Athmane/Fedora 15 Security Lab Testing

Test Case	Security_Lab	References
QA:Testcase_Mediakit_ISO_Size	pass athmane ^[1]	↑ Used: Fedora-15-i686-Live-Security.iso
QA:Testcase_Mediakit_ISO_Checksums	pass athmane ^[1]	↑ Used: Fedora-15-i686-Live-Security.iso
QA:TestCases/Install_Source_Live_Image	pass athmane ^[1]	↑ Used: Fedora-15-i686-Live-Security.iso
QA:Testcase_desktop_browser	pass athmane
QA:Testcase_desktop_updates	pass athmane ^[1]	↑ tested with YUM, PackageKit test skipped
QA:Testcase_desktop_login	pass athmane
QA:Testcase_desktop_panel_basic	pass athmane
QA:Testcase_desktop_error_checks	pass athmane ^[1]	↑ accessibility: lxterminal background is opaque.
QA:Testcase_desktop_menus	warn athmane ^[1]	↑ Security Lab Menu: GUI applications are launched from terminal because Exec (in security-*.desktop files) is prefixed with gnome-terminal, eg: Exec=gnome-terminal -e "sh -c 'openvas-client; bash'"
Nmap: testing port scanning, OS detection, version detection, script scanning, and traceroute. UPDATE: QA:Testcase_Nmap	pass athmane ^[1]	↑ GUI zenmap not tested.
Wireshark tests UPDATE: QA:Testcase_Wireshark	fail athmane ^[1]	↑ RHBZ #708250
Nikto: test a web server scan, UPDATE: QA:Testcase_Nikto	pass athmane ^[1]	↑ HTTPS Scan fail (SSL support not available)
OpenVAS : generated a new certificate, added a new openvas user, started openvas-scanner service, sync-ed new NVTs, restarted openvas-scanner, connected with openvas-client, performed a scan and finally exported the report to html. UPDATE: QA:Testcase_OpenVAS	pass athmane ^[1]^[2]	↑ As usual openvas-scanner service take a while to start for the first time (seems was loading NVTs) ↑ Performance during the scan of 1 host; CPU: 50%, Mem usage: 515M/623M, SWAP usage: 111M/1215M load average: 4.25, 3.20, 1.87
Ratproxy: ran with various options, tested a web application and generated a report with ratproxy-report	pass athmane
Tcpdump: sniff network traffic .	pass athmane
Hping3: basic tests	pass athmane
nc (netcat): try to listen to a IP:PORT, connect to IP:PORT, port scanning tested with a given range.	pass athmane
Medusa: brute-forcing a remote ssh server, with a provided list of accounts and passwords.	pass athmane
httping: httping a web server, both HTTP and HTTPS protocols tested. UPDATE: QA:Testcase_HTTPing	pass athmane
Rkhunter: updated database (there was no updates), then searched for rootkits. UPDATE: QA:Testcase_Rkhunter	pass athmane ^[1] ^[2]	↑ CPU usage <= 20% ↑ a warning raised about SSH protocol v1 being allowed

[1] Used: Fedora-15-i686-Live-Security.iso

[2] Used: Fedora-15-i686-Live-Security.iso

[3] Used: Fedora-15-i686-Live-Security.iso

[4] tested with YUM, PackageKit test skipped

[5] ssibility: lxterminal background is opaque.

[6] Security Lab Menu: GUI applications are launched from terminal because Exec (in security-*.desktop files) is prefixed with gnome-terminal, eg: Exec=gnome-terminal -e "sh -c 'openvas-client; bash'"

[7] GUI zenmap not tested.

[bz708250-8] RHBZ #708250

[9] HTTPS Scan fail (SSL support not available)

[10] As usual openvas-scanner service take a while to start for the first time (seems was loading NVTs)

[11] Performance during the scan of 1 host; CPU: 50%, Mem usage: 515M/623M, SWAP usage: 111M/1215M load average: 4.25, 3.20, 1.87

[1]

[1]

[1]

[1]

[1]

[1]

[1]

[1]

[1]

[1]

[2]

[1]

[2]

Search

User:Athmane/Fedora 15 Security Lab Testing