From fd64aa24d64b1281c4d72bc63db80538988caffc Mon Sep 17 00:00:00 2001 From: xnoguer Date: Tue, 18 Apr 2023 16:46:19 -0400 Subject: [PATCH] Adding test MALW-3291 in order to solve issue 1322 (related to issue 994) --- db/tests.db | 1 + include/consts | 1 + include/tests_malware | 18 ++++++++++++++++++ 3 files changed, 20 insertions(+) diff --git a/db/tests.db b/db/tests.db index e4dc8fbd..206b6008 100644 --- a/db/tests.db +++ b/db/tests.db @@ -275,6 +275,7 @@ MALW-3284:test:security:malware::Check for clamd: MALW-3286:test:security:malware::Check for freshclam: MALW-3288:test:security:malware::Check for ClamXav: MALW-3290:test:security:malware::Presence of malware scanner: +MALW-3291:test:security:malware::Check for Microsoft Defender Antivirus: NAME-4016:test:security:nameservices::Check /etc/resolv.conf default domain: NAME-4018:test:security:nameservices::Check /etc/resolv.conf search domains: NAME-4020:test:security:nameservices::Check non default options: diff --git a/include/consts b/include/consts index 5d618429..714f4a92 100644 --- a/include/consts +++ b/include/consts @@ -169,6 +169,7 @@ ETC_PATHS="/etc /usr/local/etc" MACHINEID="" MACHINE_ROLE="" MALWARE_SCANNER_INSTALLED=0 + MDATPBINARY="" MIN_PASSWORD_LENGTH=-1 MONGODB_RUNNING=0 MOUNTBINARY="" diff --git a/include/tests_malware b/include/tests_malware index 40336fa5..04f7ea76 100644 --- a/include/tests_malware +++ b/include/tests_malware @@ -354,6 +354,24 @@ fi # ################################################################################# +# + # Test : MALW-3291 + # Description : Check if Microsoft Defender Antivirus is installed + Register --test-no MALW-3291 --weight L --network NO --category security --description "Check for mdatp" + if [ ${SKIPTEST} -eq 0 ]; then + LogText "Test: checking presence mdatp" + if [ ! "${MDATPBINARY}" = "" ]; then + Display --indent 2 --text "- Checking Microsoft Defender Antivirus" --result "${STATUS_FOUND}" --color GREEN + LogText "Result: Found ${MDATPBINARY}" + MALWARE_SCANNER_INSTALLED=1 + AddHP 2 2 + Report "malware_scanner[]=mdatp" + else + LogText "Result: mdatp couldn't be found" + fi + fi +# +################################################################################# # # Test : MALW-3286 # Description : Check running freshclam if clamd process is running