Update PowerSTIG to parse and apply Microsoft DotNet V2R1 STIG #837
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
bcwilhite
added a commit
that referenced
this pull request
Mar 1, 2021
* Update PowerSTIG to Add Checklist Accountability (#809) * initial commit * minor update * updated based on feedback * Update PowerSTIG to Parse/Apply MS Office 365 ProPlus Ver 2, Rel 1 (#812) * initial commit 365ProPlus * added changelog.md entry * updated based on testing Co-authored-by: Brian Wilhite <bcwilhite@live.com> * Update PowerSTIG to remove old rule Ids in Hard Coded Framework (#810) * removed dotNet ruleIds * removed old hardcoded method for IE rule * removed outlook 2013 old hardcoded * removed 2012 MS smb1 old hardcoded rule * converted defender old hardcoded to new * converted 2012 UAC hardcoded rule * updated old ntp hardcoded to new version * removed half legal notices from old style Hardcoded * removed old hard coded functions and static ruleID refences in Rule\Convert\functions.ps1 * removed old test * updated based on peer testing * update format * updated to remove extra spaces from logon banner * exclusionlist Co-authored-by: Brian Wilhite <bcwilhite@live.com> * Update PowerSTIG to move O365 Pro Plus log entries into Exclusion Rule list (#817) * Moved log file entries to exclusion rule list * Added Org file values Co-authored-by: Jason Patton <japatton@microsoft.com> * fixed checklist convertto hashtable function (#826) * Update PowerSTIG to parse and apply RHEL 7.x V3R2 (#820) * Migrate PowerSTIG to Azure DevOps for Build and Test (#603) * update folder structure for azure dev ops * dscresource unit test passing * updated unit tests * Unit test pathing update, all passing * updated unit test to ensure regex data files are loaded * updated .tests.header for unit\tools directory * daily commit - Integrated test updates * updated tests based on testing feedback * optimized test header based on feedback * updated build.psd1 case sensitive * update build agent to windows-2019 * update build and azure yml files * added hqrm tests to build yml and dependencies * updated azure-pipelines.yml to include hqrm test * updated HRQM display name * updated test exclusion DSCResources * intro logic to dynamically build requiredmodules * updated yml to reflect master * updated changelog.md * Update azure-pipelines.yml * rename sources to source (#605) * Migrate PowerSTIG to Azure DevOps for Build, Test and Release Deployment (#606) * updated powerstig for dynamic versioning * updated gitversion to reflect base version * updated if statement to adhere to style gls * updated code to adhere to sgl hqrmtest * updated code to adhere to sgl hqrm tests * updated code to adhere to sgl hqrm * update yml files to support CICD pipeline * updated markdown function * update change log structure * updated spacing via PR feedback * updated 2012R2 STIG after convert tests reflected a minor delta * update changelog.md * Update PowerSTIG to parse and apply Vmware Vsphere 6.5 STIG V1R3 (#607) * initial commit for vsphere * updated based on test results * updated based on vsphere module name * updated module manifest to check build status * updated newlines in raw xccdf * updated newline * updated newlies in rules * updated tests * updated processed Stig name * updated vsphere schema * updated composites * updated spacing * updated format * Updated based on feedback * update required parameter for composite * updated service rule * Added Integration DSCresrouce Vsphere Test * reverted changes to test * updated integration tests * added unit tests * added unit tests * added unit tests * updated formatting based on feedback * updated based on feedback * updated comments * updated tests * updated changelog.md * trailing whitespace removed * updated for HQRM tests * updated based on pr feedback * updated case * update code based on PR feedback * updated code based on PR feedback. * updated tests based on PR feedback * updated test based on PR feedback Co-authored-by: Brian Wilhite <bcwilhite@live.com> * added Ubuntu nxPackage support * nxPackage update * added nxService resource script * added nxFileLine Rule type and structure * Regex addition to nxFileLine * daily commit * convertfactory update * daily commit * updated functions * Unable to Import PowerSTIG 4.4.0 Due to cyclic dependency Error (#617) * removed vmware.vspheredsc as a dependency because all of its required dependencies are loaded * updated module load process for VMware modules * updated build.yaml * updated test * Updated tests * removed stop error action * updated formating * updated based on failing hqrm * updated module helper * moved helper module * updated location of module helper * reduced vmware.VsphereDSC version * updated build.yaml * updated data file * update module version schema * updated based on testing * Update changelog * Update based on PR feedback * daily commit * daily commit * JUnit commit * NUnit commit * daily commit * daily commit * update to nxFileLineRule * ubuntu commit * Update PowerSTIG to successfully parse/apply Microsoft IIS Server/Site STIG - Ver 1, Rel10 (#623) * added