-mail e messaggistica\"\nSECTION_FILE_INTEGRITY=\"Software: integrità file\"\nSECTION_FILE_PERMISSIONS=\"Permessi file\"\nSECTION_FILE_SYSTEMS=\"File system\"\nSECTION_FIREWALLS=\"Software: firewall\"\nSECTION_GENERAL=\"Generale\"\nSECTION_HARDENING=\"Hardening\"\nSECTION_HOME_DIRECTORIES=\"Cartelle home\"\nSECTION_IMAGE=\"Immagine\"\nSECTION_INITIALIZING_PROGRAM=\"Inizializzando il programma\"\nSECTION_INSECURE_SERVICES=\"Service insicuri\"\nSECTION_KERNEL_HARDENING=\"Hardening del kernel\"\nSECTION_KERNEL=\"Kernel\"\nSECTION_LDAP_SERVICES=\"Servizi LDAP\"\nSECTION_LOGGING_AND_FILES=\"Logging e file\"\nSECTION_MALWARE=\"Malware\"\nSECTION_MEMORY_AND_PROCESSES=\"Memoria e Processi\"\nSECTION_NAME_SERVICES=\"Name services\"\nSECTION_NETWORKING=\"Rete\"\nSECTION_PERMISSIONS=\"Permessi\"\nSECTION_PORTS_AND_PACKAGES=\"Ports e pacchetti\"\nSECTION_PRINTERS_AND_SPOOLS=\"Stampanti e code di stampa\"\nSECTION_PROGRAM_DETAILS=\"Dettagli programma\"\nSECTION_SCHEDULED_TASKS=\"Azioni programmate\"\nSECTION_SECURITY_FRAMEWORKS=\"Framework di sicurezza\"\nSECTION_SHELLS=\"Shells\"\nSECTION_SNMP_SUPPORT=\"Supporto per SNMP\"\nSECTION_SOFTWARE=\"Software\"\nSECTION_SQUID_SUPPORT=\"Supporto per Squid\"\nSECTION_SSH_SUPPORT=\"Supporto per SSH\"\nSECTION_STORAGE=\"Spazio di archiviazione\"\nSECTION_SYSTEM_INTEGRITY=\"Software: integrità del sistema\"\n#SECTION_SYSTEM_TOOLING=\"Software: System tooling\"\nSECTION_SYSTEM_TOOLS=\"Strumenti di sistema\"\nSECTION_TIME_AND_SYNCHRONIZATION=\"Tempo and Sincronizzazione\"\nSECTION_USB_DEVICES=\"Periferiche USB\"\nSECTION_USERS_GROUPS_AND_AUTHENTICATION=\"Utenti, Gruppi e Authenticazione\"\nSECTION_VIRTUALIZATION=\"Virtualizzazione\"\nSECTION_WEBSERVER=\"Software: webserver\"\nSTATUS_ACTIVE=\"ATTIVO\"\nSTATUS_CHECK_NEEDED=\"CONTROLLO RICHIESTO\"\nSTATUS_DEBUG=\"DEBUG\"\nSTATUS_DEFAULT=\"DEFAULT\"\nSTATUS_DIFFERENT=\"DIFFERENTE\"\nSTATUS_DISABLED=\"DISABILITATO\"\nSTATUS_DONE=\"FATTO\"\nSTATUS_ENABLED=\"ABILITATO\"\nSTATUS_ERROR=\"ERRORE\"\nSTATUS_EXPOSED=\"ESPOSTO\"\nSTATUS_FAILED=\"FALLITO\"\nSTATUS_FILES_FOUND=\"FILE TROVATI\"\nSTATUS_FOUND=\"TROVATO\"\nSTATUS_HARDENED=\"HARDENED\"\nSTATUS_INSTALLED=\"INSTALLATO\"\nSTATUS_LOCAL_ONLY=\"SOLO LOCALE\"\nSTATUS_MEDIUM=\"MEDIO\"\nSTATUS_NON_DEFAULT=\"NON DEFAULT\"\nSTATUS_NONE=\"NESSUNO\"\nSTATUS_NO=\"NO\"\nSTATUS_NOT_ACTIVE=\"NON ATTIVO\"\nSTATUS_NOT_CONFIGURED=\"NON CONFIGURATO\"\nSTATUS_NOT_DISABLED=\"NON DISABILITATO\"\nSTATUS_NOT_ENABLED=\"NON ABILITATO\"\nSTATUS_NOT_FOUND=\"NON TROVATO\"\nSTATUS_NOT_RUNNING=\"NON IN ESECUZIONE\"\nSTATUS_NO_UPDATE=\"NESSUN AGGIORNAMENTO\"\nSTATUS_OFF=\"OFF\"\nSTATUS_OK=\"OK\"\nSTATUS_ON=\"ON\"\nSTATUS_PARTIALLY_HARDENED=\"PARZIALMENTE HARDENED\"\nSTATUS_PROTECTED=\"PROTETTO\"\nSTATUS_RUNNING=\"IN ESECUZIONE\"\nSTATUS_SKIPPED=\"SALTATO\"\nSTATUS_SUGGESTION=\"SUGGERIMENTO\"\nSTATUS_UNKNOWN=\"SCONOSCIUTO\"\nSTATUS_UNSAFE=\"NON SICURO\"\nSTATUS_UPDATE_AVAILABLE=\"AGGIORNAMENTO DISPONIBILE\"\nSTATUS_WARNING=\"ATTENZIONE\"\nSTATUS_WEAK=\"DEBOLE\"\nSTATUS_YES=\"SI\"\nTEXT_UPDATE_AVAILABLE=\"aggiornamento disponibile\"\nTEXT_YOU_CAN_HELP_LOGFILE=\"Puoi aiutare fornendoci il tuo file di log\"\nSECTION_KERBEROS=\"Kerberos\"\n" }, { "path": "db/languages/ja", "content": "ERROR_NO_LICENSE=\"ライセンスキーが設定されていません\"\nERROR_NO_UPLOAD_SERVER=\"アップロード先のサーバーが設定されていません\"\nGEN_CHECKING=\"チェック中\"\nGEN_CURRENT_VERSION=\"現在のバージョン\"\nGEN_DEBUG_MODE=\"デバッグモード\"\nGEN_INITIALIZE_PROGRAM=\"プログラムを初期化しています\"\nGEN_LATEST_VERSION=\"最新のバージョン\"\nGEN_PHASE=\"フェーズ\"\nGEN_PLUGINS_ENABLED=\"プラグインが有効\"\nGEN_UPDATE_AVAILABLE=\"アップデートが利用可能\"\nGEN_VERBOSE_MODE=\"詳細モード\"\nGEN_WHAT_TO_DO=\"What to do\"\nNOTE_EXCEPTIONS_FOUND=\"例外が見つかりました\"\nNOTE_EXCEPTIONS_FOUND_DETAILED=\"例外的なイベントや情報が見つかりました\"\nNOTE_PLUGINS_TAKE_TIME=\"注意: プラグインにはより広範なテストがあり、完了までに数分かかる場合があります\"\nNOTE_SKIPPED_TESTS_NON_PRIVILEGED=\"非特権モードのためテストをスキップしました\"\nSECTION_ACCOUNTING=\"監査\"\nSECTION_BANNERS_AND_IDENTIFICATION=\"バナー\"\nSECTION_BASICS=\"基本\"\nSECTION_BOOT_AND_SERVICES=\"起動とサービス\"\nSECTION_CONTAINERS=\"コンテナー\"\nSECTION_CRYPTOGRAPHY=\"暗号\"\nSECTION_CUSTOM_TESTS=\"カスタムテスト\"\nSECTION_DATABASES=\"データベース\"\nSECTION_DATA_UPLOAD=\"データアップロード\"\n#SECTION_DOWNLOADS=\"Downloads\"\nSECTION_EMAIL_AND_MESSAGING=\"ソフトウェア: メールとメッセージ\"\nSECTION_FILE_INTEGRITY=\"ソフトウェア: ファイル改ざん防止\"\nSECTION_FILE_PERMISSIONS=\"ファイルの権限\"\nSECTION_FILE_SYSTEMS=\"ファイルシステム\"\nSECTION_FIREWALLS=\"ソフトウェア: ファイアウォール\"\nSECTION_GENERAL=\"一般\"\nSECTION_HARDENING=\"堅牢化\"\nSECTION_HOME_DIRECTORIES=\"ホームディレクトリ\"\n#SECTION_IMAGE=\"Image\"\nSECTION_INITIALIZING_PROGRAM=\"プログラムの初期化\"\nSECTION_INSECURE_SERVICES=\"危険なサービス\"\nSECTION_KERBEROS=\"ケルベロス認証\"\nSECTION_KERNEL=\"カーネル\"\nSECTION_KERNEL_HARDENING=\"カーネルの堅牢化\"\nSECTION_LDAP_SERVICES=\"LDAPサービス\"\nSECTION_LOGGING_AND_FILES=\"ログと削除されたファイル\"\nSECTION_MALWARE=\"マルウェア\"\nSECTION_MEMORY_AND_PROCESSES=\"メモリーとプロセス\"\nSECTION_NAME_SERVICES=\"DNS\"\nSECTION_NETWORKING=\"ネットワーク\"\nSECTION_PERMISSIONS=\"権限\"\nSECTION_PORTS_AND_PACKAGES=\"ポートとパッケージ\"\nSECTION_PRINTERS_AND_SPOOLS=\"プリンターとスプール\"\nSECTION_PROGRAM_DETAILS=\"引数\"\nSECTION_SCHEDULED_TASKS=\"定期実行\"\nSECTION_SECURITY_FRAMEWORKS=\"セキュリティーフレームワーク\"\nSECTION_SHELLS=\"シェル\"\nSECTION_SNMP_SUPPORT=\"SNMPサポート\"\nSECTION_SOFTWARE=\"ソフトウェア\"\nSECTION_SQUID_SUPPORT=\"Squidサポート\"\nSECTION_SSH_SUPPORT=\"SSHサポート\"\nSECTION_STORAGE=\"ストレージ\"\nSECTION_SYSTEM_INTEGRITY=\"ソフトウェア: システム改ざん防止\"\nSECTION_SYSTEM_TOOLING=\"ソフトウェア: システム管理\"\nSECTION_SYSTEM_TOOLS=\"システムツール\"\nSECTION_TIME_AND_SYNCHRONIZATION=\"時刻同期\"\nSECTION_USB_DEVICES=\"USBデバイス\"\nSECTION_USERS_GROUPS_AND_AUTHENTICATION=\"ユーザー、グループ、認証\"\nSECTION_VIRTUALIZATION=\"仮想化\"\nSECTION_WEBSERVER=\"ソフトウェア: ウェブサーバー\"\nSTATUS_ACTIVE=\"有効\"\nSTATUS_CHECK_NEEDED=\"確認が必要です\"\nSTATUS_DEBUG=\"デバッグ\"\nSTATUS_DEFAULT=\"デフォルト\"\nSTATUS_DIFFERENT=\"不一致\"\nSTATUS_DISABLED=\"無効になっています\"\nSTATUS_DONE=\"完了\"\nSTATUS_ENABLED=\"有効になっています\"\nSTATUS_ERROR=\"エラー\"\n#STATUS_EXPOSED=\"EXPOSED\"\nSTATUS_FAILED=\"失敗しました\"\nSTATUS_FILES_FOUND=\"ファイルが見つかりました\"\nSTATUS_FOUND=\"見つかりました\"\nSTATUS_HARDENED=\"堅牢化されています\"\nSTATUS_INSTALLED=\"インストールされています\"\n#STATUS_LOCAL_ONLY=\"LOCAL ONLY\"\n#STATUS_MEDIUM=\"MEDIUM\"\nSTATUS_NO=\"いいえ\"\nSTATUS_NONE=\"なし\"\nSTATUS_NON_DEFAULT=\"デフォルトではありません\"\nSTATUS_NOT_ACTIVE=\"機能していません\"\nSTATUS_NOT_CONFIGURED=\"構成されていません\"\nSTATUS_NOT_DISABLED=\"無効になっていません\"\nSTATUS_NOT_ENABLED=\"有効になっていません\"\nSTATUS_NOT_FOUND=\"見つかりません\"\nSTATUS_NOT_RUNNING=\"起動していません\"\nSTATUS_NO_UPDATE=\"アップデートなし\"\nSTATUS_OFF=\"オフ\"\nSTATUS_OK=\"OK\"\nSTATUS_ON=\"オン\"\nSTATUS_PARTIALLY_HARDENED=\"部分的に堅牢化されています\"\n#STATUS_PROTECTED=\"PROTECTED\"\nSTATUS_RUNNING=\"動作中\"\nSTATUS_SKIPPED=\"スキップ\"\nSTATUS_SUGGESTION=\"提案あり\"\nSTATUS_UNKNOWN=\"不明\"\n#STATUS_UNSAFE=\"UNSAFE\"\nSTATUS_UPDATE_AVAILABLE=\"アップデート利用可能\"\nSTATUS_WARNING=\"警告\"\nSTATUS_WEAK=\"脆弱\"\nSTATUS_YES=\"はい\"\nTEXT_UPDATE_AVAILABLE=\"アップデート利用可能\"\nTEXT_YOU_CAN_HELP_LOGFILE=\"ログファイルを共有して改善にご協力ください!\"" }, { "path": "db/languages/ko", "content": "ERROR_NO_LICENSE=\"라이선스 키가 없습니다\"\nERROR_NO_UPLOAD_SERVER=\"업로드 서버가 설정되지 않았습니다\"\nGEN_CHECKING=\"확인중입니다\"\nGEN_CURRENT_VERSION=\"현재 버전\"\nGEN_DEBUG_MODE=\"디버그 모드\"\nGEN_INITIALIZE_PROGRAM=\"프로그램을 초기화합니다\"\nGEN_LATEST_VERSION=\"최신 버전\"\nGEN_PHASE=\"phase\"\nGEN_PLUGINS_ENABLED=\"플러그인이 활성화되었습니다\"\nGEN_UPDATE_AVAILABLE=\"업데이트 가능\"\nGEN_VERBOSE_MODE=\"상세 모드\"\nGEN_WHAT_TO_DO=\"할 일\"\nNOTE_EXCEPTIONS_FOUND=\"예외 발견\"\nNOTE_EXCEPTIONS_FOUND_DETAILED=\"몇 가지 예외 이벤트나 정보가 발견되었습니다\"\nNOTE_PLUGINS_TAKE_TIME=\"참고: 플러그인은 광범위한 테스트를 거치며 완료될 때까지 몇 분의 시간이 소요됩니다\"\nNOTE_SKIPPED_TESTS_NON_PRIVILEGED=\"비특권 모드로 인해 테스트를 생략했습니다\"\n#SECTION_ACCOUNTING=\"Accounting\"\n#SECTION_BANNERS_AND_IDENTIFICATION=\"Banners and identification\"\n#SECTION_BASICS=\"Basics\"\n#SECTION_BOOT_AND_SERVICES=\"Boot and services\"\n#SECTION_CONTAINERS=\"Containers\"\n#SECTION_CRYPTOGRAPHY=\"Cryptography\"\nSECTION_CUSTOM_TESTS=\"사용자정의 테스트\"\n#SECTION_DATABASES=\"Databases\"\n#SECTION_DATA_UPLOAD=\"Data upload\"\n#SECTION_DOWNLOADS=\"Downloads\"\n#SECTION_EMAIL_AND_MESSAGING=\"Software: e-mail and messaging\"\n#SECTION_FILE_INTEGRITY=\"Software: file integrity\"\n#SECTION_FILE_PERMISSIONS=\"File Permissions\"\n#SECTION_FILE_SYSTEMS=\"File systems\"\n#SECTION_FIREWALLS=\"Software: firewalls\"\n#SECTION_GENERAL=\"General\"\n#SECTION_HARDENING=\"Hardening\"\n#SECTION_HOME_DIRECTORIES=\"Home