|
Title. |
Assuria
Auditor AutoUpdate #88 |
|
Introduction
|
This is an enhancement update. It contains updates to the Assuria
Auditor console and agents, for improved functionality. The Update
include new Baseline policies which are introduced to ensure
consistency across policies.
This update also contains a security content update for the Novell
SuSE Enterprise 10 for the IBM z-Series agent.
|
|
Baseline refresh policies and checks
|
Assuria Bulletin 82 introduced the Change Detection view of AIM.
New policies are introduced at this Update to ensure consistency of
behaviour across policies. As shipped, the UpdateFileBaseline and
UpdateRegistryBaseline policies behave differently to the remaining
Update*Baseline policies.
The UpdateFileBaseline and UpdateRegistryBaseline updated their
respective baselines with new and deleted objects as configured by
the user. The others refreshed all baselined objects. This
inconsistency has caused confusion, and this update therefore
contains a set of new Refresh*Baseline policies (including
RefreshFileBaseline, RefreshRegistryBaseline and RefreshAllBaselines)
which behave consistently in refreshing all baselined objects.
The UpdateFileBaseline and UpdateRegistryBaseline policies will be
retained in their existing form, and should continue to be used to
update the baseline with new and deleted objects as configured by
the user and as described in the documentation.
The remaining Update*Baseline policies will be retained for backward
compatibility, although their functionality will be identical to the
equivalent Refresh*Baseline policies. The Update*Baseline may be
withdrawn at a later date.
|
|
Security Content Update |
Security content based on vendor security bulletins (or similar) is
included for the Novell SuSE Enterprise Linux 10 for IBM z-Series
agent, in order to bring this agent up to the same check level as
the Intel x86 equivalent.
|
|
Update details |
|
|
Console update
|
o Database
update
o New
policy navigators for all updated agents
o
Updated Files
-
bin/S2dbupdate.exe
-
bin/tcl/treeutils.tbc |
|
Agent
updates |
Updates
are included for the following agents:
o
HP 11.00, 11.11, 11.23, 11.31 (PA-RISC)
o
HP 11.23, 11.31 (Itanium)
o
IBM AIX 4.3.3, 5.1, 5.2, 5.3
o
IBM AIX 6.1
o
Microsoft Windows 2000 (Server and Professional)
o
Microsoft Windows Server 2003
o
Microsoft Windows Server 2008
o
Microsoft Windows Vista
o
Novell SUSE Enterprise Linux 9 (x86)
o
Novell SUSE Enterprise Linux 10 (x86)
o
Novell SUSE Enterprise Linux 10 (s390)
o
Red Hat Enterprise Linux 3, 4, 5
o
Sun Solaris 8
o
Sun Solaris 9
o
Sun Solaris 10 (SPARC) |
|
HP
11.00, 11.11, 11.23, 11.31 (PA-RISC) |
o New Checks
- refreshFileBaseline
o New Policies
- refreshAllBaselines
- refreshFileBaseline
- refreshGroupBaseline
- refreshInventoryBaseline
- refreshPackageBaseline
- refreshTrustedHostsBaseline
- refreshUserBaseline
o Auto Update Files
- rulesets/unarchivePolicy
- signatures/rulesets/unarchivePolicy.sgn
