Registrations to Open-AudIT forums are now closed. To ask any new questions please visit Opmantek Community Questions.

Open-AudIT

What's on your network?
It is currently Fri Mar 29, 2024 12:53 am

All times are UTC + 10 hours




Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 10 posts ] 
Author Message
PostPosted: Thu Oct 16, 2008 2:50 am 
Offline
Newbie

Joined: Tue Oct 14, 2008 8:31 pm
Posts: 28
I would like to see the configuration consolidated in one place. Right now, you have to update audit.config, list_export_config.php, and pretty much every single script, to configure it correctly. That's tedious and error-prone.


Top
 Profile  
Reply with quote  
PostPosted: Fri Oct 17, 2008 8:53 pm 
Offline
Contributor

Joined: Fri Sep 28, 2007 12:07 am
Posts: 189
good idea.

_________________
OA Deployment:
Windows 2003 with XAMPP install
80 Windows Servers
250 Windows workstations (mixed XP and 2000)
5 MACs
Multiple printers, switches, routers, firewalls, and other servers (ESX, AIX etc.)


Top
 Profile  
Reply with quote  
PostPosted: Sat Oct 18, 2008 5:58 am 
Offline
Contributor

Joined: Fri Jul 28, 2006 6:30 am
Posts: 157
Location: London
IMO the only config info that needs to be in a file is the DB connection details in include_config.php. Everything else should be stored in the DB. Audit.vbs could obtain all the config details that it needs by pulling an XML file down from the web server for example.

So, yes I think it's a good suggestion.

_________________
Cheers, Nick.

[size=85]OA Server: Windows Server 2003 / Apache 2
Auditing: 1600 Workstations, 200 Servers
OS's: Windows XP / Windows 2000 / Windows 2003 Server / Windows Vista
LDAP: Active Directory[/size]


Top
 Profile  
Reply with quote  
PostPosted: Sat Oct 18, 2008 12:01 pm 
Offline
Newbie

Joined: Tue Oct 14, 2008 8:31 pm
Posts: 28
This seems to take on a life on its own; you guys added some great ideas!

Nick, the other thing that needs to be configured somewhere is for the audit script to know the URL where to find the configuration.

I would like to add yet one more enhancement along the same vein: the scripts should never store the configuration in a file, but rather download it into memory and process it there. That way, the scripts would not need write access at all when logging is turned off. Heck - even the logging info could be uploaded back to the server.


Top
 Profile  
Reply with quote  
PostPosted: Sun Oct 19, 2008 9:17 pm 
Offline
Contributor

Joined: Fri Jul 04, 2008 6:46 am
Posts: 153
Location: USA - WI
Pulling the config from the server sounds like a neat idea.

However, if that was implemented then there should also be a way to define multiple configurations and give them names, sort of like profile names. Then you could define what profile config you wanted to use by adding a command line switch to the audit scripts. I'm not sure how you would get around getting rid of the actual config file so it's only the script that has all the info though.

Perhaps you could generate the script from the OA website. Such that you would pick a config "profile" with all the settings you want the script to include, including what name you want to give the script, then you pick if you want to generate the linux or windows script, then OA could take all the settings and put it in the script itself and let you download the resulting file.

_________________
OA Server: Debian Squeeze w/ Apache2
Auditing: 700 Workstations, 250 or so Retail Terminals, about 75 Servers
OS's: Windows XP/2003/2008/2008 R2/Vista/7, Debian
LDAP: Active Directory 2008 R2


Top
 Profile  
Reply with quote  
PostPosted: Mon Oct 20, 2008 6:09 am 
Offline
Newbie

Joined: Tue Oct 14, 2008 8:31 pm
Posts: 28
Great idea, Chad! Building on that - how about you don't pick the profile right then, but rather the profile keys off either the IP address or the host name or, probably best, a parameter to the URL. The server could also figure out the client's operating system automatically based on the User-Agent header, and generate either the .sh or the .vbs as appropriate.