directories\"\n#SECTION_IMAGE=\"Image\"\n#SECTION_INITIALIZING_PROGRAM=\"Initializing program\"\n#SECTION_INSECURE_SERVICES=\"Insecure services\"\n#SECTION_KERNEL_HARDENING=\"Kernel Hardening\"\n#SECTION_KERNEL=\"Kernel\"\n#SECTION_LDAP_SERVICES=\"LDAP Services\"\n#SECTION_LOGGING_AND_FILES=\"Logging and files\"\nSECTION_MALWARE=\"악성코드\"\nSECTION_MEMORY_AND_PROCESSES=\"메모리와 프로세스\"\n#SECTION_NAME_SERVICES=\"Name services\"\n#SECTION_NETWORKING=\"Networking\"\n#SECTION_PERMISSIONS=\"Permissions\"\n#SECTION_PORTS_AND_PACKAGES=\"Ports and packages\"\n#SECTION_PRINTERS_AND_SPOOLS=\"Printers and Spools\"\n#SECTION_PROGRAM_DETAILS=\"Program Details\"\n#SECTION_SCHEDULED_TASKS=\"Scheduled tasks\"\n#SECTION_SECURITY_FRAMEWORKS=\"Security frameworks\"\n#SECTION_SHELLS=\"Shells\"\n#SECTION_SNMP_SUPPORT=\"SNMP Support\"\n#SECTION_SOFTWARE=\"Software\"\n#SECTION_SQUID_SUPPORT=\"Squid Support\"\n#SECTION_SSH_SUPPORT=\"SSH Support\"\n#SECTION_STORAGE=\"Storage\"\n#SECTION_SYSTEM_INTEGRITY=\"Software: System integrity\"\n#SECTION_SYSTEM_TOOLING=\"Software: System tooling\"\n#SECTION_SYSTEM_TOOLS=\"System tools\"\n#SECTION_TIME_AND_SYNCHRONIZATION=\"Time and Synchronization\"\n#SECTION_USB_DEVICES=\"USB Devices\"\n#SECTION_USERS_GROUPS_AND_AUTHENTICATION=\"Users, Groups and Authentication\"\n#SECTION_VIRTUALIZATION=\"Virtualization\"\n#SECTION_WEBSERVER=\"Software: webserver\"\n#STATUS_ACTIVE=\"ACTIVE\"\n#STATUS_CHECK_NEEDED=\"CHECK NEEDED\"\n#STATUS_DEBUG=\"DEBUG\"\n#STATUS_DEFAULT=\"DEFAULT\"\n#STATUS_DIFFERENT=\"DIFFERENT\"\nSTATUS_DISABLED=\"비활성화됨\"\nSTATUS_DONE=\"완료\"\nSTATUS_ENABLED=\"활성화됨\"\nSTATUS_ERROR=\"에러\"\n#STATUS_EXPOSED=\"EXPOSED\"\n#STATUS_FAILED=\"FAILED\"\n#STATUS_FILES_FOUND=\"FILES FOUND\"\nSTATUS_FOUND=\"발견\"\n#STATUS_HARDENED=\"HARDENED\"\n#STATUS_INSTALLED=\"INSTALLED\"\n#STATUS_LOCAL_ONLY=\"LOCAL ONLY\"\n#STATUS_MEDIUM=\"MEDIUM\"\nSTATUS_NO=\"아니오\"\n#STATUS_NON_DEFAULT=\"NON DEFAULT\"\nSTATUS_NONE=\"없음\"\nSTATUS_NOT_ACTIVE=\"NOT ACTIVE\"\n#STATUS_NOT_CONFIGURED=\"NOT CONFIGURED\"\n#STATUS_NOT_DISABLED=\"NOT DISABLED\"\n#STATUS_NOT_ENABLED=\"NOT ENABLED\"\nSTATUS_NOT_FOUND=\"발견되지않음\"\nSTATUS_NOT_RUNNING=\"동작하지않음\"\n#STATUS_NO_UPDATE=\"NO UPDATE\"\nSTATUS_OFF=\"끔\"\nSTATUS_OK=\"OK\"\nSTATUS_ON=\"켬\"\n#STATUS_PARTIALLY_HARDENED=\"PARTIALLY HARDENED\"\n#STATUS_PROTECTED=\"PROTECTED\"\nSTATUS_RUNNING=\"동작중\"\nSTATUS_SKIPPED=\"생략\"\nSTATUS_SUGGESTION=\"추천\"\nSTATUS_UNKNOWN=\"알수없음\"\n#STATUS_UNSAFE=\"UNSAFE\"\n#STATUS_UPDATE_AVAILABLE=\"UPDATE AVAILABLE\"\nSTATUS_WARNING=\"경고\"\nSTATUS_WEAK=\"취약\"\nSTATUS_YES=\"예\"\nTEXT_UPDATE_AVAILABLE=\"업데이트 가능\"\nTEXT_YOU_CAN_HELP_LOGFILE=\"로그 파일을 제공하면 도움을 받을 수 있습니다\"\n#SECTION_KERBEROS=\"Kerberos\"\n" }, { "path": "db/languages/nb-NO", "content": "ERROR_NO_LICENSE=\"Ingen lisensnøkkel konfigurert\"\nERROR_NO_UPLOAD_SERVER=\"Ingen server for opplasting konfigurert\"\nGEN_CHECKING=\"Sjekker\"\nGEN_CURRENT_VERSION=\"Gjeldende versjon\"\nGEN_DEBUG_MODE=\"Feilsøkingsmodus\"\nGEN_INITIALIZE_PROGRAM=\"Initialiserer program\"\nGEN_LATEST_VERSION=\"Seneste version\"\nGEN_PHASE=\"fase\"\nGEN_PLUGINS_ENABLED=\"Utvidelse(r) aktivert\"\nGEN_UPDATE_AVAILABLE=\"oppdatering tilgjengelig\"\nGEN_VERBOSE_MODE=\"Utfyllende modus\"\nGEN_WHAT_TO_DO=\"Hva kan gjøres\"\nNOTE_EXCEPTIONS_FOUND=\"Avvik funnet\"\nNOTE_EXCEPTIONS_FOUND_DETAILED=\"Avvikshendelser eller -informasjon er funnet\"\nNOTE_PLUGINS_TAKE_TIME=\"OBS: utvidelser har omfattende tester og kan ta flere minutter å gjennomføre\"\nNOTE_SKIPPED_TESTS_NON_PRIVILEGED=\"Tester utelatt pga manglende rettigheter\"\n#SECTION_ACCOUNTING=\"Accounting\"\n#SECTION_BANNERS_AND_IDENTIFICATION=\"Banners and identification\"\n#SECTION_BASICS=\"Basics\"\n#SECTION_BOOT_AND_SERVICES=\"Boot and services\"\n#SECTION_CONTAINERS=\"Containers\"\n#SECTION_CRYPTOGRAPHY=\"Cryptography\"\nSECTION_CUSTOM_TESTS=\"Tilpassede tester\"\n#SECTION_DATABASES=\"Databases\"\n#SECTION_DATA_UPLOAD=\"Data upload\"\n#SECTION_DOWNLOADS=\"Downloads\"\n#SECTION_EMAIL_AND_MESSAGING=\"Software: e-mail and messaging\"\n#SECTION_FILE_INTEGRITY=\"Software: file integrity\"\n#SECTION_FILE_PERMISSIONS=\"File Permissions\"\n#SECTION_FILE_SYSTEMS=\"File systems\"\n#SECTION_FIREWALLS=\"Software: firewalls\"\n#SECTION_GENERAL=\"General\"\n#SECTION_HARDENING=\"Hardening\"\n#SECTION_HOME_DIRECTORIES=\"Home directories\"\n#SECTION_IMAGE=\"Image\"\n#SECTION_INITIALIZING_PROGRAM=\"Initializing program\"\n#SECTION_INSECURE_SERVICES=\"Insecure services\"\n#SECTION_KERNEL_HARDENING=\"Kernel Hardening\"\n#SECTION_KERNEL=\"Kernel\"\n#SECTION_LDAP_SERVICES=\"LDAP Services\"\n#SECTION_LOGGING_AND_FILES=\"Logging and files\"\nSECTION_MALWARE=\"Skadevare\"\nSECTION_MEMORY_AND_PROCESSES=\"Minne og prosesser\"\n#SECTION_NAME_SERVICES=\"Name services\"\n#SECTION_NETWORKING=\"Networking\"\n#SECTION_PERMISSIONS=\"Permissions\"\n#SECTION_PORTS_AND_PACKAGES=\"Ports and packages\"\n#SECTION_PRINTERS_AND_SPOOLS=\"Printers and Spools\"\n#SECTION_PROGRAM_DETAILS=\"Program Details\"\n#SECTION_SCHEDULED_TASKS=\"Scheduled tasks\"\n#SECTION_SECURITY_FRAMEWORKS=\"Security frameworks\"\n#SECTION_SHELLS=\"Shells\"\n#SECTION_SNMP_SUPPORT=\"SNMP Support\"\n#SECTION_SOFTWARE=\"Software\"\n#SECTION_SQUID_SUPPORT=\"Squid Support\"\n#SECTION_SSH_SUPPORT=\"SSH Support\"\n#SECTION_STORAGE=\"Storage\"\n#SECTION_SYSTEM_INTEGRITY=\"Software: System integrity\"\n#SECTION_SYSTEM_TOOLING=\"Software: System tooling\"\n#SECTION_SYSTEM_TOOLS=\"System tools\"\n#SECTION_TIME_AND_SYNCHRONIZATION=\"Time and Synchronization\"\n#SECTION_USB_DEVICES=\"USB Devices\"\n#SECTION_USERS_GROUPS_AND_AUTHENTICATION=\"Users, Groups and Authentication\"\n#SECTION_VIRTUALIZATION=\"Virtualization\"\n#SECTION_WEBSERVER=\"Software: webserver\"\n#STATUS_ACTIVE=\"ACTIVE\"\n#STATUS_CHECK_NEEDED=\"CHECK NEEDED\"\n#STATUS_DEBUG=\"DEBUG\"\n#STATUS_DEFAULT=\"DEFAULT\"\n#STATUS_DIFFERENT=\"DIFFERENT\"\nSTATUS_DISABLED=\"DEAKTIVERT\"\nSTATUS_DONE=\"FERDIG\"\nSTATUS_ENABLED=\"AKTIVERT\"\nSTATUS_ERROR=\"FEIL\"\n#STATUS_EXPOSED=\"EXPOSED\"\n#STATUS_FAILED=\"FAILED\"\n#STATUS_FILES_FOUND=\"FILES FOUND\"\nSTATUS_FOUND=\"FUNNET\"\n#STATUS_HARDENED=\"HARDENED\"\n#STATUS_INSTALLED=\"INSTALLED\"\n#STATUS_LOCAL_ONLY=\"LOCAL ONLY\"\n#STATUS_MEDIUM=\"MEDIUM\"\n#STATUS_NON_DEFAULT=\"NON DEFAULT\"\nSTATUS_NO=\"NEI\"\nSTATUS_NONE=\"INGEN\"\nSTATUS_NOT_ACTIVE=\"NOT ACTIVE\"\n#STATUS_NOT_CONFIGURED=\"NOT CONFIGURED\"\n#STATUS_NOT_DISABLED=\"NOT DISABLED\"\n#STATUS_NOT_ENABLED=\"NOT ENABLED\"\nSTATUS_NOT_FOUND=\"IKKE FUNNET\"\nSTATUS_NOT_RUNNING=\"KJØRER IKKE\"\n#STATUS_NO_UPDATE=\"NO UPDATE\"\nSTATUS_OFF=\"AV\"\nSTATUS_OK=\"OK\"\nSTATUS_ON=\"PÅ\"\n#STATUS_PARTIALLY_HARDENED=\"PARTIALLY HARDENED\"\n#STATUS_PROTECTED=\"PROTECTED\"\nSTATUS_RUNNING=\"KJØRER\"\nSTATUS_SKIPPED=\"UTELATT\"\nSTATUS_SUGGESTION=\"FORSLAG\"\nSTATUS_UNKNOWN=\"UKJENT\"\n#STATUS_UNSAFE=\"UNSAFE\"\n#STATUS_UPDATE_AVAILABLE=\"UPDATE AVAILABLE\"\nSTATUS_WARNING=\"ADVARSEL\"\n#STATUS_WEAK=\"WEAK\"\nSTATUS_YES=\"JA\"\nTEXT_UPDATE_AVAILABLE=\"oppdatering tilgjengelig\"\nTEXT_YOU_CAN_HELP_LOGFILE=\"Du kan bidra ved å laste opp din loggfil\"\n#SECTION_KERBEROS=\"Kerberos\"\n" }, { "path": "db/languages/nl", "content": "ERROR_NO_LICENSE=\"Geen licentiecode geconfigureerd\"\nERROR_NO_UPLOAD_SERVER=\"Geen upload server geconfigureerd\"\nGEN_CHECKING=\"Zoeken naar\"\nGEN_CURRENT_VERSION=\"Huidige versie\"\nGEN_DEBUG_MODE=\"Debug modus\"\nGEN_INITIALIZE_PROGRAM=\"Programma initialiseren\"\nGEN_LATEST_VERSION=\"Laatste versie\"\nGEN_PHASE=\"fase\"\nGEN_PLUGINS_ENABLED=\"Plugins geactiveerd\"\nGEN_UPDATE_AVAILABLE=\"Update beschikbaar\"\nGEN_VERBOSE_MODE=\"Verbose modus\"\nGEN_WHAT_TO_DO=\"Wat te doen\"\nNOTE_EXCEPTIONS_FOUND=\"Bijzonderheden gevonden\"\nNOTE_EXCEPTIONS_FOUND_DETAILED=\"Enkele bijzondere gebeurtenissen of informatie gevonden\"\nNOTE_PLUGINS_TAKE_TIME=\"Let op: plugins hebben uitgebreidere testen en kunnen daardoor enkele minuten duren\"\nNOTE_SKIPPED_TESTS_NON_PRIVILEGED=\"Overgeslagen testen vanwege beperkte rechten\"\n#SECTION_ACCOUNTING=\"Accounting\"\n#SECTION_BANNERS_AND_IDENTIFICATION=\"Banners and identification\"\n#SECTION_BASICS=\"Basics\"\n#SECTION_BOOT_AND_SERVICES=\"Boot and services\"\n#SECTION_CONTAINERS=\"Containers\"\n#SECTION_CRYPTOGRAPHY=\"Cryptography\"\nSECTION_CUSTOM_TESTS=\"Eigen