Open-AudIT

What's on your network?
It is currently Tue Jan 23, 2018 9:54 am

All times are UTC + 10 hours




Post new topic Reply to topic  [ 6 posts ] 
Author Message
PostPosted: Fri Nov 21, 2014 8:28 pm 
Offline
Newbie
User avatar

Joined: Wed Nov 12, 2014 6:57 pm
Posts: 14
Location: Frankfurt a.M., Germany
Hi all, first of all thanks for this wonderful project.
It is incredibly useful for us and we are now in the process of auditing all our servers.

I noticed a small bug in the custom fields and the description field (maybe others too).
When I try to enter e.g.: j045-6/13 it tries to interpret the string and saves "false" instead of the string.
I have to manually html escape the / like this: j045-6/13 to save the string.

_________________
Server Info:
OS : Ubuntu 14.04
Auditing: ~ 500 machines (35 Windows Server, 440 Linux Server)
LDAP: not yet
Version: Open-AudIT Version 1.8.4


Top
 Profile  
Reply with quote  
PostPosted: Thu Nov 27, 2014 2:13 am 
Offline
Newbie
User avatar

Joined: Wed Nov 12, 2014 6:57 pm
Posts: 14
Location: Frankfurt a.M., Germany
I found another small bug under linux.
If the audit script finds an ampersand in the username in /etc/passwd the audit will fail.
I have to manually delete the ampersand.

Ampersands in username are valid though, see:
Quote:
This information is used by the finger(1) program, and the first field
used by the system mailer. If an ampersand (`&') character appears
within the fullname field, programs that use this field will substitute
it with a capitalized version of the account's login name.

From: http://www.freebsd.org/cgi/man.cgi?quer ... .8-RELEASE

Example passwd file that fails to audit:

Quote:
root:x:0:0:Name &:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/bin/sh
bin:x:2:2:bin:/bin:/bin/sh
sys:x:3:3:sys:/dev:/bin/sh
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/bin/sh
man:x:6:12:man:/var/cache/man:/bin/sh
lp:x:7:7:lp:/var/spool/lpd:/bin/sh
mail:x:8:8:mail:/var/mail:/bin/sh
news:x:9:9:news:/var/spool/news:/bin/sh
uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
proxy:x:13:13:proxy:/bin:/bin/sh
www-data:x:33:33:www-data:/var/www:/bin/sh
backup:x:34:34:backup:/var/backups:/bin/sh
list:x:38:38:Mailing List Manager:/var/list:/bin/sh
irc:x:39:39:ircd:/var/run/ircd:/bin/sh
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
libuuid:x:100:101::/var/lib/libuuid:/bin/sh
syslog:x:101:103::/home/syslog:/bin/false
messagebus:x:102:107::/var/run/dbus:/bin/false
postfix:x:103:109::/var/spool/postfix:/bin/false
usbmux:x:104:46:usbmux daemon,,,:/home/usbmux:/bin/false
logcheck:x:105:111:logcheck system account,,,:/var/lib/logcheck:/bin/false
statd:x:106:65534::/var/lib/nfs:/bin/false
ntpd:x:107:112::/var/run/openntpd:/bin/false
sshd:x:108:65534::/var/run/sshd:/usr/sbin/nologin

_________________
Server Info:
OS : Ubuntu 14.04
Auditing: ~ 500 machines (35 Windows Server, 440 Linux Server)
LDAP: not yet
Version: Open-AudIT Version 1.8.4


Top
 Profile  
Reply with quote  
PostPosted: Mon Dec 01, 2014 2:12 pm 
Offline
Site Admin
User avatar

Joined: Mon Jun 07, 2004 11:48 am
Posts: 1935
Location: Brisbane, Australia
I've fixed the username / ampersand issue for 1.5.2.
Thanks for reporting it.
I'll take a look at the custom fields bug when I have time :-)

_________________
Support and Development hours available from Opmantek.
Please consider a purchase to help make Open-AudIT better for everyone.


Top
 Profile  
Reply with quote  
PostPosted: Mon Dec 01, 2014 11:55 pm 
Offline
Newbie
User avatar

Joined: Wed Nov 12, 2014 6:57 pm
Posts: 14
Location: Frankfurt a.M., Germany
Thank you Mark!

_________________
Server Info:
OS : Ubuntu 14.04
Auditing: ~ 500 machines (35 Windows Server, 440 Linux Server)
LDAP: not yet
Version: Open-AudIT Version 1.8.4


Top
 Profile  
Reply with quote  
PostPosted: Fri Jan 16, 2015 6:56 pm 
Offline
Newbie
User avatar

Joined: Wed Nov 12, 2014 6:57 pm
Posts: 14
Location: Frankfurt a.M., Germany
Mark wrote:
I'll take a look at the custom fields bug when I have time :-)


Mark wrote:
Open-AudIT - Bug Fix - Filter serial and man_serial from JSON when converting to a number. PHP has a bug in it's JSON routine that attempts to convert strings such "1234E567" to a number. This causes an error. Found a string such as this in a serial number.


Hi Mark, thanks for releasing 1.5.3 - does the above change also affect the custom field bug?

_________________
Server Info:
OS : Ubuntu 14.04
Auditing: ~ 500 machines (35 Windows Server, 440 Linux Server)
LDAP: not yet
Version: Open-AudIT Version 1.8.4


Top
 Profile  
Reply with quote  
PostPosted: Wed Jan 21, 2015 9:23 am 
Offline
Site Admin
User avatar

Joined: Mon Jun 07, 2004 11:48 am
Posts: 1935
Location: Brisbane, Australia
Unfortunately this is not related.

_________________
Support and Development hours available from Opmantek.
Please consider a purchase to help make Open-AudIT better for everyone.


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 6 posts ] 

All times are UTC + 10 hours


Who is online

Users browsing this forum: No registered users and 4 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group