From 9a5e0d9a2a73329018ad3f15c9db145b992596be Mon Sep 17 00:00:00 2001 From: Aurora Date: Tue, 18 Apr 2023 11:46:33 +0000 Subject: [PATCH 1/7] =?UTF-8?q?=E5=A2=9E=E5=8A=A03.25-ensure-xinetd-is-not?= =?UTF-8?q?-installed=E7=9A=84benchmark=E3=80=81=E6=89=AB=E6=8F=8F?= =?UTF-8?q?=E3=80=81=E4=BF=AE=E5=A4=8D=E8=84=9A=E6=9C=AC?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Aurora --- .../3.25-ensure-xinetd-is-not-installed.md | 38 +++++++++++++++++++ docs/summary-of-rules.md | 1 + .../3.25-ensure-xinetd-is-not-installed.sh | 1 + .../3.25-ensure-xinetd-is-not-installed.sh | 8 ++++ 4 files changed, 48 insertions(+) create mode 100644 benchmarks/services/3.25-ensure-xinetd-is-not-installed.md create mode 100644 remediation-kits/services/3.25-ensure-xinetd-is-not-installed.sh create mode 100644 scanners/services/3.25-ensure-xinetd-is-not-installed.sh diff --git a/benchmarks/services/3.25-ensure-xinetd-is-not-installed.md b/benchmarks/services/3.25-ensure-xinetd-is-not-installed.md new file mode 100644 index 0000000..5211105 --- /dev/null +++ b/benchmarks/services/3.25-ensure-xinetd-is-not-installed.md @@ -0,0 +1,38 @@ +# 3.25 确保xinetd被卸载 + +## 安全等级 + +- Level 3 + +## 描述 + +eXtended InterNET 守护进程 ( xinetd ) 是一个开源的超级守护进程,用于取代原始 inetd 守护进程。 xinetd 能够监听许多常用服务并调度合适的守护进程以正确响应服务请求。 + +若 xinetd 服务非必要,建议将其卸载。 + +## 修复建议 + +目标:确保xinetd被卸载 + +1. 运行以下命令卸载 xinetd。 + +```bash +# dnf remove xinetd +``` + +## 扫描检测 + +执行修复前检测xinetd是否安装 + +1. 运行以下命令以检测是否安装 xinetd。 + +```bash +# rpm -q gdm +package xinetd is not installed +``` + +输出结果为`package xinetd is not installed`则表示未安装xinetd。 + +## 参考 + +- cis: \ No newline at end of file diff --git a/docs/summary-of-rules.md b/docs/summary-of-rules.md index e30eccc..90f1709 100644 --- a/docs/summary-of-rules.md +++ b/docs/summary-of-rules.md @@ -96,6 +96,7 @@ | 3.22 | 3.22-uninstall-the-ypbind-server.md | 3.22 卸载 ypbind | benchmarks/services | 1 | | 3.23 | 3.23-disable-rsh.md | 3.23 禁用rsh | benchmarks/services | 1 | | 3.24 | 3.24-disable-ntalk.md | 3.24 禁用ntalk | benchmarks/services | 1 | +| 3.25 | 3.25-ensure-xinetd-is-not-installed.md | 3.25 确保xinetd被卸载 | benchmarks/services | 3 | | 4.1 | 4.1-ensure-message-of-the-day-is-configured-properly.md | 4.1 确保登录提示消息的内容符合要求 | benchmarks/system-configurations | 1 | | 4.2 | 4.2-ensure-local-login-warning-banner-is-configured-properly.md | 4.2 确保本地登录提示消息的内容符合要求 | benchmarks/system-configurations | 1 | | 4.3 | 4.3-ensure-remote-login-warning-banner-is-configured-properly.md | 4.3 确保远程登录提示消息的内容符合要求 | benchmarks/system-configurations | 1 | diff --git a/remediation-kits/services/3.25-ensure-xinetd-is-not-installed.sh b/remediation-kits/services/3.25-ensure-xinetd-is-not-installed.sh new file mode 100644 index 0000000..f047b6d --- /dev/null +++ b/remediation-kits/services/3.25-ensure-xinetd-is-not-installed.sh @@ -0,0 +1 @@ +dnf remove xinetd \ No newline at end of file diff --git a/scanners/services/3.25-ensure-xinetd-is-not-installed.sh b/scanners/services/3.25-ensure-xinetd-is-not-installed.sh new file mode 100644 index 0000000..5408d6d --- /dev/null +++ b/scanners/services/3.25-ensure-xinetd-is-not-installed.sh @@ -0,0 +1,8 @@ +#!