IIS Server V1R10 * updated changelog and added iis site v1r10 * updated changelog * removed N-2 STIGS * Update PowerSTIG to successfully parse Microsoft SQL Server 2012 Database STIG - Ver 1, Rel 20 (#621) * updated PowerSTIG to use SQL 2012 Database V1R20 * quotes in test * updated tabs to spaces in sql raw xccdf Co-authored-by: Brian Wilhite <bcwilhite@live.com> * explicit Pester version due to 5.x (latest) test failures * Update PowerSTIG to successfully parse/apply Windows Defender Antivirus STIG - V1R8 (#626) * added new Windows Defender STIG V1R8 removed V1R6 * updated based on PR feedback: * merged origin Co-authored-by: Brian Wilhite <bcwilhite@live.com> * initial commit (#640) Co-authored-by: Brian Wilhite <bcwilhite@live.com> * Update PowerSTIG to successfully parse/apply Microsoft IIS 10 Server/Site STIG - V1R1 (#641) * added IIS 10.0 Server * updated IIS 10 site stig * updated based on tests * updated based on tests * updated log file * added esxi 6.5 v1r4 (#637) Co-authored-by: Brian Wilhite <bcwilhite@live.com> * Update PowerSTIG to successfully parse/apply Windows Server 2012 DNS STIG - Ver 1, Rel 14 (#635) * DNS Update commit * removed DNS 1.12 * explicit version for DscResource.Test * Update PowerSTIG to allow for workgroup level scans (#643) * added community requested functionality to not require domain/forest parameters * updated warning message * reverted to old module dscresource.test * Updated based on feedback * updated sql 2016 instance 1.9 (#638) * Update PowerSTIG to successfully parse/apply MS SQL Server 2012 Instance Ver. 1 Rel. 20 (#642) * updated sql 2012 Instance V1R20 * updated Get-SqlTechnologyRole * removed tabs * added a new line to the end of xccdf * update build to use dscresource.test 0.13.1 * updated code based on feedback * Redhat commit * daily commit * daily commit * daily commit * daily commit * daily commit * updated regex * updated rule to use hardcoded framework * updated nxFileLine Rules * updated processed xml based on banner rule * updated exclusionlist * updated TestRange function * daily commit * added RHEL composite * updated RHEL composite and manifest * Update PowerSTIG with new SkipRuleCategory Parameter to skip entire STIG Category/Severity Level(s) (#740) * Fixed Missing OrgSettings for V-88203 - Win10 Client 1.19 and 1.21 (#672) * fixed V-88203 to be org setting with Tenant Guid * updated changelog.md * fixed registry rule issue in sql 2016 (#671) * Release Process Update: Ensure the nuget package uses explicit DSC Resource Module Versions (#670) * dialy commit * updated build task to leverage nuget * added new line for Common.Data.ps1 * warning message to troubleshoot ADO pipeline * updated package tasks * updated release.module.build * updated module * updated release * updated release * updated release * hard coded nuget.exe path * fixed FilePath parameter * dynamically detect nuget.exe * nuget dynamic detection * testing alternate nuget detection * updated release to leverage get-command for nuget detection * updated code to replace only the task needed * updated build funct. conform to style guideline * updated New-NuspecFile funciton * Update PowerSTIG to successfully parse/apply Windows 2012 R2 MS Version 2, Rev 19 (#679) * added support for 2012 R2 V2R19 * added new line to xml * added Server 2019 V1R5,removed V1R2 (#684) * Update PowerSTIG to successfully parse/apply Windows 10 STIG - V1R23 (#682) * Added Windows Client V1R23, Removed Windows CLient V1R19 * Added Windows Client V1R23, Removed Windows CLient V1R19 * removed random tabs * removed tabs from converted * updated based on feedback Co-authored-by: Brian Wilhite <bcwilhite@live.com> * added support for 2016 V1R12 DC/MS (#685) * Fixed: IIS Sever 10.0 STIG hardening rule V-100163 fails with error in Windows Server 2019 while using PowerSTIG 4.4.2 (#689) * updated PowerSTIG to use AccessControlDsc 1.4.1 * updated composites with AccessControlDsc 1.4.1 * Update PowerSTIG to successfully parse/apply IIS 10.0 Site/Server V1R2 STIGs (#701) * added support for IIS 10 Site/Server V1R2 * updated IISServer 10 V1R1 org settings file * Revert "updated IISServer 10 V1R1 org settings file" This reverts commit 54d4e82. * added Firefox V4R29 STIG, remove V4R27 (#700) Co-authored-by: Brian Wilhite <bcwilhite@live.com> * Update PowerSTIG to successfully parse/apply SQL Server 2016 Instance V1R10 (#705) * added SQL 2016 Instance V1R10, removed V1R8 * Updated changelog.md Co-authored-by: Brian Wilhite <bcwilhite@live.com> * added dns V1R15 (#697) squash/merge * Update PowerSTIG To Use xDnsServer version 1.16.0.0 (#703) * Updated xDnsServer version * update module version * updated changelog.md * upgrade xWebadministration to 3.2.0 (#714) * added IE 11 STIG - V1R19 (#708) * Removed Windows Server 2016 DC/MS V1R9 from processed STIGs folder (#710) * removed old 2016 DC/MS processed STIGs * updated changelog.md * Update PowerSTIG to successfully parse/apply IIS Site/Server V1R11 STIGs (#706) * added support for IIS site/server V1R11 * removed old processed STIGs * updated AuditPolicyDsc to 1.4.0.0 (#716) * Allow application of