blob: 6a9a5073029fe53dccfff24cda002de3446d42ff (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
|
- name: Installation du HIDS rkhunter
dnf: name=rkhunter state=present
notify: initialize rkhunter
- name: Login SSH en root
lineinfile:
path: /etc/rkhunter.conf
state: present
backrefs: yes
regexp: "^ALLOW_SSH_ROOT_USER=unset"
line: "ALLOW_SSH_ROOT_USER=yes"
- name: Activation de tests rkhunter
lineinfile: dest=/etc/rkhunter.conf state=present backrefs=yes
regexp="^DISABLE_TESTS=suspscan hidden_ports deleted_files packet_cap_apps apps"
line="DISABLE_TESTS=deleted_files"
- name: Ajout de wpa_spplicant en liste blanche
lineinfile:
path: /etc/rkhunter.conf
line: 'ALLOWPROCLISTEN=/usr/sbin/wpa_supplicant'
- name: Ajout de arpwatch en liste blanche
lineinfile:
path: /etc/rkhunter.conf
line: 'ALLOWPROCLISTEN=/usr/sbin/arpwatch'
- name: Ajout de fichier cache squid en liste blanche
lineinfile:
path: /etc/rkhunter.conf
insertafter: '^ALLOWDEVFILE=/dev/shm/squid-ssl_session_cache.shm'
line: 'ALLOWDEVFILE=/dev/shm/squid-tls_session_cache.shm'
|