testen\"\n#SECTION_DATABASES=\"Databases\"\nSECTION_DATA_UPLOAD=\"Data upload\"\n#SECTION_DOWNLOADS=\"Downloads\"\n#SECTION_EMAIL_AND_MESSAGING=\"Software: e-mail and messaging\"\n#SECTION_FILE_INTEGRITY=\"Software: file integrity\"\n#SECTION_FILE_PERMISSIONS=\"File Permissions\"\n#SECTION_FILE_SYSTEMS=\"File systems\"\n#SECTION_FIREWALLS=\"Software: firewalls\"\n#SECTION_GENERAL=\"General\"\n#SECTION_HARDENING=\"Hardening\"\n#SECTION_HOME_DIRECTORIES=\"Home directories\"\n#SECTION_IMAGE=\"Image\"\nSECTION_INITIALIZING_PROGRAM=\"Programma initialiseren\"\n#SECTION_INSECURE_SERVICES=\"Insecure services\"\n#SECTION_KERNEL_HARDENING=\"Kernel Hardening\"\n#SECTION_KERNEL=\"Kernel\"\n#SECTION_LDAP_SERVICES=\"LDAP Services\"\n#SECTION_LOGGING_AND_FILES=\"Logging and files\"\nSECTION_MALWARE=\"Kwaadaardige software (malware)\"\nSECTION_MEMORY_AND_PROCESSES=\"Geheugen en Processen\"\n#SECTION_NAME_SERVICES=\"Name services\"\n#SECTION_NETWORKING=\"Networking\"\n#SECTION_PERMISSIONS=\"Permissions\"\n#SECTION_PORTS_AND_PACKAGES=\"Ports and packages\"\n#SECTION_PRINTERS_AND_SPOOLS=\"Printers and Spools\"\n#SECTION_PROGRAM_DETAILS=\"Program Details\"\n#SECTION_SCHEDULED_TASKS=\"Scheduled tasks\"\n#SECTION_SECURITY_FRAMEWORKS=\"Security frameworks\"\n#SECTION_SHELLS=\"Shells\"\n#SECTION_SNMP_SUPPORT=\"SNMP Support\"\n#SECTION_SOFTWARE=\"Software\"\n#SECTION_SQUID_SUPPORT=\"Squid Support\"\n#SECTION_SSH_SUPPORT=\"SSH Support\"\n#SECTION_STORAGE=\"Storage\"\n#SECTION_SYSTEM_INTEGRITY=\"Software: System integrity\"\n#SECTION_SYSTEM_TOOLING=\"Software: System tooling\"\nSECTION_SYSTEM_TOOLS=\"Systeem gereedschap\"\n#SECTION_TIME_AND_SYNCHRONIZATION=\"Time and Synchronization\"\n#SECTION_USB_DEVICES=\"USB Devices\"\n#SECTION_USERS_GROUPS_AND_AUTHENTICATION=\"Users, Groups and Authentication\"\n#SECTION_VIRTUALIZATION=\"Virtualization\"\n#SECTION_WEBSERVER=\"Software: webserver\"\n#STATUS_ACTIVE=\"ACTIVE\"\n#STATUS_CHECK_NEEDED=\"CHECK NEEDED\"\n#STATUS_DEBUG=\"DEBUG\"\n#STATUS_DEFAULT=\"DEFAULT\"\n#STATUS_DIFFERENT=\"DIFFERENT\"\nSTATUS_DISABLED=\"UITGESCHAKELD\"\nSTATUS_DONE=\"KLAAR\"\nSTATUS_ENABLED=\"INGESCHAKELD\"\nSTATUS_ERROR=\"FOUT\"\n#STATUS_EXPOSED=\"EXPOSED\"\nSTATUS_FAILED=\"MISLUKT\"\n#STATUS_FILES_FOUND=\"FILES FOUND\"\nSTATUS_FOUND=\"GEVONDEN\"\n#STATUS_HARDENED=\"HARDENED\"\n#STATUS_INSTALLED=\"INSTALLED\"\n#STATUS_LOCAL_ONLY=\"LOCAL ONLY\"\n#STATUS_MEDIUM=\"MEDIUM\"\n#STATUS_NON_DEFAULT=\"NON DEFAULT\"\nSTATUS_NO=\"NEE\"\nSTATUS_NONE=\"GEEN\"\nSTATUS_NOT_ACTIVE=\"NOT ACTIVE\"\nSTATUS_NOT_CONFIGURED=\"NIET GECONFIGUREERD\"\n#STATUS_NOT_DISABLED=\"NOT DISABLED\"\n#STATUS_NOT_ENABLED=\"NOT ENABLED\"\nSTATUS_NOT_FOUND=\"NIET GEVONDEN\"\nSTATUS_NOT_RUNNING=\"NIET ACTIEF\"\n#STATUS_NO_UPDATE=\"NO UPDATE\"\nSTATUS_OFF=\"UIT\"\nSTATUS_OK=\"OK\"\nSTATUS_ON=\"AAN\"\n#STATUS_PARTIALLY_HARDENED=\"PARTIALLY HARDENED\"\n#STATUS_PROTECTED=\"PROTECTED\"\nSTATUS_RUNNING=\"ACTIEF\"\nSTATUS_SKIPPED=\"OVERGESLAGEN\"\nSTATUS_SUGGESTION=\"SUGGESTIE\"\nSTATUS_UNKNOWN=\"ONBEKEND\"\n#STATUS_UNSAFE=\"UNSAFE\"\n#STATUS_UPDATE_AVAILABLE=\"UPDATE AVAILABLE\"\nSTATUS_WARNING=\"WAARSCHUWING\"\nSTATUS_WEAK=\"ZWAK\"\nSTATUS_YES=\"JA\"\nTEXT_UPDATE_AVAILABLE=\"update beschikbaar\"\nTEXT_YOU_CAN_HELP_LOGFILE=\"Help mee door je logbestand te delen\"\n#SECTION_KERBEROS=\"Kerberos\"\n" }, { "path": "db/languages/pl", "content": "#ERROR_NO_LICENSE=\"No license key configured\"\n#ERROR_NO_UPLOAD_SERVER=\"No upload server configured\"\n#GEN_CHECKING=\"Checking\"\n#GEN_CURRENT_VERSION=\"Current version\"\n#GEN_DEBUG_MODE=\"Debug mode\"\n#GEN_INITIALIZE_PROGRAM=\"Initializing program\"\n#GEN_LATEST_VERSION=\"Latest version\"\n#GEN_PHASE=\"phase\"\n#GEN_PLUGINS_ENABLED=\"Plugins enabled\"\n#GEN_UPDATE_AVAILABLE=\"update available\"\n#GEN_VERBOSE_MODE=\"Verbose mode\"\n#GEN_WHAT_TO_DO=\"What to do\"\n#NOTE_EXCEPTIONS_FOUND_DETAILED=\"Some exceptional events or information was found\"\n#NOTE_EXCEPTIONS_FOUND=\"Exceptions found\"\n#NOTE_PLUGINS_TAKE_TIME=\"Note: plugins have more extensive tests and may take several minutes to complete\"\n#NOTE_SKIPPED_TESTS_NON_PRIVILEGED=\"Skipped tests due to non-privileged mode\"\n#SECTION_ACCOUNTING=\"Accounting\"\n#SECTION_BANNERS_AND_IDENTIFICATION=\"Banners and identification\"\n#SECTION_BASICS=\"Basics\"\n#SECTION_BOOT_AND_SERVICES=\"Boot and services\"\n#SECTION_CONTAINERS=\"Containers\"\n#SECTION_CRYPTOGRAPHY=\"Cryptography\"\n#SECTION_CUSTOM_TESTS=\"Custom Tests\"\n#SECTION_DATABASES=\"Databases\"\n#SECTION_DATA_UPLOAD=\"Data upload\"\n#SECTION_DOWNLOADS=\"Downloads\"\n#SECTION_EMAIL_AND_MESSAGING=\"Software: e-mail and messaging\"\n#SECTION_FILE_INTEGRITY=\"Software: file integrity\"\n#SECTION_FILE_PERMISSIONS=\"File Permissions\"\n#SECTION_FILE_SYSTEMS=\"File systems\"\n#SECTION_FIREWALLS=\"Software: firewalls\"\n#SECTION_GENERAL=\"General\"\n#SECTION_HARDENING=\"Hardening\"\n#SECTION_HOME_DIRECTORIES=\"Home directories\"\n#SECTION_IMAGE=\"Image\"\n#SECTION_INITIALIZING_PROGRAM=\"Initializing program\"\n#SECTION_INSECURE_SERVICES=\"Insecure services\"\n#SECTION_KERNEL_HARDENING=\"Kernel Hardening\"\n#SECTION_KERNEL=\"Kernel\"\n#SECTION_LDAP_SERVICES=\"LDAP Services\"\n#SECTION_LOGGING_AND_FILES=\"Logging and files\"\n#SECTION_MALWARE=\"Malware\"\n#SECTION_MEMORY_AND_PROCESSES=\"Memory and Processes\"\n#SECTION_NAME_SERVICES=\"Name services\"\n#SECTION_NETWORKING=\"Networking\"\n#SECTION_PERMISSIONS=\"Permissions\"\n#SECTION_PORTS_AND_PACKAGES=\"Ports and packages\"\n#SECTION_PRINTERS_AND_SPOOLS=\"Printers and Spools\"\n#SECTION_PROGRAM_DETAILS=\"Program Details\"\n#SECTION_SCHEDULED_TASKS=\"Scheduled tasks\"\n#SECTION_SECURITY_FRAMEWORKS=\"Security frameworks\"\n#SECTION_SHELLS=\"Shells\"\n#SECTION_SNMP_SUPPORT=\"SNMP Support\"\n#SECTION_SOFTWARE=\"Software\"\n#SECTION_SQUID_SUPPORT=\"Squid Support\"\n#SECTION_SSH_SUPPORT=\"SSH Support\"\n#SECTION_STORAGE=\"Storage\"\n#SECTION_SYSTEM_INTEGRITY=\"Software: System integrity\"\n#SECTION_SYSTEM_TOOLING=\"Software: System tooling\"\n#SECTION_SYSTEM_TOOLS=\"System tools\"\n#SECTION_TIME_AND_SYNCHRONIZATION=\"Time and Synchronization\"\n#SECTION_USB_DEVICES=\"USB Devices\"\n#SECTION_USERS_GROUPS_AND_AUTHENTICATION=\"Users, Groups and Authentication\"\n#SECTION_VIRTUALIZATION=\"Virtualization\"\n#SECTION_WEBSERVER=\"Software: webserver\"\n#STATUS_ACTIVE=\"ACTIVE\"\n#STATUS_CHECK_NEEDED=\"CHECK NEEDED\"\n#STATUS_DEBUG=\"DEBUG\"\n#STATUS_DEFAULT=\"DEFAULT\"\n#STATUS_DIFFERENT=\"DIFFERENT\"\n#STATUS_DISABLED=\"DISABLED\"\n#STATUS_DONE=\"DONE\"\n#STATUS_ENABLED=\"ENABLED\"\n#STATUS_ERROR=\"ERROR\"\n#STATUS_EXPOSED=\"EXPOSED\"\n#STATUS_FAILED=\"FAILED\"\n#STATUS_FILES_FOUND=\"FILES FOUND\"\n#STATUS_FOUND=\"FOUND\"\n#STATUS_HARDENED=\"HARDENED\"\n#STATUS_INSTALLED=\"INSTALLED\"\n#STATUS_LOCAL_ONLY=\"LOCAL ONLY\"\n#STATUS_MEDIUM=\"MEDIUM\"\n#STATUS_NON_DEFAULT=\"NON DEFAULT\"\n#STATUS_NONE=\"NONE\"\n#STATUS_NO=\"NO\"\nSTATUS_NOT_ACTIVE=\"NOT ACTIVE\"\n#STATUS_NOT_CONFIGURED=\"NOT CONFIGURED\"\n#STATUS_NOT_DISABLED=\"NOT DISABLED\"\n#STATUS_NOT_ENABLED=\"NOT ENABLED\"\n#STATUS_NOT_FOUND=\"NOT FOUND\"\n#STATUS_NOT_RUNNING=\"NOT RUNNING\"\n#STATUS_NO_UPDATE=\"NO UPDATE\"\n#STATUS_OFF=\"OFF\"\n#STATUS_OK=\"OK\"\n#STATUS_ON=\"ON\"\n#STATUS_PARTIALLY_HARDENED=\"PARTIALLY HARDENED\"\n#STATUS_PROTECTED=\"PROTECTED\"\n#STATUS_RUNNING=\"RUNNING\"\n#STATUS_SKIPPED=\"SKIPPED\"\n#STATUS_SUGGESTION=\"SUGGESTION\"\n#STATUS_UNKNOWN=\"UNKNOWN\"\n#STATUS_UNSAFE=\"UNSAFE\"\n#STATUS_UPDATE_AVAILABLE=\"UPDATE AVAILABLE\"\n#STATUS_WARNING=\"WARNING\"\n#STATUS_WEAK=\"WEAK\"\n#STATUS_YES=\"YES\"\n#TEXT_UPDATE_AVAILABLE=\"update available\"\n#TEXT_YOU_CAN_HELP_LOGFILE=\"You can help by providing your log file\"\n#SECTION_KERBEROS=\"Kerberos\"\n" }, { "path": "db/languages/pt", "content": "\n# Usado o Google Tradutor para traduzir: https://translate.google.com.br/\n\n\nERROR_NO_LICENSE=\"Nenhuma chave de licença configurada\"\nERROR_NO_UPLOAD_SERVER=\"Nenhum servidor de upload configurado\"\nGEN_CHECKING=\"Verificando\"\nGEN_CURRENT_VERSION=\"Versão atual\"\nGEN_DEBUG_MODE=\"Modo debug\"\nGEN_INITIALIZE_PROGRAM=\"Iniciando o programa\"\nGEN_LATEST_VERSION=\"Última versão\"\nGEN_PHASE=\"Fase\"\nGEN_PLUGINS_ENABLED=\"Plugins habilitados\"\nGEN_UPDATE_AVAILABLE=\"Atualização disponível\"\nGEN_VERBOSE_MODE=\"Modo