search

Cingulara / openrmf-docs

Documentation on the OpenRMF application, including scripts to run the whole stack as well as just infrastructure with documentation on using the tool.
https://www.openrmf.io/
GNU General Public License v3.0
126 stars 27 forks source link

[BUG] OpenRMF produces inaccurate "NAF" (Not a finding) counts. #213

Closed JDoofenschmirtz closed 3 years ago

JDoofenschmirtz commented 3 years ago

Describe the bug OpenRMF produces inaccurate "NAF" (Not a finding) counts.

To Reproduce Steps to reproduce the behavior:

  1. Within OpenRMF, go to Upload -> Choose Files (Your RHEL 6 ckl) -> Upload and Save
  2. Click on the system you uploaded the ckl to and scroll down to the Checklist section
  3. Note the number in the NAF column (mine was 135)
  4. Open the same ckl file in STIGViewer and note the number next to "Not a Finding:" (mine was 227)

Expected behavior The NAF count in OpenRMF should match the "Not a Finding:" count in STIGViewer

Screenshots image image

Desktop (please complete the following information):

Additional context I attempted the following workarounds to fix the inaccurate counts:

  1. Upgrading to the 2020 version of the REL 6 STIG using OpenRMF
  2. Splitting the REL 6 STIG file into two ckl files (the two files still added up to 135 NAF within OpenRMF)
  3. Removing excess text to shrink the REL 6 STIG file size (the file was 1.2MB, so I thought perhaps it was a file size issue)
  4. Counted the number of times NotAFinding appeared in the raw text of the REL 6 STIG ckl file and it was 227 (verifying that STIGViewer was accurate)

None of the workarounds were successful.

Cingulara commented 3 years ago

I will have to load the dev stack on this locally and step through it. Give me this weekend as I have too many other things going on now taking my time.

@JDoofenschmirtz Is this RHEL 6 one the only one doing this? Do you notice this with any others or just this one? That will help me narrow down if there is a problem in the code parsing the checklists. I have not run into this issue, but I also have not used the RHEL 6 checklist. I have used loads of other ones, including the ASD and the Windows family, REL 7.x, IBM z/OS, McAfee, databases, even some SRRGs. So I want to see if there is something specific on RHEL6 if you have only seen it on that one.

Cingulara commented 3 years ago

Excellent find @JDoofenschmirtz this line 113 has an = instead of a + sign. I need to fix and push out an update along with Template updates this weekend. I tested this locally, and I just re-uploaded that checklist and it corrected the issues.

https://github.com/Cingulara/openrmf-msg-score/blob/b8267a4ef21d5d5fcac69164e38ec7bfe9b40167/src/Classes/ScoringEngine.cs#L113

When I have the fix out there I will let you know.

Cingulara commented 3 years ago

This fix is now in the master branch and fixed @JDoofenschmirtz. You can pull down the latest code in the Release area and get the full update. https://github.com/Cingulara/openrmf-docs/releases/tag/1.3.2

Alternatively, you can shut down the OpenRMF stack only (leave Keycloak alone), and just copy the https://raw.githubusercontent.com/Cingulara/openrmf-docs/master/scripts/docker-compose.yml file contents over top of yours. Then run the "start" script again. It will pull the latest web container (version update), template container (newest public DISA STIG templates), and the container with the fix on the score.