User:Athmane/Fedora 15 Security Lab Testing: Difference between revisions

Latest revision as of 17:07, 31 May 2011

Test Case	Security_Lab	References
QA:Testcase_Mediakit_ISO_Size	pass athmane ^[1]	↑ Used: Fedora-15-i686-Live-Security.iso
QA:Testcase_Mediakit_ISO_Checksums	pass athmane ^[1]	↑ Used: Fedora-15-i686-Live-Security.iso
QA:TestCases/Install_Source_Live_Image	pass athmane ^[1]	↑ Used: Fedora-15-i686-Live-Security.iso
QA:Testcase_desktop_browser	pass athmane
QA:Testcase_desktop_updates	pass athmane ^[1]	↑ tested with YUM, PackageKit test skipped
QA:Testcase_desktop_login	pass athmane
QA:Testcase_desktop_panel_basic	pass athmane
QA:Testcase_desktop_error_checks	pass athmane ^[1]	↑ accessibility: lxterminal background is opaque.
QA:Testcase_desktop_menus	warn athmane ^[1]	↑ Security Lab Menu: GUI applications are launched from terminal because Exec (in security-*.desktop files) is prefixed with gnome-terminal, eg: Exec=gnome-terminal -e "sh -c 'openvas-client; bash'"
Nmap: testing port scanning, OS detection, version detection, script scanning, and traceroute. UPDATE: QA:Testcase_Nmap	pass athmane ^[1]	↑ GUI zenmap not tested.
Wireshark tests UPDATE: QA:Testcase_Wireshark	fail athmane ^[1]	↑ RHBZ #708250
Nikto: test a web server scan, UPDATE: QA:Testcase_Nikto	pass athmane ^[1]	↑ HTTPS Scan fail (SSL support not available)
OpenVAS : generated a new certificate, added a new openvas user, started openvas-scanner service, sync-ed new NVTs, restarted openvas-scanner, connected with openvas-client, performed a scan and finally exported the report to html. UPDATE: QA:Testcase_OpenVAS	pass athmane ^[1]^[2]	↑ As usual openvas-scanner service take a while to start for the first time (seems was loading NVTs) ↑ Performance during the scan of 1 host; CPU: 50%, Mem usage: 515M/623M, SWAP usage: 111M/1215M load average: 4.25, 3.20, 1.87
Ratproxy: ran with various options, tested a web application and generated a report with ratproxy-report	pass athmane
Tcpdump: sniff network traffic .	pass athmane
Hping3: basic tests	pass athmane
nc (netcat): try to listen to a IP:PORT, connect to IP:PORT, port scanning tested with a given range.	pass athmane
Medusa: brute-forcing a remote ssh server, with a provided list of accounts and passwords.	pass athmane
httping: httping a web server, both HTTP and HTTPS protocols tested. UPDATE: QA:Testcase_HTTPing	pass athmane
Rkhunter: updated database (there was no updates), then searched for rootkits. UPDATE: QA:Testcase_Rkhunter	pass athmane ^[1] ^[2]	↑ CPU usage <= 20% ↑ a warning raised about SSH protocol v1 being allowed

[1] Used: Fedora-15-i686-Live-Security.iso

[2] Used: Fedora-15-i686-Live-Security.iso

[3] Used: Fedora-15-i686-Live-Security.iso

[4] tested with YUM, PackageKit test skipped

[5] ssibility: lxterminal background is opaque.

[6] Security Lab Menu: GUI applications are launched from terminal because Exec (in security-*.desktop files) is prefixed with gnome-terminal, eg: Exec=gnome-terminal -e "sh -c 'openvas-client; bash'"

[7] GUI zenmap not tested.

[bz708250-8] RHBZ #708250

[9] HTTPS Scan fail (SSL support not available)

[10] As usual openvas-scanner service take a while to start for the first time (seems was loading NVTs)

[11] Performance during the scan of 1 host; CPU: 50%, Mem usage: 515M/623M, SWAP usage: 111M/1215M load average: 4.25, 3.20, 1.87

[1]

[1]

[1]

[1]

[1]

[1]

[1]

[1]

[1]

[1]

[2]

[1]

[2]

@@ Line 38: / Line 38: @@
 | <references/>
 |-
-| '''Nmap tests''': Port scanning, OS detection, version detection, script scanning, and traceroute
+| '''Nmap''': testing port scanning, OS detection, version detection, script scanning, and traceroute. ''' UPDATE: [[QA:Testcase_Nmap]]'''
 | {{result|pass|athmane}} <ref>GUI zenmap not tested.</ref>
 | <references/>
 |-
-| '''Wireshark tests'''
+| '''Wireshark''' tests ''' UPDATE: [[QA:Testcase_Wireshark]]'''
 | {{result|fail|athmane|708250}}
 | <references/>
 |-
-| '''Nikto tests''': Web server scan
+| '''Nikto''': test a web server scan, '''UPDATE: [[QA:Testcase_Nikto]]'''
 | {{result|pass|athmane}} <ref>HTTPS Scan fail (SSL support not available)</ref>
 | <references/>
 |-
-| '''OpenVAS tests''': generated a new certificate, added a new openvas user, started openvas-scanner service, sync-ed new NVTs, restarted openvas-scanner, connected with openvas-client, performed a scan and finally exported the report to html.
+| '''OpenVAS ''': generated a new certificate, added a new openvas user, started openvas-scanner service, sync-ed new NVTs, restarted openvas-scanner, connected with openvas-client, performed a scan and finally exported the report to html. '''UPDATE: [[QA:Testcase_OpenVAS]]'''
 | {{result|pass|athmane}} <ref>As usual openvas-scanner service take a while to start for the first time (seems was loading NVTs)</ref><ref>Performance during the scan of 1 host; CPU: 50%, Mem usage: 515M/623M, SWAP usage: 111M/1215M load average: 4.25, 3.20, 1.87</ref>
 | <references/>
 |-
-| '''Ratproxy tests''': ran with various options, tested a web application and generated a report with ratproxy-report
+| '''Ratproxy''': ran with various options, tested a web application and generated a report with ratproxy-report
 | {{result|pass|athmane}}
 | <references/>
@@ Line 66: / Line 66: @@
 | <references/>
 |-
-| '''nc (netcat) tests''': listening, connecting, port scaning
+| '''nc (netcat)''': try to listen to a IP:PORT, connect to IP:PORT, port scanning tested with a given range.
 | {{result|pass|athmane}}
 | <references/>
 |-
-| '''Medusa''': brute-forcing a remote ssh server, with providing a list of account and passwords.
+| '''Medusa''': brute-forcing a remote ssh server, with a provided list of accounts and passwords.
 | {{result|pass|athmane}}
+| <references/>
+|-
+| '''httping''': httping a web server, both HTTP and HTTPS protocols tested. '''UPDATE: [[QA:Testcase_HTTPing]]'''
+| {{result|pass|athmane}}
+| <references/>
+|-
+| '''Rkhunter''': updated database (there was no updates), then searched for rootkits. '''UPDATE: [[QA:Testcase_Rkhunter]]'''
+| {{result|pass|athmane}} <ref>CPU usage <= 20% </ref> <ref>a warning raised about SSH protocol v1  being allowed </ref>
 | <references/>
 |-
 |}

Search

User:Athmane/Fedora 15 Security Lab Testing: Difference between revisions

Latest revision as of 17:07, 31 May 2011