|
Title. |
XPU 51 released
|
|
Date:
|
30th October
2006
|
Introduction
|
This Assuria Bulletin announces the availability of XPU 51, which
introduces new features to Assuria Auditor.
This XPU is fully compatible with the
Assuria Auditor and ISS System Scanner range of products, and is managed
by the Assuria Auditor Console (formerly ISS System Scanner Console).
NOTE:
XPU 52 with content updates will be released in approximately 1 week.
|
Transition to Assuria
|
Assuria Limited now provides all customer support and sales of System
Scanner technology that it has licensed from ISS.
Assuria and ISS have been working closely together on a 12 - 18 month
program to seamlessly transition ISS System Scanner customers to Assuria
and Assuria Auditor.
XPU 48 introduced the first feature that is a result of the transition
program – support for Assuria Licence keys. Assuria will be generating
Licence keys for customers in the near future. XPU 48 introduced
support for Assuria generated keys in addition to keys generated by
Assuria or ISS using the ISS system.
XPU
51 introduces Solaris and AIX agents that will accept code signatures
from Assuria as well as ISS, new XPU Integrity policy for Solaris and
AIX and a new Software Package Baseline capability.
|
|
Assuria component
signing |
Assuria
Auditor agents for Solaris 8,9,10 and the AIX agent will now accept
agent components signed with an Assuria key as well as an Assuria key.
Users do
not need to take any special action at this time. Assuria Auditor will
continue to support all current ISS signed components.
|
|
New Policy –
XPU Integrity for
Solaris version 8,9,10 and AIX |
This new Policy allows security administrators to ensure that all XPUs
have been applied to their Solaris 8,9,10 and AIX agents correctly. All
updated files are scanned against their actual and expected file size
and CRC checksum to ensure that they are the correct versions. Any
incorrect files are highlighted in the accompanying report.
To
use this new Policy:
1.
Deploy XPU 51 to Solaris versions 8,9,10 and AIX agents
2.
Select Session -> Update Mapping from the Assuria Auditor menu
3.
Either select View All or Edit View from the Sessions menu
4.
Scan using the XPU Integrity Session
Any errors can be addressed by referring to this
technical note or be reported to
Assuria support at support@assuria.co.uk .
|
|
New Package baseline
facility - Solaris 8,9,10 and AIX |
Package Baseline - This new option on the console can create, display or
update a baseline for packages (software) which have been installed on
an Agent.
Policy packages - This policy checks the last baseline for any changes
to packages installed on the Agent and reports any additions, deletions
or amendments since then.
|
Console updates
|
Updates for New Check Type - packages
o bin/tcl/csvexp.tbc
o bin/tcl/exceptions.tbc
o bin/tcl/htmlexcp.tbc
o bin/tcl/indexresults.tbc
o bin/tcl/rep_utils.tbc
o bin/tcl/RuleEditor.tbc
o bin/tcl/RulesetEditor.tbc
o lib/DbImport/dbresimport.tcl
Updated On-Line Help Files
o help/Policy Navigator/AIX4.3.chm
o help/Policy Navigator/Solaris 10.chm
o help/Policy Navigator/Solaris.chm
XPU version file
o Update_DBS/xpu_version |
|
SPARC (Versions 8 and 9) |
o New Checks
- package-added
- package-deleted
- package-changed
- updatePackageBaseline
- xpu-integrity
o New Policies
- UpdatePackageBaseline
- packages
- xpu-integrity
o New Files
- bin/procs/proc_packages.tcl
- etc/update.ini
- lib/tcl8.3/crc/cksum.tcl
- lib/tcl8.3/crc/crc16.tcl
- lib/tcl8.3/crc/crc32.tcl
- lib/tcl8.3/crc/crcc.tcl
- lib/tcl8.3/crc/pkgIndex.tcl
- lib/tcl8.3/crc/sum.tcl
o Updated Checks
- tdfc-inet-14
o Updated Files
- bin/checker
- lib/verify/libverify.so.0.0.0
- lib/verify/libverify.so.0.0.0.sgn
- bin/procs/tools.tcl
- lib/tcl8.3/tclIndex
o X-Press Update Files
- rules/unarchiveCheck
- rulesets/unarchivePolicy
- signatures/rules/unarchiveCheck.sgn
- signatures/rulesets/unarchivePolicy.sgn
- lib/xpud3_51.zip
- lib/xpud3_51.sgn
|
|
SPARC (Version 10) |
o New Checks
- package-added
- package-deleted
- package-changed
- updatePackageBaseline
- xpu-integrity
o New Policies
- UpdatePackageBaseline
- packages
- xpu-integrity
o New Files
- bin/procs/proc_packages.tcl
- etc/update.ini
- lib/tcl8.3/crc/cksum.tcl
- lib/tcl8.3/crc/crc16.tcl
- lib/tcl8.3/crc/crc32.tcl
- lib/tcl8.3/crc/crcc.tcl
- lib/tcl8.3/crc/pkgIndex.tcl
- lib/tcl8.3/crc/sum.tcl
o Updated Checks
- tdfc-inet-14
o Updated Files
- bin/checker
- lib/verify/libverify.so.0.0.0
- lib/verify/libverify.so.0.0.0.sgn
- lib/tcl8.3/tclIndex
- bin/procs/tools.tcl
o X-Press Update Files
- rules/unarchiveCheck
- rulesets/unarchivePolicy
- signatures/rules/unarchiveCheck.sgn
- signatures/rulesets/unarchivePolicy.sgn
- lib/xpud3_51.zip
- lib/xpud3_51.sgn
|
|
IBM AIX |
o New Checks
- package-added
- package-deleted
- package-changed
- updatePackageBaseline
- xpu-integrity
o New Policies
- UpdatePackageBaseline
- packages
- xpu-integrity
o New Files
- bin/procs/proc_packages.tcl
- etc/update.ini
- lib/tcl8.3/crc/cksum.tcl
- lib/tcl8.3/crc/crc16.tcl
- lib/tcl8.3/crc/crc32.tcl
- lib/tcl8.3/crc/crcc.tcl
- lib/tcl8.3/crc/pkgIndex.tcl
- lib/tcl8.3/crc/sum.tcl
o Updated Checks
- aix-IY72752-fix
- aix-IY78224-fix
- aix-IY78225-fix
- aix-IY78226-fix
o Updated Files
- bin/checker
- lib/verify/libverify.so.0.0.0
- lib/verify/libverify.so.0.0.0.sgn
- lib/tcl8.3/tclIndex
- bin/procs/tools.tcl
o X-Press Update Files
- rules/unarchiveCheck
- rulesets/unarchivePolicy
- signatures/rules/unarchiveCheck.sgn
- signatures/rulesets/unarchivePolicy.sgn
- lib/xpud3_51.zip
- lib/xpud3_51.sgn
|
