Introduction:
Lunar is a bash scripts for generates a scored audit report of a Unix host’s security. It is based on the CIS and other frameworks. Why a shell script? I wanted a tool that was able to run on locked down systems where other tools may not be available. I also wanted a tool that ran on all versions of UNIX. Having said that there are some differences between sh and bash, so I’ve used functions only from sh. It can also can perform a lockdown. Unlike some other scripts I have added capability to backout changes. Files are backed up using cpio to a directory based on the date (see Examples below).
lunar v5.0.5
Supported Operating Systems:
+ Linux
+-+ Red Hat
+-+ Centos
+-+ Scientific Linux
+-+ SLES
+-+ Debian
+-+ Ubuntu
+ Solaris (6,7,8,9,10 and 11)
+ Mac OS X
+ FreeBSD (needs more testing)
+ AIX (needs more testing)
+ ESXi (initial support – some tests)
Latest Changelog lunar v5.0.5 Sat 14 Jan 2017:
+ Fixed code to print module information
+ Fixed audit select function
+ Initial Amazon Linux support
+ Start adding support for Amazon Linux and added vfat to modprobe check
Usage:
git clone https://github.com/lateralblast/lunar && cd lunar ./lunar.sh
Source: https://github.com/lateralblast