OVAL – Windows Script – Database

Working on a way to periodically scan my systems for known security problems using the OVAL security definitions.

I downloaded the client and copy to my systems using something I have dubbed the Poor Man’s Systems Administration Kit (PSAM) and another job scheduling program called Visual Cron.

There are two scripts. One is ran locally on the system being scanned for security configuration weaknesses from the OVAL definitions. The other is a script to process the resulting html files generated by the ovaldi.exe program shipped with OVAL.

For the scripts to work, you will first need to setup a DSN within the script. The database behind the DSN  holds the results of the scans. Here is the code for the database / table on Microsoft SQL Server.

The first script is ran and dumps the results of the ovaldi scan into a common folder repository on a central server.

The next script is a vbscript and processes the directory that contains the output oval html files.

Please note, that the script needs to be ran using cscript.exe from \windows\syswow64 on 64 bit machines.  This took me almost a whole day to figure out! You’ll also need to setup the dsn using the odbccad.exe util from syswow64.

Here is the oval html output processing script.

0 Responses to “OVAL – Windows Script – Database”

  1. No Comments

Leave a Reply

You must login to post a comment.