>From 0c78850832d45f9cbb0764045ae5ae5c239a5b9e Mon Sep 17 00:00:00 2001
From: Shawn Wells <[email protected]>
Date: Sun, 10 Nov 2013 00:05:41 -0500
Subject: [PATCH] Updated User Guide with content from Ted Brunell
- Download section
- Added scanning language
Thanks, Ted!
---
docs/User_Guide/en-US/Author_Group.xml | 29 +++++++++
docs/User_Guide/en-US/ch002-Downloading.xml | 29 ++++++++-
docs/User_Guide/en-US/ch003-Scanning.xml | 91 +++++++++++++++++++++++++-
docs/ssg-docs.db | Bin 5120 -> 5120 bytes
4 files changed, 144 insertions(+), 5 deletions(-)
diff --git a/docs/User_Guide/en-US/Author_Group.xml
b/docs/User_Guide/en-US/Author_Group.xml
index bc7d9d8..1d2ad19 100644
--- a/docs/User_Guide/en-US/Author_Group.xml
+++ b/docs/User_Guide/en-US/Author_Group.xml
@@ -13,5 +13,34 @@
</affiliation>
<email>[email protected]</email>
</author>
+ <author>
+ <firstname>Jeff</firstname>
+ <surname>Blank</surname>
+ <affiliation>
+ <orgname>National Security Agency</orgname>
+ <orgdiv>Information Assurance Directorate</orgdiv>
+ </affiliation>
+ <email>[email protected]</email>
+ </author>
+ <author>
+ <firstname>David</firstname>
+ <surname>Smith</surname>
+ <affiliation>
+ <orgname>National Security Agency</orgname>
+ <orgdiv>Information Assurance Directorate</orgdiv>
+ </affiliation>
+ <email>[email protected]</email>
+ </author>
+ <author>
+ <firstname>Ted</firstname>
+ <surname>Brunell</surname>
+ <affiliation>
+ <orgname>Red Hat</orgname>
+ <orgdiv>U.S. Public Sector</orgdiv>
+ </affiliation>
+ <email>[email protected]</email>
+ </author>
+
+
</authorgroup>
diff --git a/docs/User_Guide/en-US/ch002-Downloading.xml
b/docs/User_Guide/en-US/ch002-Downloading.xml
index bf5fe47..d4eaa04 100644
--- a/docs/User_Guide/en-US/ch002-Downloading.xml
+++ b/docs/User_Guide/en-US/ch002-Downloading.xml
@@ -30,6 +30,34 @@
</formalpara>
</listitem>
</itemizedlist>
+ <para>Depending on your existing system configuration, package
dependencies such as openscap-utils
+ will also be installed. The YUM transaction will have
installed the following
+ files:</para>
+ <para><programlisting>$ rpm -ql scap-security-guide
+/usr/share/doc/scap-security-guide-0.1
+/usr/share/doc/scap-security-guide-0.1/JBossEAP5_Guide.html
+/usr/share/doc/scap-security-guide-0.1/LICENSE
+/usr/share/doc/scap-security-guide-0.1/rhel6-guide.html
+/usr/share/doc/scap-security-guide-0.1/table-rhel6-cces.html
+/usr/share/doc/scap-security-guide-0.1/table-rhel6-nistrefs-common.html
+/usr/share/doc/scap-security-guide-0.1/table-rhel6-nistrefs.html
+/usr/share/doc/scap-security-guide-0.1/table-rhel6-srgmap-flat.html
+/usr/share/doc/scap-security-guide-0.1/table-rhel6-srgmap-flat.xhtml
+/usr/share/doc/scap-security-guide-0.1/table-rhel6-srgmap.html
+/usr/share/doc/scap-security-guide-0.1/table-rhel6-stig.html
+/usr/share/man/en/man8/scap-security-guide.8.gz
+/usr/share/xml/scap
+/usr/share/xml/scap/ssg
+/usr/share/xml/scap/ssg/content
+/usr/share/xml/scap/ssg/content/eap5-cpe-dictionary.xml
+/usr/share/xml/scap/ssg/content/eap5-cpe-oval.xml
+/usr/share/xml/scap/ssg/content/eap5-ocil.xml
+/usr/share/xml/scap/ssg/content/eap5-oval.xml
+/usr/share/xml/scap/ssg/content/eap5-xccdf.xml
+/usr/share/xml/scap/ssg/content/ssg-rhel6-cpe-dictionary.xml
+/usr/share/xml/scap/ssg/content/ssg-rhel6-cpe-oval.xml
+/usr/share/xml/scap/ssg/content/ssg-rhel6-oval.xml
+/usr/share/xml/scap/ssg/content/ssg-rhel6-xccdf.xml</programlisting></para>
</section>
<section id="sect-User_Guide-Downloading-Source">
@@ -80,4 +108,3 @@ for an SRTM document) in
RHEL6/output/rhel6-table-nistrefs-server.html</para></l
</section>
</chapter>
-
diff --git a/docs/User_Guide/en-US/ch003-Scanning.xml
b/docs/User_Guide/en-US/ch003-Scanning.xml
index 307e867..a1181c2 100644
--- a/docs/User_Guide/en-US/ch003-Scanning.xml
+++ b/docs/User_Guide/en-US/ch003-Scanning.xml
