Get the InProtect 0.80.0 Beta Here!
For now, let's talk about some of the major changes that we have incorporated into this version.
Gui:
- Completely revamped menu system, access control driven.
- User customizable dashboard.
- Html and PDF report formats match.
- Exportable xls reports.
- Cleaned up excessive and unneeded sql queries to enhance speed.
- Role-Based permissions.
- Exception list for hosts.
- Host specific lookup capabilities.
- Cleaner interface.
- All passwords are encrypted using user definable cryptographic standards such as blowfish.
- Sensitive data is encrypted.
- Database structure modified to allow for role-based permissions.
- Database structure modified to enhance and improve large query response (including indexing).
- Max server scans are now run in a single session rather than multiple individual sessions, this reduces the load on both the nessus scanner and the InProtect console server.
- Encryption and decryption functions added for sensitive data.
- Multiple unneeded queries removed to enhance performance.
- Query function creation and destruction cleaned up to enhance performance.
New Perl libraries:
- Crypt::CBC
- MIME::Base64
- IO::Socket
- POSIX
- Socket
So, for now feel free to download and play with it, let me know what you think, I can usually be found in #inprotect on freenode.
Cheers,
JJC
8 comments:
Hi,
Thanks for the work but the MySQL dump doesn't work. I am running MySQL 4.1.20 and get the following errors:
When I run the install.sh script
selecting number 3 for a Web console and DB install I get the
following error on the DB set-up part:
Please enter mysql root password:
ERROR 1046 (3D000) at line 22: No database selected
I've also tried to create the tables manually using the 'clean' sql script but it gives the error:
ERROR 1064 (42000) at line 509: You have an error in your SQL syntax;
check the manual that corresponds to your MySQL server version for the right syntax to use near '(`pn_uname`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1' at line 15
Roch,
I'll look into this this afternoon and followup today. Thanks for the info!
JJC
No prob, let me know if you want me to test anything else or provide more info,
Roch
Can you paste that whole sql statement from line 509 on...
Also, just want to be sure that this is a new install and not an upgrade from a previous version?
If you are able to jump onto freenode and #inprotect I could try to troubleshoot live...
JJC
Hi,
Heath has a released a patch file for the sqldump, but for some reason it is complaining about the patch:
patching file Clean_install_inprotect_0.80.0.sql
patch: **** malformed patch at line 13: ) ENGINE=MyISAM DEFAULT CHARSET=latin1;
Patch file below:
Index: clean_install_inprotect_0.80.0.sql
===================================================================
--- clean_install_inprotect_0.80.0.sql (revision 617)
+++ clean_install_inprotect_0.80.0.sql (working copy)
@@ -105,7 +105,7 @@
`id` int(11) NOT NULL auto_increment,
`date_time` timestamp NOT NULL default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP,
`ip` varchar(15) NOT NULL default '',
- `username` varchar(255) character set latin1 collate latin1_bin default NULL,
+ `username` varchar(255) default NULL,
`action` varchar(255) NOT NULL default '',
PRIMARY KEY (`id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1;
@@ -133,7 +133,7 @@
CREATE TABLE `nessus_hosts` (
`id` int(11) NOT NULL auto_increment,
`sched_id` int(11) NOT NULL default '0',
- `username` varchar(255) character set latin1 collate latin1_bin NOT NULL default '',
+ `username` varchar(255) NOT NULL default '',
`hostip` varchar(255) NOT NULL default '',
PRIMARY KEY (`id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1;
@@ -145,7 +145,7 @@
`host` varchar(255) NOT NULL default '',
`action` varchar(255) NOT NULL default '',
`percent` double NOT NULL default '0',
- `username` varchar(255) character set latin1 collate latin1_bin NOT NULL default ''
+ `username` varchar(255) NOT NULL default ''