verbose\"\nGEN_WHAT_TO_DO=\"O que fazer\"\nNOTE_EXCEPTIONS_FOUND_DETAILED=\"Alguns eventos ou informações excepcionais foram encontrados\"\nNOTE_EXCEPTIONS_FOUND=\"Exceptions encontradas\"\nNOTE_PLUGINS_TAKE_TIME=\"Nota: plugins requerem testes mais extensivos e podem levar vários minutos para completar\"\nNOTE_SKIPPED_TESTS_NON_PRIVILEGED=\"Testes ignorados devido ao modo sem privilégios\"\nSECTION_ACCOUNTING=\"Contabilidade\"\nSECTION_BANNERS_AND_IDENTIFICATION=\"Banners e identificação\"\nSECTION_BASICS=\"Base\"\nSECTION_BOOT_AND_SERVICES=\"Inicialização e serviços\"\nSECTION_CONTAINERS=\"Containers\"\nSECTION_CRYPTOGRAPHY=\"Criptografia\"\nSECTION_CUSTOM_TESTS=\"Testes personalizados\"\nSECTION_DATABASES=\"Bancos de dados\"\nSECTION_DATA_UPLOAD=\"Carregamento de dados\"\nSECTION_DOWNLOADS=\"Transferências\"\nSECTION_EMAIL_AND_MESSAGING=\"Programas: e-mail e mensagens\"\nSECTION_FILE_INTEGRITY=\"Programas: integridade do arquivo\"\nSECTION_FILE_PERMISSIONS=\"Permissões de arquivo\"\nSECTION_FILE_SYSTEMS=\"Sistemas de arquivos\"\nSECTION_FIREWALLS=\"Programas: firewalls\"\nSECTION_GENERAL=\"Em geral\"\n#SECTION_HARDENING=\"Hardening\"\nSECTION_HOME_DIRECTORIES=\"Diretórios iniciais\"\nSECTION_IMAGE=\"Imagem\"\nSECTION_INITIALIZING_PROGRAM=\"Inicializando programa\"\nSECTION_INSECURE_SERVICES=\"Serviços inseguros\"\nSECTION_KERNEL_HARDENING=\"Hardening do Kernel\"\nSECTION_KERNEL=\"Kernel\"\nSECTION_LDAP_SERVICES=\"Serviços LDAP\"\nSECTION_LOGGING_AND_FILES=\"Registro e arquivos\"\nSECTION_MALWARE=\"Malware\"\nSECTION_MEMORY_AND_PROCESSES=\"Memória e Processos\"\nSECTION_NAME_SERVICES=\"Serviços de nomes\"\nSECTION_NETWORKING=\"Rede\"\nSECTION_PERMISSIONS=\"Permissões\"\nSECTION_PORTS_AND_PACKAGES=\"Portas e pacotes\"\nSECTION_PRINTERS_AND_SPOOLS=\"Impressoras\"\nSECTION_PROGRAM_DETAILS=\"Detalhes do programa\"\nSECTION_SCHEDULED_TASKS=\"Atividades agendadas\"\nSECTION_SECURITY_FRAMEWORKS=\"Estruturas de segurança\"\n#SECTION_SHELLS=\"Shells\"\nSECTION_SNMP_SUPPORT=\"Suporte SNMP\"\nSECTION_SOFTWARE=\"Programas\"\nSECTION_SQUID_SUPPORT=\"Suporte Squid\"\nSECTION_SSH_SUPPORT=\"Suporte SSH\"\nSECTION_STORAGE=\"Armazenamento\"\nSECTION_SYSTEM_INTEGRITY=\"Programas: Integridade do sistema\"\nSECTION_SYSTEM_TOOLING=\"Programas: Ferramentas de sistema\"\nSECTION_SYSTEM_TOOLS=\"Ferramentas do sistema\"\nSECTION_TIME_AND_SYNCHRONIZATION=\"Tempo e sincronização\"\nSECTION_USB_DEVICES=\"Dispositivos USB\"\nSECTION_USERS_GROUPS_AND_AUTHENTICATION=\"Usuários, grupos e autenticação\"\nSECTION_VIRTUALIZATION=\"Virtualização\"\nSECTION_WEBSERVER=\"Programas: Servidor Web\"\nSTATUS_ACTIVE=\"ATIVO\"\nSTATUS_CHECK_NEEDED=\"VERIFICAÇÃO NECESSÁRIA\"\n#STATUS_DEBUG=\"DEBUG\"\nSTATUS_DEFAULT=\"PADRÃO\"\nSTATUS_DIFFERENT=\"DIFERENTE\"\nSTATUS_DISABLED=\"DESABILITADO\"\nSTATUS_DONE=\"FEITO\"\nSTATUS_ENABLED=\"HABILITADO\"\nSTATUS_ERROR=\"ERRO\"\nSTATUS_EXPOSED=\"EXPOSTO\"\nSTATUS_FAILED=\"FALHAR\"\nSTATUS_FILES_FOUND=\"ARQUIVOS ENCONTRADOS\"\nSTATUS_FOUND=\"ENCONTRADO\"\n#STATUS_HARDENED=\"HARDENED\"\nSTATUS_INSTALLED=\"INSTALADO\"\nSTATUS_LOCAL_ONLY=\"SOMENTE LOCAL\"\nSTATUS_MEDIUM=\"MÉDIO\"\nSTATUS_NO=\"NÃO\"\nSTATUS_NON_DEFAULT=\"FORA DO PADRÃO\"\nSTATUS_NONE=\"NENHUM\"\nSTATUS_NOT_ACTIVE=\"NOT ACTIVE\"\nSTATUS_NOT_CONFIGURED=\"NÃO CONFIGURADO\"\nSTATUS_NOT_DISABLED=\"NÃO DESATIVADO\"\nSTATUS_NOT_ENABLED=\"NÃO HABILITADO\"\nSTATUS_NOT_FOUND=\"NÃO ENCONTRADO\"\nSTATUS_NOT_RUNNING=\"PARADO\"\nSTATUS_NO_UPDATE=\"SEM ATUALIZAÇÃO\"\nSTATUS_OFF=\"DESLIGADO\"\nSTATUS_OK=\"OK\"\nSTATUS_ON=\"LIGADO\"\nSTATUS_PARTIALLY_HARDENED=\"HARDENED PARCIAL\"\nSTATUS_PROTECTED=\"PROTEGIDO\"\nSTATUS_RUNNING=\"EM EXECUÇÃO\"\nSTATUS_SKIPPED=\"IGNORADO\"\nSTATUS_SUGGESTION=\"SUGESTÃO\"\nSTATUS_UNKNOWN=\"DESCONHECIDO\"\nSTATUS_UNSAFE=\"INSEGURO\"\nSTATUS_UPDATE_AVAILABLE=\"ATUALIZAÇÃO DISPONÍVEL\"\nSTATUS_WARNING=\"ATENÇÃO\"\nSTATUS_WEAK=\"FRACO\"\nSTATUS_YES=\"SIM\"\nTEXT_UPDATE_AVAILABLE=\"Atualização disponível\"\nTEXT_YOU_CAN_HELP_LOGFILE=\"Você pode ajudar fornecendo seu arquivo de log\"\nSECTION_KERBEROS=\"Kerberos\"\n" }, { "path": "db/languages/ru", "content": "ERROR_NO_LICENSE=\"ОШИБКА: ЛИЦЕНЗИОННЫЙ КЛЮЧ НЕ НАСТРОЕН\"\nERROR_NO_UPLOAD_SERVER=\"ОШИБКА: ЗАГРУЗОЧНЫЙ СЕРВЕР НЕ НАСТРОЕН\"\nGEN_CHECKING=\"ПРОВЕРКА\"\nGEN_CURRENT_VERSION=\"ТЕКУЩАЯ ВЕРСИЯ\"\nGEN_DEBUG_MODE=\"РЕЖИМ ОТЛАДКИ\"\nGEN_INITIALIZE_PROGRAM=\"ИНИЦИАЛИЗАЦИЯ ПРОГРАММЫ\"\nGEN_LATEST_VERSION=\"ПОСЛЕДНЯЯ ВЕРСИЯ\"\nGEN_PHASE=\"СТАДИЯ\"\nGEN_PLUGINS_ENABLED=\"ПЛАГИНЫ ВКЛЮЧЕНЫ\"\nGEN_UPDATE_AVAILABLE=\"ДОСТУПНО ОБНОВЛЕНИЕ\"\nGEN_VERBOSE_MODE=\"ПОДРОБНЫЙ РЕЖИМ\"\nGEN_WHAT_TO_DO=\"ЧТО СДЕЛАТЬ?\"\nNOTE_EXCEPTIONS_FOUND_DETAILED=\"БЫЛИ ОБНАРУЖЕНЫ УНИКАЛЬНЫЕ СОБЫТИЯ ИЛИ СВЕДЕНИЯ\"\nNOTE_EXCEPTIONS_FOUND=\"НАЙДЕННЫ ИСКЛЮЧЕНИЯ\"\nNOTE_PLUGINS_TAKE_TIME=\"ПРИМЕЧАНИЕ: ПЛАГИНЫ ИМЕЮТ БОЛЕЕ ОБШИРНЫЕ ТЕСТЫ И МОГУТ ЗАНЯТЬ НЕСКОЛЬКО МИНУТ ДО ЗАВЕРШЕНИЯ\"\nNOTE_SKIPPED_TESTS_NON_PRIVILEGED=\"ТЕСТЫ ПРОПУЩЕНЫ ИЗ-ЗА ИСПОЛЬЗОВАНИЯ НЕПРЕВЕЛИГИРОВАННОГО РЕЖИМА\"\nSECTION_ACCOUNTING=\"УЧЁТ\"\nSECTION_BANNERS_AND_IDENTIFICATION=\"БАННЕРЫ И ИДЕНТИФИКАТОРЫ\"\nSECTION_BASICS=\"ОСНОВНОЕ\"\nSECTION_BOOT_AND_SERVICES=\"ЗАГРУЗКА И СЕРВИСЫ\"\nSECTION_CONTAINERS=\"КОНТЕЙНЕРЫ\"\nSECTION_CRYPTOGRAPHY=\"КРИПТОГРАФИЯ\"\nSECTION_CUSTOM_TESTS=\"ПОЛЬЗОВАТЕЛЬСКИЕ ТЕСТЫ\"\nSECTION_DATABASES=\"БАЗЫ ДАННЫХ\"\nSECTION_DATA_UPLOAD=\"ОТПРАВКА ДАННЫХ\"\nSECTION_DOWNLOADS=\"ЗАГРУЗКИ\"\nSECTION_EMAIL_AND_MESSAGING=\"ПРОГРАММНОЕ ОБЕСПЕЧЕНИЕ: E-MAIL И ОТПРАВКА СООБЩЕНИЙ\"\nSECTION_FILE_INTEGRITY=\"Программное обеспечение: целостность файлов\"\nSECTION_FILE_PERMISSIONS=\"ПРАВА ДОСТУПА К ФАЙЛАМ\"\nSECTION_FILE_SYSTEMS=\"ФАЙЛОВЫЕ СИСТЕМЫ\"\nSECTION_FIREWALLS=\"ПРОГРАММНОЕ ОБЕСПЕЧЕНИЕ: FIREWALL\"\nSECTION_GENERAL=\"ОБЩЕЕ\"\nSECTION_HARDENING=\"УСИЛЕНИЕ\"\nSECTION_HOME_DIRECTORIES=\"ДОМАШНИЕ ДИРЕКТОРИИ\"\nSECTION_IMAGE=\"ОБРАЗЫ\"\nSECTION_INITIALIZING_PROGRAM=\"ИНИЦИАЛИЗАЦИЯ ПРОГРАММЫ\"\nSECTION_INSECURE_SERVICES=\"НЕБЕЗОПАСНЫЕ СЕРВИСЫ\"\nSECTION_KERNEL_HARDENING=\"УСИЛЕНИЕ ЯДРА\"\nSECTION_KERNEL=\"ЯДРО\"\nSECTION_LDAP_SERVICES=\"СЕРВИСЫ LDAP\"\nSECTION_LOGGING_AND_FILES=\"ЛОГИРОВАНИЕ И ФАЙЛЫ\"\nSECTION_MALWARE=\"ВРЕДОНОСНОЕ ПО\"\nSECTION_MEMORY_AND_PROCESSES=\"ПАМЯТЬ И ПРОЦЕССОРЫ\"\nSECTION_NAME_SERVICES=\"СЕРВЕРЫ ИМЁН\"\nSECTION_NETWORKING=\"СЕТИ\"\nSECTION_PERMISSIONS=\"ПРАВА ДОСТУПА\"\nSECTION_PORTS_AND_PACKAGES=\"ПАКЕТЫ\"\nSECTION_PRINTERS_AND_SPOOLS=\"ПРИНТЕРЫ И СПУЛЕРЫ\"\nSECTION_PROGRAM_DETAILS=\"ПОДРОБНОСТИ О ПРОГРАММЕ\"\nSECTION_SCHEDULED_TASKS=\"ЗАПЛАНИРОВАННЫЕ ЗАДАЧИ\"\nSECTION_SECURITY_FRAMEWORKS=\"ФРЕЙМВОРКИ\"\nSECTION_SHELLS=\"КОМАНДНЫЕ ОБОЛОЧКИ\"\nSECTION_SNMP_SUPPORT=\"ПОДДЕРЖКА SNMP\"\nSECTION_SOFTWARE=\"ПРОГРАММНОЕ ОБЕСПЕЧЕНИЕ\"\nSECTION_SQUID_SUPPORT=\"ПОДДЕРЖКА Squid\"\nSECTION_SSH_SUPPORT=\"ПОДДЕРЖКА SSH\"\nSECTION_STORAGE=\"ХРАНИЛИЩЕ\"\nSECTION_SYSTEM_INTEGRITY=\"ПРОГРАММНОЕ ОБЕСПЕЧЕНИЕ: ЦЕЛОСТНОСТЬ СИСТЕМЫ\"\nSECTION_SYSTEM_TOOLING=\"ПРОГРАММНОЕ ОБЕСПЕЧЕНИЕ: СИСТЕМНЫЕ ИНСТУРМЕНТЫ\"\nSECTION_SYSTEM_TOOLS=\"СИСТЕМНЫЕ УТИЛИТЫ\"\nSECTION_TIME_AND_SYNCHRONIZATION=\"ВРЕМЯ И ЕГО СИНХРОНИЗАЦИЯ\"\nSECTION_USB_DEVICES=\"USB УСТРОЙСТВА\"\nSECTION_USERS_GROUPS_AND_AUTHENTICATION=\"ПОЛЬЗОВАТЕЛИ, ГРУППЫ И АУТЕНТИФИКАЦИЯ\"\nSECTION_VIRTUALIZATION=\"ВИРТУАЛИЗАЦИЯ\"\nSECTION_WEBSERVER=\"ПРОГРАММНОЕ ОБЕСПЕЧЕНИЕ: WEB-СЕРВЕРЫ\"\nSTATUS_ACTIVE=\"АКТИВЕН\"\nSTATUS_CHECK_NEEDED=\"ТРЕБУЕТСЯ ПРОВЕРКА\"\nSTATUS_DEBUG=\"ОТЛАДКА\"\nSTATUS_DEFAULT=\"ПО УМОЛЧАНИЮ\"\nSTATUS_DIFFERENT=\"ОТЛИЧАЕТСЯ\"\nSTATUS_DISABLED=\"ОТКЛЮЧЕНО\"\nSTATUS_DONE=\"ЗАВЕРШЕНО\"\nSTATUS_ENABLED=\"ВКЛЮЧЕНО\"\nSTATUS_ERROR=\"ОШИБКА\"\nSTATUS_EXPOSED=\"УЯЗВИМО\"\nSTATUS_FAILED=\"ПРОВАЛЕНО\"\nSTATUS_FILES_FOUND=\"ФАЙЛЫ НАЙДЕНЫ\"\nSTATUS_FOUND=\"Найдено\"\nSTATUS_HARDENED=\"УСИЛЕНО\"\nSTATUS_INSTALLED=\"УСТАНОВЛЕНО\"\nSTATUS_LOCAL_ONLY=\"ТОЛЬКО ЛОКАЛЬНО\"\nSTATUS_MEDIUM=\"СРЕДНИЙ\"\nSTATUS_NON_DEFAULT=\"НЕ ПО УМОЛЧАНИЮ\"\nSTATUS_NONE=\"ОТСУТСТВУЕТ\"\nSTATUS_NOT_ACTIVE=\"НЕ АКТИВЕН\"\nSTATUS_NOT_CONFIGURED=\"НЕ СКОНФИГУРИРОВАНО\"\nSTATUS_NOT_DISABLED=\"НЕ ОТКЛЮЧЕНО\"\nSTATUS_NOT_ENABLED=\"НЕ ВКЛЮЧЕНО\"\nSTATUS_NOT_FOUND=\"НЕ НАЙДЕНО\"\nSTATUS_NOT_RUNNING=\"НЕ ЗАПУЩЕНО\"\nSTATUS_NO_UPDATE=\"ОБНОВЛЕНИЙ НЕТ\"\nSTATUS_NO=\"НЕТ\"\nSTATUS_OFF=\"ВЫКЛЮЧЕНО\"\nSTATUS_OK=\"ОК\"\nSTATUS_ON=\"ВКЛЮЧЕНО\"\nSTATUS_PARTIALLY_HARDENED=\"ЧАСТИЧНО