applicable user rights assignments for non-domain and disconnected systems (#719) * updated based on community feedback * update based on feedback * update powerstig to use SecurityPolicyDsc 2.10.0.0 (#717) * updated PowerSTIG to use ComputerMgmtDsc to 8.4.0 (#721) * Added SkipRuleCategory support to PowerSTIG * updating test to be compat with new feature * updated test configs with dynamic logic * updated test logic to run get-dscresource once * updated to disallow skipping doc/man rules * updated integration dscresource tests * PR Feedback updates Co-authored-by: Eric Jenkins <erjenkin@microsoft.com> * Increase Code Coverage of PowerSTIG to %75 (#742) * updated tests for increased code cov part 1 * fixed test * update changelog.md * update changelog * tes * reverted change * added VsphereNTPsetting tests * updated checklist test * updated DomainName Function tests * updated powerstig xml tests * added tests for Convertto-PowerSTIGxml and Compare * updated tests * updated webconfig property rule test * updated to convert all STIGS * removed redundant tests * update only select one of each STIG * added all office stigs * reverted some tests * updated tests: * removed dependency for helper files * updated tests * removed example folder * update based on feedback * updated test * Increase Code Coverage of PowerSTIG (#745) * Fixed Missing OrgSettings for V-88203 - Win10 Client 1.19 and 1.21 (#672) * fixed V-88203 to be org setting with Tenant Guid * updated changelog.md * fixed registry rule issue in sql 2016 (#671) * Release Process Update: Ensure the nuget package uses explicit DSC Resource Module Versions (#670) * dialy commit * updated build task to leverage nuget * added new line for Common.Data.ps1 * warning message to troubleshoot ADO pipeline * updated package tasks * updated release.module.build * updated module * updated release * updated release * updated release * hard coded nuget.exe path * fixed FilePath parameter * dynamically detect nuget.exe * nuget dynamic detection * testing alternate nuget detection * updated release to leverage get-command for nuget detection * updated code to replace only the task needed * updated build funct. conform to style guideline * updated New-NuspecFile funciton * Update PowerSTIG to successfully parse/apply Windows 2012 R2 MS Version 2, Rev 19 (#679) * added support for 2012 R2 V2R19 * added new line to xml * added Server 2019 V1R5,removed V1R2 (#684) * Update PowerSTIG to successfully parse/apply Windows 10 STIG - V1R23 (#682) * Added Windows Client V1R23, Removed Windows CLient V1R19 * Added Windows Client V1R23, Removed Windows CLient V1R19 * removed random tabs * removed tabs from converted * updated based on feedback Co-authored-by: Brian Wilhite <bcwilhite@live.com> * added support for 2016 V1R12 DC/MS (#685) * Fixed: IIS Sever 10.0 STIG hardening rule V-100163 fails with error in Windows Server 2019 while using PowerSTIG 4.4.2 (#689) * updated PowerSTIG to use AccessControlDsc 1.4.1 * updated composites with AccessControlDsc 1.4.1 * Update PowerSTIG to successfully parse/apply IIS 10.0 Site/Server V1R2 STIGs (#701) * added support for IIS 10 Site/Server V1R2 * updated IISServer 10 V1R1 org settings file * Revert "updated IISServer 10 V1R1 org settings file" This reverts commit 54d4e82. * added Firefox V4R29 STIG, remove V4R27 (#700) Co-authored-by: Brian Wilhite <bcwilhite@live.com> * Update PowerSTIG to successfully parse/apply SQL Server 2016 Instance V1R10 (#705) * added SQL 2016 Instance V1R10, removed V1R8 * Updated changelog.md Co-authored-by: Brian Wilhite <bcwilhite@live.com> * added dns V1R15 (#697) squash/merge * Update PowerSTIG To Use xDnsServer version 1.16.0.0 (#703) * Updated xDnsServer version * update module version * updated changelog.md * upgrade xWebadministration to 3.2.0 (#714) * added IE 11 STIG - V1R19 (#708) * Removed Windows Server 2016 DC/MS V1R9 from processed STIGs folder (#710) * removed old 2016 DC/MS processed STIGs * updated changelog.md * Update PowerSTIG to successfully parse/apply IIS Site/Server V1R11 STIGs (#706) * added support for IIS site/server V1R11 * removed old processed STIGs * updated AuditPolicyDsc to 1.4.0.0 (#716) * Allow application of applicable user rights assignments for non-domain and disconnected systems (#719) * updated based on community feedback * update based on feedback * update powerstig to use SecurityPolicyDsc 2.10.0.0 (#717) * updated PowerSTIG to use ComputerMgmtDsc to 8.4.0 (#721) * Added SkipRuleCategory support to PowerSTIG * updating test to be compat with new feature * updated test configs with dynamic logic * updated test logic to run get-dscresource once * updated to disallow skipping doc/man rules * updated integration dscresource tests * testing code coverage * updated registryrule test to include more coverage * updated sqlscriptqueryrule tests * updated setScript in Get-ShutdownOnError function * updated permissionrule tests with add. test case * updated permRule test to increase code coverage * updated changelog * updated test and code coverage threshold * updated code coverage threshold to 81 * updated CC