You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository was archived by the owner on Dec 3, 2021. It is now read-only.
Copy file name to clipboardExpand all lines: lessons/workflows/lesson-32-stigcompliance/stage3/guide.md
+7-5Lines changed: 7 additions & 5 deletions
Original file line number
Diff line number
Diff line change
@@ -192,7 +192,7 @@ We'll turn the brunt of our code into a Python function for the checking done ab
192
192
193
193
At the end of our function, we'll return our pass/fail grade.
194
194
195
-
```
195
+
```python
196
196
cat >> V_3969.py <<EOF
197
197
defNET0894(device):
198
198
"""
@@ -220,7 +220,7 @@ def NET0894(device):
220
220
print"IS NOT RESTRICTED TO READ-ONLY ACCESS"
221
221
222
222
# print some informaiton on how to fix the problem
223
-
print "JUNOS FIX: set snmp community {}".format(mydev.name),
223
+
print"JUNOS FIX: set snmp community {}".format(mydev.name)
224
224
print"authorization read-only"
225
225
print"\n"
226
226
@@ -241,7 +241,7 @@ EOF
241
241
242
242
Then we'll add the main loop. First it will define our PyEZ Device for `vqfx1`, then call our function using this device as the argument. Then depending on what we receive back from our function, we'll print an overall pass/fail grade, and finallly nicely close the connection to `vqfx1`.
243
243
244
-
```
244
+
```python
245
245
cat >> V_3969.py <<EOF
246
246
# define a PyEz junos device for vqfx1
247
247
dev = Device(host="vqfx1",
@@ -253,7 +253,7 @@ dev.open()
253
253
254
254
# Evaluate it and save the results in a variable pass_fail
255
255
pass_fail = NET0894(dev)
256
-
print "VULNERABILITY ASSESSMENT FOR {}".format(dev.hostname),
256
+
print"VULNERABILITY ASSESSMENT FOR {}".format(dev.hostname)
257
257
print"FOR V-3969: ",
258
258
if pass_fail:
259
259
print"PASSED"
@@ -301,6 +301,7 @@ And at last we can run our script.
301
301
302
302
So let's fix our problems that we introduced, and re-run our script. Note that our script actually told us the commands we
303
303
need in order to fix the issues that were found.
304
+
304
305
```
305
306
configure
306
307
set snmp community public authorization read-only
@@ -313,6 +314,7 @@ commit and-quit
313
314
```
314
315
./V_3969.py
315
316
```
317
+
<buttontype="button"class="btn btn-primary btn-sm"onclick="runSnippetInTab('linux1', this)">Run this snippet</button>
316
318
317
319
This check is relatively simple, but can be used as a starting point or a building block to do much more complicated security assessments.
318
-
<buttontype="button"class="btn btn-primary btn-sm"onclick="runSnippetInTab('linux1', this)">Run this snippet</button>
0 commit comments