paws studio – beginner’s guide - e-spin group€¦ · barbourne road worcester wr1 1rs...

Paws Studio – Beginner’s Guide

From Titania – Developers of Multiple Award Winning Security Software

Version 2.0 Published March 2015 © Titania Limited 2015. All Rights Reserved This document is intended to provide advice and assistance for the installation and running of Paws Studio software. While Titania takes care to ensure that all the information included in this document is accurate and relevant, customers are advised to seek further assistance from our support staff if required. No part of this documentation may be copied or otherwise duplicated on any medium without prior written consent of Titania Limited, publisher of this work. The use of Paws Studio software is subject to the acceptance of the license agreement. Titania Limited Security House Barbourne Road Worcester WR1 1RS

Telephone: (+44)1905 888 785 E-mail: [email protected]

mailto:[email protected]

____________ of 42

Contents What is Paws Studio? .............................................................................................................................. 4

What is the Paws Studio Beginner’s Guide? ........................................................................................... 5

Installing Paws Studio ............................................................................................................................. 6

Downloading Paws Studio .................................................................................................................. 6

Installing Paws Studio - general information ...................................................................................... 7

Installing Paws Studio on Windows Operating Systems ..................................................................... 8

Installing Paws Studio on Linux Operating Systems ......................................................................... 11

Installing Paws Studio on Mac Operating Systems ........................................................................... 13

Adding a license to Paws Studio ........................................................................................................... 15

Navigating around Paws Studio ............................................................................................................ 17

Ways to create a Paws Studio report.................................................................................................... 18

Local Audit......................................................................................................................................... 18

Network Audit ................................................................................................................................... 20

Manual .............................................................................................................................................. 23

Paws Studio Data Collector ................................................................................................................... 23

Exporting the Data Collector ............................................................................................................. 23

Running the Data Collector ............................................................................................................... 25

Using .paws files to create a report .................................................................................................. 25

Report options ...................................................................................................................................... 27

Global options ................................................................................................................................... 27

Customising reports with company details................................................................................... 28

Reporting options ............................................................................................................................. 29

Policy Editor Options ......................................................................................................................... 30

Maintenance options ........................................................................................................................ 30

Saving Your Reports .............................................................................................................................. 31

Interactive Mode................................................................................................................................... 31

STIG Converter / Oval converter ........................................................................................................... 32

Policy Editor .......................................................................................................................................... 33

Structure ........................................................................................................................................... 33

Policy Editor Types ............................................................................................................................ 33

____________ of 42

Wizard ........................................................................................................................................... 33

Simple Editor ................................................................................................................................. 34

Advanced Code ............................................................................................................................. 34

Check types ....................................................................................................................................... 34

Templates.......................................................................................................................................... 36

Using your custom policy .................................................................................................................. 36

Example – creating a custom policy with the Wizard ....................................................................... 36

Updating Paws Studio ........................................................................................................................... 39

Using the command line ....................................................................................................................... 39

Paws Studio ....................................................................................................................................... 39

Data Collector ................................................................................................................................... 40

Managing licenses ................................................................................................................................. 40

Conclusion ............................................................................................................................................. 42

____________ of 42

What is Paws Studio?

Paws Studio from Titania is a computer program which creates comprehensive compliance and security reports on Windows and Linux workstations and servers. The reports are written in plain English. The reports display how close to reaching compliance you are with the audited device. The following standard reports are currently available: DISA STIG PCI Compliance NERC CIP007-4 SANS NSA 2013 OVAL Compliance OVAL Vulnerability Linux Configuration Report (Windows Configuration Report to follow during 2015) You can also create a custom policy for yourself or your organisation, using Paws Studio’s inbuilt policy editor. The reports can be customised to your organisations standards. Paws Studio is typically installed and run from a workstation. Once installed you can audit:

The local device (the machine on which Paws Studio is installed);

Machines on your network (Paws Studio currently supports: Windows to Windows; Windows to Linux; Linux to Windows)

Any machine manually using the portable Paws Studio Data Collector Machines are audited by the software (usually very quickly) and one or more reports are generated according to user’s choices.

Paws Studio is not a scanner. It only creates network traffic if you choose to run a network audit. It is a tool that will significantly aid you in auditing machines, checking compliance with published standards, or ensuring compliance with your own requirements.

____________ of 42

What is the Paws Studio Beginner’s Guide?

The purpose of this document is to provide a beginner’s guide to Paws Studio. The intended

audience is therefore either anyone new to the Paws Studio software or anyone who needs a

refresher on the features. It may be useful as a reference for users; however the scope is limited by

design to those who are less familiar with the software. There are many options in the software and

it is not practical to include them all in this Guide.

This Guide will therefore explain how to install, run and activate Paws Studio, and take you through some of its most common/popular features. This Beginner’s Guide is based on the original Paws Studio Manual which is made obsolete on the publication of this Guide. It is based on Paws Studio Release 2.3.5. Issue Date: March 2015 At the time of writing we are in the process of updating the support section of our website, where you will currently find detailed FAQs, soon to be joined by several other features. In the meantime, should you have any further technical support questions about the software, please contact us: [email protected] Prepared March 2015 by the Titania Technical Services Team


____________ of 42

Installing Paws Studio

Downloading Paws Studio Paws Studio can be downloaded on a number of platforms including Windows, Mac and various

Linux distributions.

Once you are a registered user of our website and have a valid license, you can download Paws

Studio by going to your account page (click on 'My account', top right).

On this screen, you will be able to initiate the download process.

When you click on the ‘Download’ symbol next to your chosen license, you will be taken to the

following screen:

____________ of 42

We have highlighted the tabs that allow you to select different operating systems.

