0×00 简介
hardeningone是一款类Unix系统安全检查bash shell脚本,适合信安审计人员或信安测试人员使用。作者写这个检测脚本的初衷是为了做系统安全审计、网络安全配置和系统安全维护之用。
0×01 安装
–创建一个目录,例如/usr/local/hardeningone,然后将压缩包解压到这个目录(tar xfvz hardeningone-version.tar.gz)
run ‘rpmbuild -ta hardeningone-version.tar.gz’ (建立一个RPM包)
run ‘rpm -ivh ‘ (安装RPM包)
0×02 更新
0×03 支持的系统
Mac OS X
0×04 使用
Define the name of the auditor/pen-tester. When a full name is
used, add double quotes, like "Michael Boelen".
--checkall (or -c)
hardeningone performs a full check of the system, printing out
the results of each test to stdout. Additional information will
be saved into a log file (default is /var/log/hardeningone.log).
In case the outcome of a scan needs to be automated, use the
report file.
--check-update (or --info)
Show program, database and update information
Perform automatic scan with cron safe options (no colors, no
questions, no breaks).
Do not use colors for messages, warnings and sections.
Redirect all logging information to /dev/null, prevent sensitive
information to be written to disk.
--quick (-Q)
Do a quick scan (don't wait for user input)
--quiet (-q)
Try to run as silent as possible, showing only warnings. This
option activates --quick as well.
Optimize screen output for light backgrounds.
--tests TEST-IDs
Only run the specific test(s). When using multiple tests, add
quotes around the line.
Multiple parameters are allowed, though some parameters can only
be used together with others. When running hardeningone without
any parameters, help will be shown and the program will exit.
*参考来源: github,我是酱油男编译,转载请注明来自FreeBuf黑客与极客(FreeBuf.COM)