УСИЛЕНО\"\nSTATUS_PROTECTED=\"ЗАЩИЩЕНО\"\nSTATUS_RUNNING=\"ЗАПУЩЕНО\"\nSTATUS_SKIPPED=\"ПРОПУЩЕНО\"\nSTATUS_SUGGESTION=\"ПРЕДЛОЖЕНИЕ\"\nSTATUS_UNKNOWN=\"НЕИЗВЕСТНО\"\nSTATUS_UNSAFE=\"НЕБЕЗОПАСНО\"\nSTATUS_UPDATE_AVAILABLE=\"ДОСТУПНЫ ОБНОВЛЕНИЯ\"\nSTATUS_WARNING=\"ПРЕДУПРЕЖДЕНИЕ\"\nSTATUS_WEAK=\"СЛАБЫЙ\"\nSTATUS_YES=\"ДА\"\nTEXT_UPDATE_AVAILABLE=\"ДОСТУПНО ОБНОВЛЕНИЕ\"\nTEXT_YOU_CAN_HELP_LOGFILE=\"ПОЖАЛУЙСТА, ПОМОГИТЕ НАМ, ОТПРАВИВ ВАШ LOG-ФАЙЛ\"\nSECTION_KERBEROS=\"KERBEROS\"\n" }, { "path": "db/languages/se", "content": "ERROR_NO_LICENSE=\"Ingen licensnyckel konfigurerad\"\nERROR_NO_UPLOAD_SERVER=\"Ingen uppladdningsserver konfigurerad\"\nGEN_CHECKING=\"Kontrollera\"\nGEN_CURRENT_VERSION=\"Aktuell version\"\nGEN_DEBUG_MODE=\"Debugläge\"\nGEN_INITIALIZE_PROGRAM=\"Initierar program\"\nGEN_LATEST_VERSION=\"Senaste versionen\"\nGEN_PHASE=\"fas\"\nGEN_PLUGINS_ENABLED=\"Plugins aktiverade\"\nGEN_UPDATE_AVAILABLE=\"uppdatering tillgänglig\"\nGEN_VERBOSE_MODE=\"Detaljerat läge\"\nGEN_WHAT_TO_DO=\"Åtgärd\"\nNOTE_EXCEPTIONS_FOUND_DETAILED=\"En del ovanliga händelser eller uppgifter konstaterades\"\nNOTE_EXCEPTIONS_FOUND=\"Undantag hittade\"\nNOTE_PLUGINS_TAKE_TIME=\"Obs: plugins har mer omfattande tester och kan ta flera minuter att slutföra\"\nNOTE_SKIPPED_TESTS_NON_PRIVILEGED=\"Undantagna tester på grund av icke-privilegierat läge\"\n#SECTION_ACCOUNTING=\"Accounting\"\n#SECTION_BANNERS_AND_IDENTIFICATION=\"Banners and identification\"\n#SECTION_BASICS=\"Basics\"\n#SECTION_BOOT_AND_SERVICES=\"Boot and services\"\n#SECTION_CONTAINERS=\"Containers\"\n#SECTION_CRYPTOGRAPHY=\"Cryptography\"\nSECTION_CUSTOM_TESTS=\"Anpassade Tester\"\n#SECTION_DATABASES=\"Databases\"\n#SECTION_DATA_UPLOAD=\"Data upload\"\n#SECTION_DOWNLOADS=\"Downloads\"\n#SECTION_EMAIL_AND_MESSAGING=\"Software: e-mail and messaging\"\n#SECTION_FILE_INTEGRITY=\"Software: file integrity\"\n#SECTION_FILE_PERMISSIONS=\"File Permissions\"\n#SECTION_FILE_SYSTEMS=\"File systems\"\n#SECTION_FIREWALLS=\"Software: firewalls\"\n#SECTION_GENERAL=\"General\"\n#SECTION_HARDENING=\"Hardening\"\n#SECTION_HOME_DIRECTORIES=\"Home directories\"\n#SECTION_IMAGE=\"Image\"\n#SECTION_INITIALIZING_PROGRAM=\"Initializing program\"\n#SECTION_INSECURE_SERVICES=\"Insecure services\"\n#SECTION_KERNEL_HARDENING=\"Kernel Hardening\"\n#SECTION_KERNEL=\"Kernel\"\n#SECTION_LDAP_SERVICES=\"LDAP Services\"\n#SECTION_LOGGING_AND_FILES=\"Logging and files\"\nSECTION_MALWARE=\"Malware\"\nSECTION_MEMORY_AND_PROCESSES=\"Minne och Processer\"\n#SECTION_NAME_SERVICES=\"Name services\"\n#SECTION_NETWORKING=\"Networking\"\n#SECTION_PERMISSIONS=\"Permissions\"\n#SECTION_PORTS_AND_PACKAGES=\"Ports and packages\"\n#SECTION_PRINTERS_AND_SPOOLS=\"Printers and Spools\"\n#SECTION_PROGRAM_DETAILS=\"Program Details\"\n#SECTION_SCHEDULED_TASKS=\"Scheduled tasks\"\n#SECTION_SECURITY_FRAMEWORKS=\"Security frameworks\"\n#SECTION_SHELLS=\"Shells\"\n#SECTION_SNMP_SUPPORT=\"SNMP Support\"\n#SECTION_SOFTWARE=\"Software\"\n#SECTION_SQUID_SUPPORT=\"Squid Support\"\n#SECTION_SSH_SUPPORT=\"SSH Support\"\n#SECTION_STORAGE=\"Storage\"\n#SECTION_SYSTEM_INTEGRITY=\"Software: System integrity\"\n#SECTION_SYSTEM_TOOLING=\"Software: System tooling\"\n#SECTION_SYSTEM_TOOLS=\"System tools\"\n#SECTION_TIME_AND_SYNCHRONIZATION=\"Time and Synchronization\"\n#SECTION_USB_DEVICES=\"USB Devices\"\n#SECTION_USERS_GROUPS_AND_AUTHENTICATION=\"Users, Groups and Authentication\"\n#SECTION_VIRTUALIZATION=\"Virtualization\"\n#SECTION_WEBSERVER=\"Software: webserver\"\n#STATUS_ACTIVE=\"ACTIVE\"\n#STATUS_CHECK_NEEDED=\"CHECK NEEDED\"\n#STATUS_DEBUG=\"DEBUG\"\n#STATUS_DEFAULT=\"DEFAULT\"\n#STATUS_DIFFERENT=\"DIFFERENT\"\nSTATUS_DISABLED=\"AVAKTIVERAD\"\nSTATUS_DONE=\"KLAR\"\nSTATUS_ENABLED=\"AKTIVERAD\"\nSTATUS_ERROR=\"FEL\"\n#STATUS_EXPOSED=\"EXPOSED\"\n#STATUS_FAILED=\"FAILED\"\n#STATUS_FILES_FOUND=\"FILES FOUND\"\nSTATUS_FOUND=\"HITTAD\"\n#STATUS_HARDENED=\"HARDENED\"\n#STATUS_INSTALLED=\"INSTALLED\"\n#STATUS_LOCAL_ONLY=\"LOCAL ONLY\"\n#STATUS_MEDIUM=\"MEDIUM\"\n#STATUS_NON_DEFAULT=\"NON DEFAULT\"\nSTATUS_NONE=\"INGEN\"\nSTATUS_NO=\"NEJ\"\nSTATUS_NOT_ACTIVE=\"NOT ACTIVE\"\n#STATUS_NOT_CONFIGURED=\"NOT CONFIGURED\"\n#STATUS_NOT_DISABLED=\"NOT DISABLED\"\n#STATUS_NOT_ENABLED=\"NOT ENABLED\"\nSTATUS_NOT_FOUND=\"EJ HITTAD\"\nSTATUS_NOT_RUNNING=\"KÖRS INTE\"\n#STATUS_NO_UPDATE=\"NO UPDATE\"\nSTATUS_OFF=\"AV\"\nSTATUS_OK=\"OK\"\nSTATUS_ON=\"PÅ\"\n#STATUS_PARTIALLY_HARDENED=\"PARTIALLY HARDENED\"\n#STATUS_PROTECTED=\"PROTECTED\"\nSTATUS_RUNNING=\"KÖRS\"\nSTATUS_SKIPPED=\"ÖVERHOPPAD\"\nSTATUS_SUGGESTION=\"FÖRSLAG\"\nSTATUS_UNKNOWN=\"OKÄND\"\n#STATUS_UNSAFE=\"UNSAFE\"\n#STATUS_UPDATE_AVAILABLE=\"UPDATE AVAILABLE\"\nSTATUS_WARNING=\"VARNING\"\n#STATUS_WEAK=\"WEAK\"\nSTATUS_YES=\"JA\"\nTEXT_UPDATE_AVAILABLE=\"uppdatering tillgänglig\"\nTEXT_YOU_CAN_HELP_LOGFILE=\"Du kan hjälpa till genom att bidra med din loggfil\"\n#SECTION_KERBEROS=\"Kerberos\"\n" }, { "path": "db/languages/sk", "content": "ERROR_NO_LICENSE=\"Nie je nakonfigurovaný licenčný kľúč\"\nERROR_NO_UPLOAD_SERVER=\"Nie je nakonfigurovaný server na nahrávanie\"\nGEN_CHECKING=\"Kontrolujem\"\nGEN_CURRENT_VERSION=\"Aktuálna verzia\"\nGEN_DEBUG_MODE=\"Debug mód\"\nGEN_INITIALIZE_PROGRAM=\"Inicializácia programu\"\nGEN_LATEST_VERSION=\"Posledná verzia\"\nGEN_PHASE=\"fáza\"\nGEN_PLUGINS_ENABLED=\"Zapnuté pluginy\"\nGEN_UPDATE_AVAILABLE=\"aktualizácia k dispozícii\"\nGEN_VERBOSE_MODE=\"Detailný mód\"\nGEN_WHAT_TO_DO=\"Čo robiť\"\nNOTE_EXCEPTIONS_FOUND_DETAILED=\"Vyskytli sa niektoré výnimočné udalosti alebo informácie\"\nNOTE_EXCEPTIONS_FOUND=\"Našli sa výnimky\"\nNOTE_PLUGINS_TAKE_TIME=\"Poznámka: Pluginy majú rozsiahlejšie testy a dokončenie môže trvať niekoľko minút\"\nNOTE_SKIPPED_TESTS_NON_PRIVILEGED=\"Preskočené testy v dôsledku neprivilegovaného režimu\"\n#SECTION_ACCOUNTING=\"Accounting\"\n#SECTION_BANNERS_AND_IDENTIFICATION=\"Banners and identification\"\n#SECTION_BASICS=\"Basics\"\n#SECTION_BOOT_AND_SERVICES=\"Boot and services\"\n#SECTION_CONTAINERS=\"Containers\"\n#SECTION_CRYPTOGRAPHY=\"Cryptography\"\nSECTION_CUSTOM_TESTS=\"Vlastné testy\"\n#SECTION_DATABASES=\"Databases\"\n#SECTION_DATA_UPLOAD=\"Data upload\"\n#SECTION_DOWNLOADS=\"Downloads\"\n#SECTION_EMAIL_AND_MESSAGING=\"Software: e-mail and messaging\"\n#SECTION_FILE_INTEGRITY=\"Software: file integrity\"\n#SECTION_FILE_PERMISSIONS=\"File Permissions\"\n#SECTION_FILE_SYSTEMS=\"File systems\"\n#SECTION_FIREWALLS=\"Software: firewalls\"\n#SECTION_GENERAL=\"General\"\n#SECTION_HARDENING=\"Hardening\"\n#SECTION_HOME_DIRECTORIES=\"Home directories\"\n#SECTION_IMAGE=\"Image\"\n#SECTION_INITIALIZING_PROGRAM=\"Initializing program\"\n#SECTION_INSECURE_SERVICES=\"Insecure services\"\n#SECTION_KERNEL_HARDENING=\"Kernel Hardening\"\n#SECTION_KERNEL=\"Kernel\"\n#SECTION_LDAP_SERVICES=\"LDAP Services\"\n#SECTION_LOGGING_AND_FILES=\"Logging and files\"\nSECTION_MALWARE=\"Malware\"\nSECTION_MEMORY_AND_PROCESSES=\"Pamäť a procesy\"\n#SECTION_NAME_SERVICES=\"Name services\"\n#SECTION_NETWORKING=\"Networking\"\n#SECTION_PERMISSIONS=\"Permissions\"\n#SECTION_PORTS_AND_PACKAGES=\"Ports and packages\"\n#SECTION_PRINTERS_AND_SPOOLS=\"Printers and Spools\"\n#SECTION_PROGRAM_DETAILS=\"Program Details\"\n#SECTION_SCHEDULED_TASKS=\"Scheduled tasks\"\n#SECTION_SECURITY_FRAMEWORKS=\"Security frameworks\"\n#SECTION_SHELLS=\"Shells\"\n#SECTION_SNMP_SUPPORT=\"SNMP Support\"\n#SECTION_SOFTWARE=\"Software\"\n#SECTION_SQUID_SUPPORT=\"Squid Support\"\n#SECTION_SSH_SUPPORT=\"SSH Support\"\n#SECTION_STORAGE=\"Storage\"\n#SECTION_SYSTEM_INTEGRITY=\"Software: System integrity\"\n#SECTION_SYSTEM_TOOLING=\"Software: System tooling\"\n#SECTION_SYSTEM_TOOLS=\"System tools\"\n#SECTION_TIME_AND_SYNCHRONIZATION=\"Time and Synchronization\"\n#SECTION_USB_DEVICES=\"USB Devices\"\n#SECTION_USERS_GROUPS_AND_AUTHENTICATION=\"Users, Groups and Authentication\"\n#SECTION_VIRTUALIZATION=\"Virtualization\"\n#SECTION_WEBSERVER=\"Software: webserver\"\n#STATUS_ACTIVE=\"ACTIVE\"\n#STATUS_CHECK_NEEDED=\"CHECK NEEDED\"\n#STATUS_DEBUG=\"DEBUG\"\n#STATUS_DEFAULT=\"DEFAULT\"\n#STATUS_DIFFERENT=\"DIFFERENT\"\nSTATUS_DISABLED=\"ZABLOKOVANÉ\"\nSTATUS_DONE=\"HOTOVO\"\nSTATUS_ENABLED=\"POVOLENÉ\"\nSTATUS_ERROR=\"CHYBA\"\n#STATUS_EXPOSED=\"EXPOSED\"\n#STATUS_FAILED=\"FAILED\"\n#STATUS_FILES_FOUND=\"FILES