The Lynis and security warning about CentOS 8.

Issues related to configuring your network
Post Reply
hack3rcon
Posts: 658
Joined: 2014/11/24 11:04:37

The Lynis and security warning about CentOS 8.

Post by hack3rcon » 2020/09/11 08:59:16

Hello,
I launched Lynis to examine my server and it showed me below warnings:
-[ Lynis 3.0.0 Results ]-

Warnings (3):
----------------------------
! Couldn't find 2 responsive nameservers [NETW-2705]
https://cisofy.com/lynis/controls/NETW-2705/

! Found promiscuous interface [NETW-3015]
- Details : ens192
- Solution : Determine if this mode is required or whitelist interface in profile
https://cisofy.com/lynis/controls/NETW-3015/

! iptables module(s) loaded, but no rules active [FIRE-4512]
https://cisofy.com/lynis/controls/FIRE-4512/

Suggestions (42):
----------------------------
* Consider disabling unused kernel modules [FILE-6430]
- Details : /etc/modprobe.d/blacklist.conf
- Solution : Add 'install MODULENAME /bin/true' (without quotes)
https://cisofy.com/lynis/controls/FILE-6430/

* Split resolving between localhost and the hostname of the system [NAME-4406]
https://cisofy.com/lynis/controls/NAME-4406/

* Determine if protocol 'dccp' is really needed on this system [NETW-3200]
https://cisofy.com/lynis/controls/NETW-3200/

* Determine if protocol 'sctp' is really needed on this system [NETW-3200]
https://cisofy.com/lynis/controls/NETW-3200/

* Determine if protocol 'rds' is really needed on this system [NETW-3200]
https://cisofy.com/lynis/controls/NETW-3200/

* Determine if protocol 'tipc' is really needed on this system [NETW-3200]
https://cisofy.com/lynis/controls/NETW-3200/

* Check what deleted files are still in use and why. [LOGG-2190]
https://cisofy.com/lynis/controls/LOGG-2190/

* Enable sysstat to collect accounting (no results) [ACCT-9626]
https://cisofy.com/lynis/controls/ACCT-9626/

* Audit daemon is enabled with an empty ruleset. Disable the daemon or define rules [ACCT-9630]
https://cisofy.com/lynis/controls/ACCT-9630/

* Consider restricting file permissions [FILE-7524]
- Details : See screen output or log file
- Solution : Use chmod to change file permissions
https://cisofy.com/lynis/controls/FILE-7524/

* One or more sysctl values differ from the scan profile and could be tweaked [KRNL-6000]
- Solution : Change sysctl value or disable test (skip-test=KRNL-6000:<sysctl-key>)
https://cisofy.com/lynis/controls/KRNL-6000/

* Harden compilers like restricting access to root user only [HRDN-7222]
https://cisofy.com/lynis/controls/HRDN-7222/
How can I sure my server need dccp, sctp, rds and tipc protocols or not? It just a web server.

Thank you.

aks
Posts: 3020
Joined: 2014/09/20 11:22:14

Re: The Lynis and security warning about CentOS 8.

Post by aks » 2020/09/16 17:53:05

If all you're doing is http(s), then Datagram Congestion Control Protocol (dccp), Stream Control Transmission Protocol (sctp), Remote Desktop Protocol (rdp) and Transparent Inter Process Communication (tipc) are not required.

hack3rcon
Posts: 658
Joined: 2014/11/24 11:04:37

Re: The Lynis and security warning about CentOS 8.

Post by hack3rcon » 2020/09/17 18:28:52

It just a web server that hosting WordPress website.
How can I disable or re-enable that protocols?

Post Reply

Return to “CentOS 8 - Networking Support”