Versions Compared

Old Version 2

changes.mady.by.user Oscar Berlanga

Saved on

compared with

New Version 3

changes.mady.by.user Oscar Berlanga

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

WARNING - When creating a baseline using software policies, at present Centos and RedHat package the kernel using the names 'kernel' and 'kernel-devel'. There can be multiple packages with this name and different versions concurrently installed. Debian based distributions use names like 'linux-image-3.13.0-24-generic', note the version number is included in the package name. Because RedHat based OS's use this format and subsequently have multiple identical package names with different versions we currently exclude 'kernel' and 'kernel-devel' from software policies. This may be addressed in a future update.

Details

 

Baselines can compare netstat ports, users and software. 

Software

 

To compare software we check the name and version. Because version numbers are not all standardised in format, when we receive an audit result we create a new attribute called software_padded which we store in the database along with the rest of the software details for each package. For this reason, baselines using software policies will not work when run against a device that has not been audited by 1.10 (at least). Software policies can test against the version being "equal to", "greater than" or "equal to or greater than".

...

Netstat Ports

...

Netstat Ports use a combination of port number, protocol and program. If all are present the policy passes.

 

Users

...

Users work similar to Netstat Ports. If a user exists with a matching name, status and password details (changeable, expires, required) then the policy passes.

...