Open-AudIT :: View topic - OAv2 alpha 7 released

Open-AudIT https://www.open-audit.org/phpBB3/

OAv2 alpha 7 released https://www.open-audit.org/phpBB3/viewtopic.php?f=20&t=4020	Page 3 of 4

Author:	Mark [ Fri Jan 21, 2011 10:40 am ]
Post subject:	Re: OAv2 alpha 7 released
[quote]I'd say you don't see it because you don't have any Windows Server 2008 Not R2. Yep - we only have 2008 R2. [quote]I think you need a more sophisticated version of escape_xml as in OpenAudit as the corruption is probably happening on the post to MySQL. Well, in theory it's supposed to be using UTF-8 - this shouldn't matter. escape_xml shouldn't matter either... I'll take a look at the section to accept the audit for a system. Don't have a sample audit result you can send me, do you (sensitive stuff stripped, of course) ?

Author:	Mark [ Fri Jan 21, 2011 10:51 am ]
Post subject:	Re: OAv2 alpha 7 released
[quote]Done. Now I don't get any errors when browsing to myserver/index.php but still a blank site. Make sure in your PHP config file you have [code]error_reporting = E_ALL[/code] set. This should throw some light on it when you call the page. PHP config file on Ubuntu should be at /etc/php5/apache2/php.ini - and don't forget to restart Apache.

Author:	jpa [ Fri Jan 21, 2011 11:52 am ]
Post subject:	Re: OAv2 alpha 7 released
Error setting "status" on System Details page.[attachment=0] OAv2_SystemDetails_Status.jpg [ 23.75 KiB \| Viewed 8904 times ] Also, trouble with click-and-select fields like Criticality and Environment. Once I've selected an option I'm unable to get the drop down to change it again. This is separate from the problem above.

Author:	zeezam [ Fri Jan 21, 2011 4:31 pm ]
Post subject:	Re: OAv2 alpha 7 released
[quote="Mark"][quote]Done. Now I don't get any errors when browsing to myserver/index.php but still a blank site. Make sure in your PHP config file you have [code]error_reporting = E_ALL[/code] set. This should throw some light on it when you call the page. PHP config file on Ubuntu should be at /etc/php5/apache2/php.ini - and don't forget to restart Apache. Changed that and restarted apache. Where is the log file? Nothing more in /var/log/apache2/error.log... No more log files in the apache2 directory. Edit: I didn't have php5-mysql installed, that was the problem Now it's working! ...but how to audit my computers? The gui is pretty empty with options?

Author:	Shmee [ Sat Jan 22, 2011 5:11 am ]
Post subject:	Re: OAv2 alpha 7 released
The scripts you need to run are in the "other" folder of the zip file you downloaded. You will need to edit the scripts to meet your environment. You will find all the info you need for the most part in the FAQ section of the forum: viewforum.php?f=6

Author:

Mark [ Sat Jan 22, 2011 5:01 pm ]

Post subject:

Re: OAv2 alpha 7 released

Well, running OAv2 on Ubuntu 10.10 64bit here at home (on XAMPP on WinXP at work).
Seems that the Windows string displays correctly for me.
This makes me think it's a "setting" somewhere - not necessarily the code in OAv2.
I'll have to take a look on my work install on Monday.

Attachments:

list.png [ 42.69 KiB | Viewed 8882 times ]

Author:	zeezam [ Sun Jan 23, 2011 12:22 am ]
Post subject:	Re: OAv2 alpha 7 released
[quote="Shmee"]The scripts you need to run are in the "other" folder of the zip file you downloaded. You will need to edit the scripts to meet your environment. You will find all the info you need for the most part in the FAQ section of the forum: viewforum.php?f=6 Found it. Thanks. Is it possible to audit linux machines with a network scan?

Author:	jpa [ Sun Jan 23, 2011 10:18 am ]
Post subject:	Re: OAv2 alpha 7 released
[quote="Mark"]This makes me think it's a "setting" somewhere...I think my MySQL has a default character set of latin1 because of some old softare using the db along with OpenAudit. I also thought OAv2 was setting the correct character set and collation but maybe I've got it messed up. I'll check on Monday as well. [quote="zeezam"]Is it possible to audit linux machines with a network scan?I''m not sure what you mean here. The linux audit scripts are also in the other directory. Do you mean to scan a subnet looking for Linux machines and then audit any found?