FOUND\"\nSTATUS_FOUND=\"NÁJDENÉ\"\n#STATUS_HARDENED=\"HARDENED\"\n#STATUS_INSTALLED=\"INSTALLED\"\n#STATUS_LOCAL_ONLY=\"LOCAL ONLY\"\n#STATUS_MEDIUM=\"MEDIUM\"\n#STATUS_NON_DEFAULT=\"NON DEFAULT\"\nSTATUS_NONE=\"ŽIADNE\"\nSTATUS_NO=\"NIE\"\nSTATUS_NOT_ACTIVE=\"NOT ACTIVE\"\n#STATUS_NOT_CONFIGURED=\"NOT CONFIGURED\"\n#STATUS_NOT_DISABLED=\"NOT DISABLED\"\n#STATUS_NOT_ENABLED=\"NOT ENABLED\"\nSTATUS_NOT_FOUND=\"NENÁJDENÉ\"\nSTATUS_NOT_RUNNING=\"NEBEŽÍ\"\n#STATUS_NO_UPDATE=\"NO UPDATE\"\nSTATUS_OFF=\"VYPNUTÉ\"\nSTATUS_OK=\"OK\"\nSTATUS_ON=\"ZAPNUTÉ\"\n#STATUS_PARTIALLY_HARDENED=\"PARTIALLY HARDENED\"\n#STATUS_PROTECTED=\"PROTECTED\"\nSTATUS_RUNNING=\"BEŽÍ\"\nSTATUS_SKIPPED=\"PRESKOČENÉ\"\nSTATUS_SUGGESTION=\"NÁVRH\"\nSTATUS_UNKNOWN=\"NEZNÁME\"\n#STATUS_UNSAFE=\"UNSAFE\"\n#STATUS_UPDATE_AVAILABLE=\"UPDATE AVAILABLE\"\nSTATUS_WARNING=\"VAROVANIE\"\n#STATUS_WEAK=\"WEAK\"\nSTATUS_YES=\"ÁNO\"\nTEXT_UPDATE_AVAILABLE=\"aktualizácia k dispozícii\"\nTEXT_YOU_CAN_HELP_LOGFILE=\"Môžete pomôcť poskytnutím log súboru\"\n#SECTION_KERBEROS=\"Kerberos\"\n" }, { "path": "db/languages/tr", "content": "ERROR_NO_LICENSE=\"Lisans anahtarı yapılandırılmadı\"\nERROR_NO_UPLOAD_SERVER=\"Yükleme sunucusu yapılandırılmadı\"\nGEN_CHECKING=\" Denetleniyor\"\nGEN_CURRENT_VERSION=\"Geçerli sürüm\"\nGEN_DEBUG_MODE=\"Hata ayıklama modu\"\nGEN_INITIALIZE_PROGRAM=\"Program başlatılıyor\"\nGEN_LATEST_VERSION=\"En son sürüm\"\nGEN_PHASE=\"evre\"\nGEN_PLUGINS_ENABLED=\"Etkinleştirilen eklentiler\"\nGEN_UPDATE_AVAILABLE=\"güncelleme var\"\nGEN_VERBOSE_MODE=\"Ayrıntılı mod\"\nGEN_WHAT_TO_DO=\"Yapılması gerekenler\"\nNOTE_EXCEPTIONS_FOUND=\"İstisnalar bulundu\"\nNOTE_EXCEPTIONS_FOUND_DETAILED=\"Bazı istisnai olaylar veya bilgiler bulundu\"\nNOTE_PLUGINS_TAKE_TIME=\"Not: eklentiler daha kapsamlı testlere sahiptir ve tamamlanması birkaç dakika sürebilir\"\nNOTE_SKIPPED_TESTS_NON_PRIVILEGED=\"Yetkisiz çalışma nedeniyle atlanan testler\"\nSECTION_ACCOUNTING=\"Hesaplama\"\nSECTION_BANNERS_AND_IDENTIFICATION=\"Afişler ve tanımlama\"\nSECTION_BASICS=\"Temel Bilgiler\"\nSECTION_BOOT_AND_SERVICES=\"Önyükleme ve hizmetler\"\nSECTION_CONTAINERS=\"Konteynerler\"\nSECTION_CRYPTOGRAPHY=\"Kriptografi\"\nSECTION_CUSTOM_TESTS=\"Özel testler\"\nSECTION_DATA_UPLOAD=\"Veri yükleme\"\nSECTION_DATABASES=\"Veri tabanları\"\nSECTION_DOWNLOADS=\"İndirilenler\"\nSECTION_EMAIL_AND_MESSAGING=\"Yazılım: e-posta ve mesajlaşma\"\nSECTION_FILE_INTEGRITY=\"Yazılım: dosya bütünlüğü\"\nSECTION_FILE_PERMISSIONS=\"Dosya izinleri\"\nSECTION_FILE_SYSTEMS=\"Dosya sistemleri\"\nSECTION_FIREWALLS=\"Yazılım: güvenlik duvarları\"\nSECTION_GENERAL=\"Genel\"\nSECTION_HARDENING=\"Sıkılaştırma\"\nSECTION_HOME_DIRECTORIES=\"Ev dizinleri\"\nSECTION_IMAGE=\"Kalıp\"\nSECTION_INITIALIZING_PROGRAM=\"Program başlatılıyor\"\nSECTION_INSECURE_SERVICES=\"Güvensiz hizmetler\"\nSECTION_KERNEL=\"Çekirdek\"\nSECTION_KERNEL_HARDENING=\"Çekirdek Sıkılaştırma\"\nSECTION_LDAP_SERVICES=\"LDAP Hizmetleri\"\nSECTION_LOGGING_AND_FILES=\"Günlük kaydı ve dosyalar\"\nSECTION_MALWARE=\"Yazılım: Kötü Amaçlı Yazılım\"\nSECTION_MEMORY_AND_PROCESSES=\"Bellek ve Süreçler\"\nSECTION_NAME_SERVICES=\"Ad hizmetleri\"\nSECTION_NETWORKING=\"Ağ İletişimi\"\nSECTION_PERMISSIONS=\"İzinler\"\nSECTION_PORTS_AND_PACKAGES=\"Bağlantı noktaları ve paketler\"\nSECTION_PRINTERS_AND_SPOOLS=\"Yazıcılar ve Biriktiriciler\"\nSECTION_PROGRAM_DETAILS=\"Program Ayrıntıları\"\nSECTION_SCHEDULED_TASKS=\"Zamanlanan görevler\"\nSECTION_SECURITY_FRAMEWORKS=\"Güvenlik çerçeveleri\"\nSECTION_SHELLS=\"Kabuklar\"\nSECTION_SNMP_SUPPORT=\"SNMP Desteği\"\nSECTION_SOFTWARE=\"Yazılım\"\nSECTION_SQUID_SUPPORT=\"Squid Desteği\"\nSECTION_SSH_SUPPORT=\"SSH Desteği\"\nSECTION_STORAGE=\"Depolama\"\nSECTION_SYSTEM_INTEGRITY=\"Yazılım: Sistem bütünlüğü\"\nSECTION_SYSTEM_TOOLING=\"Yazılım: Sistem araçları\"\nSECTION_SYSTEM_TOOLS=\"Sistem araçları\"\nSECTION_TIME_AND_SYNCHRONIZATION=\"Zaman ve Eşzamanlama\"\nSECTION_USB_DEVICES=\"USB Aygıtları\"\nSECTION_USERS_GROUPS_AND_AUTHENTICATION=\"Kullanıcılar, Gruplar ve Kimlik Doğrulama\"\nSECTION_VIRTUALIZATION=\"Sanallaştırma\"\nSECTION_WEBSERVER=\"Yazılım: web sunucusu\"\nSTATUS_ACTIVE=\" ETKİN\"\nSTATUS_CHECK_NEEDED=\" DENETİM GEREKLI\"\nSTATUS_DEBUG=\"HATA AYIKLAMA\"\nSTATUS_DEFAULT=\"ÖNTANIMLI\"\nSTATUS_DIFFERENT=\"FARKLI\"\nSTATUS_DISABLED=\"DEVRE DIŞI BIRAKILDI\"\nSTATUS_DONE=\"TAMAMLANDI\"\nSTATUS_ENABLED=\"ETKİNLEŞTİRİLDİ\"\nSTATUS_ERROR=\"HATA\"\nSTATUS_EXPOSED=\"AÇIKTA BIRAKILDI\"\nSTATUS_FAILED=\"BAŞARISIZ\"\nSTATUS_FILES_FOUND=\"DOSYALAR BULUNDU\"\nSTATUS_FOUND=\"BULUNDU\"\nSTATUS_HARDENED=\"SIKILAŞTIRILDI\"\nSTATUS_INSTALLED=\"KURULU\"\nSTATUS_LOCAL_ONLY=\"YALNIZCA YEREL\"\nSTATUS_MEDIUM=\"ORTA\"\nSTATUS_NO=\"HAYIR\"\nSTATUS_NO_UPDATE=\"GÜNCELLEME YOK\"\nSTATUS_NON_DEFAULT=\"ÖNTANIMLI OLMAYAN\"\nSTATUS_NONE=\"YOK\"\nSTATUS_NOT_ACTIVE=\"ETKİN DEĞİL\"\nSTATUS_NOT_CONFIGURED=\"YAPILANDIRILMADI\"\nSTATUS_NOT_DISABLED=\"DEVRE DIŞI BIRAKILMADI\"\nSTATUS_NOT_ENABLED=\"ETKİNLEŞTİRİLMEDİ\"\nSTATUS_NOT_FOUND=\"BULUNAMADI\"\nSTATUS_NOT_RUNNING=\"ÇALIŞMIYOR\"\nSTATUS_OFF=\"KAPALI\"\nSTATUS_OK=\"TAMAM\"\nSTATUS_ON=\"AÇIK\"\nSTATUS_PARTIALLY_HARDENED=\"KISMEN SIKILAŞTIRILDI\"\nSTATUS_PROTECTED=\"KORUMALI\"\nSTATUS_RUNNING=\"ÇALIŞIYOR\"\nSTATUS_SKIPPED=\"ATLANDI\"\nSTATUS_SUGGESTION=\"ÖNERİ\"\nSTATUS_UNKNOWN=\"BİLİNMİYOR\"\nSTATUS_UNSAFE=\"GÜVENLİ DEĞİL\"\nSTATUS_UPDATE_AVAILABLE=\"GÜNCELLEME VAR\"\nSTATUS_WARNING=\"UYARI\"\nSTATUS_WEAK=\"ZAYIF\"\nSTATUS_YES=\"EVET\"\nTEXT_UPDATE_AVAILABLE=\"güncelleme var\"\nTEXT_YOU_CAN_HELP_LOGFILE=\"Günlük dosyanızı göndererek yardımcı olabilirsiniz\"\n#SECTION_KERBEROS=\"Kerberos\"\n" }, { "path": "default.prf", "content": "#################################################################################\n#\n#\n# Lynis - Default scan profile\n#\n#\n#################################################################################\n#\n#\n# This profile provides Lynis with most of its initial values to perform a\n# system audit.\n#\n#\n# WARNINGS\n# ----------\n#\n# Do NOT make changes to this file. Instead, copy only your changes into\n# the file custom.prf and put it in the same directory as default.prf\n#\n# To discover where your profiles are located: lynis show profiles\n#\n#\n# Lynis performs a strict check on profiles to avoid the inclusion of\n# possibly harmful injections. See include/profiles for details.\n#\n#\n#################################################################################\n#\n# All empty lines or with the # prefix will be skipped\n#\n#################################################################################\n\n# Use colored output\ncolors=yes\n\n# Compressed uploads (set to zero when errors with uploading occur)\ncompressed-uploads=yes\n\n# Amount of connections in WAIT state before reporting it as a suggestion\n#connections-max-wait-state=5000\n\n# Debug mode (for debugging purposes, extra data logged to screen)\n#debug=yes\n\n# Show non-zero exit code when warnings are found\nerror-on-warnings=no\n\n# Use Lynis in your own language (by default auto-detected)\nlanguage=\n\n# Log tests from another guest operating system (default: yes)\n#log-tests-incorrect-os=yes\n\n# Define if available NTP daemon is configured as a server or client on the network\n# values: server or client (default: client)\n#ntpd-role=client\n\n# Defines the role of the system (personal, workstation or server)\nmachine-role=server\n\n# Ignore some stratum 16 hosts (for example when running as time source itself)\n#ntp-ignore-stratum-16-peer=127.0.0.1\n\n# Profile name, will be used as title/description\nprofile-name=Default Audit Template\n\n# Number of seconds to pause between every test (0 is no pause)\npause-between-tests=0\n\n# Quick mode (do not wait for keypresses)\nquick=yes\n\n# Refresh software repositories to help detecting vulnerable packages\nrefresh-repositories=yes\n\n# Show solution for findings\nshow-report-solution=yes\n\n# Show inline tips about the tool\nshow-tool-tips=yes\n\n# Skip plugins\nskip-plugins=no\n\n# Skip a test (one per line)\n#skip-test=SSH-7408\n\n# Skip a particular option within a test (when applicable)\n#skip-test=SSH-7408:loglevel\n#skip-test=SSH-7408:permitrootlogin\n\n# Skip Lynis upgrade availability test (default: no)\n#skip-upgrade-test=yes\n\n# Locations where to search for