With such a mechanism, the actual audit script could be as simple as (Linux example, Windows would be similar):

wget -O /tmp/audit_script.sh http://myserver/openaudit/get_audit_script.php
chmod +x /tmp/audit_script.sh
/tmp/audit_script.sh
rm /tmp/audit_script.sh

Or with a non-default profile:

wget -O /tmp/audit_script.sh http://myserver/openaudit/get_audit_scr ... =MyProfile
chmod +x /tmp/audit_script.sh
/tmp/audit_script.sh
rm /tmp/audit_script.sh


Top
 Profile  
Reply with quote  
PostPosted: Mon Oct 20, 2008 12:13 pm 
Offline
Site Admin
User avatar

Joined: Mon Jun 07, 2004 11:48 am
Posts: 1964
Location: Brisbane, Australia
Look for this type of stuff in OAv2.
It is much more focused on usability. People just hate editing text files.. I plan to have EVERYTHING configurable from the web interface. Most scripts will run from there (ie - audit my domain, scan a subnet, etc) as well. I hope to have most of OAv2 depend on NOTHING externally. AND have the "applicance" run on Linux. I have found a small app that will start a process (from Linux) on a target Windows machine - very cool...

_________________
Support and Development hours available from [url=https://opmantek.com]Opmantek[/url].
Please consider a purchase to help make Open-AudIT better for everyone.


Top
 Profile  
Reply with quote  
PostPosted: Mon Oct 20, 2008 9:12 pm 
Offline
Moderator
User avatar

Joined: Tue Jan 25, 2005 3:09 am
Posts: 2140
Location: Scotland
Don't know if you are aware, but the script already does have the ability to pull its config from the web page, it just doesn't pull it from the database.

_________________
Andrew

[size=85]OA Server: Windows XP/ XAMPP, Mandriva/Apache, Ubuntu
Auditing: 300+ Wstns, 20+ Srvrs, Thin clients, Linux boxes, Routers, etc
OS's: Windows XP , W2K Srvr, W2K3 Srvr, W2K8, Vista, Windows 7, Linuxes (and a Mac at home)
LDAP: Active Directory[/size]


Top
 Profile  
Reply with quote  
PostPosted: Tue Oct 21, 2008 10:53 am 
Offline
Contributor

Joined: Fri Jul 04, 2008 6:46 am
Posts: 153
Location: USA - WI
[quote="Mark"]Look for this type of stuff in OAv2.
It is much more focused on usability. People just hate editing text files.. I plan to have EVERYTHING configurable from the web interface. Most scripts will run from there (ie - audit my domain, scan a subnet, etc) as well. I hope to have most of OAv2 depend on NOTHING externally. AND have the "applicance" run on Linux. I have found a small app that will start a process (from Linux) on a target Windows machine - very cool...


Oooo...that sounds nice :D

Is the app your using winexe? I remember trying that a while back because I was sick of booting into vmware just to use psexec...heh! Never could get it to work right though :x

_________________
OA Server: Debian Squeeze w/ Apache2
Auditing: 700 Workstations, 250 or so Retail Terminals, about 75 Servers
OS's: Windows XP/2003/2008/2008 R2/Vista/7, Debian
LDAP: Active Directory 2008 R2


Top
 Profile  
Reply with quote  
PostPosted: Wed Oct 29, 2008 12:19 pm 
Offline
Site Admin
User avatar

Joined: Mon Jun 07, 2004 11:48 am
Posts: 1964
Location: Brisbane, Australia
winexe == yes. Have replied over here
viewtopic.php?f=5&t=2855&st=0&sk=t&sd=a&start=30

_________________
Support and Development hours available from [url=https://opmantek.com]Opmantek[/url].
Please consider a purchase to help make Open-AudIT better for everyone.


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 10 posts ] 

All times are UTC + 10 hours


Who is online

Users browsing this forum: No registered users and 2 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
Powered by phpBB® Forum Software © phpBB Group