hft-informatik/it-security-2-deep-thought
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update Ergebnisse

Simon Kellner 2021-02-06 16:36:15 +00:00
parent b5d46ab8d0
commit f32fb20025
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
Ergebnisse.md

@ -36,6 +36,14 @@ Wie bei allen anderen Auswertungen haben wir uns den Hardeningindex als Merkmal
Während einem Lynis Scan werden alle durchgeführten Tests in 3 Kategorien eingeordnet. Diese sind optimale Funde, verbesserungswürdige Funde und kritische Funde. Betrachtet man die durchschnittliche Kategorisierung, ist erkennbar, dass Anzahl der optimalen Funde durch JShielder stark ansteigt, sowie die Anzahl an verbesserungswürdigen und kritischen Funden fällt. Ein eher unerwartetes Ergebnis ist die durchschnittliche Anzahl durchgeführter Tests, hier wurden nach dem Update des Images minimal mehr Tests durchgeführt als davor und danach. Die Beobachtung lässt sich vermutlich auf Komponenten zurückführen, welche durch ein Update aktiviert und durch JShielder deaktiviert wurden.
```sql
SELECT r.*,l.round , avg(json_extract(boot_and_services, "$.counts.green") + json_extract(kernel, "$.counts.green") + json_extract(mermory_and_processes, "$.counts.green") + json_extract(user_groups_auth, "$.counts.green") + json_extract(shells, "$.counts.green") + json_extract(file_systems, "$.counts.green") + json_extract(usb_devices, "$.counts.green") + json_extract(storage, "$.counts.green") + json_extract(nfs, "$.counts.green") + json_extract(name_services, "$.counts.green") + json_extract(ports_and_packages, "$.counts.green") + json_extract(networking, "$.counts.green") + json_extract(printers_and_spools, "$.counts.green") + json_extract(software_email, "$.counts.green") + json_extract(software_filewalls, "$.counts.green") + json_extract(software_webserver, "$.counts.green") + json_extract(ssh_support, "$.counts.green") + json_extract(databases, "$.counts.green") + json_extract(php, "$.counts.green") + json_extract(logging_and_files, "$.counts.green") + json_extract(insecure_services, "$.counts.green") + json_extract(scheduled_tasks, "$.counts.green") + json_extract(accounting, "$.counts.green") + json_extract(time_and_sync, "$.counts.green") + json_extract(crypto, "$.counts.green") + json_extract(security_frameworks, "$.counts.green") + json_extract(software_malware, "$.counts.green") + json_extract(file_permissions, "$.counts.green") + json_extract(home_dirs, "$.counts.green") + json_extract(kernel_hardening, "$.counts.green") + json_extract(hardening, "$.counts.green")) AS avg_green, avg(json_extract(boot_and_services, "$.counts.yellow") + json_extract(kernel, "$.counts.yellow") + json_extract(mermory_and_processes, "$.counts.yellow") + json_extract(user_groups_auth, "$.counts.yellow") + json_extract(shells, "$.counts.yellow") + json_extract(file_systems, "$.counts.yellow") + json_extract(usb_devices, "$.counts.yellow") + json_extract(storage, "$.counts.yellow") + json_extract(nfs, "$.counts.yellow") + json_extract(name_services, "$.counts.yellow") + json_extract(ports_and_packages, "$.counts.yellow") + json_extract(networking, "$.counts.yellow") + json_extract(printers_and_spools, "$.counts.yellow") + json_extract(software_email, "$.counts.yellow") + json_extract(software_filewalls, "$.counts.yellow") + json_extract(software_webserver, "$.counts.yellow") + json_extract(ssh_support, "$.counts.yellow") + json_extract(databases, "$.counts.yellow") + json_extract(php, "$.counts.yellow") + json_extract(logging_and_files, "$.counts.yellow") + json_extract(insecure_services, "$.counts.yellow") + json_extract(scheduled_tasks, "$.counts.yellow") + json_extract(accounting, "$.counts.yellow") + json_extract(time_and_sync, "$.counts.yellow") + json_extract(crypto, "$.counts.yellow") + json_extract(security_frameworks, "$.counts.yellow") + json_extract(software_malware, "$.counts.yellow") + json_extract(file_permissions, "$.counts.yellow") + json_extract(home_dirs, "$.counts.yellow") + json_extract(kernel_hardening, "$.counts.yellow") + json_extract(hardening, "$.counts.yellow")) AS avg_yellow, avg(json_extract(boot_and_services, "$.counts.red") + json_extract(kernel, "$.counts.red") + json_extract(mermory_and_processes, "$.counts.red") + json_extract(user_groups_auth, "$.counts.red") + json_extract(shells, "$.counts.red") + json_extract(file_systems, "$.counts.red") + json_extract(usb_devices, "$.counts.red") + json_extract(storage, "$.counts.red") + json_extract(nfs, "$.counts.red") + json_extract(name_services, "$.counts.red") + json_extract(ports_and_packages, "$.counts.red") + json_extract(networking, "$.counts.red") + json_extract(printers_and_spools, "$.counts.red") + json_extract(software_email, "$.counts.red") + json_extract(software_filewalls, "$.counts.red") + json_extract(software_webserver, "$.counts.red") + json_extract(ssh_support, "$.counts.red") + json_extract(databases, "$.counts.red") + json_extract(php, "$.counts.red") + json_extract(logging_and_files, "$.counts.red") + json_extract(insecure_services, "$.counts.red") + json_extract(scheduled_tasks, "$.counts.red") + json_extract(accounting, "$.counts.red") + json_extract(time_and_sync, "$.counts.red") + json_extract(crypto, "$.counts.red") + json_extract(security_frameworks, "$.counts.red") + json_extract(software_malware, "$.counts.red") + json_extract(file_permissions, "$.counts.red") + json_extract(home_dirs, "$.counts.red") + json_extract(kernel_hardening, "$.counts.red") + json_extract(hardening, "$.counts.red")) AS avg_red, avg(l.tests_performed) AS avg_tests_performed
FROM runs r
JOIN lynis_results l ON r.run_id == l.run_id
GROUP BY l.round
ORDER BY version
```
![jshielder_tests](uploads/8d297c91d56c773ef49d59dfa5313ca7/jshielder_tests.PNG)