threshold to 80 Co-authored-by: Eric Jenkins <erjenkin@microsoft.com> * removed old stig files after merge with 4.6.0 * updated data and log file based on testing * updated regex data sections based on testing * updated regex data * updated regex patterns for does not contain * added new line in redhat xccdf * added new line to methods for HQRM * created new nxFile rule type for banner rule * update changelog * updated processed xml * updated to RHEL V3R1 * updated code to correct auditrule path * daily commit * updated nxFileLine to parse rule correctly * added more rule support * Update PowerSTIG to include LegacyId to assist in determining Legacy Vuln Ids with the new DISA standard. (#789) * added support for legacyid in processed xml * updated change log * updated tests for legacy id * updated tests to reflect new base rule prop. * Update PowerSTIG to fix LegacyId Logic (#792) * updated legacyid logic * updated changelog * corrected changelog entry * Update PowerSTIG to successfully parse/apply Microsoft Windows 2012 and 2012 R2 MS STIG - Ver 3, Rel 1 (#793) * added support for Win2012R2 MS 3.1 * updated xccdf to have new line based on feedback * updated cert changes from Eric and regen 2012R2 MS * added support for 2012 DC 3.1 (#796) * Update PowerSTIG to successfully parse/apply Microsoft Windows Server 2019 STIG - Ver 2, Rel 1 (#794) * initial commit * updated 2019 * updated 2019 MS v2 Stig * updated to use correct convert flow * update changelog.md * fixed merge error * added newline to raw xccdf * added newline Co-authored-by: Brian Wilhite <bcwilhite@live.com> * Update PowerSTIG to successfully parse/apply Microsoft Windows Defender Antivirus STIG - Ver 2, Rel 1 (#795) * added support for defender v2 stig * added newline to raw xccdf * updated org settings * removed n-2 processed Co-authored-by: Brian Wilhite <bcwilhite@live.com> * Update PowerSTIG to successfully parse/apply Microsoft Windows 10 STIG - Ver 2, Rel 1 (#797) * initial commit * updated convert * updated disa copy paste error * Update PowerSTIG to successfully parse/apply Microsoft Windows Server 2016 STIG - Ver 2, Rel 1 (#798) * merged 4.7.0 and added 2016 split stig * added support for 2016 MS-DC v2r1 STIG * updated default org settings file * updated Get-StigRule to include legacyid support (#801) * Update PowerSTIG to Parse/Apply Google Chrome V2R1 (#803) * initial commit for Chrome * fixed parse error * fixed rule * added support for chrome * updated changelog * updated key, removed trailing " * removed tabs * updated resource * updated export function * updated * updated based on testing * Updated based on testing * updated tests * updated based on test failure * updated based on testing * updated based on testing * added registry policy file to schema * update based on feedback * updated based on feedback * Fixed 2018 V-205820 to be SecurityOptionRule (#805) * updated changelog and filehash for release * updated split rule logic from 4.8.0 * removed old RHEL STIG, fixed hard coded rules * updated xccdf to have new line * fixed 2019DC processed stig based on test feedback * updated regex in testhelper to detect "nx" * removed ubuntu stig * removed write-warning * updated azure pipeline yml to publish CC s/f * created nx rule type tests * added nxFile dsc resource script to RHEL composite * updated nxFile dsc resource script * added nxFile to nxFileLine resource script * added support for RHEL 7.x STIG 3.1 * updated changelog.md * removed ubuntu support from RHEL branch * added support for RHEL 3.2 * added SkipRuleSev to RHEL * updated code and tests based on feedback. * added skip rule resource to RHEL composite. * updated test based on feedback * added nxScript.skip for linux. * updated test based on feedback Co-authored-by: Eric Jenkins <erjenkin@microsoft.com> * Update PowerSTIG to Parse/Apply Oracle JRE 8 Ver 2, Rel 1 (#843) * Updated to parse and apply Oracle JRE8 v2.1 * Update PowerStig to parse and apply Oracle JRE 8 v2.1 STIG * Update PowerSTIG to parse and apply Microsoft DotNet V2R1 STIG (#837) * Update PowerSTIG to latest DotNet STIG * Added new line at the end of file Co-authored-by: Jason Patton <japatton@microsoft.com> Co-authored-by: Brian Wilhite <bcwilhite@live.com> * Update PowerSTIG to parse and apply Mozilla Firefox V5R1 STIG (#836) * Update to newest Firefox STIG * Added new line at the end of file Co-authored-by: Jason Patton <japatton@microsoft.com> Co-authored-by: Brian Wilhite <bcwilhite@live.com> * Updated WindowsDefenderDsc to 2.1.0 (#840) * Parse/Apply Google Chrome Ver 2. 