SSL certificates (separate paths with a colon)\nssl-certificate-paths=/etc/apache2:/etc/dovecot:/etc/httpd:/etc/letsencrypt:/etc/pki:/etc/postfix:/etc/refind.d/keys:/etc/ssl:/opt/psa/var/certificates:/usr/local/psa/var/certificates:/usr/local/share/ca-certificates:/usr/share/ca-certificates:/usr/share/gnupg:/var/www:/srv/www\nssl-certificate-paths-to-ignore=/etc/letsencrypt/archive:\nssl-certificate-include-packages=no\n\n# Scan type - how deep the audit should be (light, normal or full)\ntest-scan-mode=full\n\n# Verbose output\nverbose=no\n\n\n#################################################################################\n#\n# Plugins\n# ---------------\n# Define which plugins are enabled\n#\n# Notes:\n# - Nothing happens if plugin isn't available\n# - There is no order in execution of plugins\n# - See documentation about how to use plugins and phases\n# - Some are for Lynis Enterprise users only\n#\n#################################################################################\n\n# Lynis plugins to enable\nplugin=authentication\nplugin=compliance\nplugin=configuration\nplugin=control-panels\nplugin=crypto\nplugin=dns\nplugin=docker\nplugin=file-integrity\nplugin=file-systems\nplugin=firewalls\nplugin=forensics\nplugin=hardware\nplugin=intrusion-detection\nplugin=intrusion-prevention\nplugin=kernel\nplugin=malware\nplugin=memory\nplugin=nginx\nplugin=pam\nplugin=processes\nplugin=security-modules\nplugin=software\nplugin=system-integrity\nplugin=systemd\nplugin=users\nplugin=krb5\n\n# Disable a particular plugin (will overrule an enabled plugin)\n#disable-plugin=authentication\n\n#################################################################################\n#\n# Kernel options\n# ---------------\n# config-data=, followed by:\n#\n# - Type = Set to 'sysctl'\n# - Setting = value of sysctl key (e.g. kernel.sysrq)\n# - Expected value = Preferred value for key (e.g. 0)\n# - Hardening Points = Number of hardening points (typically 1 point per key) (1)\n# - Description = Textual description about the sysctl key(Disable magic SysRQ)\n# - Related file or command = For example, sysctl -a to retrieve more details\n# - Solution field = Specifies more details or where to find them (url:URL, text:TEXT, or -)\n#\n#################################################################################\n\n# Config\n# - Type (sysctl)\n# - Setting (kernel.sysrq)\n# - Expected value (0)\n# - Hardening Points (1)\n# - Description (Disable magic SysRQ)\n# - Related file or command (sysctl -a)\n# - Solution field (url:URL, text:TEXT, or -)\n\n# Processes\nconfig-data=sysctl;security.bsd.see_other_gids;0;1;Groups only see their own processes;sysctl -a;-;category:security;\nconfig-data=sysctl;security.bsd.see_other_uids;0;1;Users only see their own processes;sysctl -a;-;category:security;\nconfig-data=sysctl;security.bsd.stack_guard_page;1;1;Enable stack smashing protection (SSP)/ProPolice to defend against possible buffer overflows;-;category:security;\nconfig-data=sysctl;security.bsd.unprivileged_proc_debug;0;1;Unprivileged processes can not use process debugging;sysctl -a;-;category:security;\nconfig-data=sysctl;security.bsd.unprivileged_read_msgbuf;0;1;Unprivileged processes can not read the kernel message buffer;sysctl -a;-;category:security;\n\n# Kernel\nconfig-data=sysctl;fs.suid_dumpable;0;1;Restrict core dumps;sysctl -a;url:https;//www.kernel.org/doc/Documentation/sysctl/fs.txt;category:security;\nconfig-data=sysctl;fs.protected_fifos;2;1;Restrict FIFO special device creation behavior;sysctl -a;url:https;//www.kernel.org/doc/Documentation/sysctl/fs.txt;category:security;\nconfig-data=sysctl;fs.protected_hardlinks;1;1;Restrict hardlink creation behavior;sysctl -a;url:https;//www.kernel.org/doc/Documentation/sysctl/fs.txt;category:security;\nconfig-data=sysctl;fs.protected_regular;2;1;Restrict regular files creation behavior;sysctl -a;url:https;//www.kernel.org/doc/Documentation/sysctl/fs.txt;category:security;\nconfig-data=sysctl;fs.protected_symlinks;1;1;Restrict symlink following behavior;sysctl -a;url:https;//www.kernel.org/doc/Documentation/sysctl/fs.txt;category:security;\n#config-data=sysctl;kern.randompid=2345;Randomize PID numbers with a specific modulus;sysctl -a;-;category:security;\nconfig-data=sysctl;kern.sugid_coredump;0;1;No description;sysctl -a;url:https;//kernel.org/doc/Documentation/sysctl/kernel.txt;category:security;\nconfig-data=sysctl;kernel.core_setuid_ok;0;1;No description;sysctl -a;url:https;//kernel.org/doc/Documentation/sysctl/kernel.txt;category:security;\nconfig-data=sysctl;kernel.core_uses_pid;1;1;No description;sysctl -a;url:https;//kernel.org/doc/Documentation/sysctl/kernel.txt;category:security;\nconfig-data=sysctl;kernel.ctrl-alt-del;0;1;No description;sysctl -a;url:https;//kernel.org/doc/Documentation/sysctl/kernel.txt;category:security;\nconfig-data=sysctl;kernel.dmesg_restrict;1;1;Restrict use of dmesg;sysctl -a;url:https;//kernel.org/doc/Documentation/sysctl/kernel.txt;category:security;\nconfig-data=sysctl;kernel.exec-shield-randomize;1;1;No description;sysctl -a;url:https;//kernel.org/doc/Documentation/sysctl/kernel.txt;category:security;\nconfig-data=sysctl;kernel.exec-shield;1;1;No description;sysctl -a;url:https;//kernel.org/doc/Documentation/sysctl/kernel.txt;category:security;\nconfig-data=sysctl;kernel.kptr_restrict;2;1;Restrict access to kernel symbols;sysctl -a;url:https;//kernel.org/doc/Documentation/sysctl/kernel.txt;category:security;\nconfig-data=sysctl;kernel.maps_protect;1;1;Restrict access to /proc/[pid]/maps;sysctl -a;url:https;//kernel.org/doc/Documentation/sysctl/kernel.txt;category:security;\nconfig-data=sysctl;kernel.modules_disabled;1;1;Restrict module loading once this sysctl value is loaded;sysctl -a;url:https;//kernel.org/doc/Documentation/sysctl/kernel.txt;category:security;\nconfig-data=sysctl;kernel.perf_event_paranoid;2|3|4;1;Restrict unprivileged access to the perf_event_open() system call.;sysctl -a;url:https;//kernel.org/doc/Documentation/sysctl/kernel.txt;category:security;\nconfig-data=sysctl;kernel.randomize_va_space;2;1;Randomize of memory address locations (ASLR);sysctl -a;url:https;//kernel.org/doc/Documentation/sysctl/kernel.txt;category:security;\nconfig-data=sysctl;kernel.suid_dumpable;0;1;Restrict core dumps;sysctl -a;url:https;//kernel.org/doc/Documentation/sysctl/kernel.txt;category:security;\nconfig-data=sysctl;kernel.sysrq;0;1;Disable magic SysRQ;sysctl -a;url:https;//kernel.org/doc/Documentation/sysctl/kernel.txt;category:security;\nconfig-data=sysctl;kernel.unprivileged_bpf_disabled;1;1;Restrict BPF for unprivileged users;sysctl -a;url:https;//kernel.org/doc/Documentation/sysctl/kernel.txt;category:security;\nconfig-data=sysctl;kernel.use-nx;0;1;No description;sysctl -a;url:https;//kernel.org/doc/Documentation/sysctl/kernel.txt;category:security;\nconfig-data=sysctl;kernel.yama.ptrace_scope;1|2|3;1;Disable process tracing for everyone;-;category:security;\n\n# Network\nconfig-data=sysctl;net.core.bpf_jit_harden;2;1;Hardened BPF JIT compilation;sysctl -a;url:https;//kernel.org/doc/Documentation/sysctl/kernel.txt;category:security;\nconfig-data=sysctl;net.inet.ip.linklocal.in.allowbadttl;0;\nconfig-data=sysctl;net.inet.tcp.always_keepalive;0;1;Disable TCP keep alive detection for dead peers as the keepalive can be spoofed;-;category:security;\n#config-data=sysctl;net.inet.tcp.fast_finwait2_recycle;1;1;Recycle FIN/WAIT states more quickly (DoS mitigation step, with risk of false RST);-;category:security;\nconfig-data=sysctl;net.inet.tcp.nolocaltimewait;1;1;Remove the TIME_WAIT state for loopback interface;-;category:security;\nconfig-data=sysctl;net.inet.tcp.path_mtu_discovery;0;1;Disable MTU discovery as many hosts drop the ICMP type 3 packets;-;category:security;\nconfig-data=sysctl;net.inet.icmp.bmcastecho;0;1;Ignore ICMP packets directed to broadcast address;-;category:security;\nconfig-data=sysctl;net.inet.tcp.icmp_may_rst;0;1;ICMP may not send RST to avoid spoofed ICMP/UDP floods;-;category:security;\nconfig-data=sysctl;net.inet.icmp.drop_redirect;1;1;Do not allow redirected ICMP packets;-;category:security;\nconfig-data=sysctl;net.inet.icmp.rediraccept;0;1;Disable incoming ICMP redirect routing