Changes between Version 11 and Version 12 of GENIRacksHome/InstageniRacks/AcceptanceTestStatus/IG-ADM-2


Ignore:
Timestamp:
05/27/12 10:47:18 (9 years ago)
Author:
chaos@bbn.com
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • GENIRacksHome/InstageniRacks/AcceptanceTestStatus/IG-ADM-2

    v11 v12  
    9090 * Password-based SSH does not succeed
    9191
    92 ==== Results of testing: 2012-05-15 ====
     92==== Results of testing step 1A: 2012-05-15 ====
    9393
    9494 * Public key authentication works:
     
    144144 * Login does not succeed via any unencrypted login protocol
    145145
    146 ==== Results of testing: 2012-05-16 ====
     146==== Results of testing step 1B: 2012-05-16 ====
    147147
    148148Note: this isn't a penetration test.  I'm just looking for known unencrypted login protocols on public networks.  On FreeBSD, `sockstat -lL46` shows IPv4 and IPv6 listeners on non-loopback networks.
     
    179179 * The command which was run should be recorded in a log
    180180
    181 ==== Results of testing: 2012-05-16 ====
     181==== Results of testing step 1C: 2012-05-16 ====
    182182
    183183 * Command succeeds:
     
    204204 * Password-based SSH does not succeed
    205205
    206 ==== Results of testing: 2012-05-16 ====
     206==== Results of testing step 2A: 2012-05-16 ====
    207207
    208208 * Public key authentication succeeds:
     
    240240}}}
    241241
    242 ==== Results of testing: 2012-05-21 ====
     242==== Results of testing step 2A: 2012-05-21 ====
    243243
    244244 * Public key authentication succeeds:
     
    279279 * Login does not succeed via any unencrypted login protocol
    280280
    281 ==== Results of testing: 2012-05-16 ====
     281==== Results of testing step 2B: 2012-05-16 ====
    282282
    283283On FreeBSD, `sockstat -lL46` shows IPv4 and IPv6 listeners on non-loopback networks.
     
    307307 * The command which was run should be recorded in a log
    308308
    309 ==== Results of testing: 2012-05-16 ====
     309==== Results of testing step 2C: 2012-05-16 ====
    310310
    311311 * Command succeeds:
     
    398398 * Password-based SSH does not succeed
    399399
    400 ==== Results of testing: 2012-05-16 ====
     400==== Results of testing step 5A: 2012-05-16 ====
    401401
    402402''Testing with Utah rack, whose control node is utah.control.geniracks.net (which believes its hostname is control.utah.geniracks.net, see instaticket:23).''
     
    443443 * Login does not succeed via any unencrypted login protocol
    444444
    445 ==== Results of testing: 2012-05-17 ====
     445==== Results of testing step 5B: 2012-05-17 ====
    446446
    447447 * On Ubuntu, get a list of listeners using:
     
    461461 * The command which was run should be recorded in a log
    462462
    463 ==== Results of testing: 2012-05-17 ====
     463==== Results of testing step 5C: 2012-05-17 ====
    464464
    465465 * The command succeeds:
     
    488488 * Password-based SSH does not succeed from outside of the rack
    489489
    490 ==== Results of testing: 2012-05-17 ====
     490==== Results of testing step 6A: 2012-05-17 ====
    491491
    492492''Testing with Utah rack, using shared OpenVZ host pc5.utah.geniracks.net.''
     
    541541 * Login does not succeed via any unencrypted login protocol
    542542
    543 ==== Results of testing: 2012-05-17 ====
     543==== Results of testing step 6B: 2012-05-17 ====
    544544
    545545 * On RHEL-like OSes, get a list of listeners using:
     
    584584 * The command which was run should be recorded in a log
    585585
    586 ==== Results of testing: 2012-05-17 ====
     586==== Results of testing step 6C: 2012-05-17 ====
    587587
    588588 * The command succeeds and the log entry is created:
     
    607607 * SSH login succeeds
    608608
    609 ==== Results of testing: 2012-05-17 ====
     609==== Results of testing step 7A: 2012-05-17 ====
    610610
    611611''Tested using Utah rack.''
     
    642642 * Viewing the MAC address table should succeed
    643643
    644 ==== Results of testing: 2012-05-17 ====
     644==== Results of testing step 7B: 2012-05-17 ====
    645645
    646646 * Enable command isn't needed, since login is privileged already
     
    676676 * No other services appear to allow remote unencrypted authentication
    677677
    678 ==== Results of testing: 2012-05-17 ====
     678==== Results of testing step 7C: 2012-05-17 ====
    679679
    680680Not applicable: given results of 7A, not bothering to test for other instances of unencrypted login.
     
    703703 * SSH login succeeds
    704704
    705 ==== Results of testing: 2012-05-17 ====
     705==== Results of testing step 8A: 2012-05-17 ====
    706706
    707707''Tested using Utah rack.''
     
    747747 * Viewing the MAC address table should succeed
    748748
    749 ==== Results of testing: 2012-05-17 ====
     749==== Results of testing step 8B: 2012-05-17 ====
    750750
    751751 * Enable command isn't needed, since login is privileged already
     
    781781 * No other services appear to allow remote unencrypted authentication
    782782
    783 ==== Results of testing: 2012-05-17 ====
     783==== Results of testing step 8C: 2012-05-17 ====
    784784
    785785Not applicable: given results of 8A, not bothering to test for other instances of unencrypted login.
     
    811811 * No other services appear to allow remote unencrypted authentication
    812812
    813 ==== Results of testing: 2012-05-17 ====
     813==== Results of testing step 9: 2012-05-17 ====
    814814
    815815 * The pc1.utah.geniracks.net iLO is at 155.98.34.103