2 #841 * Parse/Apply Google Chrome Ver 2, Rel 2 #841 * Update PowerSTIG to Parse/Apply Google Chrome Ver 2, Rel 2 * Update PowerSTIG to Parse/Apply Google Chrome Ver 2, Rel 2 * Update PowerSTIG to Parse/Apply Google Chrome Ver 2, Rel 2 * Update PowerSTIG to Parse/Apply Google Chrome Ver 2, Rel 2 * Update PowerSTIG to Parse/Apply Google Chrome Ver 2, Rel 2 * Update PowerSTIG to Parse/Apply Google Chrome Ver 2, Rel 2 * Update PowerSTIG to parse and apply Ubuntu 18.04 LTS STIG - Ver 2, Rel 2 (#832) * Migrate PowerSTIG to Azure DevOps for Build and Test (#603) * update folder structure for azure dev ops * dscresource unit test passing * updated unit tests * Unit test pathing update, all passing * updated unit test to ensure regex data files are loaded * updated .tests.header for unit\tools directory * daily commit - Integrated test updates * updated tests based on testing feedback * optimized test header based on feedback * updated build.psd1 case sensitive * update build agent to windows-2019 * update build and azure yml files * added hqrm tests to build yml and dependencies * updated azure-pipelines.yml to include hqrm test * updated HRQM display name * updated test exclusion DSCResources * intro logic to dynamically build requiredmodules * updated yml to reflect master * updated changelog.md * Update azure-pipelines.yml * rename sources to source (#605) * Migrate PowerSTIG to Azure DevOps for Build, Test and Release Deployment (#606) * updated powerstig for dynamic versioning * updated gitversion to reflect base version * updated if statement to adhere to style gls * updated code to adhere to sgl hqrmtest * updated code to adhere to sgl hqrm tests * updated code to adhere to sgl hqrm * update yml files to support CICD pipeline * updated markdown function * update change log structure * updated spacing via PR feedback * updated 2012R2 STIG after convert tests reflected a minor delta * update changelog.md * Update PowerSTIG to parse and apply Vmware Vsphere 6.5 STIG V1R3 (#607) * initial commit for vsphere * updated based on test results * updated based on vsphere module name * updated module manifest to check build status * updated newlines in raw xccdf * updated newline * updated newlies in rules * updated tests * updated processed Stig name * updated vsphere schema * updated composites * updated spacing * updated format * Updated based on feedback * update required parameter for composite * updated service rule * Added Integration DSCresrouce Vsphere Test * reverted changes to test * updated integration tests * added unit tests * added unit tests * added unit tests * updated formatting based on feedback * updated based on feedback * updated comments * updated tests * updated changelog.md * trailing whitespace removed * updated for HQRM tests * updated based on pr feedback * updated case * update code based on PR feedback * updated code based on PR feedback. * updated tests based on PR feedback * updated test based on PR feedback Co-authored-by: Brian Wilhite <bcwilhite@live.com> * added Ubuntu nxPackage support * nxPackage update * added nxService resource script * added nxFileLine Rule type and structure * Regex addition to nxFileLine * daily commit * convertfactory update * daily commit * updated functions * Unable to Import PowerSTIG 4.4.0 Due to cyclic dependency Error (#617) * removed vmware.vspheredsc as a dependency because all of its required dependencies are loaded * updated module load process for VMware modules * updated build.yaml * updated test * Updated tests * removed stop error action * updated formating * updated based on failing hqrm * updated module helper * moved helper module * updated location of module helper * reduced vmware.VsphereDSC version * updated build.yaml * updated data file * update module version schema * updated based on testing * Update changelog * Update based on PR feedback * daily commit * daily commit * JUnit commit * NUnit commit * daily commit * daily commit * update to nxFileLineRule * ubuntu commit * Update PowerSTIG to successfully parse/apply Microsoft IIS Server/Site STIG - Ver 1, Rel10 (#623) * added IIS Server V1R10 * updated changelog and added iis site v1r10 * updated changelog * removed N-2 STIGS * Update PowerSTIG to successfully parse Microsoft SQL Server 2012 Database STIG - Ver 1, Rel 20 (#621) * updated PowerSTIG to use SQL 2012 Database V1R20 * quotes in test * updated tabs to spaces in sql raw xccdf Co-authored-by: Brian Wilhite <bcwilhite@live.com> * explicit Pester version due to 5.x (latest) test failures * Update PowerSTIG to successfully parse/apply Windows Defender Antivirus STIG - V1R8 (#626) * added new Windows Defender STIG V1R8 removed V1R6 * updated based on PR feedback: * merged origin Co-authored-by: Brian Wilhite <bcwilhite@live.com> * initial commit (#640) Co-authored-by: Brian Wilhite <bcwilhite@live.com> * Update PowerSTIG to successfully parse/apply Microsoft IIS 10 Server/Site STIG - V1R1 (#641) * added IIS 10.0 Server * updated IIS 10 site stig * updated based on tests * updated based on tests * updated log file * added esxi 6.5 v1r4 (#637) Co-authored-by: Brian Wilhite <bcwilhite@live.com> * Update PowerSTIG to successfully parse/apply Windows Server 2012 DNS STIG - Ver 1, Rel 14 (#635) * DNS Update commit * removed DNS 1.12 * explicit version for DscResource.Test * Update PowerSTIG to allow for workgroup level scans (#643) * added community requested functionality to not require domain/forest parameters * updated warning message * reverted to old module dscresource.test * Updated based on feedback * updated sql 2016 instance 1.9 (#638) * Update PowerSTIG to successfully parse/apply MS SQL Server 2012 Instance Ver. 1 