- lib/xpud3_88.zip
- lib/xpud3_88.sgn
- etc/update.ini |
|
HP
11.23, 11.31 (Itanium) |
o New Checks
- refreshFileBaseline
o New Policies
- refreshAllBaselines
- refreshFileBaseline
- refreshGroupBaseline
- refreshInventoryBaseline
- refreshPackageBaseline
- refreshTrustedHostsBaseline
- refreshUserBaseline
o Auto Update Files
- rulesets/unarchivePolicy
- signatures/rulesets/unarchivePolicy.sgn
- lib/xpud3_88.zip
- lib/xpud3_88.sgn
- etc/update.ini |
|
IBM AIX
4.3.3, 5.1, 5.2, 5.3 |
o New Checks
- refreshFileBaseline
o New Policies
- refreshAllBaselines
- refreshFileBaseline
- refreshGroupBaseline
- refreshInventoryBaseline
- refreshPackageBaseline
- refreshTrustedHostsBaseline
- refreshUserBaseline
o Auto Update Files
- rulesets/unarchivePolicy
- signatures/rulesets/unarchivePolicy.sgn
- lib/xpud3_88.zip
- lib/xpud3_88.sgn
- etc/update.ini
|
|
IBM AIX
6.1 |
o New Checks
- refreshFileBaseline
o New Policies
- refreshAllBaselines
- refreshFileBaseline
- refreshGroupBaseline
- refreshInventoryBaseline
- refreshPackageBaseline
- refreshTrustedHostsBaseline
- refreshUserBaseline
o Auto Update Files
- rulesets/unarchivePolicy
- signatures/rulesets/unarchivePolicy.sgn
- lib/xpud3_88.zip
- lib/xpud3_88.sgn
- etc/update.ini |
|
Microsoft Windows 2000 (Server and Professional) |
o New Checks
- refreshFileBaseline
- refreshRegistryBaseline
o New Policies
- refreshAllBaselines
- refreshAssociationBaseline
- refreshFileBaseline
- refreshGroupBaseline
- refreshInventoryBaseline
- refreshPackageBaseline
- refreshRegistryBaseline
- refreshServiceBaseline
- refreshShareBaseline
- refreshUserBaseline
o Auto Update Files
- rulesets/unarchivePolicy
- signatures/rulesets/unarchivePolicy.sgn
- lib/xpud3_88.zip
- lib/xpud3_88.sgn
- etc/update.ini |
|
Microsoft Windows Server 2003 |
o New Checks
- refreshFileBaseline
- refreshRegistryBaseline
o New Policies
- refreshAllBaselines
- refreshAssociationBaseline
- refreshFileBaseline
- refreshGroupBaseline
- refreshInventoryBaseline
- refreshPackageBaseline
- refreshRegistryBaseline
- refreshServiceBaseline
- refreshShareBaseline
- refreshUserBaseline
o Auto Update Files
- rulesets/unarchivePolicy
- signatures/rulesets/unarchivePolicy.sgn
- lib/xpud3_88.zip
- lib/xpud3_88.sgn
- etc/update.ini
|
|
Microsoft Windows Server 2008 |
o New Checks
- refreshFileBaseline
- refreshRegistryBaseline
o New Policies
- refreshAllBaselines
- refreshAssociationBaseline
- refreshBrokerBaseline
- refreshFeatureBaseline
- refreshFileBaseline
- refreshGroupBaseline
- refreshInventoryBaseline
- refreshPackageBaseline
- refreshRegistryBaseline
- refreshRoleBaseline
- refreshServiceBaseline
- refreshShareBaseline
- refreshUserBaseline
o Auto Update Files
- rulesets/unarchivePolicy
- signatures/rulesets/unarchivePolicy.sgn
- lib/xpud3_88.zip
- lib/xpud3_88.sgn
- etc/update.ini |
|
Microsoft
Windows Vista |
o New
Checks
-
refreshFileBaseline
-
refreshRegistryBaseline
o New
Policies
-
refreshAllBaselines
-
