blob: 098ed178c1c65d8f71b3509f7bc4c9f52c46c246 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
|
- name: Installation du HIDS rkhunter
package:
name: rkhunter
state: present
- name: Login SSH en root
lineinfile:
path: /etc/rkhunter.conf
state: present
backrefs: yes
regexp: "^ALLOW_SSH_ROOT_USER=unset"
line: "ALLOW_SSH_ROOT_USER=yes"
- name: Activation de tests rkhunter
lineinfile:
path: /etc/rkhunter.conf
state: present
backrefs: yes
regexp: "^DISABLE_TESTS=suspscan hidden_ports deleted_files packet_cap_apps apps"
line: "DISABLE_TESTS=deleted_files"
- name: Ajout de wpa_spplicant en liste blanche
lineinfile:
path: /etc/rkhunter.conf
line: 'ALLOWPROCLISTEN=/usr/sbin/wpa_supplicant'
- name: Ajout de arpwatch en liste blanche
lineinfile:
path: /etc/rkhunter.conf
line: 'ALLOWPROCLISTEN=/usr/sbin/arpwatch'
- name: Ajout de fichier cache squid en liste blanche
lineinfile:
path: /etc/rkhunter.conf
insertafter: '^ALLOWDEVFILE=/dev/shm/squid-ssl_session_cache.shm'
line: 'ALLOWDEVFILE=/dev/shm/squid-tls_session_cache.shm'
|