>From 0c78850832d45f9cbb0764045ae5ae5c239a5b9e Mon Sep 17 00:00:00 2001
From: Shawn Wells <[email protected]>
Date: Sun, 10 Nov 2013 00:05:41 -0500
Subject: [PATCH] Updated User Guide with content from Ted Brunell
 - Download section
 - Added scanning language

Thanks, Ted!
---
 docs/User_Guide/en-US/Author_Group.xml      |   29 +++++++++
 docs/User_Guide/en-US/ch002-Downloading.xml |   29 ++++++++-
 docs/User_Guide/en-US/ch003-Scanning.xml    |   91 +++++++++++++++++++++++++-
 docs/ssg-docs.db                            |  Bin 5120 -> 5120 bytes
 4 files changed, 144 insertions(+), 5 deletions(-)

diff --git a/docs/User_Guide/en-US/Author_Group.xml 
b/docs/User_Guide/en-US/Author_Group.xml
index bc7d9d8..1d2ad19 100644
--- a/docs/User_Guide/en-US/Author_Group.xml
+++ b/docs/User_Guide/en-US/Author_Group.xml
@@ -13,5 +13,34 @@
                </affiliation>
                <email>[email protected]</email>
        </author>
+        <author>
+                <firstname>Jeff</firstname>
+                <surname>Blank</surname>
+                <affiliation>
+                        <orgname>National Security Agency</orgname>
+                        <orgdiv>Information Assurance Directorate</orgdiv>
+                </affiliation>
+                <email>[email protected]</email>
+        </author>
+        <author>
+                <firstname>David</firstname>
+                <surname>Smith</surname>
+                <affiliation>
+                        <orgname>National Security Agency</orgname>
+                        <orgdiv>Information Assurance Directorate</orgdiv>
+                </affiliation>
+                <email>[email protected]</email>
+        </author>
+        <author>
+                <firstname>Ted</firstname>
+                <surname>Brunell</surname>
+                <affiliation>
+                        <orgname>Red Hat</orgname>
+                        <orgdiv>U.S. Public Sector</orgdiv>
+                </affiliation>
+                <email>[email protected]</email>
+        </author>
+
+
 </authorgroup>
 
diff --git a/docs/User_Guide/en-US/ch002-Downloading.xml 
b/docs/User_Guide/en-US/ch002-Downloading.xml
index bf5fe47..d4eaa04 100644
--- a/docs/User_Guide/en-US/ch002-Downloading.xml
+++ b/docs/User_Guide/en-US/ch002-Downloading.xml
@@ -30,6 +30,34 @@
                                </formalpara>
                        </listitem>
                </itemizedlist>
+               <para>Depending on your existing system configuration, package 
dependencies such as openscap-utils
+                       will also be installed. The YUM transaction will have 
installed the following
+                       files:</para>
+               <para><programlisting>$ rpm -ql scap-security-guide
+/usr/share/doc/scap-security-guide-0.1
+/usr/share/doc/scap-security-guide-0.1/JBossEAP5_Guide.html
+/usr/share/doc/scap-security-guide-0.1/LICENSE
+/usr/share/doc/scap-security-guide-0.1/rhel6-guide.html
+/usr/share/doc/scap-security-guide-0.1/table-rhel6-cces.html
+/usr/share/doc/scap-security-guide-0.1/table-rhel6-nistrefs-common.html
+/usr/share/doc/scap-security-guide-0.1/table-rhel6-nistrefs.html
+/usr/share/doc/scap-security-guide-0.1/table-rhel6-srgmap-flat.html
+/usr/share/doc/scap-security-guide-0.1/table-rhel6-srgmap-flat.xhtml
+/usr/share/doc/scap-security-guide-0.1/table-rhel6-srgmap.html
+/usr/share/doc/scap-security-guide-0.1/table-rhel6-stig.html
+/usr/share/man/en/man8/scap-security-guide.8.gz
+/usr/share/xml/scap
+/usr/share/xml/scap/ssg
+/usr/share/xml/scap/ssg/content
+/usr/share/xml/scap/ssg/content/eap5-cpe-dictionary.xml
+/usr/share/xml/scap/ssg/content/eap5-cpe-oval.xml
+/usr/share/xml/scap/ssg/content/eap5-ocil.xml
+/usr/share/xml/scap/ssg/content/eap5-oval.xml
+/usr/share/xml/scap/ssg/content/eap5-xccdf.xml
+/usr/share/xml/scap/ssg/content/ssg-rhel6-cpe-dictionary.xml
+/usr/share/xml/scap/ssg/content/ssg-rhel6-cpe-oval.xml
+/usr/share/xml/scap/ssg/content/ssg-rhel6-oval.xml
+/usr/share/xml/scap/ssg/content/ssg-rhel6-xccdf.xml</programlisting></para>
        </section>
        
        <section id="sect-User_Guide-Downloading-Source">
@@ -80,4 +108,3 @@ for an SRTM document) in 
RHEL6/output/rhel6-table-nistrefs-server.html</para></l
        </section>
 
