From 97d0953e3eafdc4bfd72ea859594f3d3f9cb5ddd Mon Sep 17 00:00:00 2001
From: YuQing <yyq0391@163.com>
Date: Fri, 9 Dec 2022 16:48:38 +0800
Subject: [PATCH 1/5] Update Anolis_security_benchmark.config file to match the
 latest rules.

Signed-off-by: YuQing <yyq0391@163.com>
---
 .../Anolis_security_benchmark_level1.config     |  9 ++++++++-
 .../Anolis_security_benchmark_level3.config     | 13 ++++++++++++-
 .../Anolis_security_benchmark_level1.config     | 13 +++++++++++++
 .../Anolis_security_benchmark_level2.config     | 14 ++++++++++++++
 .../Anolis_security_benchmark_level3.config     | 17 +++++++++++++++++
 .../Anolis_security_benchmark_level4.config     | 17 +++++++++++++++++
 6 files changed, 81 insertions(+), 2 deletions(-)

diff --git a/tools/remediation-kits/config/Anolis_security_benchmark_level1.config b/tools/remediation-kits/config/Anolis_security_benchmark_level1.config
index ea93e5a..bd42598 100644
--- a/tools/remediation-kits/config/Anolis_security_benchmark_level1.config
+++ b/tools/remediation-kits/config/Anolis_security_benchmark_level1.config
@@ -21,11 +21,17 @@
 1.39
 1.40
 1.41
+1.42
+1.43
+1.44
+1.45
+1.46
 2.11
 2.14
 2.16
 2.17
 2.18
+2.19
 3.5
 4.2
 4.3
@@ -49,4 +55,5 @@
 4.66
 4.67
 4.68
-5.1
\ No newline at end of file
+5.1
+4.1
\ No newline at end of file
diff --git a/tools/remediation-kits/config/Anolis_security_benchmark_level3.config b/tools/remediation-kits/config/Anolis_security_benchmark_level3.config
index cc12a56..120b11e 100644
--- a/tools/remediation-kits/config/Anolis_security_benchmark_level3.config
+++ b/tools/remediation-kits/config/Anolis_security_benchmark_level3.config
@@ -21,13 +21,23 @@
 1.39
 1.40
 1.41
+1.42
+1.43
+1.44
+1.45
+1.46
 2.11
 2.14
 2.16
 2.17
 2.18
+2.19
 2.20
+2.21
+2.22
+2.23
 3.5
+3.19
 4.2
 4.3
 4.8
@@ -54,4 +64,5 @@
 5.1
 5.2
 5.3
-5.4
\ No newline at end of file
+5.4
+4.1
\ No newline at end of file
diff --git a/tools/scanners/config/Anolis_security_benchmark_level1.config b/tools/scanners/config/Anolis_security_benchmark_level1.config
index 447a37b..ee4d7fd 100644
--- a/tools/scanners/config/Anolis_security_benchmark_level1.config
+++ b/tools/scanners/config/Anolis_security_benchmark_level1.config
@@ -37,6 +37,13 @@
 1.39
 1.40
 1.41
+1.42
+1.43
+1.44
+1.45
+1.46
+1.47
+1.49
 2.1
 2.2
 2.3
@@ -72,6 +79,12 @@
 3.15
 3.16
 3.17
+3.18
+3.20
+3.21
+3.22
+3.23
+3.24
 4.1
 4.2
 4.3
diff --git a/tools/scanners/config/Anolis_security_benchmark_level2.config b/tools/scanners/config/Anolis_security_benchmark_level2.config
index 8d91922..e42c3eb 100644
--- a/tools/scanners/config/Anolis_security_benchmark_level2.config
+++ b/tools/scanners/config/Anolis_security_benchmark_level2.config
@@ -39,6 +39,14 @@
 1.39
 1.40
 1.41
+1.41
+1.42
+1.43
+1.44
+1.45
+1.46
+1.47
+1.49
 2.1
 2.2
 2.3
@@ -75,6 +83,12 @@
 3.15
 3.16
 3.17
+3.18
+3.20
+3.21
+3.22
+3.23
+3.24
 4.1
 4.2
 4.3
diff --git a/tools/scanners/config/Anolis_security_benchmark_level3.config b/tools/scanners/config/Anolis_security_benchmark_level3.config
index e81ac2b..53d8fef 100644
--- a/tools/scanners/config/Anolis_security_benchmark_level3.config
+++ b/tools/scanners/config/Anolis_security_benchmark_level3.config
@@ -39,6 +39,13 @@
 1.39
 1.40
 1.41
+1.42
+1.43
+1.44
+1.45
+1.46
+1.47
+1.49
 2.1
 2.2
 2.3
@@ -59,6 +66,9 @@
 2.18
 2.19
 2.20
+2.21
+2.22
+2.23
 3.1
 3.2
 3.3
@@ -76,6 +86,13 @@
 3.15
 3.16
 3.17
+3.18
+3.19
+3.20
+3.21
+3.22
+3.23
+3.24
 4.1
 4.2
 4.3
diff --git a/tools/scanners/config/Anolis_security_benchmark_level4.config b/tools/scanners/config/Anolis_security_benchmark_level4.config
index 0632f97..16ed199 100644
--- a/tools/scanners/config/Anolis_security_benchmark_level4.config
+++ b/tools/scanners/config/Anolis_security_benchmark_level4.config
@@ -39,6 +39,13 @@
 1.39
 1.40
 1.41
+1.42
+1.43
+1.44
+1.45
+1.46
+1.47
+1.49
 2.1
 2.2
 2.3
@@ -59,6 +66,9 @@
 2.18
 2.19
 2.20
+2.21
+2.22
+2.23
 3.1
 3.2
 3.3
@@ -76,6 +86,13 @@
 3.15
 3.16
 3.17
+3.18
+3.19
+3.20
+3.21
+3.22
+3.23
+3.24
 4.1
 4.2
 4.3
-- 
Gitee