refreshAssociationBaseline
-
refreshBrokerBaseline
-
refreshFileBaseline
-
refreshGroupBaseline
-
refreshInventoryBaseline
-
refreshPackageBaseline
-
refreshRegistryBaseline
-
refreshServiceBaseline
-
refreshShareBaseline
-
refreshUserBaseline
o Auto
Update Files
-
rulesets/unarchivePolicy
-
signatures/rulesets/unarchivePolicy.sgn
-
lib/xpud3_88.zip
-
lib/xpud3_88.sgn
-
etc/update.ini
|
|
Novell
SUSE Enterprise Linux 9 (x86) |
o New
Checks
-
refreshFileBaseline
o New
Policies
-
refreshAllBaselines
-
refreshFileBaseline
-
refreshGroupBaseline
-
refreshInventoryBaseline
-
refreshPackageBaseline
-
refreshTrustedHostsBaseline
-
refreshUserBaseline
o Auto
Update Files
-
rulesets/unarchivePolicy
-
signatures/rulesets/unarchivePolicy.sgn
-
lib/xpud3_88.zip
-
lib/xpud3_88.sgn
-
etc/update.ini |
|
Novell
SUSE Enterprise Linux 10 (x86) |
o New Checks
- refreshFileBaseline
o New Policies
- refreshAllBaselines
- refreshFileBaseline
- refreshGroupBaseline
- refreshInventoryBaseline
- refreshPackageBaseline
- refreshTrustedHostsBaseline
- refreshUserBaseline
o Auto Update Files
- rulesets/unarchivePolicy
- signatures/rulesets/unarchivePolicy.sgn
- lib/xpud3_88.zip
- lib/xpud3_88.sgn
- etc/update.ini |
|
Novell
SUSE Enterprise Linux 10 (IBM z-Series) |
o New Checks
- inventory-added
- inventory-changed
- inventory-deleted
- oo-cronat-trusted-users
- oo-defpwd-maxdays
- oo-defpwd-mindays
- oo-defpwd-warndays
- refreshFileBaseline
- SuSE-SA-2006-044
- SuSE-SA-2006-045
- SuSE-SA-2006-046
- SuSE-SA-2006-047
- SuSE-SA-2006-048
- SuSE-SA-2006-049
- SuSE-SA-2006-051
- SuSE-SA-2006-054
- SuSE-SA-2006-055
- SuSE-SA-2006-056
- SuSE-SA-2006-057
- SuSE-SA-2006-058
- SuSE-SA-2006-059
- SuSE-SA-2006-060
- SuSE-SA-2006-062
- SuSE-SA-2006-063
- SuSE-SA-2006-065
- SuSE-SA-2006-067
- SuSE-SA-2006-068
- SuSE-SA-2006-072
- SuSE-SA-2006-073
- SuSE-SA-2006-075
- SuSE-SA-2006-076
- SuSE-SA-2006-078
- SuSE-SA-2006-079
- SuSE-SA-2006-080
- SuSE-SA-2007-002
- SuSE-SA-2007-003
- SuSE-SA-2007-004
- SuSE-SA-2007-005
- SuSE-SA-2007-006
- SuSE-SA-2007-008
- SuSE-SA-2007-010
- SuSE-SA-2007-012
- SuSE-SA-2007-014
- SuSE-SA-2007-016
- SuSE-SA-2007-017
- SuSE-SA-2007-018
- SuSE-SA-2007-019
- SuSE-SA-2007-020
- SuSE-SA-2007-022
- SuSE-SA-2007-024
- SuSE-SA-2007-025
- SuSE-SA-2007-026
- SuSE-SA-2007-027
- SuSE-SA-2007-031
- SuSE-SA-2007-032
- SuSE-SA-2007-033
- SuSE-SA-2007-035
- SuSE-SA-2007-036
- SuSE-SA-2007-038
- SuSE-SA-2007-039
- SuSE-SA-2007-040
- SuSE-SA-2007-041
- SuSE-SA-2007-042
- SuSE-SA-2007-044
- SuSE-SA-2007-045
- SuSE-SA-2007-047
- SuSE-SA-2007-048
- SuSE-SA-2007-049
- SuSE-SA-2007-051
- SuSE-SA-2007-053
- SuSE-SA-2007-054
- SuSE-SA-2007-055
- SuSE-SA-2007-056
- SuSE-SA-2007-057
- SuSE-SA-2007-060
- SuSE-SA-2007-061
- SuSE-SA-2007-062
- SuSE-SA-2007-064
- SuSE-SA-2007-065
- SuSE-SA-2007-066
- SuSE-SA-2007-068
- SuSE-SA-2008-002
- SuSE-SA-2008-003
- SuSE-SA-2008-004
- SuSE-SA-2008-005
- SuSE-SA-2008-006
- SuSE-SA-2008-008
- SuSE-SA-2008-010
- SuSE-SA-2008-012
