Nmap Development mailing list archives
Re: [NSE] Auditing MySQL databases against the CIS benchmark
From: Patrik Karlsson <patrik () cqure net>
Date: Fri, 17 Jun 2011 08:12:25 +0200
On Jun 12, 2011, at 8:57 PM, Patrik Karlsson wrote:
On Jun 1, 2011, at 11:38 PM, Patrik Karlsson wrote:On Jun 1, 2011, at 8:24 AM, Vlatko Kosturjak wrote:On 05/31/2011 10:41 AM, Paulino Calderon wrote:Hi, | 3.1: Skip symbolic links => SUCCESS | 3.2: Logs not on system partition => SUCCESS | 3.2: Logs not on database partition => SUCCESS | 4.1: Supported version of MySQL => REVIEW | 4.5: Change admin account name => FAILNice script! I would just suggest to have PASS or similar wording instead of SUCCESS as SUCCESS can lead to confusion (does SUCCESS mean testing was successful, or success to find the finding or that recommendation is implemented correctly....) Kost _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/Thanks for the feedback Vlatko. I've changed to PASS instead of SUCCESS as suggested. I'm attaching an updated version. <mysql-audit.nse><mysql-cis.audit> //Patrik -- Patrik Karlsson http://www.cqure.net http://www.twitter.com/nevdull77If there aren't any objections I would like to commit this script and ruleset. //Patrik -- Patrik Karlsson http://www.cqure.net http://www.twitter.com/nevdull77
Committed as r24077. //Patrik -- Patrik Karlsson http://www.cqure.net http://www.twitter.com/nevdull77 _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] Auditing MySQL databases against the CIS benchmark Patrik Karlsson (May 30)
- <Possible follow-ups>
- Re: [NSE] Auditing MySQL databases against the CIS benchmark Paulino Calderon (May 30)
- Re: [NSE] Auditing MySQL databases against the CIS benchmark Patrik Karlsson (May 31)
- Re: [NSE] Auditing MySQL databases against the CIS benchmark Patrik Karlsson (May 31)
- Re: [NSE] Auditing MySQL databases against the CIS benchmark Vlatko Kosturjak (May 31)
- Re: [NSE] Auditing MySQL databases against the CIS benchmark Patrik Karlsson (Jun 01)
- Re: [NSE] Auditing MySQL databases against the CIS benchmark Patrik Karlsson (Jun 12)
- Re: [NSE] Auditing MySQL databases against the CIS benchmark Patrik Karlsson (Jun 16)