Open SCAP Scanning Lab
This learning activity provides a hands-on experience with the Open SCAP Scanner. The student will use a lab server that has the OpenSCAP Workbench and Apache HTTP server installed. A shell script has been prepared to execute the scan, and the student may use their browser to view the report.
In this learning activity the student will launch an Amazon EC2 cloud instance simply by starting the lab. This is automatic.
The Amazon Machine Image (AMI) file will install the OpenSCAP Scanner Software and also install the Apache httpd web server.
Note the variables for the learning activity
Once launched the student should record the following information:
The username, password and public IP address.
Log into the Amazon EC2 Instance Using SSH
After the instance has been created and you have noted the username, password and Public ip address, you may launch a terminal session on your local computer and execute the following SSH command:
$ ssh cloud_user@[Public ip address]
The command may ask you to affirm connection after displaying security information. Just input yes and press return.
The command will prompt you for the cloud_user password and then once entered return you to the command line prompt.
Execute the oscp command to run the OpenSCAP Scan
After you have used SSH to login to the Amazon instance you may execute the oscap utility by entering the following command.
$ oscap xccdf eval --profile xccdf_org.ssgproject.content_profile_rht-ccp --results-arf arf.xml --report /var/www/html/oscap.html /usr/share/xml/scap/ssg/content/ssg-centos7-ds.xml
The command should provide text output to the terminal as it runs and then return you to the command line prompt once it has completed execution.
View and Review the Report On Your Local Browser
Once the command has run and the student is returned to the Linux Command Line prompt, the student may execute any browser on their local machine.
In the browser, enter the following Uniform Resource Locator in the address bar of the web browser:
http://[The IP Address For The EC2 Instance]/oscap.html
Once that address is input, the report should come up.
The student should review the report and familiarize themself with the type of checks done on a cloud server.
That completes the lab, and the student may proceed to the next lesson in the course content.