Registrations to Open-AudIT forums are now closed. To ask any new questions please visit Opmantek Community Questions.

Open-AudIT

What's on your network?
It is currently Fri Mar 29, 2024 1:08 am

All times are UTC + 10 hours




Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 36 posts ]  Go to page Previous  1, 2, 3
Author Message
PostPosted: Mon Nov 24, 2008 1:02 am 
Offline
Contributor

Joined: Fri Jul 28, 2006 6:30 am
Posts: 157
Location: London
[quote="Mark"]Some thoughts...
Only problem with that would be that you're "trusting" the user input (script output) to have the correct field names. I (personally) think that's way to much trust to place on the user input. I am thinking more in terms of web submitted audits, etc. I am trying to trust as little as possible of the input data. Yes, I want the field names to match, but I don't think we should actually rely and automate (hence trust) this.


Not sure what your "trust" isue is here Mark? Are you referring to security or data integrity ? Why wouldn't the script output have the correct field names? Surely we have to assume that it will supply a correct data structure? Or at least accept that an incorrect data structure will result in a data submission error. But all this would be true of whatever XML schema we use wouldn't it?

[quote="Mark"]So, you'd need to include UUID, MAC and System Name in the URL. You would also need a global timestamp to be the same for submission with each section.

Actually I'd suggest that if we wanted to follow this approach then a uniquely generated session (or "audit") id would be be the way to go. This could be sent in the first data submission (along with UUI,MAC etc) and re-used for subsequent submissions. That way the received data fragments could re-assembled.

_________________
Cheers, Nick.

[size=85]OA Server: Windows Server 2003 / Apache 2
Auditing: 1600 Workstations, 200 Servers
OS's: Windows XP / Windows 2000 / Windows 2003 Server / Windows Vista
LDAP: Active Directory[/size]


Top
 Profile  
Reply with quote  
PostPosted: Mon Nov 24, 2008 7:59 am 
Offline
Site Admin
User avatar

Joined: Mon Jun 07, 2004 11:48 am
Posts: 1964
Location: Brisbane, Australia
[quote]Hey Mark, any chance you can post your code for the pc input for the xml. So we dont have to start from scratch (if youve got it, i know the tables are different). I would like to start trying to turn the audit.vbs and the pc add for the old version of open-audit into xml input/recieve

Short answer - not yet. The code uses the CodeIgniter Framework. As such, it doesn't have one single "pc input" page. At the moment (I think, from memory) it would have about 12. These pages are useless without the rest of the framework. So I'll need to post it all. I am not quite ready to do that. Please be patient.

[quote]Not sure what your "trust" isue is here Mark? Are you referring to security or data integrity ? Why wouldn't the script output have the correct field names? Surely we have to assume that it will supply a correct data structure?
I am thinking along two lines. One - NEVER trust information you receive from a "user". Two - this input form will have to account for being hooked up to a public facing web page. See point One...

[quote]Actually I'd suggest that if we wanted to follow this approach then a uniquely generated session (or "audit") id would be be the way to go. This could be sent in the first data submission (along with UUI,MAC etc) and re-used for subsequent submissions. That way the received data fragments could re-assembled.
Yeah - sounds interesting. How much harder would it be than a couple of extra fields on a form though, and is it worth the effort ? Thanks for the thoughts, and please don't think I am writing this second one off. Your thoughts are much appreciated, and can only help build a better product. More thought needed with this one - definitely.

_________________
Support and Development hours available from [url=https://opmantek.com]Opmantek[/url].
Please consider a purchase to help make Open-AudIT better for everyone.


Top
 Profile  
Reply with quote  
PostPosted: Mon Nov 24, 2008 9:11 am 
Offline
Site Admin
User avatar

Joined: Mon Jun 07, 2004 11:48 am
Posts: 1964
Location: Brisbane, Australia
[quote]Yeah - sounds interesting. How much harder would it be than a couple of extra fields on a form though, and is it worth the effort ? Thanks for the thoughts, and please don't think I am writing this second one off. Your thoughts are much appreciated, and can only help build a better product. More thought needed with this one - definitely.


OK - had a thought. If we assume (a dangerous assumption) that the details for the "system" table are the first submitted on any given audit, we can return the system_id as the "page". This could then be included on subsequent posts (software, hard disk, et al) to determine which system / timestamp the post relates to. Still thinking...

_________________
Support and Development hours available from [url=https://opmantek.com]Opmantek[/url].
Please consider a purchase to help make Open-AudIT better for everyone.


Top
 Profile  
Reply with quote  
PostPosted: Tue Dec 09, 2008 8:07 am 
Offline
Newbie

Joined: Sat Nov 22, 2008 1:26 am
Posts: 12
Line 2578 and 2579 of Audit.vbs

' Include customer specific audits
ExecuteGlobal CreateObject("Scripting.FileSystemObject").OpenTextFile("audit_custom_software.inc").ReadAll

This calls audit_custom_software.inc which reads the registry and updates the xml. Couldn't we call all these categories one at a time using this method? Or would that break the IE side?