Rel. 20 (#642) * updated sql 2012 Instance V1R20 * updated Get-SqlTechnologyRole * removed tabs * added a new line to the end of xccdf * update build to use dscresource.test 0.13.1 * updated code based on feedback * Redhat commit * daily commit * daily commit * daily commit * daily commit * daily commit * updated regex * updated rule to use hardcoded framework * updated nxFileLine Rules * updated processed xml based on banner rule * updated exclusionlist * updated TestRange function * daily commit * added RHEL composite * updated RHEL composite and manifest * Update PowerSTIG with new SkipRuleCategory Parameter to skip entire STIG Category/Severity Level(s) (#740) * Fixed Missing OrgSettings for V-88203 - Win10 Client 1.19 and 1.21 (#672) * fixed V-88203 to be org setting with Tenant Guid * updated changelog.md * fixed registry rule issue in sql 2016 (#671) * Release Process Update: Ensure the nuget package uses explicit DSC Resource Module Versions (#670) * dialy commit * updated build task to leverage nuget * added new line for Common.Data.ps1 * warning message to troubleshoot ADO pipeline * updated package tasks * updated release.module.build * updated module * updated release * updated release * updated release * hard coded nuget.exe path * fixed FilePath parameter * dynamically detect nuget.exe * nuget dynamic detection * testing alternate nuget detection * updated release to leverage get-command for nuget detection * updated code to replace only the task needed * updated build funct. conform to style guideline * updated New-NuspecFile funciton * Update PowerSTIG to successfully parse/apply Windows 2012 R2 MS Version 2, Rev 19 (#679) * added support for 2012 R2 V2R19 * added new line to xml * added Server 2019 V1R5,removed V1R2 (#684) * Update PowerSTIG to successfully parse/apply Windows 10 STIG - V1R23 (#682) * Added Windows Client V1R23, Removed Windows CLient V1R19 * Added Windows Client V1R23, Removed Windows CLient V1R19 * removed random tabs * removed tabs from converted * updated based on feedback Co-authored-by: Brian Wilhite <bcwilhite@live.com> * added support for 2016 V1R12 DC/MS (#685) * Fixed: IIS Sever 10.0 STIG hardening rule V-100163 fails with error in Windows Server 2019 while using PowerSTIG 4.4.2 (#689) * updated PowerSTIG to use AccessControlDsc 1.4.1 * updated composites with AccessControlDsc 1.4.1 * Update PowerSTIG to successfully parse/apply IIS 10.0 Site/Server V1R2 STIGs (#701) * added support for IIS 10 Site/Server V1R2 * updated IISServer 10 V1R1 org settings file * Revert "updated IISServer 10 V1R1 org settings file" This reverts commit 54d4e82. * added Firefox V4R29 STIG, remove V4R27 (#700) Co-authored-by: Brian Wilhite <bcwilhite@live.com> * Update PowerSTIG to successfully parse/apply SQL Server 2016 Instance V1R10 (#705) * added SQL 2016 Instance V1R10, removed V1R8 * Updated changelog.md Co-authored-by: Brian Wilhite <bcwilhite@live.com> * added dns V1R15 (#697) squash/merge * Update PowerSTIG To Use xDnsServer version 1.16.0.0 (#703) * Updated xDnsServer version * update module version * updated changelog.md * upgrade xWebadministration to 3.2.0 (#714) * added IE 11 STIG - V1R19 (#708) * Removed Windows Server 2016 DC/MS V1R9 from processed STIGs folder (#710) * removed old 2016 DC/MS processed STIGs * updated changelog.md * Update PowerSTIG to successfully parse/apply IIS Site/Server V1R11 STIGs (#706) * added support for IIS site/server V1R11 * removed old processed STIGs * updated AuditPolicyDsc to 1.4.0.0 (#716) * Allow application of applicable user rights assignments for non-domain and disconnected systems (#719) * updated based on community feedback * update based on feedback * update powerstig to use SecurityPolicyDsc 2.10.0.0 (#717) * updated PowerSTIG to use ComputerMgmtDsc to 8.4.0 (#721) * Added SkipRuleCategory support to PowerSTIG * updating test to be compat with new feature * updated test configs with dynamic logic * updated test logic to run get-dscresource once * updated to disallow skipping doc/man rules * updated integration dscresource tests * PR Feedback updates Co-authored-by: Eric Jenkins <erjenkin@microsoft.com> * Increase Code Coverage of PowerSTIG to %75 (#742) * updated tests for increased code cov part 1 * fixed test * update changelog.md * update changelog * tes * reverted change * added VsphereNTPsetting tests * updated checklist test * updated DomainName Function tests * updated powerstig xml tests * added tests for Convertto-PowerSTIGxml and Compare * updated tests * updated webconfig property rule test * updated to convert all STIGS * removed redundant tests * update only select one of each STIG * added all office stigs * reverted some tests * updated tests: * removed dependency for helper files * updated tests * removed example folder * update based on feedback * updated test * Increase Code Coverage of PowerSTIG (#745) * Fixed Missing OrgSettings for V-88203 - Win10 Client 1.19 and 1.21 (#672) * fixed V-88203 to be org setting with Tenant Guid * updated changelog.md * fixed registry rule issue in sql 2016 (#671) * Release Process Update: Ensure the nuget package