Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Sample Data #16

Open
HackerShark opened this issue Aug 9, 2019 · 1 comment
Open

Sample Data #16

HackerShark opened this issue Aug 9, 2019 · 1 comment
Labels
enhancement New feature or request

Comments

@HackerShark
Copy link
Contributor

Create sample data folder and put output results of the profile for an unhardened and hardened box.
amolshah added a commit that referenced this issue Sep 19, 2019
@amolshah
Fixes for issue #16
09a3a9d 
Signed-off-by: Amol Shah <amolshah@gmail.com>
aaronlippold pushed a commit that referenced this issue Oct 3, 2019
@amolshah @aaronlippold
Amol's issuefixes (#24)
fc6c6d0 
* Fixing the status of issues to match current reality in Review.md

Signed-off-by: Amol Shah <amolshah@gmail.com>

* Initial fixes for issue #20

Signed-off-by: Amol Shah <amolshah@gmail.com>

* Initial fixes for issue #20

Signed-off-by: Amol Shah <amolshah@gmail.com>

* Initial fixes for issue #20

Signed-off-by: Amol Shah <amolshah@gmail.com>

* Fixes for issue #18

Signed-off-by: Amol Shah <amolshah@gmail.com>

* Fixes for issue #18

Signed-off-by: Amol Shah <amolshah@gmail.com>

* Fixes for issue #13 and #13

Signed-off-by: Amol Shah <amolshah@gmail.com>

* Fixes for issue #16

Signed-off-by: Amol Shah <amolshah@gmail.com>

* Fixing a profile error and recreated sample data

Signed-off-by: Amol Shah <amolshah@gmail.com>

* remove sudo from control checks
aaronlippold pushed a commit that referenced this issue Nov 20, 2019
@ejaronne @aaronlippold
Merge Development into Master (#27)
6f8c092 
* Adding initial auto-generated controls

* Update inspec.yml - Fixed formatting on file

* Updated all controls to have "check" as secondary description instead of as a tag

* Added tests for some controls

* Added tests for a few more controls. Added a vagrant box to test this profile against. Updated readme with instructions to test/run this inspec profile against.

* update git ignore to add vagrant specific items

* update V-80969 to check for audit.rules string match

* update V-80965 to check for remote_server offloading of audit logs (IPv4 only)

* updated V-80965 to disregard check for IP address only

* Updated all fix tags to description. Added a few controls related to aide package and it's configuration.

* update V-75901 thru V-75909

* template repo docs-mitre-inspec

* Added additional control tests

* update gitignore to NOT account for .vscode folder

* started work on kitchen and travis support (#1)

* started work on kitchen and travis support

Signed-off-by: Aaron Lippold <lippold@gmail.com>

* added bundle install

Signed-off-by: Aaron Lippold <lippold@gmail.com>

* fixing bundler

Signed-off-by: Aaron Lippold <lippold@gmail.com>

* added a specific rvm version

Signed-off-by: Aaron Lippold <lippold@gmail.com>

* Removed Gemfile.lock

Signed-off-by: Aaron Lippold <lippold@gmail.com>

* bundle issues

Signed-off-by: Aaron Lippold <lippold@gmail.com>

* bundler issues

Signed-off-by: Aaron Lippold <lippold@gmail.com>

* further fixing of bundler

Signed-off-by: Aaron Lippold <lippold@gmail.com>

* bundler fix 3

Signed-off-by: Aaron Lippold <lippold@gmail.com>

* kitchen didn't seem to run

Signed-off-by: Aaron Lippold <lippold@gmail.com>

* added inspec_tools

Signed-off-by: Aaron Lippold <lippold@gmail.com>

* hacking the build

Signed-off-by: Aaron Lippold <lippold@gmail.com>

* adding inspec_tools step to build process

Signed-off-by: Aaron Lippold <lippold@gmail.com>

* fixing inspec_tools

Signed-off-by: Aaron Lippold <lippold@gmail.com>

* updated min compliance to 1%

Signed-off-by: Aaron Lippold <lippold@gmail.com>

* updated to ignore kitchen error code

Signed-off-by: Aaron Lippold <lippold@gmail.com>

* develop 9 additional controls in 755** series

* fixed small error in control (#4)

* fixed small error in control

Signed-off-by: Aaron Lippold <lippold@gmail.com>

* Removed Gemfile.lock from the repo
Added branch selection so that we didn't run the build multiple times

Signed-off-by: Aaron Lippold <lippold@gmail.com>

* Update README.md

* Update README.md

* update controls, kitchen files and gitignore

* add .kitchen.vagrant.yml changes

* change symlink for kitchen.yml; 11 new controls

* remove Gemfile.lock

* update controls and kitchen files, add attributes

* 13 new and modified controls (#7)