Top
 Profile  
Reply with quote  
PostPosted: Wed Dec 10, 2008 1:06 am 
Offline
Moderator
User avatar

Joined: Tue Jan 25, 2005 3:09 am
Posts: 2140
Location: Scotland
[quote="Malenx"]Line 2578 and 2579 of Audit.vbs

' Include customer specific audits
ExecuteGlobal CreateObject("Scripting.FileSystemObject").OpenTextFile("audit_custom_software.inc").ReadAll

This calls audit_custom_software.inc which reads the registry and updates the xml. Couldn't we call all these categories one at a time using this method? Or would that break the IE side?


You could indeed, in fact, you could install a simple "shim" audit.vbs which asks for each part of the main audit.vbs file from the server as and when it needs it, using the method I used to grab the config from the server. Using this method, you would have greater control of the script, it would never be out of date (as it would always get the latest version of each section from the server), and the scripts could be tailored to the calling PC/Linux Box/Sandwich Toaster or whatever called it.

Something like...

audit.vbs becomes...

[code]
Pseudocode.. audit.vbs
'''''''''''''''''''''''''''''''''''
' Open Audit '
' Software and Hardware Inventory '
' Outputs into MySQL '
' (c) Open-Audit.org 2003-2007 '
' Licensed under the GPL '
'''''''''''''''''''''''''''''''''''
'
this_main_url = "%host_url%"
if (left(this_main_url,1) = "%") then
this_main_url = "http://openaudit/openaudit/scripts/send_main.php"
end if
'
'
' Find out the name of this script, usually audit.vbs but it depends where we were called form.
full_script_name = WScript.ScriptFullName
' Strip off the .vbs and the path, so we can create files with the same suffix.
' No point in creating or overwriting audit.config if we aren't called audit.vbs
script_prefix = Left(full_script_name,(InStrRev(full_script_name,".vbs")-1))
script_prefix = Right(script_prefix,(len(script_prefix) - (InStrRev(WScript.ScriptFullName,"\"))))
' We also need the Path
sScriptPath=Left(WScript.ScriptFullName, InStrRev(WScript.ScriptFullName,"\"))

this_main = sScriptPath & script_prefix & ".main"

dim filesys
Set filesys = CreateObject("Scripting.FileSystemObject")

If filesys.FileExists(this_main) then
' Do nothing, or panic, since we should destroy the old "main" once the script has run
else
'wscript.echo("Downloading Main Audit Code")
'
'

' Now we open the web page where the remote main lives
Set WshShell = WScript.CreateObject("WScript.Shell")

Set http = CreateObject("Microsoft.XmlHttp")
' ...and we grab it..
http.open "GET",this_main_url, FALSE
http.send ""
'
Set main_file = CreateObject("Scripting.FileSystemObject")
Set our_main = main_file.OpenTextFile( this_main, ForWriting, True)
'... and post it to our local config.
our_main.write http.responseText
our_main.close
End If
' End of web download script.
ExecuteGlobal CreateObject("Scripting.FileSystemObject").OpenTextFile(this_main).ReadAll
'
[/code]

/scripts/send_main.php then sends the actual main part of the code...

If send_main.php uses a similar handoff proceedure, then it can in theory send each section of the code separately, run it, load the next section etc ad infinitum.

You can do something similar using bash scripts, just as easily.

You do need to have write access somewhere on the target box in order to read in and save the script sections, and run them.

_________________
Andrew

[size=85]OA Server: Windows XP/ XAMPP, Mandriva/Apache, Ubuntu
Auditing: 300+ Wstns, 20+ Srvrs, Thin clients, Linux boxes, Routers, etc
OS's: Windows XP , W2K Srvr, W2K3 Srvr, W2K8, Vista, Windows 7, Linuxes (and a Mac at home)
LDAP: Active Directory[/size]


Top
 Profile  
Reply with quote  
PostPosted: Wed Apr 22, 2009 11:09 pm 
Offline
Helper

Joined: Thu Dec 08, 2005 6:33 pm
Posts: 87
Location: Germany, BaW
[quote="jbsclm"]We audit different active directory OUs on each day, we have done this by having a different scripts directory for each OU and editing the audit .config in it. Upgrading needs each folder recreating and the respective files and audit config copying in. It would make life a lot easier if audit.vbs could be passed the config file as a parameter, eg "audit.vbs marketing.config". What do other people think, or have I missed an easier way to achieve what I want to do.

Server Info: Windows XP running XAMPP

Auditing: 4400 machines, mainly windows XP
W2K3: Active Directory


I´m actually facing the same problem.

I´ve got multiple configs for each ou. At the moment I edit the configname in the audit.vbs.
But when an update for the audit.vbs comes, I must edit all audit.vbs again.

So how do you audit your OUs?
Is it possible to start the audit.vbs with a auditxx.config as parameter?

_________________
OA Deployment:
w2k3 R2 with XAMPP install
Windows Servers incl. VM
Windows workstations (XP and Vista, 7)
Multiple printers, switches, routers, firewalls
ADS 1HQ and 20 branches
-------------------
OAv2
w2k8 R2 with XAMPP install


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 36 posts ]  Go to page Previous  1, 2, 3

All times are UTC + 10 hours


Who is online

Users browsing this forum: No registered users and 2 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
Powered by phpBB® Forum Software © phpBB Group