@@ -104,11 +104,32 @@
--results /root/ssg-results.xml \
--report /root/ssg-report.xml \
--cpe /usr/share/xml/scap/ssg/ssg-rhel6-cpe-dictionary.xml \
-/usr/share/xml/scap/ssg/ssg-rhel6-xccdf.xml</programlisting>
- </para>
+/usr/share/xml/scap/ssg/ssg-rhel6-xccdf.xml </programlisting></para>
+ <para>While the scan is running, you will see output similar to
the following on your
+ screen:</para>
+ <para><programlisting>Title Install AIDE
+Rule package_aide_installed
+Ident CCE-27024-9
+Result fail
+
+Title Configure Periodic Execution of AIDE
+Rule aide_periodic_cron_checking
+Ident CCE-27222-9
+Result notchecked
+
+Title Verify File Permissions with RPM
+Rule rpm_verify_permissions
+Ident CCE-26731-0
+Result fail
+
+Title Verify File Hashes with RPM
+Rule rpm_verify_hashes
+Ident CCE-27223-7
+Result pass</programlisting></para>
</section>
<section id="sect-User_Guide-Scanning-Results">
<title>Result Interpretation</title>
+ <para>s</para>
<para>
<variablelist>
<varlistentry>
@@ -121,8 +142,70 @@
<varlistentry>
<term>XML Results</term>
<listitem>
- <para>asdasdasd</para>
- <para>asdasd</para>
+ <para>Looking at the
results.xml file, you will notice lines similar to
+ those below:</para>
+ <para><screen
language="XML"><rule-result idref="ensure_gpgcheck_globally_activated"
time="2013-10-22T10:03:43" severity="high" weight="1.000000">
+ <result>pass</result>
+ <ident system="http://cce.mitre.org";>CCE-26709-6</ident>
+ <check system="http://oval.mitre.org/XMLSchema/oval-definitions-5";>
+ <check-content-ref name="oval:ssg:def:413" href="ssg-rhel6-oval.xml"/>
+ </check>
+</rule-result>
+......
+<rule-result idref="package_aide_installed" time="2013-10-22T10:03:43"
severity="medium" weight="1.000000">
+ <result>pass</result>
+ <ident system="http://cce.mitre.org";>CCE-27024-9</ident>
+ <fix xmlns:xhtml="http://www.w3.org/1999/xhtml";
system="urn:xccdf:fix:script:sh">
+ yum -y install aide
+ </fix>
+ <check system="http://oval.mitre.org/XMLSchema/oval-definitions-5";>
+ <check-content-ref name="oval:ssg:def:245" href="ssg-rhel6-oval.xml"/>
+ </check>
+</rule-result></screen></para>
+ <para>The XML above can be
parsed as follows:</para>
+ <para><table
frame='all'><title>XCCDF Rule Elements</title>
+ <tgroup cols='2'
align='left' colsep='1' rowsep='1'>
+ <colspec
colname="c1" colwidth="1*"/>
+ <colspec
colname="c2" colwidth="2.05*"/>
+ <thead>
+ <row>
+
<entry align="center">XML Tag</entry>
+
<entry align="center">Meaning</entry>
+ </row>
+ </thead>
+ <tbody>
+ <row>
+
<entry><rule-result idref.....></entry>
+
<entry>Identifies which XCCDF rule the result reflects </entry>
+ </row>
+ <row>
+
<entry><result></entry>
+
<entry>Pass/Fail/Not Applicable</entry>
+ </row>
+ <row>
+
<entry><ident system.....></entry>
+
<entry>Identifies corresponding CCE</entry>
+ </row>
+ <row>
+
<entry><fix></entry>
+
<entry>Remediation actions, in bash, which will configure the system to be in
compliance
+
with the XCCDF rule</entry>
+ </row>
+ <row>
+
<entry><check system....></entry>
+
<entry>Identifies which version of OVAL the check was
+
authored against</entry>
+ </row>
+ <row>
+
<entry><check-content-ref ....></entry>
+
<entry>Corresponding OVAL check name (name=....) and
+
source OVAL file (href=....) this check came from.
+
For general purpose users, this information can be
+
ignored.</entry>
+ </row>
+ </tbody>
+ </tgroup>
+ </table></para>
</listitem>
</varlistentry>
</variablelist>
diff --git a/docs/ssg-docs.db b/docs/ssg-docs.db
index
72b3733ad32cf9fd1b370e8f98801308ce3c643a..afeee80f3599942487118adb765f1e06881f373e
100644
GIT binary patch
delta 12
TcmZqBXwaA-&G=}e%oAY%9Lxlx
delta 12
TcmZqBXwaA-&3JsH%oAY%97P0(
--
1.7.1
_______________________________________________
scap-security-guide mailing list
[email protected]
https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
