Merge branch 'ent-13165-casque-en-plugin-de-seguridad' into 'develop'
Fixed pandora_security_check plugin See merge request artica/pandorafms!7135
This commit is contained in:
Jose Martin
commit
376c94a015
|
|
@ -310,10 +310,6 @@ module_plugin pandora_df
|
|||
#module_description Postcondition test module
|
||||
#module_end
|
||||
|
||||
# This plugin runs several security checks in a Linux system
|
||||
|
||||
#module_plugin pandora_security_check
|
||||
|
||||
# Extraction module example
|
||||
#module_begin
|
||||
#module_name Collector
|
||||
|
|
|
|||
|
|
@ -270,6 +270,9 @@ module_plugin pandora_netusage
|
|||
# Service autodiscovery plugin
|
||||
module_plugin autodiscover --default
|
||||
|
||||
# This plugin runs several security checks in a Linux system
|
||||
# module_plugin perl /usr/share/pandora_agent/plugins/pandora_security_check --conf /usr/share/pandora_agent/plugins/pandora_security_check.conf
|
||||
|
||||
# Plugin for inventory on the agent.
|
||||
# module_plugin inventory 1 cpu ram video nic hd cdrom software init_services filesystem users route
|
||||
|
||||
|
|
|
|||
|
|
@ -297,6 +297,10 @@ sub parse_configuration {
|
|||
$line =~ s/^\s+//;
|
||||
$line =~ s/\s+$//;
|
||||
|
||||
if($line =~ /^$/) {
|
||||
next;
|
||||
}
|
||||
|
||||
if ($line =~ /^\[($b_ports|$b_files|$b_passwords)\]$/) {
|
||||
$configuration_block = $1;
|
||||
}
|
||||
|
|
@ -537,7 +541,6 @@ if ($check_files) {
|
|||
|
||||
if ($can_check_files) {
|
||||
# Check each file integrity
|
||||
my @errored_files;
|
||||
my @no_integrity_files;
|
||||
|
||||
# Create unique check files list
|
||||
|
|
@ -556,8 +559,6 @@ if ($check_files) {
|
|||
push @no_integrity_files, $file;
|
||||
}
|
||||
$integrity{$file_key} = $file_md5;
|
||||
} else {
|
||||
push @errored_files, $file;
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -571,11 +572,6 @@ if ($check_files) {
|
|||
$value = 0;
|
||||
$desc = "Changed files found:\n" . join("\n", @no_integrity_files);
|
||||
}
|
||||
|
||||
if (@errored_files) {
|
||||
$value = 0;
|
||||
$desc .= "\nUnable to check integrity of some files:\n" . join("\n", @errored_files);
|
||||
}
|
||||
}
|
||||
|
||||
print_xml_module('Files check status', 'generic_proc', $desc, $value);
|
||||
|
|
@ -596,10 +592,15 @@ if ($check_passwords) {
|
|||
open my $shadow_fh, '<', $shadow_file;
|
||||
while (my $line = <$shadow_fh>) {
|
||||
chomp $line;
|
||||
|
||||
if($line =~ /^$/) {
|
||||
next;
|
||||
}
|
||||
|
||||
my ($username, $password_hash, @rest) = split /:/, $line;
|
||||
|
||||
# Skip users with no password hash
|
||||
if ($password_hash ne "*" && $password_hash ne "!!" && $password_hash ne "!locked") {
|
||||
if ($password_hash ne "*" && $password_hash ne "!!" && $password_hash ne "!locked" && $password_hash ne "!*") {
|
||||
my $salt = substr($password_hash, 0, rindex($password_hash, '$') + 1);
|
||||
my $user_hash = crypt($username, $salt);
|
||||
if ($user_hash eq $password_hash) {
|
||||
|
|
|
|||
|
|
@ -0,0 +1,22 @@
|
|||
[PORTS]
|
||||
22
|
||||
80
|
||||
443
|
||||
41121
|
||||
8080
|
||||
|
||||
[FILES]
|
||||
/etc/httpd/httpd.conf
|
||||
/etc/my.cnf
|
||||
/etc/sudoers
|
||||
/etc/passwd
|
||||
/etc/hosts
|
||||
|
||||
[PASSWORDS]
|
||||
pandora
|
||||
PANDORA
|
||||
P4nd0r4
|
||||
password
|
||||
root
|
||||
linux
|
||||
admin
|
||||
Loading…
Reference in New Issue