- SuSE-SA-2008-016
- SuSE-SA-2008-017
- SuSE-SA-2008-018
- SuSE-SA-2008-019
- SuSE-SA-2008-020
- SuSE-SA-2008-021
- SuSE-SA-2008-023
- SuSE-SA-2008-025
- SuSE-SA-2008-026
- SuSE-SA-2008-027
- SuSE-SA-2008-040
- SuSE-SA-2008-042
- SuSE-SA-2008-045
- SuSE-SA-2008-046
- SuSE-SA-2008-047
- SuSE-SA-2008-048
- SuSE-SA-2008-049
- SuSE-SA-2008-050
- SuSE-SA-2008-051
- updateInventoryBaseline
o New Files
- bin/procs/proc_inventory.tcl
o New Policies
- CheckAllBaselines
- CheckFileBaseline
- CheckGroupBaseline
- CheckInventoryBaseline
- CheckPackageBaseline
- CheckTurstedHostsBaseline
- CheckUserBaseline
- refreshAllBaselines
- refreshFileBaseline
- refreshGroupBaseline
- refreshInventoryBaseline
- refreshPackageBaseline
- refreshTrustedHostsBaseline
- refreshUserBaseline
- ssa
- UpdateInventoryBaseline
o Updated Checks
- bind-opt-rr-dos
- bind-sig-rr-bo
- file-cfg-10
- file-cronat-04
- ftp-wrapped
- package-added
- user-01
- user-40
o Updated Files
- adm/config/remove_config
- adm/config/sysscan_config
- bin/checker
- bin/sysscand
- bin/procs/tools.tcl
- Configure.sh
- userconf/fpdb
- userconf/fpfiles
o Updated Policies
- cronat
- Initial-1
- Initial-3
- Initial-5
- Initial-All
- Maintenance-1
- Maintenance-3
- Maintenance-4
- Maintenance-All
- sys-defs
o Auto Update Files
- rulesets/unarchivePolicy
- signatures/rulesets/unarchivePolicy.sgn
- lib/xpud3_88.zip
- lib/xpud3_88.sgn
- etc/update.ini |
|
Red Hat
Enterprise Linux 3, 4, 5 |
o New Checks
- refreshFileBaseline
o New Policies
- refreshAllBaselines
- refreshFileBaseline
- refreshGroupBaseline
- refreshInventoryBaseline
- refreshPackageBaseline
- refreshTrustedHostsBaseline
- refreshUserBaseline
o Auto Update Files
- rulesets/unarchivePolicy
- signatures/rulesets/unarchivePolicy.sgn
- lib/xpud3_88.zip
- lib/xpud3_88.sgn
- etc/update.ini |
|
Sun
Solaris 8 |
o New Checks
- refreshFileBaseline
o New Policies
- refreshAllBaselines
- refreshFileBaseline
- refreshGroupBaseline
- refreshInventoryBaseline
- refreshPackageBaseline
- refreshTrustedHostsBaseline
- refreshUserBaseline
o Auto Update Files
- rulesets/unarchivePolicy
- signatures/rulesets/unarchivePolicy.sgn
- lib/xpud3_88.zip
- lib/xpud3_88.sgn |
|
Sun
Solaris 9 |
o New Checks
- refreshFileBaseline
o New Policies
- refreshAllBaselines
- refreshFileBaseline
- refreshGroupBaseline
- refreshInventoryBaseline
- refreshPackageBaseline
- refreshTrustedHostsBaseline
- refreshUserBaseline
o Auto Update Files
- rulesets/unarchivePolicy
- signatures/rulesets/unarchivePolicy.sgn
- lib/xpud3_88.zip
- lib/xpud3_88.sgn
- etc/update.ini
|
|
Sun
Solaris 10 (SPARC) |
o New Checks
- refreshFileBaseline
o New Policies
- refreshAllBaselines
- refreshFileBaseline
- refreshGroupBaseline
- refreshInventoryBaseline
- refreshPackageBaseline
- refreshTrustedHostsBaseline
- refreshUserBaseline
o Auto Update Files
- rulesets/unarchivePolicy
- signatures/rulesets/unarchivePolicy.sgn
- lib/xpud3_88.zip
- lib/xpud3_88.sgn
- etc/update.ini |
| |
|
|
