-
Notifications
You must be signed in to change notification settings - Fork 13
Client Console
The modSIC Client Console is a command line utility through which the user can perform operations on a running modSIC service.
Note: The Client Console is packaged with the modSIC Server installer and, optionally, in a stand alone package. Simply download and install the current modSIC release.
-
modSIC server address and port (IP:port or hostname:port):
-m, --modsic -
modSIC username:
-u, --username -
modSIC password:
-p, --password -
Target address (IP or hostname). This is the machine that will be checked against the OVAL definitions provided:
-t, --target -
Target machine username:
-y, --target-username -
Target machine password:
-z, target-password -
Send to collection (asynchronous). A collection ID will be displayed which can be used with the -g or -x options:
-c, --collect -
Send to collection (synchronous). Wait for collection to finish:
-s, --collect-sync -
Request collection results. User must provide a collection ID:
-g, --get-results -
Cancel collection. User must provide a collection ID:
-x, --cancel -
List collections in progress (only from your current client):
-l, --list-all -
List collects in execution requested by all clients:
-q, --query-all -
Path to the OVAL Definitions XML file (default="definitions.xml"):
-o, --oval-definition -
Path to external variable values file (default="external-variables.xml"):
-v, --external-variable -
Path to the directory containing the OVAL schema (default="xml"):
-a, --oval-schema -
Save data to the specified XML file (default="system-characteristics.xml"):
-d, --system-characteristics -
Save results to the specified XML file (default="results.xml"):
-r, --result -
Run a Schematron validation of an OVAL Definitions file:
-n, --schematron -
Run the Client Console based on preconfigured options located at ClientConsole.exe.config:
-e, --preset -
An additional (optional) password for high-privilege access to the target system that uses a low-privilege credential to connect – for example, to access a Cisco router:
-w -
Select another SSH port for Unix systems:
-b, --shh-port -
Display additional information in -l and -q:
--verbose -
Invoke a help screen:
--help
modsic.exe -m localhost:1024 -u admin -p Pa$$w@rd -t 10.1.2.3 -y user -z joe$unixPa$$ -o c:\<PATH>\RM7-scap-fedora13-oval-server-profile.xml -a C:\Users\joeblow\oval-5.9.1\xml -c
Collection was sent successfully. The request collect ID is: collectrequests/6145
Send a collection request to a Linux machine on the local network using the modSIC server running on port 1024 in the local machine.
modsic -m localhost:8000 -u <USER> -p <PASSWORD> -l collectrequests/6145
Query the modSIC server running on port 8000 in the local machine for running collections. In this case, there is only one collection in progress.
modsic -m localhost:1024 -u admin -p Pa$$w@rd -g collectrequests/6145
Saving OVAL Results... The OVAL Results document was saved in results.xml.
Obtain the results of a collection. The -g parameter verify all client's requests, with the collection ID that was returned when the collection was requested is sent.
modsic -c -e iis
Send a collection request to the modSIC server based on preconfigured parameters in the file "iis", such as target machine, credentials, and Definitions file.
modsic -s -m <SERVER>:1024 -u <USER> -p <PASSWORD> -t 10.1.0.125 -y <CONNECTION USER> -z <CONNECTIONPASSWORD> -o c:\<PATH>\modulo-ios122-oval.xml -w <HIGH PASSWORD>
Send a synchronous collection request to a Cisco iOS machine with the connection credential and the "ENABLE" password to the assessment.
<ServerSection>
<modSIC address="localhost:1024" username="admin" password="********"/>
<collects>
<add name="iis" target="10.1.0.777" username="user" password="********" definitions="C:\OvalDefinitions\iis6-oval.xml"/>
<add name="xp" target="10.1.0.666" username="user" password="********" definitions="C:\OvalDefinitions\XP-oval.xml"/>
</collects>
</ServerSection>