uses explicit DSC Resource Module Versions (#670) * dialy commit * updated build task to leverage nuget * added new line for Common.Data.ps1 * warning message to troubleshoot ADO pipeline * updated package tasks * updated release.module.build * updated module * updated release * updated release * updated release * hard coded nuget.exe path * fixed FilePath parameter * dynamically detect nuget.exe * nuget dynamic detection * testing alternate nuget detection * updated release to leverage get-command for nuget detection * updated code to replace only the task needed * updated build funct. conform to style guideline * updated New-NuspecFile funciton * Update PowerSTIG to successfully parse/apply Windows 2012 R2 MS Version 2, Rev 19 (#679) * added support for 2012 R2 V2R19 * added new line to xml * added Server 2019 V1R5,removed V1R2 (#684) * Update PowerSTIG to successfully parse/apply Windows 10 STIG - V1R23 (#682) * Added Windows Client V1R23, Removed Windows CLient V1R19 * Added Windows Client V1R23, Removed Windows CLient V1R19 * removed random tabs * removed tabs from converted * updated based on feedback Co-authored-by: Brian Wilhite <bcwilhite@live.com> * added support for 2016 V1R12 DC/MS (#685) * Fixed: IIS Sever 10.0 STIG hardening rule V-100163 fails with error in Windows Server 2019 while using PowerSTIG 4.4.2 (#689) * updated PowerSTIG to use AccessControlDsc 1.4.1 * updated composites with AccessControlDsc 1.4.1 * Update PowerSTIG to successfully parse/apply IIS 10.0 Site/Server V1R2 STIGs (#701) * added support for IIS 10 Site/Server V1R2 * updated IISServer 10 V1R1 org settings file * Revert "updated IISServer 10 V1R1 org settings file" This reverts commit 54d4e82. * added Firefox V4R29 STIG, remove V4R27 (#700) Co-authored-by: Brian Wilhite <bcwilhite@live.com> * Update PowerSTIG to successfully parse/apply SQL Server 2016 Instance V1R10 (#705) * added SQL 2016 Instance V1R10, removed V1R8 * Updated changelog.md Co-authored-by: Brian Wilhite <bcwilhite@live.com> * added dns V1R15 (#697) squash/merge * Update PowerSTIG To Use xDnsServer version 1.16.0.0 (#703) * Updated xDnsServer version * update module version * updated changelog.md * upgrade xWebadministration to 3.2.0 (#714) * added IE 11 STIG - V1R19 (#708) * Removed Windows Server 2016 DC/MS V1R9 from processed STIGs folder (#710) * removed old 2016 DC/MS processed STIGs * updated changelog.md * Update PowerSTIG to successfully parse/apply IIS Site/Server V1R11 STIGs (#706) * added support for IIS site/server V1R11 * removed old processed STIGs * updated AuditPolicyDsc to 1.4.0.0 (#716) * Allow application of applicable user rights assignments for non-domain and disconnected systems (#719) * updated based on community feedback * update based on feedback * update powerstig to use SecurityPolicyDsc 2.10.0.0 (#717) * updated PowerSTIG to use ComputerMgmtDsc to 8.4.0 (#721) * Added SkipRuleCategory support to PowerSTIG * updating test to be compat with new feature * updated test configs with dynamic logic * updated test logic to run get-dscresource once * updated to disallow skipping doc/man rules * updated integration dscresource tests * testing code coverage * updated registryrule test to include more coverage * updated sqlscriptqueryrule tests * updated setScript in Get-ShutdownOnError function * updated permissionrule tests with add. test case * updated permRule test to increase code coverage * updated changelog * updated test and code coverage threshold * updated code coverage threshold to 81 * updated CC threshold to 80 Co-authored-by: Eric Jenkins <erjenkin@microsoft.com> * removed old stig files after merge with 4.6.0 * updated data and log file based on testing * updated regex data sections based on testing * updated regex data * updated regex patterns for does not contain * added new line in redhat xccdf * added new line to methods for HQRM * created new nxFile rule type for banner rule * update changelog * updated processed xml * updated to RHEL V3R1 * updated code to correct auditrule path * daily commit * updated nxFileLine to parse rule correctly * added more rule support * Update PowerSTIG to include LegacyId to assist in determining Legacy Vuln Ids with the new DISA standard. (#789) * added support for legacyid in processed xml * updated change log * updated tests for legacy id * updated tests to reflect new base rule prop. * Update PowerSTIG to fix LegacyId Logic (#792) * updated legacyid logic * updated changelog * corrected changelog entry * Update PowerSTIG to successfully parse/apply Microsoft Windows 2012 and 2012 R2 MS STIG - Ver 3, Rel 1 (#793) * added support for Win2012R2 MS 3.1 * updated xccdf to have new line based on feedback * updated cert changes from Eric and regen 2012R2 MS * added support for 2012 DC 3.1 (#796) * Update PowerSTIG to successfully parse/apply Microsoft Windows Server 2019 STIG - Ver 2, Rel 1 (#794) * initial commit * updated 2019 * updated 2019 MS v2 Stig * updated to use correct convert flow * update changelog.md * fixed merge error * added newline to raw xccdf * added newline Co-authored-by: Brian Wilhite <bcwilhite@live.com> * Update PowerSTIG to successfully parse/apply Microsoft Windows Defender Antivirus STIG - Ver 2, Rel 1 (#795) * added support for defender v2 stig * added newline to raw xccdf * updated org settings * removed n-2 processed Co-authored-by: Brian Wilhite <bcwilhite@live.com> * Update PowerSTIG to successfully parse/apply Microsoft Windows 10 STIG - Ver 2, Rel 1 (#797) * initial commit * updated convert * updated disa copy paste error * Update PowerSTIG to successfully parse/apply Microsoft Windows Server 2016 STIG - Ver 2, Rel 1 (#798) * merged 4.7.0 and added 2016 split stig * added support for 2016 MS-DC v2r1 STIG * updated default org settings file * updated Get-StigRule to include legacyid support (#801) * Update PowerSTIG to Parse/Apply Google Chrome V2R1 (#803) * initial commit for Chrome * fixed parse error * fixed rule * added support for chrome * updated changelog * updated key, removed trailing " * removed tabs * updated resource * updated export function * updated * updated based on testing * Updated based on testing * updated tests * updated based on test failure * updated based on testing * updated based on testing * added registry policy file to schema * update based on feedback * updated based on feedback * Fixed 2018 V-205820 to be SecurityOptionRule (#805) * updated changelog and filehash for release * updated split rule logic from 4.8.0 * removed old RHEL STIG, fixed hard coded rules * updated xccdf to have new line * fixed 2019DC processed stig based on test feedback * updated regex in testhelper to detect "nx" * removed ubuntu stig * removed write-warning * updated azure pipeline yml to publish CC s/f * created nx rule type tests * added nxFile dsc resource script to RHEL composite * updated nxFile dsc resource script * added nxFile to nxFileLine resource script * added support for RHEL 7.x STIG 3.1 * updated changelog.md * removed ubuntu support from RHEL branch * Adding support for Ubuntu 18 V2R1 * daily commit * daily commit * daily commit (not working yet) * nxFileLine commit * nxPackage & nxService updates * updated banner rule * updated autologout.sh rules * added default org settings * fixed DoesNotContainPattern * added SkipRuleSev param to RHEL/Ubuntu Composites * HQRM keyword test failure correction * updated banner rule * updated org setting with correct syntax/value * updated clientalivecountmax rule * updated org setting to remove unwanted line * added ubuntu 2.2 / removed ubuntu 2.1 STIG * updated data file and added RHEL STIGs * added rule to exclusion list and regen RHEL STIG * updated changelog.md * updated ubuntu nxfile line new line char. * added new line to archive stig * added skip resource script to linux composites * added linux skip rule support * updated ubuntu cipher rule * added ubuntu org settings * updated org settings based on feedback * updated data based on test feedback * updated STIG rules based on validation testing * updated RHEL STIG automation * update test to reflect DoesNotCont pattern change. * updated RHEL STIG rule * removed ubuntu pam.d rules due to sect. placement * rm'd rules where text in file postion is required * updated org setting doesnotcontainpattern * updated rhel stig data * updated spacing Co-authored-by: Eric Jenkins <erjenkin@microsoft.com> * Removal of RHEL RuleId V-204406 (#848) * removed V-204406 from RHEL STIG * updated changelog.md * Update PowerSTIG Skip Rule to Accept Parent Rule (#849) * added updated skip functionality * added Changelog Co-authored-by: Eric Jenkins <eric.jenkins@microsoft.com> Co-authored-by: Brian Wilhite <bcwilhite@live.com> * Update PowerSTIG to successfully parse/apply VMware 6.5 ESXI V2R1 STIG * Update PowerSTIG to successfully parse/apply VMware 6.5 ESXI V2R1 STIG * Update PowerSTIG to successfully parse/apply VMware 6.5 ESXI V2R1 STIG * Update PowerSTIG to successfully parse/apply VMware 6.5 ESXI V2R1 STIG * Update CHANGELOG.md * Update README.md * Minor changes per request * single adjustment per request * Update PowerSTIG to successfully parse/apply MS Edge V1R1 (#861) * added support for MS Edge V1R1 * updated hardcoded to use RegistryPolicyFile * updated extensioninstallblocklist rule * updated rules based on manual checklist testing * added test to support new composite * Update PowerSTIG to successfully parse/apply Microsoft SQL Server 2016 Instance Version 2; Release 2 (#858) * Update PowerSTIG for SQL 2016 Instance * Update CHANGELOG.md * removed tab chars Co-authored-by: Jason Patton <japatton@microsoft.com> Co-authored-by: Brian Wilhite <bcwilhite@live.com> * updated changelog and filehash for release Co-authored-by: Eric Jenkins <erjenkin@microsoft.com> Co-authored-by: Jason Patton <46757047+japatton@users.noreply.github.com> Co-authored-by: Jason Patton <japatton@microsoft.com> Co-authored-by: hinderjd <hinderjd@gmail.com> Co-authored-by: Eric Jenkins <eric.jenkins@microsoft.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Pull Request (PR) description:
Update PowerSTIG to parse and apply Microsoft DotNet V2R1 STIG
This Pull Request (PR) fixes the following issues:
This fixes #831
Task list:
This change is