Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Rule: Search Private Keys or Passwords / Add private key candidates #60

Merged
merged 1 commit into from
May 24, 2023
Merged

Rule: Search Private Keys or Passwords / Add private key candidates #60

merged 1 commit into from
May 24, 2023

Conversation

owlinux1000
Copy link
Contributor

What type of PR is this?

/kind feature

Any specific area of the project related to this PR?

/area rules

What this PR does / why we need it:

Private key candidates will be searched by attacker are insufficient. At least, Ubuntu 22.04 may create the following key by default.

  • id_ed25519
  • id_ecdsa

@poiana poiana requested review from leodido and loresuso May 20, 2023 11:35
@poiana
Copy link

poiana commented May 20, 2023

Welcome @owlinux1000! It looks like this is your first PR to falcosecurity/rules 🎉

@poiana poiana added the size/XS label May 20, 2023
@owlinux1000 owlinux1000 changed the title Add private key candidates Rule: Search Private Keys or Passwords / Add private key candidates May 20, 2023
@loresuso
Copy link
Member

loresuso commented May 22, 2023
edited
Loading

Hi @owlinux1000 and thanks for this contribution!
If you change the commit message to follow conventional commits I'll approve these changes

@owlinux1000 owlinux1000 force-pushed the main branch 2 times, most recently from 226e424 to d3b7b2c Compare May 23, 2023 12:16
@owlinux1000
Copy link
Contributor Author

Hello @loresuso!
I'm so sorry for my commit message and fixed it. Is there anything else?

@owlinux1000
rule(Search Private Keys or Passwords): Add default filenames created…
716e8e7 
… in recent Linux to candidate for private keys

Signed-off-by: owlinux1000 <[email protected]>
loresuso
loresuso approved these changes May 24, 2023
View reviewed changes
Copy link
Member

@loresuso loresuso left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No problems @owlinux1000 :)
cc @leogr

@poiana poiana added the lgtm label May 24, 2023
@poiana
Copy link

poiana commented May 24, 2023

LGTM label has been added.

Git tree hash: c0594aa0caa54f5fc00609113554f8dc2c308011

@poiana
Copy link

poiana commented May 24, 2023

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: leogr, loresuso, owlinux1000

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@poiana poiana merged commit 3471984 into falcosecurity:main May 24, 2023
@jasondellaluce jasondellaluce added this to the falco-rules-1.0.0 milestone Jun 20, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@leogr leogr leogr approved these changes

@loresuso loresuso loresuso approved these changes

@leodido leodido Awaiting requested review from leodido

Assignees

@leogr leogr

@loresuso loresuso

Labels
approved dco-signoff: yes lgtm size/XS
Projects
None yet
Milestone
falco-rules-1.0.0
Development

Successfully merging this pull request may close these issues.
5 participants
@owlinux1000 @poiana @loresuso @leogr @jasondellaluce