Open-AudIT

What's on your network?
It is currently Sat Apr 21, 2018 3:59 am

All times are UTC + 10 hours




Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 6 posts ] 
Author Message
PostPosted: Sat Jan 12, 2008 3:46 pm 
Offline
Newbie

Joined: Tue Dec 11, 2007 2:40 am
Posts: 24
Location: Pennsylvania
Can you guys thinnk of a clever way to map a subnet to a location. Sort of like a case statement...

Case 192.168.240.x = "Tampa, Florida"
Case 192.168.165.x = "Denver, Colorado"

etc...etc...

It would be even cooler to have a map of your country and map subnets to a coordinate... :D

Just thought it might be a neat idea...


Top
 Profile  
Reply with quote  
PostPosted: Tue Jan 15, 2008 6:28 am 
Offline
Newbie

Joined: Tue Dec 11, 2007 2:40 am
Posts: 24
Location: Pennsylvania
I was a little tipsy when I wrote the above post :? So I decided to elaborate a bit more...

I could be rambling here but let me know if you think this is a good idea or better yet, feasible. What I am thinking is that we can update the location field automatically by mapping the IP subnet of a device to a location. A case statement was the best thing that I could think of. Of course this would be different for everyone but maybe we can have a central config file that would save these custom settings so we wouldn't have to reimport them everytime we updated the SVN. If not, we would just have to do it manually. I have some stuff, and I'm sure I'm not alone here, that I need to re-add everythime I update. Not a big deal just as long as I don't forget to note the changes I make :D Also, on the map thing. Once your device has its location, it would be cool to have this device displayed on a map of your country in that location, according to longitude/lattitude. If we could some how configure coordinates on the map, we can then easilly map the location to it's appropriate spot.

subnet = location
coordinate = location

192.168.240.x = "Tampa, Florida"
Latitude: 27.94653 / Longitude: -82.459269 = "Tampa, Florida"
(This website has a pretty cool LL finder - http://www.batchgeocode.com/lookup/)

I realize that if you had a lot of devices in the same location they could end up stacked on top of one another but perhaps a better idea would be to enter all of your remote sites (city, state) and have the map create a flag on the map for that site. You could then hover over the flag to see a hint that would tell you..."10 servers, 1 router, 1 switch" etc... and then you could click the flag to see all of the available devices in that location in a table format.


Top
 Profile  
Reply with quote  
PostPosted: Wed Jan 16, 2008 12:28 am 
Offline
Contributor

Joined: Fri Sep 28, 2007 12:07 am
Posts: 189
this sounds like a pretty good idea.

Jason

_________________
OA Deployment:
Windows 2003 with XAMPP install
80 Windows Servers
250 Windows workstations (mixed XP and 2000)
5 MACs
Multiple printers, switches, routers, firewalls, and other servers (ESX, AIX etc.)


Top
 Profile  
Reply with quote  
PostPosted: Wed Jan 16, 2008 6:52 am 
Offline
Contributor

Joined: Fri Jul 28, 2006 6:30 am
Posts: 157
Location: London
I'm not sure that it has any real practical use for me, but there's no reason IMO why Open Audit can't have a few "cool" features that are mostly eye-candy.

_________________
Cheers, Nick.

OA Server: Windows Server 2003 / Apache 2
Auditing: 1600 Workstations, 200 Servers
OS's: Windows XP / Windows 2000 / Windows 2003 Server / Windows Vista
LDAP: Active Directory


Top
 Profile  
Reply with quote  
PostPosted: Wed Jan 16, 2008 8:49 am 
Offline
Newbie

Joined: Tue Dec 11, 2007 2:40 am
Posts: 24
Location: Pennsylvania
I agree the map is mostly eye candy, but I think mapping the subnet to location would be really helpful...


Top
 Profile  
Reply with quote  
PostPosted: Wed Jan 16, 2008 10:34 pm 
Offline
Moderator
User avatar

Joined: Tue Jan 25, 2005 3:09 am
Posts: 2140
Location: Scotland
Eye Candy it might be, but it would tie in with the idea of keeping all of the config on the server quite nicely.

I am still trying to find the time to finish this particular idea, any body else is welcome to chime in with whatever help they can.

The idea is this....

1) We add a table to the database for multiple site (location) configuration.
This allows us to set up multiple configs. Each config has a site name and suitable site details..
(see how this ties in with this idea :D , we can also add the location details at the same time)

Each site also has an associated Audit Scope (domain name, machine name, IP range or subnet), and an associated
IP or range of IPs that can run the audit for that scope.

We can also have a link from each configuration on the OA server that allows us to grab (download) an audit.vbs for that location.
This audit.vbs is hard coded with the OA server URL (including perhaps a unique key) but doesn't need a config file, since it will
download this when the script is run.

2) When we run audit.vbs, it checks for a local config file. If one is found, it uses that, then checks to see if it can see the OA server,
and if so, is there is an update for audit.vbs
If no local config is found, it tries the server URL, and creates a config, and updates itself based on the values returned from the server.
If no local config is found, and the server cannot be contacted, audit.vbs audits the local machine to a local text file.

3) When contacted by audit.vbs for a config file, If the server recognises the IP address or subnet of the auditing PC
requesting a config it throws back the correct config file for that particular scope (subnet/domain/PC or whatever)
otherwise it throws back a suitable config to audit just the local machine, and post back to the server.

The result of this work is the ability to modify config for any site from the web server, and even have the audit.vbs update itself and its config if need be from the server. Only trouble is, I have done the basics (the site URL is in audit.vbs, and it will grab a config from that URL, however it is not currently a dynamic config, and no check is made to see if audit.vbs is out of date either) I simply haven't had time to finish the idea.

Anybody want to assist? :?

_________________
Andrew

OA Server: Windows XP/ XAMPP, Mandriva/Apache, Ubuntu
Auditing: 300+ Wstns, 20+ Srvrs, Thin clients, Linux boxes, Routers, etc
OS's: Windows XP , W2K Srvr, W2K3 Srvr, W2K8, Vista, Windows 7, Linuxes (and a Mac at home)
LDAP: Active Directory


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 6 posts ] 

All times are UTC + 10 hours


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
Powered by phpBB® Forum Software © phpBB Group