/usr/bin/env bash +cmdoutput=$(rpm -q xinetd) + +if [ "$cmdoutput" = "package xinetd is not installed" ]; then + echo "pass" +else + echo "fail" +fi -- Gitee From 28945dd4231cc2458ba5a3edac74748f39d24b07 Mon Sep 17 00:00:00 2001 From: Aurora Date: Tue, 18 Apr 2023 14:01:15 +0000 Subject: [PATCH 2/7] =?UTF-8?q?=E5=AF=B9=E5=85=88=E5=89=8DPR=E2=80=9D[HUST?= =?UTF-8?q?=20CSE]=20=E5=A2=9E=E5=8A=A03.25-ensure-xinetd-is-not-installed?= =?UTF-8?q?=E7=9A=84benchmark=E3=80=81=E6=89=AB=E6=8F=8F=E3=80=81=E4=BF=AE?= =?UTF-8?q?=E5=A4=8D=E8=84=9A=E6=9C=AC=E2=80=9C=E8=BF=9B=E8=A1=8C=E4=BF=AE?= =?UTF-8?q?=E6=94=B9?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Aurora --- benchmarks/services/3.25-ensure-xinetd-is-not-installed.md | 4 ++-- docs/summary-of-rules.md | 2 +- .../services/3.25-ensure-xinetd-is-not-installed.sh | 2 +- scanners/services/3.25-ensure-xinetd-is-not-installed.sh | 6 ++++-- 4 files changed, 8 insertions(+), 6 deletions(-) diff --git a/benchmarks/services/3.25-ensure-xinetd-is-not-installed.md b/benchmarks/services/3.25-ensure-xinetd-is-not-installed.md index 5211105..62bab45 100644 --- a/benchmarks/services/3.25-ensure-xinetd-is-not-installed.md +++ b/benchmarks/services/3.25-ensure-xinetd-is-not-installed.md @@ -2,7 +2,7 @@ ## 安全等级 -- Level 3 +- Level 1 ## 描述 @@ -17,7 +17,7 @@ eXtended InterNET 守护进程 ( xinetd ) 是一个开源的超级守护进程 1. 运行以下命令卸载 xinetd。 ```bash -# dnf remove xinetd +# dnf remove -y xinetd ``` ## 扫描检测 diff --git a/docs/summary-of-rules.md b/docs/summary-of-rules.md index 90f1709..88e6d59 100644 --- a/docs/summary-of-rules.md +++ b/docs/summary-of-rules.md @@ -96,7 +96,7 @@ | 3.22 | 3.22-uninstall-the-ypbind-server.md | 3.22 卸载 ypbind | benchmarks/services | 1 | | 3.23 | 3.23-disable-rsh.md | 3.23 禁用rsh | benchmarks/services | 1 | | 3.24 | 3.24-disable-ntalk.md | 3.24 禁用ntalk | benchmarks/services | 1 | -| 3.25 | 3.25-ensure-xinetd-is-not-installed.md | 3.25 确保xinetd被卸载 | benchmarks/services | 3 | +| 3.25 | 3.25-ensure-xinetd-is-not-installed.md | 3.25 确保xinetd被卸载 | benchmarks/services | 1 | | 4.1 | 4.1-ensure-message-of-the-day-is-configured-properly.md | 4.1 确保登录提示消息的内容符合要求 | benchmarks/system-configurations | 1 | | 4.2 | 4.2-ensure-local-login-warning-banner-is-configured-properly.md | 4.2 确保本地登录提示消息的内容符合要求 | benchmarks/system-configurations | 1 | | 4.3 | 4.3-ensure-remote-login-warning-banner-is-configured-properly.md | 4.3 确保远程登录提示消息的内容符合要求 | benchmarks/system-configurations | 1 | diff --git a/remediation-kits/services/3.25-ensure-xinetd-is-not-installed.sh b/remediation-kits/services/3.25-ensure-xinetd-is-not-installed.sh index f047b6d..43110c0 100644 --- a/remediation-kits/services/3.25-ensure-xinetd-is-not-installed.sh +++ b/remediation-kits/services/3.25-ensure-xinetd-is-not-installed.sh @@ -1 +1 @@ -dnf remove xinetd \ No newline at end of file +dnf remove -y xinetd \ No newline at end of file diff --git a/scanners/services/3.25-ensure-xinetd-is-not-installed.sh b/scanners/services/3.25-ensure-xinetd-is-not-installed.sh index 5408d6d..95c4e0c 100644 --- a/scanners/services/3.25-ensure-xinetd-is-not-installed.sh +++ b/scanners/services/3.25-ensure-xinetd-is-not-installed.sh @@ -1,7 +1,9 @@ #!