weixin_39851279
weixin_39851279
2021-01-06 15:16

Add a rule to check for ICMP ingress traffic allowed to all

For AWS provider, provide a rule that checks for ICMP traffic being allowed from all locations. By default this rule is disabled in both the default and detailed rulesets.

该提问来源于开源项目:nccgroup/ScoutSuite

  • 点赞
  • 写回答
  • 关注问题
  • 收藏
  • 复制链接分享
  • 邀请回答

5条回答

  • weixin_39995439 weixin_39995439 4月前

    Codecov Report

    Merging #348 into develop will decrease coverage by 0.42%. The diff coverage is n/a.

    Impacted file tree graph

    diff
    @@             Coverage Diff             @@
    ##           develop     #348      +/-   ##
    ===========================================
    - Coverage    34.84%   34.41%   -0.43%     
    ===========================================
      Files          188      188              
      Lines         6015     6110      +95     
    ===========================================
    + Hits          2096     2103       +7     
    - Misses        3919     4007      +88
    

    | Impacted Files | Coverage Δ | | |---|---|---| | ...utSuite/providers/gcp/facade/stackdriverlogging.py | 45.45% <0%> (-21.22%) | :arrow_down: | | ScoutSuite/providers/gcp/facade/cloudstorage.py | 28.57% <0%> (-18.1%) | :arrow_down: | | ScoutSuite/providers/gcp/facade/cloudsql.py | 27.27% <0%> (-12.73%) | :arrow_down: | | ...Suite/providers/gcp/facade/cloudresourcemanager.py | 42.85% <0%> (-12.7%) | :arrow_down: | | ScoutSuite/providers/gcp/facade/iam.py | 25.71% <0%> (-10.65%) | :arrow_down: | | ScoutSuite/providers/gcp/facade/gce.py | 16.83% <0%> (-9.84%) | :arrow_down: | | ScoutSuite/providers/gcp/facade/gcp.py | 44.44% <0%> (-5.56%) | :arrow_down: |

    Continue to review full report at Codecov.

    Legend - Click here to learn more Δ = absolute <relative> (impact), ø = not affected, ? = missing data Powered by Codecov. Last update d3657d0...980bdad. Read the comment docs.

    点赞 评论 复制链接分享
  • weixin_39748838 weixin_39748838 4月前

    Hey Greg, I moved your PR target to develop (the contribution process has been formalized a few months ago and is described in the CONTRIBUTING.md).

    Thanks for your contribution! I tested it, looks good.

    点赞 评论 复制链接分享
  • weixin_39851279 weixin_39851279 4月前

    Hey Greg, I moved your PR target to develop (the contribution process has been formalized a few months ago and is described in the CONTRIBUTING.md).

    Thanks for your contribution! I tested it, looks good.

    Thanks for the pointer to CONTRIBUTING.md; obviously should have read that first! :-)

    I can't figure out why the travis CI build failed, though... is that a transient issue? It's not clear how adding a rule would cause other parts to fail?

    点赞 评论 复制链接分享
  • weixin_39748838 weixin_39748838 4月前

    Thanks for the pointer to CONTRIBUTING.md; obviously should have read that first! :-)

    No worries!

    I can't figure out why the travis CI build failed, though... is that a transient issue? It's not clear how adding a rule would cause other parts to fail?

    We are indeed having a flaky build situation. I restarted the build and it passed. It's been happening for a month or so, not sure what is causing this.

    点赞 评论 复制链接分享
  • weixin_39787089 weixin_39787089 4月前

    Reviewed and approved, thanks :medal_sports:

    点赞 评论 复制链接分享

相关推荐