It would be nice if lynis would gather (and report in the portal/reports) information about user-accounts:

• Expired or soon to expire passwords (passwd -e)
• Locked accounts (passwd -S )
• Expired accounts (chage -E / chage -l )

It'd be helpful if there was a check for ELB and ALBs that have either no listeners or no instances in their target pool. The check is similar to an unused security group although their are more financial penalties for having idle ELB and ALBs.

As you know it is hard to surf on web with user.js. I always have problem with many sites, but it i realyly takes time to find which config is not compatibale with the visited site. I think we can create a list of buggy sites so anyone can contribute it.

I can start with mines:

• site
• bug
• comments
• how to fix

• linkedin.com
• does not go home page after login
• this is

Description

When we have an automatic email reports configuration and there are no alerts to be reported that day (e.g the rule or group of rules that we have configured in reports have not triggered during the day), the report will not be sent.

This is not good behavior because it can lead the user to think that the automatic reports are not working.

Let's also say that I have to sen

I love the idea behind this project!!!

I'm seeing that you don't automatically support say downloading stdio.h and stdio.c and transpiling them at the same time? How hard would that be? Seems like it'd be a huge win to automatically support standard libraries.

While I'm at it, I just posted to gstreamer-rs github encouraging them to try this out, I'd recommend he

This may surprise developers used to other templating engines used in Rails, but, at time of writing, Liquid does not behave like ERB/HAML templates in Rails where interpolated values are escaped by default.

Liquid does not escape interpolated values and does not have an option (at time of writing) to configure this to be the default. The developer needs to remember each and every time to es

Sandboxed API should build/work on all major Linux distributions.
We should provide at least some basic instructions for distributions other than Debian/Ubuntu:

• Fedora
• Arch Linux
• openSUSE
• Gentoo
  This also applies for their derivatives (CentOS, Manjaro, etc.)

Description of problem:

I have never written SCAP content before, and am looking at how to get started. I would like to write SCAP content to test compliance on Photon OS against DISA SRGs. I have been all over the wiki pages, but I am still not sure how to get started. The main page makes it look super easy for writing OVAL and XCCDF files using YAML, but I am not sure where to build those

https://github.com/0xmachos/mOSL is a good replacement until this is updated.

Basically, we should remove all settings that are no longer relevant, and add ones that are newly added.

As the engineer who wrote this, I'm sure it all seems obvious to you :) but something that would be VERY helpful to add your website and your github README file would be two bullet lists: "What USBGuard Does", "What USBGuard Doesn't Do". Having this explained clearly would be very helpful even to those of us who are tech-savvy :) Thanks.

It seems you log full IP addresses at jvoisin/snuffleupagus@b1a4af5

I'm not sure if this logs directly to logfiles or if filter are applied by syslog like it is done at many hosting platforms for accesslog files.

Full IP addresses are not helpful and are GDPR relevant under the jurisdication that an IP address can be connected to a s

I've been tasked with creating a CIS Level 1 standard RHEL image in Azure. I've taken a market place RHEL 7.3 image and applied this playbook with packer/ansible using tags level1.

However, when I go and try and create a VM from the image, it fails. If I skip cis_section1, I can create a VM from the image. I'm a linux newbie, apologies, but any obvious rules in section 1 that could be causing

Hi team,

I have noticed that the log examples found in 0610-win-ms_logs_rules.xml don't match their rules.
It is due the fields providerName and channel aren't correct.

https://github.com/wazuh/wazuh-ruleset/blob/725a0155cfde0a849729d9d174f03e1453e31242/rules/0610-win-ms_logs_rules.xml#L37-L63

To match rules 63103, 63104 and 63105, the logs must have matched before rules `60

currently, we hard-code the default RHEL NTP servers.

MSVC on Windows prepends padding instructions to functions for alignment (it currently uses the CC opcode for this and a 16-byte alignment for all functions by default). We currently preserve those instructions as "gap functions", but they should be safe to discard. We could add a pass that scans all gap functions and trims them by removing all CC (and even 90 as well) opcode.

Hello folks,

I think it'd be great if every ENV VAR used in the images would be explained in the README.md, and also it can be included in the Wazuh official documentation once they're ready.

Feel free to share your thoughts on this here.

Regards