From 52cf4559f1dbe63eb9a4f14c698912b50105dbd3 Mon Sep 17 00:00:00 2001
From: YuQing <yyq0391@163.com>
Date: Fri, 9 Dec 2022 16:53:22 +0800
Subject: [PATCH 2/5] Add Reference_DengBaoThree.config files for scanner and
 remediation tools.

Signed-off-by: YuQing <yyq0391@163.com>
---
 .../config/Reference_DengBaoThree.config      | 16 ++++++++++
 .../config/Reference_DengBaoThree.config      | 30 +++++++++++++++++++
 2 files changed, 46 insertions(+)
 create mode 100644 tools/remediation-kits/config/Reference_DengBaoThree.config
 create mode 100644 tools/scanners/config/Reference_DengBaoThree.config

diff --git a/tools/remediation-kits/config/Reference_DengBaoThree.config b/tools/remediation-kits/config/Reference_DengBaoThree.config
new file mode 100644
index 0000000..1da9a40
--- /dev/null
+++ b/tools/remediation-kits/config/Reference_DengBaoThree.config
@@ -0,0 +1,16 @@
+1.17
+1.27
+1.36
+1.39
+1.40
+1.42
+1.43
+1.44
+1.45
+1.46
+2.20
+2.21
+2.22
+2.23
+3.5
+3.19
\ No newline at end of file
diff --git a/tools/scanners/config/Reference_DengBaoThree.config b/tools/scanners/config/Reference_DengBaoThree.config
new file mode 100644
index 0000000..53a80e6
--- /dev/null
+++ b/tools/scanners/config/Reference_DengBaoThree.config
@@ -0,0 +1,30 @@
+1.17
+1.27
+1.27
+1.36
+1.39
+1.40
+1.42
+1.43
+1.44
+1.45
+1.46
+1.47
+1.49
+2.20
+2.21
+2.22
+2.23
+3.14
+3.15
+3.17
+3.18
+3.19
+3.20
+3.21
+3.22
+3.23
+3.24
+3.4
+3.5
+4.31
\ No newline at end of file
-- 
Gitee


From 8c4357a53da0a6d613b0672f0e0589e08b7dc4bb Mon Sep 17 00:00:00 2001
From: YuQing <yyq0391@163.com>
Date: Fri, 9 Dec 2022 16:55:07 +0800
Subject: [PATCH 3/5] Add Reference_CIS.config files for scanner and
 remediation tools.

Signed-off-by: YuQing <yyq0391@163.com>
---
 .../config/Reference_CIS.config               |  50 +++++++
 tools/scanners/config/Reference_CIS.config    | 139 ++++++++++++++++++
 2 files changed, 189 insertions(+)
 create mode 100644 tools/remediation-kits/config/Reference_CIS.config
 create mode 100644 tools/scanners/config/Reference_CIS.config