* update controls, kitchen files and gitignore

* add .kitchen.vagrant.yml changes

* change symlink for kitchen.yml; 11 new controls

* remove Gemfile.lock

* update controls and kitchen files, add attributes

* attribute to input in all controls; move attributes to inspec.yml

change attribute to input in all controls
move attributes to inputs.yml (needs further refinement to address issue #10)
remove attributes.yml
update kitchen.yml files to use inspec.yml for attrs

* develop new controls and update some old controls

* remove results.json, develop new controls

* developed 13 new controls

* fix auditd controls

* develop two new audit controls

* new controls; updates to inspec and kitchen ymls

* adding new control implementations

* specify input_files tag to test travis build

* edit input_files; test travis build

* use chef-workstation, inputs tag, add inputs.yml

* test travis by updating inspec-bin

* verbose logging debug

Signed-off-by: Aaron Lippold <lippold@gmail.com>

* debug

Signed-off-by: Aaron Lippold <lippold@gmail.com>

* add debug to test travis

* remove control to test travis

* move inputs inside controls

* move inputs inside control

* move inputs inside control

* remove kitchen debug from travis.yml

* update travis links in README

* chef gem update inspec and inspec-bin in travis

* test travis by moving input out of control block

* 'chef gem update inspec' to 'gem update inspec'

* accept chef license before running chef commands

* accept chef license inline

* update inspec using embedded gem binary

* debug kitchen verify

* developed 4 more controls

* develop 22 new controls

* Update README.md

* some minor fixes

some minor fixes

* update controls based on review for PR #11

* Some cleanup of workinprogress notice

* completing 80961

* 3 additional controls developed

* debug travis

* disable V-78005 to test travis

* fix dokken nil to string and other minor issues

* fix 80963 log_file check

* remove extra lines

* hard code audit conf & dir paths until inspec fix

* remove only_if from audit controls

* adding apt-get chef workstation to before_script

* use wget and dpkg instead of apt

* remove debug

* Update README.md

* 80957 and 75437 updated with temporary measures

* update controls to account for skips and N/As

* update controls to use native InSpec reosurces

* use InSpec resources instead of command

* minor fixes

* update gnome checks

* update 2 controls

* parameterize some controls

* Adding Review.md to repo

* initial review checks performed

* updating review

* Added more issues from review

* Updating review

* removed completion date from checks with open issues

* Adding last check for review

* Add additional inputs (#15)

* minor edits to account for organization name

* add emergency_accounts input

* add TRAVIS_BUILD_ID to kitchen.*.yml

* add required inputs

* bug fix for if, else

* fix for issue #19

* fixes issue #21

* fixes some issues from rubocop listed in issue #18

* move impact above describe

* more fixes for issue #19

* fixes for issue #23

* minor fixes

* fixes/edits for issue #23

* update completion of InSpec syntax checker

* Amol's issuefixes  (#24)

* Fixing the status of issues to match current reality in Review.md

Signed-off-by: Amol Shah <amolshah@gmail.com>

* Initial fixes for issue #20

Signed-off-by: Amol Shah <amolshah@gmail.com>

* Initial fixes for issue #20

Signed-off-by: Amol Shah <amolshah@gmail.com>

* Initial fixes for issue #20

Signed-off-by: Amol Shah <amolshah@gmail.com>

* Fixes for issue #18

Signed-off-by: Amol Shah <amolshah@gmail.com>

* Fixes for issue #18

Signed-off-by: Amol Shah <amolshah@gmail.com>

* Fixes for issue #13 and #13

Signed-off-by: Amol Shah <amolshah@gmail.com>

* Fixes for issue #16

Signed-off-by: Amol Shah <amolshah@gmail.com>

* Fixing a profile error and recreated sample data

Signed-off-by: Amol Shah <amolshah@gmail.com>

* remove sudo from control checks

* Peer review complete

Recommend merging development branch into master and removing WIP label

* Update README.md

* added getting started preamble

## Getting Started  
It is intended and recommended that InSpec run this profile from a __"runner"__ host (such as a DevOps orchestration server, an administrative management system, or a developer's workstation/laptop) against the target remotely over __winrm__.

__For the best security of the runner, always install on the runner the _latest version_ of InSpec and supporting Ruby language components.__ 

Latest versions and installation options are available at the [InSpec](http://inspec.io/) site.

* updated STIG reference

An InSpec profile of the DISA Canonical Ubuntu 16.04 LTS STIG baseline
to:
InSpec profile to validate the secure configuration of Canonical Ubuntu 16.04 LTS against DISA's Canonical Ubuntu 16.04 LTS Security Technical Implementation Guide (STIG) Version 1 Release 1.
@Amndeep7
Copy link

Amndeep7 commented Feb 7, 2022

Unhardened seems to have been implemented, but hardened is still left.

@Amndeep7 Amndeep7 added the enhancement New feature or request label Feb 7, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Amndeep7 @HackerShark