Announcements related to the open source fwaudit tool from PreOS Security
View all threadsHere's the latest release of fwaudit, 0.0.3-ALPHA.
This release is getting stable enough that we've removed the "Don't use
this" text from the readme. It is still not feature complete, but
currently runs multiple tools and saves the results for later analysis.
When run using 'sudo', the tool changes the target directory and renames
the user and group of generated files to be for the sudo user instead of
root. This code has been tested on Linux (Debian and Ubuntu) and macOS.
Additional testing on other Linux distros would be useful, in case sudo
home directory calculation is different from Debian and Ubuntu.
The --hash code now works, side-car SHA256 hash files can be created for
each generated file.
The --manifest code now works, a manifest.txt file is created in each
per-tool directory, with hashes for all generated files. There is not
yet a top-level manifest/report of all pass/fail/skip status, that is
scheduled for next update.
There's support for one new tool, the Intel INTEL-SA-00086 detection
tool for Linux.
Thanks!