/usr/bin/env bash -cmdoutput=$(rpm -q xinetd) +result=false -if [ "$cmdoutput" = "package xinetd is not installed" ]; then +rpm -q xinetd | grep -Psiq "^package\s+xinetd\s+is\s+not\s+installed$" && result=true + +if [ "$result" == true ]; then echo "pass" else echo "fail" -- Gitee From d83726933cb5dec48030dec846afdd46fc465117 Mon Sep 17 00:00:00 2001 From: Aurora Date: Wed, 19 Apr 2023 05:03:22 +0000 Subject: [PATCH 3/7] =?UTF-8?q?=E5=88=A0=E9=99=A4=E6=96=87=E4=BB=B6=20scan?= =?UTF-8?q?ners/services/3.25-ensure-xinetd-is-not-installed.sh?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../services/3.25-ensure-xinetd-is-not-installed.sh | 10 ---------- 1 file changed, 10 deletions(-) delete mode 100644 scanners/services/3.25-ensure-xinetd-is-not-installed.sh diff --git a/scanners/services/3.25-ensure-xinetd-is-not-installed.sh b/scanners/services/3.25-ensure-xinetd-is-not-installed.sh deleted file mode 100644 index 95c4e0c..0000000 --- a/scanners/services/3.25-ensure-xinetd-is-not-installed.sh +++ /dev/null @@ -1,10 +0,0 @@ -#!/usr/bin/env bash -result=false - -rpm -q xinetd | grep -Psiq "^package\s+xinetd\s+is\s+not\s+installed$" && result=true - -if [ "$result" == true ]; then - echo "pass" -else - echo "fail" -fi -- Gitee From 4ccfe4a798d6e8e20fdfdb5d74171b909d1224de Mon Sep 17 00:00:00 2001 From: Aurora Date: Wed, 19 Apr 2023 05:04:46 +0000 Subject: [PATCH 4/7] =?UTF-8?q?=E4=BF=AE=E5=A4=8D=E6=89=AB=E6=8F=8F?= =?UTF-8?q?=E8=84=9A=E6=9C=AC=E6=A0=BC=E5=BC=8F=E9=97=AE=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Aurora --- .../services/3.25-ensure-xinetd-is-not-installed.sh | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100644 scanners/services/3.25-ensure-xinetd-is-not-installed.sh diff --git a/scanners/services/3.25-ensure-xinetd-is-not-installed.sh b/scanners/services/3.25-ensure-xinetd-is-not-installed.sh new file mode 100644 index 0000000..12f7820 --- /dev/null +++ b/scanners/services/3.25-ensure-xinetd-is-not-installed.sh @@ -0,0 +1,10 @@ +#!/usr/bin/env bash +result=false + +rpm -q xinet | grep -Psiq "^package\s+xinet\s+is\s+not\s+installed$" && result=true + +if [ "$result" == true ]; then + echo "pass" +else + echo "fail" +fi \ No newline at end of file -- Gitee From f8a50b58ce9456aa1157c87c69a09dfd750c270c Mon Sep 17 00:00:00 2001 From: Aurora Date: Wed, 19 Apr 2023 05:07:42 +0000 Subject: [PATCH 5/7] =?UTF-8?q?=E5=88=A0=E9=99=A4=E6=96=87=E4=BB=B6=20benc?= =?UTF-8?q?hmarks/services/3.25-ensure-xinetd-is-not-installed.md?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../3.25-ensure-xinetd-is-not-installed.md | 38 ------------------- 1 file changed, 38 deletions(-) delete mode 100644 benchmarks/services/3.25-ensure-xinetd-is-not-installed.md diff --git a/benchmarks/services/3.25-ensure-xinetd-is-not-installed.md b/benchmarks/services/3.25-ensure-xinetd-is-not-installed.md deleted file mode 100644 index 62bab45..0000000 --- a/benchmarks/services/3.25-ensure-xinetd-is-not-installed.md +++ /dev/null @@ -1,38 +0,0 @@ -# 3.25 确保xinetd被卸载 - -## 安全等级 - -- Level 1 - -## 描述 - -eXtended InterNET 守护进程 ( xinetd ) 是一个开源的超级守护进程,用于取代原始 inetd 守护进程。 