How long does a DISA UNIX SRR script take to run? e.g. "nohup ./Start-SRR &"
Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
How long does a DISA UNIX SRR script take to run? e.g. "nohup ./Start-SRR &"
For those of you that are familiar with DISA UNIX SRR Scripts I am trying to run a script on my RedHat Linux box for the first time. I login with Root, unzipped the package and through the terminal I typed:
nohup ./Start-SRR &
But then it says:
[1] 12187
[root@localhost Script.April]# nohup: appending output to 'nohup.out'
Then there is a blinking cursor and nothing... is this script instataneous or does it take a while to run?
For those of you that are familiar with DISA UNIX SRR Scripts I am trying to run a script on my RedHat Linux box for the first time. I login with Root, unzipped the package and through the terminal I typed:
nohup ./Start-SRR &
But then it says:
[1] 12187
[root@localhost Script.April]# nohup: appending output to 'nohup.out'
Then there is a blinking cursor and nothing... is this script instataneous or does it take a while to run?
Well, if you nohup it, and put it in the background, you've started its own process (in this case, the 12187 PID echoed back). The job starts, runs, and completes in the background. You won't see ANYTHING else on your terminal.
The only way you can see the progress, is to cat out the nohup.out file, or do a "ps -ef | grep 12187".
Thanks a lot with this information I found out that the script took like only a minute to finish thank you very much. If you have any experience running SRR scripts can you please answer me this, I have completed running the Script and want to run the Manual Review script.
When I type "./Manual-Review" my instructions that that I should get some kind of a menu but all I get is the following text
[root@localhost Script.April]# ./Manual-Review
***********************************************
You must run the SRR scripts to completion before running .Manual-Review.
The SRR scripts creates much of the input for ./Manual-Review.
The prober order to run the utility scripts after the SRR
scrips have completed is:
1. Manual-Review 2. SRRDBupdate 3. Review-Findings.
[root@localhost Script.April]#
Thanks a lot with this information I found out that the script took like only a minute to finish thank you very much. If you have any experience running SRR scripts can you please answer me this, I have completed running the Script and want to run the Manual Review script.
When I type "./Manual-Review" my instructions that that I should get some kind of a menu but all I get is the following text
[root@localhost Script.April]# ./Manual-Review
***********************************************
You must run the SRR scripts to completion before running .Manual-Review.
The SRR scripts creates much of the input for ./Manual-Review.
The prober order to run the utility scripts after the SRR
scrips have completed is:
1. Manual-Review 2. SRRDBupdate 3. Review-Findings.
[root@localhost Script.April]#
I know that this question was posted a long time ago, but just in case anyone else with the same problem finds their way to this thread:
Your SRR script did not run successfully. It did not produce the output files that the Manual-Review script expected to find. I am very new to the SRR script, but I had this problem just today on a SuSE 11.1 Enterprise Server box.
I still haven't found the root cause for my failure. The script creates a file named FindFiles that contains directory listings of several different files on the system. Something about my system is causing this file to be loaded with 18 copies of each file description. This causes the script to believe there are multiple (18) copies of the Start-SRR script in the home directory, so it aborts. The result is the same symptoms that you described.
I got around the problem by modifying the script to create a new version of the FindFiles file that only contains unique file descriptions. By doing so, I was able to get the script to run to completion and provide the findings that I needed.
If you happen to find your way back to this thread, and have a description of how you ended up solving your problem (if you ever did) I'd be interested in hearing about it.
Out of curiosity (I haven't researched any of it yet), what's the deal with having to be careful about the SRRs due to them no longer being accessible to the public?
EDIT: I'm seeing several indications of vulnerabilities associated with SRR scripts...maybe that's why they are no longer accessible to the public.
Out of curiosity (I haven't researched any of it yet), what's the deal with having to be careful about the SRRs due to them no longer being accessible to the public?
EDIT: I'm seeing several indications of vulnerabilities associated with SRR scripts...maybe that's why they are no longer accessible to the public.
There was a issue with some of the tools. It goes back and forth with public/non-public about every 2-3 years
SRRs can take a very long time depending on your system. The two main parts that seem to slow it down is the global find and when it tries to crack user's passwords. There is a no crack option however you can supply which will stop it from doing that if you are allowed to turn it off.
There is a README file that ships with the SRR scripts which is fairly decent. It goes over all the options and if you follow how it says to run it it is fairly reliable (as far as execution goes).
Going through the process....the reason why your "findfiles" directory wasn't created was most likely because ran the SRR script with the "no find" option. "No find" option means no "findfiles" directory will be created. The standard script looks for this file before it will continue. I saw another post that asked about a community "automatic SRR" solution. All posts that I've come across including this one are all old. I understand that SRR matters are very sensitive. Any chance of carrying this effort on a "DOD approved" site, location or just have someone write something for us who have to go through the process?
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.