diff --git a/tools/remediation-kits/config/Reference_CIS.config b/tools/remediation-kits/config/Reference_CIS.config
new file mode 100644
index 0000000..183e732
--- /dev/null
+++ b/tools/remediation-kits/config/Reference_CIS.config
@@ -0,0 +1,50 @@
+1.2
+1.3
+1.4
+1.5
+1.6
+1.7
+1.8
+1.14
+1.17
+1.20
+1.21
+1.22
+1.24
+1.27
+1.28
+1.29
+1.31
+1.32
+1.34
+1.36
+1.37
+1.39
+1.40
+2.11
+2.14
+2.16
+2.17
+2.18
+3.5
+4.2
+4.3
+4.8
+4.9
+4.11
+4.13
+4.44
+4.45
+4.46
+4.48
+4.49
+4.50
+4.51
+4.52
+4.55
+4.57
+4.59
+4.62
+4.63
+4.64
+4.1
\ No newline at end of file
diff --git a/tools/scanners/config/Reference_CIS.config b/tools/scanners/config/Reference_CIS.config
new file mode 100644
index 0000000..272991e
--- /dev/null
+++ b/tools/scanners/config/Reference_CIS.config
@@ -0,0 +1,139 @@
+1.1
+1.2
+1.3
+1.4
+1.5
+1.6
+1.7
+1.8
+1.9
+1.10
+1.11
+1.12
+1.13
+1.14
+1.15
+1.16
+1.17
+1.18
+1.19
+1.20
+1.21
+1.22
+1.23
+1.24
+1.25
+1.26
+1.27
+1.28
+1.29
+1.30
+1.31
+1.32
+1.33
+1.34
+1.35
+1.36
+1.37
+1.38
+1.39
+1.40
+2.1
+2.2
+2.3
+2.4
+2.5
+2.6
+2.7
+2.8
+2.9
+2.10
+2.11
+2.12
+2.13
+2.14
+2.15
+2.16
+2.17
+2.18
+2.19
+3.1
+3.2
+3.3
+3.4
+3.5
+3.6
+3.7
+3.8
+3.9
+3.10
+3.11
+3.12
+3.13
+3.14
+3.15
+4.1
+4.2
+4.3
+4.4
+4.5
+4.6
+4.7
+4.8
+4.9
+4.10
+4.11
+4.12
+4.13
+4.14
+4.15
+4.16
+4.17
+4.18
+4.19
+4.20
+4.21
+4.22
+4.23
+4.24
+4.25
+4.26
+4.27
+4.28
+4.29
+4.30
+4.31
+4.32
+4.33
+4.34
+4.35
+4.36
+4.37
+4.38
+4.39
+4.40
+4.41
+4.42
+4.43
+4.44
+4.45
+4.46
+4.47
+4.48
+4.49
+4.50
+4.51
+4.52
+4.53
+4.54
+4.55
+4.56
+4.57
+4.58
+4.59
+4.60
+4.61
+4.62
+4.63
+4.64
+4.65
\ No newline at end of file
-- 
Gitee


From 776158d5219685d6c7e4a06b10bba0ade63a0958 Mon Sep 17 00:00:00 2001
From: YuQing <yyq0391@163.com>
Date: Fri, 9 Dec 2022 16:51:09 +0800
Subject: [PATCH 4/5] Update readme files for scanner and remediation tools.

Signed-off-by: YuQing <yyq0391@163.com>
---
 tools/remediation-kits/README.md | 4 ++++
 tools/scanners/README.md         | 4 ++++
 2 files changed, 8 insertions(+)

diff --git a/tools/remediation-kits/README.md b/tools/remediation-kits/README.md
index c52230e..bc0207f 100644
--- a/tools/remediation-kits/README.md
+++ b/tools/remediation-kits/README.md
@@ -10,6 +10,10 @@
 
 - Anolis_security_benchmark_level1.config -- 配置文件，用于存储待加固的项目编号
 
+- Reference_DengBaoThree.config -- 此 config 文件包含的编号为：已发布的 benchmark 中参考了 等保2.0三级 标准的规则。其中包含 level 3 的规则，需谨慎使用
+
+- Reference_CIS.config -- 此 config 文件包含的编号为：已发布的 benchmark 中参考了 CIS 标准的规则。具体可在 benchmark Markdown 文档的参考一项中查看
+
 - run_Anolis_remediation_kit.sh -- 可执行文件，用于调用加固脚本对系统进行加固
 
 - config（目录） -- 用于存放config文件
diff --git a/tools/scanners/README.md b/tools/scanners/README.md
index 5adccfa..2eb36e3 100644
--- a/tools/scanners/README.md
+++ b/tools/scanners/README.md
@@ -10,6 +10,10 @@
 
 - Anolis_security_benchmark_level1.config -- 配置文件，用于存储待扫描的项目编号
 
+- Reference_DengBaoThree.config -- 此 config 文件包含的编号为：已发布的 benchmark 中参考了 等保2.0三级 标准的规则
+
+- Reference_CIS.config -- 此 config 文件包含的编号为：已发布的 benchmark 中参考了 CIS 标准的规则。具体可在 benchmark Markdown 文档的参考一项中查看
+
 - run_Anolis_scanners.sh -- 可执行文件，用于调用扫描脚本对系统进行安全合规扫描
 
 - config（目录） -- 用于存放config文件
-- 
Gitee


From 9c356d8f56df3de062a19997e439d8b4e79cc728 Mon Sep 17 00:00:00 2001
From: YuQing <yyq0391@163.com>
Date: Fri, 9 Dec 2022 17:22:21 +0800
Subject: [PATCH 5/5] Rename docs/anolis-security-benchmark-summary-of-rules.md
 -> docs/summary-of-rules.md

Signed-off-by: YuQing <yyq0391@163.com>
---
 ...security-benchmark-summary-of-rules.md => summary-of-rules.md} | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 rename docs/{anolis-security-benchmark-summary-of-rules.md => summary-of-rules.md} (100%)

diff --git a/docs/anolis-security-benchmark-summary-of-rules.md b/docs/summary-of-rules.md
similarity index 100%
rename from docs/anolis-security-benchmark-summary-of-rules.md
rename to docs/summary-of-rules.md
-- 
Gitee