Author:	zeezam [ Mon Jan 24, 2011 6:50 am ]
Post subject:	Re: OAv2 alpha 7 released
[quote="jpa"] [quote="zeezam"]Is it possible to audit linux machines with a network scan?I''m not sure what you mean here. The linux audit scripts are also in the other directory. Do you mean to scan a subnet looking for Linux machines and then audit any found? Ok. So it's just possible to run the script manually on a linux host?

Author:	Mark [ Mon Jan 24, 2011 8:25 am ]
Post subject:	Re: OAv2 alpha 7 released
Yeah - it's a manual + local script only (at this stage). My plan is to enable ONE script to scan a subnet. It would run nmap against a given ip. Then, based on result either run the linux or windows audit script against the target. If it's some other type of device (printer, switch, etc), just insert the results into the DB as per the nmap script in Open-AudIT. I also want a script to scan an Active Directory domain (done for Windows, at least). Another to retrieve VMware ESX configurations (of hosts and guests). Another for Oracle / MSSQL / MySQL / Postrges, et al config's (though these may be integrated with the linux / windows scripts).

Author:	Mark [ Mon Jan 24, 2011 4:49 pm ]
Post subject:	Re: OAv2 alpha 7 released
[quote="jpa"] Mark wrote:This makes me think it's a "setting" somewhere... I think my MySQL has a default character set of latin1 because of some old softare using the db along with OpenAudit. I also thought OAv2 was setting the correct character set and collation but maybe I've got it messed up. I'll check on Monday as well. zeezam wrote:Is it possible to audit linux machines with a network scan? I''m not sure what you mean here. The linux audit scripts are also in the other directory. Do you mean to scan a subnet looking for Linux machines and then audit any found? Seem's to work here "at work" just fine, too. Running WinXP 32bit with XAMPP. No funny characters display - I see the copyright symbol as intended.

Author:	Mark [ Mon Jan 24, 2011 4:51 pm ]
Post subject:	Re: OAv2 alpha 7 released
Have fixed the ajax issue with changing a systems status, etc on the system_display page, too. Need to do another release. The next one will be "beta" tagged. Give me a day or two... I've been reviewing the DB and just need a couple more days to finalise it.

Author:	Shmee [ Tue Jan 25, 2011 1:38 am ]
Post subject:	Re: OAv2 alpha 7 released
Sounds good. Here is to OAv2b1.

Author:	jpa [ Sat Jan 29, 2011 8:26 am ]
Post subject:	Re: OAv2 alpha 7 released
[quote="Mark"]Seems that the Windows string displays correctly for me. This makes me think it's a "setting" somewhere - not necessarily the code in OAv2. So I tried tracking down a setting flaw with this character encoding stuff on my system and didn't have much luck. I was able to get the characters to import correctly by changing the XML header of the posted data. I changed the audit script XML header from ISO-8859-1 to UTF-8 [code] result = "<?xml version=""1.0"" encoding=""ISO-8859-1""?>" & vbcrlf to result = "<?xml version=""1.0"" encoding=""UTF-8""?>" & vbcrlf[/code] which produced the following output where the first system audit used ISO-8859 and the second used UTF-8 and I hacked the name a bit to get it in to the system as a new machine. [attachment=0] OAv2UTF8.png [ 33.01 KiB \| Viewed 8797 times ]

Author:	jaisgrandad [ Tue Feb 01, 2011 2:32 am ]
Post subject:	Re: OAv2 alpha 7 released
The one about the keys is a case-sensitive issue. On line 22 of v_system_display.php change the line if ($key->man_os_group == 'windows') to if (strtolower($key->man_os_group) == 'windows') All the Windows I have come across have an uppercase 'W' but using the strtolower should fix any combination. Your Keys option on the menu should now work

Page 3 of 4	All times are UTC + 10 hours
Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/