forked from gregelin/govready.github.io
-
Notifications
You must be signed in to change notification settings - Fork 6
/
Copy pathinnovators.html
109 lines (76 loc) · 3.19 KB
/
innovators.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
---
layout: default
permalink: /innovators/
name: Innovators
---
<!-- Main Content Section -->
<div class="container lg-font col-md-12" style="padding-top:40px;">
<h1 class="col-md-12 text-center">GovReady for Civic Innovators</h1>
<div class="row col-md-12" style="margin:40px 0 0 0;">
<div class="col-md-2">
<img src="/img/ci2.png" width="125" height="250" />
</div>
<div class="col-md-10">
<p class="text-left">GovReady helps developers understand and build secure, FISMA-compliant IT Systems for use in government and other security-conscious organizations.
</p>
<p class="text-left">GovReady is currently <b>pre-release</b> version 0.4.x. We invite you to try GovReady and provide feedback.
</p>
</div>
</div>
<div class="row col-md-12">
<h2 class="text-left">RedHat 6, 7 quickstart (64 bit)</h2>
<h3 class="text-left">Install on a vagrant box</h3>
<pre style="text-align:left;color:orange;background-color: #111;padding:12px;font-size:1.1em;">
vagrant ssh
# Install govready using curl. govready will install OpenSCAP and SCAP-Security-Content
curl -Lk io.govready.org/install | sudo bash
# Switch to root to run all tests properly
su -
# Create a directory and cd into it
mkdir myfisma
cd myfisma
# Initialize the directory
govready init
# Run a scan
govready scan
# List results
ls -l scans
# View a report - from the command line, old school style using lynx browser
lynx scans/test-results-0820-0220.html
# See available profiles (e.g., baselines)
govready profiles
# Run a scan for a different profile (e.g., baseline)
govready scan usgcb-rhel6-server
</pre>
<h2 class="text-left">Centos 6 quickstart (64 bit)</h2>
<h3 class="text-left">Install on a vagrant box</h3>
<pre style="text-align:left;color:orange;background-color: #111;padding:12px;font-size:1.1em;">
vagrant ssh
# Install govready using curl. govready will install OpenSCAP and SCAP-Security-Content
curl -Lk io.govready.org/install | sudo bash
# Switch to root so scanner can run all tests properly
su -
# Create a directory and cd into it
mkdir myfisma
cd myfisma
# Initialize the directory
govready init
# Download and add CentOS cpe-dictionary.xml and cpe-oval.xml SCAP data
# Be certain to place the SCAP files into scap/content directory
wget https://raw.githubusercontent.com/GovReady/govready/xplatform/templates/ssg-centos6-cpe-dictionary.xml --output-document scap/content/ssg-centos6-cpe-dictionary.xml
wget https://raw.githubusercontent.com/GovReady/govready/xplatform/templates/ssg-centos6-cpe-oval.xml --output-document scap/content/ssg-centos6-cpe-oval.xml
# Update GovReadyfile using sed command (or update the CPE line manually using a text editor)
sed -i 's:^CPE.*:CPE = scap/content/ssg-centos6-cpe-dictionary.xml:' GovReadyfile
# Run a scan
govready scan
# List results
ls -l scans
# View a report - from the command line, old school style using lynx browser
lynx scans/test-results-0820-0220.html
# See available profiles (e.g., baselines)
govready profiles
# Run a scan for a different profile (e.g., baseline)
govready scan usgcb-rhel6-server
</pre>
</div><!--/end row-->
</div><!--/end container-->