Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Add support for DotNet Framework 4.0 STIG, Version 1, Release 8 #455

Closed
wants to merge 8 commits into from
Closed

Add support for DotNet Framework 4.0 STIG, Version 1, Release 8 #455

wants to merge 8 commits into from

Conversation

pgc1a
Copy link
Contributor

@pgc1a pgc1a commented Aug 7, 2019
edited by athaynes
Loading

Pull Request (PR) description:
Add support for DotNet Framework 4.0 STIG, Version 1, Release 8
This Pull Request (PR) fixes the following issues:
Automating two rules and fixing deleted rule issues.
This fixes #447

Task list:

  • Change details added to Unreleased section of CHANGELOG.md (Not required for Convert modules)?
  • Added/updated documentation, comment-based help and descriptions where appropriate?
  • Examples appropriately updated?
  • New/changed code adheres to Style Guidelines?
  • Unit and (optional) Integration tests created/updated where possible?

This change is Reviewable

@pgc1a pgc1a requested review from bcwilhite and japatton August 7, 2019 22:23
@pgc1a pgc1a assigned jcwalker and pgc1a and unassigned jcwalker Aug 7, 2019
@pgc1a pgc1a requested review from nehrua and jcwalker August 7, 2019 22:24
@codecov-io
Copy link

Codecov Report

Merging #455 into 3.3.0 will not change coverage.
The diff coverage is n/a.

Impacted file tree graph

@@           Coverage Diff           @@
##            3.3.0     #455   +/-   ##
=======================================
  Coverage   77.22%   77.22%           
=======================================
  Files          16       16           
  Lines         180      180           
  Branches        3        3           
=======================================
  Hits          139      139           
  Misses         38       38           
  Partials        3        3

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 4b19928...fe860b6. Read the comment docs.

jcwalker
jcwalker reviewed Aug 8, 2019
View reviewed changes
StigData/Archive/DotNet/U_MS_DotNet_Framework_4-0_STIG_V1R8_Manual-xccdf.log
V-81495::For 32-bit systems: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319\::Registry Hive: HKEY_LOCAL_MACHINE
V-81495::For 64 bit systems:::Registry Path: \SOFTWARE\Microsoft\.NETFramework\v4.0.30319\
V-81495::HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v4.0.30319\::Type: REG_DWORD
V-81495::If the “SchUseStrongCrypto” value name does not exist, or is not a REG_DWORD type set to “1”, this is a finding.::Value Name: SchUseStrongCrypto
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The previous version of this STIG has logfile entries for rule V-30935. Are those no longer valid in the latest version of the STIG?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

running Compare-PowerStigXml:
#TYPE System.Collections.DictionaryEntry
"Name","Key","Value"
"V-18395","V-18395","changed"
"V-30935","V-30935","deleted"
"V-32025","V-32025","deleted"

I believe they no longer apply

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

oh I see Nehru's comment below, on the compare results. I'll sync with him

bcwilhite
bcwilhite requested changes Aug 8, 2019
View reviewed changes
Copy link
Contributor

@bcwilhite bcwilhite left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tony, we are targeting 4.0 for new STIGs. At this point, it may be easier to branch off of 4.0 and regenerate the .Net STIG. I welcome others thoughts here as well.

@nehrua
Copy link
Contributor

nehrua commented Aug 8, 2019

@togriffith I talked with Brian and its probably best we merge this into 4.0.0, as the 3.3.0 release is in progress. We need to make changes to this PR to accommodate V-30935 (adding entries back to the log file) before we can merge. The initial compare results were inaccurate.

@pgc1a
Copy link
Contributor Author

pgc1a commented Aug 8, 2019

Thanks @bcwilhite. I'll sync with @nehrua on this.

@pgc1a pgc1a closed this Aug 8, 2019
@pgc1a
Copy link
Contributor Author

pgc1a commented Aug 8, 2019

re-branching and submitting off of 4.0.0 instead of 3.3.0

@pgc1a pgc1a deleted the togriffith#447 branch August 8, 2019 14:42
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers

@jcwalker jcwalker jcwalker left review comments

@bcwilhite bcwilhite bcwilhite requested changes

@japatton japatton Awaiting requested review from japatton

@nehrua nehrua Awaiting requested review from nehrua

Assignees

@pgc1a pgc1a

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@pgc1a @codecov-io @nehrua @jcwalker @bcwilhite