redirects;-;category:security;\nconfig-data=sysctl;net.inet.icmp.timestamp;0;1;Disable timestamps;-;category:security;\nconfig-data=sysctl;net.inet.ip.accept_sourceroute;0;1;Disable IP source routing;-;category:security;\nconfig-data=sysctl;net.inet.ip.check_interface;1;1;Verify that a packet arrived on the right interface;-;category:security;\nconfig-data=sysctl;net.inet.ip.forwarding;0;1;Do not allow forwarding of traffic;-;category:security;\nconfig-data=sysctl;net.inet.ip.process_options;0;1;Ignore any IP options in the incoming packets;-;category:security;\nconfig-data=sysctl;net.inet.ip.random_id;1;1;Use a random IP id to each packet leaving the system;-;category:security;\nconfig-data=sysctl;net.inet.ip.redirect;0;1;Disable/Ignore ICMP routing redirects;-;category:security;\nconfig-data=sysctl;net.inet.ip.sourceroute;0;1;Disable IP source routing;-;category:security;\nconfig-data=sysctl;net.inet.ip6.redirect;0;1;Disable/Ignore ICMP routing redirects;-;category:security;\nconfig-data=sysctl;net.inet.tcp.blackhole;2;1;Do not sent RST but drop traffic when delivered to closed TCP port;-;category:security;\nconfig-data=sysctl;net.inet.tcp.drop_synfin;1;1;SYN/FIN packets will be dropped on initial connection;-;category:security;\nconfig-data=sysctl;net.inet.udp.blackhole;1;1;Do not sent RST but drop traffic when delivered to closed UDP port;-;category:security;\nconfig-data=sysctl;net.inet6.icmp6.rediraccept;0;1;Disable incoming ICMP redirect routing redirects;-;category:security;\nconfig-data=sysctl;net.inet6.ip6.forwarding;0;1;Do not allow forwarding of traffic;-;category:security;\nconfig-data=sysctl;net.inet6.ip6.fw.enable;1;1;Enable filtering;-;category:security;\nconfig-data=sysctl;net.inet6.ip6.redirect;0;1;Disable sending ICMP redirect routing redirects;-;category:security;\nconfig-data=sysctl;net.ipv4.conf.all.accept_redirects;0;1;Disable/Ignore ICMP routing redirects;-;category:security;\nconfig-data=sysctl;net.ipv4.conf.all.accept_source_route;0;1;Disable IP source routing;-;category:security;\nconfig-data=sysctl;net.ipv4.conf.all.bootp_relay;0;1;Do not relay BOOTP packets;-;category:security;\nconfig-data=sysctl;net.ipv4.conf.all.forwarding;0;1;Disable IP source routing;-;category:security;\nconfig-data=sysctl;net.ipv4.conf.all.log_martians;1;1;Log all packages for which the host does not have a path back to the source;-;category:security;\nconfig-data=sysctl;net.ipv4.conf.all.mc_forwarding;0;1;Disable IP source routing;-;category:security;\nconfig-data=sysctl;net.ipv4.conf.all.proxy_arp;0;1;Do not relay ARP packets;-;category:security;\nconfig-data=sysctl;net.ipv4.conf.all.rp_filter;1;1;Enforce ingress/egress filtering for packets;-;category:security;\nconfig-data=sysctl;net.ipv4.conf.all.send_redirects;0;1;Disable/Ignore ICMP routing redirects;-;category:security;\nconfig-data=sysctl;net.ipv4.conf.default.accept_redirects;0;1;Disable/Ignore ICMP routing redirects;-;category:security;\nconfig-data=sysctl;net.ipv4.conf.default.accept_source_route;0;1;Disable IP source routing;-;category:security;\nconfig-data=sysctl;net.ipv4.conf.default.log_martians;1;1;Log all packages for which the host does not have a path back to the source;-;category:security;\nconfig-data=sysctl;net.ipv4.icmp_echo_ignore_broadcasts;1;1;Ignore ICMP packets directed to broadcast address;-;category:security;\nconfig-data=sysctl;net.ipv4.icmp_ignore_bogus_error_responses;1;1;Ignore-;category:security;\n#config-data=sysctl;net.ipv4.ip_forward;0;1;Do not forward traffic;-;category:security;\nconfig-data=sysctl;net.ipv4.tcp_syncookies;1;1;Use SYN cookies to prevent SYN attack;-;category:security;\nconfig-data=sysctl;net.ipv4.tcp_timestamps;0|1;1;Disable TCP time stamps or enable them with different offsets;-;category:security;\nconfig-data=sysctl;net.ipv6.conf.all.send_redirects;0;1;Disable/ignore ICMP routing redirects;-;category:security;\nconfig-data=sysctl;net.ipv6.conf.all.accept_redirects;0;1;Disable/Ignore ICMP routing redirects;-;category:security;\nconfig-data=sysctl;net.ipv6.conf.all.accept_source_route;0;1;Disable IP source routing;-;category:security;\nconfig-data=sysctl;net.ipv6.conf.default.accept_redirects;0;1;Disable/Ignore ICMP routing redirects;-;category:security;\nconfig-data=sysctl;net.ipv6.conf.default.accept_source_route;0;1;Disable IP source routing;-;category:security;\n\n# Other\nconfig-data=sysctl;dev.tty.ldisc_autoload;0;1;Disable loading of TTY line disciplines;-;category:security;\nconfig-data=sysctl;hw.kbd.keymap_restrict_change;4;1;Disable changing the keymap by non-privileged users;-;category:security;\n#sysctl;kern.securelevel;1^2^3;1;FreeBSD security level;\n#security.jail.jailed; 0\n#security.jail.jail_max_af_ips; 255\n#security.jail.mount_allowed; 0\n#security.jail.chflags_allowed; 0\n#security.jail.allow_raw_sockets; 0\n#security.jail.enforce_statfs; 2\n#security.jail.sysvipc_allowed; 0\n#security.jail.socket_unixiproute_only; 1\n#security.jail.set_hostname_allowed; 1\n#security.bsd.suser_enabled; 1\n#security.bsd.unprivileged_proc_debug; 1\n#security.bsd.conservative_signals; 1\n#security.bsd.unprivileged_read_msgbuf; 1\n#security.bsd.unprivileged_get_quota; 0\nconfig-data=sysctl;security.bsd.hardlink_check_gid;1;1;Unprivileged processes are not allowed to create hard links to files which are owned by other groups;-;category:security;\nconfig-data=sysctl;security.bsd.hardlink_check_uid;1;1;Unprivileged processes are not allowed to create hard links to files which are owned by other users;-;category:security;\n\n\n#################################################################################\n#\n# permfile\n# ---------------\n# permfile=file name:file permissions:owner:group:action:\n# Action = NOTICE or WARN\n# Examples:\n# permfile=/etc/test1.dat:600:root:wheel:NOTICE:\n# permfile=/etc/test1.dat:640:root:-:WARN:\n#\n#################################################################################\n\n#permfile=/etc/inetd.conf:rw-------:root:-:WARN:\n#permfile=/etc/fstab:rw-r--r--:root:-:WARN:\npermfile=/boot/grub/grub.cfg:rw-------:root:root:WARN:\npermfile=/boot/grub2/grub.cfg:rw-------:root:root:WARN:\npermfile=/boot/grub2/user.cfg:rw-------:root:root:WARN:\npermfile=/etc/at.allow:rw-------:root:-:WARN:\npermfile=/etc/at.deny:rw-------:root:-:WARN:\npermfile=/etc/cron.allow:rw-------:root:-:WARN:\npermfile=/etc/cron.deny:rw-------:root:-:WARN:\npermfile=/etc/crontab:rw-------:root:-:WARN:\npermfile=/etc/group:rw-r--r--:root:-:WARN:\npermfile=/etc/group-:rw-r--r--:root:-:WARN:\npermfile=/etc/hosts.allow:rw-r--r--:root:root:WARN:\npermfile=/etc/hosts.deny:rw-r--r--:root:root:WARN:\npermfile=/etc/issue:rw-r--r--:root:root:WARN:\npermfile=/etc/issue.net:rw-r--r--:root:root:WARN:\npermfile=/etc/lilo.conf:rw-------:root:-:WARN:\npermfile=/etc/motd:rw-r--r--:root:root:WARN:\npermfile=/etc/passwd:rw-r--r--:root:-:WARN:\npermfile=/etc/passwd-:rw-r--r--:root:-:WARN:\npermfile=/etc/ssh/sshd_config:rw-------:root:-:WARN:\npermfile=/etc/hosts.equiv:rw-r--r--:root:root:WARN:\npermfile=/etc/shosts.equiv:rw-r--r--:root:root:WARN:\npermfile=/root/.rhosts:rw-------:root:root:WARN:\npermfile=/root/.rlogin:rw-------:root:root:WARN:\npermfile=/root/.shosts:rw-------:root:root:WARN:\n\n# These permissions differ by OS\n#permfile=/etc/gshadow:---------:root:-:WARN:\n#permfile=/etc/gshadow-:---------:root:-:WARN:\n#permfile=/etc/shadow:---------:root:-:WARN:\n#permfile=/etc/shadow-:---------:root:-:WARN:\n\n\n#################################################################################\n#\n# permdir\n# ---------------\n# permdir=directory name:file permissions:owner:group:action when permissions are different:\n#\n#################################################################################\n\npermdir=/root/.ssh:rwx------:root:-:WARN:\npermdir=/etc/cron.d:rwx------:root:root:WARN:\npermdir=/etc/cron.daily:rwx------:root:root:WARN:\npermdir=/etc/cron.hourly:rwx------:root:root:WARN:\npermdir=/etc/cron.weekly:rwx------:root:root:WARN:\npermdir=/etc/cron.monthly:rwx------:root:root:WARN:\n\n\n# Ignore some specific home directories\n# One directory per line; directories will be skipped for home directory specific\n# checks, like file permissions, SSH and other configuration files\n#ignore-home-dir=/home/user\n\n\n# Allow promiscuous interfaces\n#