) ENGINE=MyISAM DEFAULT CHARSET=latin1;
@@ -154,7 +154,7 @@
`id` int(11) NOT NULL auto_increment,
`pid` int(11) NOT NULL default '0',
`resid` int(11) NOT NULL default '0',
- `username` varchar(255) character set latin1 collate latin1_bin NOT NULL default '',
+ `username` varchar(255) NOT NULL default '',
`note` text NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1;
@@ -201,7 +201,7 @@
CREATE TABLE `nessus_results` (
- `username` varchar(255) character set latin1 collate latin1_bin default NULL,
+ `username` varchar(255) default NULL,
`sched_id` int(11) default NULL,
`sid` int(11) default NULL,
`scantime` varchar(14) default NULL,
@@ -240,7 +240,7 @@
CREATE TABLE `nessus_schedule` (
`id` int(11) NOT NULL auto_increment,
`name` varchar(255) NOT NULL default '',
- `username` varchar(255) character set latin1 collate latin1_bin NOT NULL default '',
+ `username` varchar(255) NOT NULL default '',
`schedule_type` char(1) NOT NULL default 'H',
`day_of_week` int(1) unsigned NOT NULL default '0',
`day_of_month` int(2) unsigned NOT NULL default '1',
@@ -269,12 +269,12 @@
`description` varchar(255) NOT NULL default '',
`hostname` varchar(255) NOT NULL default '',
`port` int(11) NOT NULL default '1241',
- `user` varchar(255) character set latin1 collate latin1_bin NOT NULL default '',
+ `user` varchar(255) NOT NULL default '',
`PASSWORD` varchar(255) NOT NULL default '',
`max_scans` int(11) NOT NULL default '10',
`current_scans` int(11) NOT NULL default '0',
`TYPE` char(1) NOT NULL default '',
- `owner` varchar(255) character set latin1 collate latin1_bin NOT NULL default '',
+ `owner` varchar(255) NOT NULL default '',
`checkin_time` datetime default NULL,
`status` char(1) default NULL,
PRIMARY KEY (`id`)
@@ -288,7 +288,7 @@
`description` varchar(255) default NULL,
`autoenable` char(1) NOT NULL default 'N',
`type` char(1) NOT NULL default 'G',
- `owner` varchar(255) character set latin1 collate latin1_bin NOT NULL default '',
+ `owner` varchar(255) NOT NULL default '',
`auto_cat_status` int(10) default '4',
`auto_fam_status` int(10) default '4',
PRIMARY KEY (`id`),
@@ -339,7 +339,7 @@
CREATE TABLE `nessus_settings_users` (
`id` int(11) NOT NULL auto_increment,
`sid` int(11) NOT NULL default '0',
- `username` varchar(255) character set latin1 collate latin1_bin NOT NULL default '',
+ `username` varchar(255) NOT NULL default '',
PRIMARY KEY (`id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1;
@@ -347,7 +347,7 @@
CREATE TABLE `nessus_user_zones` (
`id` int(11) NOT NULL auto_increment,
- `username` varchar(255) character set latin1 collate latin1_bin NOT NULL default '',
+ `username` varchar(255) NOT NULL default '',
`zid` int(11) NOT NULL default '0',
PRIMARY KEY (`id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1;
@@ -369,7 +369,7 @@
`name` varchar(255) NOT NULL default '',
`description` varchar(255) NOT NULL default '',
`TYPE` char(1) NOT NULL default '',
- `owner` varchar(255) character set latin1 collate latin1_bin NOT NULL default '',
+ `owner` varchar(255) NOT NULL default '',
PRIMARY KEY (`id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1;
@@ -394,7 +394,7 @@
CREATE TABLE `portscan` (
`id` int(10) unsigned NOT NULL auto_increment,
- `username` varchar(255) character set latin1 collate latin1_bin NOT NULL default '',
+ `username` varchar(255) NOT NULL default '',
`userip` varchar(15) NOT NULL default '',
`submittime` timestamp NOT NULL default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP,
`scanip` varchar(255) NOT NULL default '',
@@ -507,7 +507,7 @@
CREATE TABLE `users` (
- `pn_uname` varchar(255) character set latin1 collate latin1_bin NOT NULL default '',
+ `pn_uname` varchar(255) NOT NULL default '',
`pn_email` varchar(60) NOT NULL default '',
`pn_pass` varchar(40) NOT NULL default '',
`expire` varchar(8) default NULL,
This was a completely clean install from before.
Ok, I just published a new entry with the URL to a tarball with a working clean install sql script.
JJC
Excellent thanks JJC, I'll give it a shot.
Post a Comment