xinetd 能够监听许多常用服务并调度合适的守护进程以正确响应服务请求。 - -若 xinetd 服务非必要,建议将其卸载。 - -## 修复建议 - -目标:确保xinetd被卸载 - -1. 运行以下命令卸载 xinetd。 - -```bash -# dnf remove -y xinetd -``` - -## 扫描检测 - -执行修复前检测xinetd是否安装 - -1. 运行以下命令以检测是否安装 xinetd。 - -```bash -# rpm -q gdm -package xinetd is not installed -``` - -输出结果为`package xinetd is not installed`则表示未安装xinetd。 - -## 参考 - -- cis: \ No newline at end of file -- Gitee From 3b292b61870fee29a7d7ec2a92546c96debc89bf Mon Sep 17 00:00:00 2001 From: Aurora Date: Wed, 19 Apr 2023 05:08:41 +0000 Subject: [PATCH 6/7] =?UTF-8?q?=E4=BF=AE=E5=A4=8D=E6=A0=BC=E5=BC=8F?= =?UTF-8?q?=E9=97=AE=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Aurora --- .../3.25-ensure-xinetd-is-not-installed.md | 38 +++++++++++++++++++ 1 file changed, 38 insertions(+) create mode 100644 benchmarks/services/3.25-ensure-xinetd-is-not-installed.md diff --git a/benchmarks/services/3.25-ensure-xinetd-is-not-installed.md b/benchmarks/services/3.25-ensure-xinetd-is-not-installed.md new file mode 100644 index 0000000..c7b4b20 --- /dev/null +++ b/benchmarks/services/3.25-ensure-xinetd-is-not-installed.md @@ -0,0 +1,38 @@ +# 3.25 确保xinetd被卸载 + +## 安全等级 + +- Level 1 + +## 描述 + +eXtended InterNET 守护进程 ( xinetd ) 是一个开源的超级守护进程,用于取代原始 inetd 守护进程。 xinetd 能够监听许多常用服务并调度合适的守护进程以正确响应服务请求。 + +若 xinetd 服务非必要,建议将其卸载。 + +## 修复建议 + +目标:确保xinetd被卸载 + +1. 运行以下命令卸载 xinetd。 + +```bash +# dnf remove -y xinetd +``` + +## 扫描检测 + +执行修复前检测xinetd是否安装 + +1. 运行以下命令以检测是否安装 xinetd。 + +```bash +# rpm -q gdm +package xinetd is not installed +``` + +输出结果为`package xinetd is not installed`则表示未安装xinetd。 + +## 参考 + +- cis: \ No newline at end of file -- Gitee From 356864bf27ad68655d1141d0e7126612574d011a Mon Sep 17 00:00:00 2001 From: Aurora Date: Wed, 19 Apr 2023 05:15:43 +0000 Subject: [PATCH 7/7] fix Signed-off-by: Aurora --- benchmarks/services/3.25-ensure-xinetd-is-not-installed.md | 2 +- scanners/services/3.25-ensure-xinetd-is-not-installed.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/benchmarks/services/3.25-ensure-xinetd-is-not-installed.md b/benchmarks/services/3.25-ensure-xinetd-is-not-installed.md index c7b4b20..e7e6521 100644 --- a/benchmarks/services/3.25-ensure-xinetd-is-not-installed.md +++ b/benchmarks/services/3.25-ensure-xinetd-is-not-installed.md @@ -27,7 +27,7 @@ eXtended InterNET 守护进程 ( xinetd ) 是一个开源的超级守护进程 1. 运行以下命令以检测是否安装 xinetd。 ```bash -# rpm -q gdm +# rpm -q xinetd package xinetd is not installed ``` diff --git a/scanners/services/3.25-ensure-xinetd-is-not-installed.sh b/scanners/services/3.25-ensure-xinetd-is-not-installed.sh index 12f7820..5abb602 100644 --- a/scanners/services/3.25-ensure-xinetd-is-not-installed.sh +++ b/scanners/services/3.25-ensure-xinetd-is-not-installed.sh @@ -1,7 +1,7 @@ #!/usr/bin/env bash result=false -rpm -q xinet | grep -Psiq "^package\s+xinet\s+is\s+not\s+installed$" && result=true +rpm -q xinetd | grep -Psiq "^package\s+xinetd\s+is\s+not\s+installed$" && result=true if [ "$result" == true ]; then echo "pass" -- Gitee