 </chapter>
-
diff --git a/docs/User_Guide/en-US/ch003-Scanning.xml 
b/docs/User_Guide/en-US/ch003-Scanning.xml
index 307e867..a1181c2 100644
--- a/docs/User_Guide/en-US/ch003-Scanning.xml
+++ b/docs/User_Guide/en-US/ch003-Scanning.xml
@@ -104,11 +104,32 @@
 --results /root/ssg-results.xml \
 --report /root/ssg-report.xml \
 --cpe /usr/share/xml/scap/ssg/ssg-rhel6-cpe-dictionary.xml \
-/usr/share/xml/scap/ssg/ssg-rhel6-xccdf.xml</programlisting>
-               </para>
+/usr/share/xml/scap/ssg/ssg-rhel6-xccdf.xml </programlisting></para>
+               <para>While the scan is running, you will see output similar to 
the following on your
+                       screen:</para>
+               <para><programlisting>Title   Install AIDE
+Rule    package_aide_installed
+Ident   CCE-27024-9
+Result  fail
+
+Title   Configure Periodic Execution of AIDE
+Rule    aide_periodic_cron_checking
+Ident   CCE-27222-9
+Result  notchecked
+
+Title   Verify File Permissions with RPM
+Rule    rpm_verify_permissions
+Ident   CCE-26731-0
+Result  fail
+
+Title   Verify File Hashes with RPM
+Rule    rpm_verify_hashes
+Ident   CCE-27223-7
+Result  pass</programlisting></para>
        </section>
        <section id="sect-User_Guide-Scanning-Results">
                <title>Result Interpretation</title>
+               <para>s</para>
                <para>
                        <variablelist>
                                <varlistentry>
@@ -121,8 +142,70 @@
                                <varlistentry>
                                        <term>XML Results</term>
                                        <listitem>
-                                               <para>asdasdasd</para>
-                                               <para>asdasd</para>
+                                               <para>Looking at the 
results.xml file, you will notice lines similar to
+                                                       those below:</para>
+                                               <para><screen 
language="XML">&lt;rule-result idref="ensure_gpgcheck_globally_activated" 
time="2013-10-22T10:03:43" severity="high" weight="1.000000">
+  &lt;result>pass&lt;/result>
+  &lt;ident system="http://cce.mitre.org";>CCE-26709-6&lt;/ident>
+  &lt;check system="http://oval.mitre.org/XMLSchema/oval-definitions-5";>
+    &lt;check-content-ref name="oval:ssg:def:413" href="ssg-rhel6-oval.xml"/>
+  &lt;/check>
+&lt;/rule-result>
+......
+&lt;rule-result idref="package_aide_installed" time="2013-10-22T10:03:43" 
severity="medium" weight="1.000000">
+  &lt;result>pass&lt;/result>
+  &lt;ident system="http://cce.mitre.org";>CCE-27024-9&lt;/ident>
+  &lt;fix xmlns:xhtml="http://www.w3.org/1999/xhtml"; 
system="urn:xccdf:fix:script:sh">
+    yum -y install aide
+  &lt;/fix>
+  &lt;check system="http://oval.mitre.org/XMLSchema/oval-definitions-5";>
+    &lt;check-content-ref name="oval:ssg:def:245" href="ssg-rhel6-oval.xml"/>
+  &lt;/check>
+&lt;/rule-result></screen></para>
+                                               <para>The XML above can be 
parsed as follows:</para>
+                                               <para><table 
frame='all'><title>XCCDF Rule Elements</title>
+                                                       <tgroup cols='2' 
align='left' colsep='1' rowsep='1'>
+                                                               <colspec 
colname="c1" colwidth="1*"/>
+                                                               <colspec 
colname="c2" colwidth="2.05*"/>
+                                                               <thead>
+                                                                       <row>
+                                                                               
<entry align="center">XML Tag</entry>
+                                                                               
<entry align="center">Meaning</entry>
+                                                                       </row>
+                                                               </thead>
+                                                               <tbody>
+                                                                       <row>
+                                                                               
<entry>&lt;rule-result idref.....></entry>
+                                                                               
<entry>Identifies which XCCDF rule the result reflects </entry>
+                                                                       </row>
+                                                                       <row>
+                                                                               
        <entry>&lt;result></entry>
+                                                                               
<entry>Pass/Fail/Not Applicable</entry>
+                                                                       </row>
+                                                                       <row>
+                                                                               
        <entry>&lt;ident system.....></entry>
+                                                                               
<entry>Identifies corresponding CCE</entry>
+                                                                       </row>
+                                                                       <row>
+                                                                               
<entry>&lt;fix></entry>
+                                                                               
<entry>Remediation actions, in bash, which will configure the system to be in 
compliance
+                                                                               
                with the XCCDF rule</entry>
+                                                                       </row>
+                                                                       <row>
+                                                                               
<entry>&lt;check system....></entry>
+                                                                               
        <entry>Identifies which version of OVAL the check was
+                                                                               
                authored against</entry>
+                                                                       </row>
+                                                                       <row>
+                                                                               
<entry>&lt;check-content-ref ....></entry>
+                                                                               
        <entry>Corresponding OVAL check name (name=....) and
+                                                                               
                source OVAL file (href=....) this check came from.
+                                                                               
                For general purpose users, this information can be
+                                                                               
                ignored.</entry>
+                                                                       </row>
+                                                               </tbody>
+                                                       </tgroup>
+                                               </table></para>
                                        </listitem>
                                </varlistentry>
                        </variablelist>
diff --git a/docs/ssg-docs.db b/docs/ssg-docs.db
index 
72b3733ad32cf9fd1b370e8f98801308ce3c643a..afeee80f3599942487118adb765f1e06881f373e
 100644
GIT binary patch
delta 12
TcmZqBXwaA-&G=}e%oAY%9Lxlx

delta 12
TcmZqBXwaA-&3JsH%oAY%97P0(

-- 
1.7.1

_______________________________________________
scap-security-guide mailing list
[email protected]
https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide

Reply via email to