Installing Paws Studio - general information Paws Studio is installed and run from a local machine. That is, Paws Studio cannot be installed on a server and accessed remotely. The software has been tested on server operating systems, but if installed as such you would still be required to operate the software locally, working at the same machine on which Paws Studio is installed.

The following chapter gives detailed instructions with screenshots on how to install Paws Studio on Windows operating systems. There are then two briefer chapters explaining how to install on Linux and Mac.

Please note that on some Linux operating systems, further commands and installation of dependencies may be required. This applies to Security Enhanced Linux and CentOS / Red Hat distributions. Please see the Linux installation chapter and/or the website for details.

Paws Studio downloads come supplied with both SHA1 and MD5 hashes on the website, allowing you to check the integrity of the download. The packages are code signed wherever possible and are built in a clean, secure environment undergoing rigorous testing before upload to our servers.

____________ of 42

Installing Paws Studio on Windows Operating Systems

NB: We installed Paws Studio on Windows 7 - naturally Paws Studio is also supported on other Windows versions.

To install Paws Studio, double-click on the Paws Studio download file and the Welcome Wizard box

will appear. Click ‘Next’ to continue.

Read and agree to the license and click ‘I Agree’ to continue.

____________ of 42

In the next window, choose where to install Paws Studio. You can browse to a different location if

you wish, or if you are happy with the default location, click ‘Next’.

Next you can choose the Start Menu folder where you want to install the shortcuts. Once you have

done so, click ‘Next’ to continue.

The next stage is to choose the components you want to install with Paws Studio:

____________ of 42

When you have selected your components and pressed ‘Install’, the software will install to your

specifications and you will be taken to the final Paws Studio installation screen. To complete, select

‘Finish’.

____________ of 42

Installing Paws Studio on Linux Operating Systems

On Linux operating systems, the preferred method is to install via the GUI and allow the package manager to deal with the installation. In this example, we are installing Paws Studio on a Linux Mint system, using the Ubuntu installation package.

First, from the download screen, choose the highlighted ‘Linux’ tab, and then select your installation package:

At the time of writing, we provide packages for the following Linux distributions: Ubuntu, Open Suse, Fedora and CentOS/Red Hat.

After selecting the Centos package (for the purposes of this guide) I am presented with the following screen:

____________ of 42

I choose to open the file with the package installer, which presents the following screen:

After clicking on ‘Install Package’, I am asked to enter my root password and then the package manager starts and installs Paws Studio.

Please note: If you are installing Paws Studio on a Security Enhanced Linux system, or on CentOS/RHEL, then there are dependencies which you may have to install. You are directed to the foot of the Linux installation page on the website:

____________ of 42

Installing Paws Studio on Mac Operating Systems

Again, the first step is to download from the website.

Once downloaded, drag the icon on to the Applications folder and it will be installed:

____________ of 42

This completes your installation.

____________ of 42

Adding a license to Paws Studio

The first time you run Paws Studio you will need to add your license. When the add license wizard

appears click ‘Add License.’

After you click ‘Add License’, you will be asked for your Serial Number and Activation code. This

information will have been emailed to you when you purchased the license. It can also be accessed

through the Titania website, titania.com by logging into your account and then going to ‘My

account’. Both the ‘Login’ and the ‘My Account’ buttons are on the top right hand side of the site.

Enter these details into the relevant boxes, as below, and click ‘Next’.

https://www.titania.com/

____________ of 42

You will next be asked to agree to our license, as below:

After a brief License Activation screen, you will be presented with the following screen:

The license will be added into the software. Click ‘Finish’.

There may be occasions where this standard activation procedure is not possible. We provide

alternative methods.

The standard option is ‘Online’, where you are installing Paws Studio on to a system connected to

____________ of 42

the internet. We also provide options to activate the software using a proxy server, allowing you to

enter details of your proxy server. There are also two offline options available for where your Paws

Studio PC is not connected to the internet at all.

Once activated, Paws Studio is fully installed and licensed on your machine, and you are ready to

begin auditing.

Navigating around Paws Studio

This is the Paws Studio homepage:

Clicking on any of the text that we have highlighted will open the relevant window.

Additionally, you will notice the menus at the top of this page:

Menus such as this are present throughout Paws and may be referred to in this guide.

____________ of 42

Ways to create a Paws Studio report

Local Audit Use this option to report on the system where Paws Studio is installed.

From the Paws Studio Home Screen, Select Create New Report. The following window will appear:

Select ‘Add Local Device’. This will update the device table, showing the local device:

Click the ‘Next’ button to proceed and select the policies you wish to include in the report.

____________ of 42

You may select as many of the policies as you wish. The blank ‘Policy’ operation is where you are

able to add custom policies, which we will discuss later in ‘Policy Editor’ section of this guide.

Once you add your chosen policies, select ‘Create Report’.

At this point, Paws Studio will gather and process the required data to generate your report,

providing you feedback as it goes.

Once complete, you will see the following screen (or similar):

Paws Studio collects data from your system in real time, so some reports may take longer to

complete.

____________ of 42

Network Audit Use this option to report on the network where Paws Studio is installed.

From the Paws Studio Home Screen, Select Create New Report. The following window will appear:

By selecting ‘Add Network Device’, you can enter the details of an individual network machine. Enter

the IP address or hostname of the computer you wish to audit, together with an administrative

username and password.

By selecting Scan Network, Paws Studio will briefly scan your network for available connected and

discoverable machines and these will be presented to you.

____________ of 42

You can select the machines you wish to audit by checking the box next to each individual machine.

You then either need to enter an administrative username and password for each machine, or if you

are on a domain you can enter universal credentials for all machines.

Paws Studio also offers the capability to scan a whole private IP range.

Clicking on Scan IP Range will prompt you to enter two private IP addresses and Paws Studio will

ping each device in that range. If the device is successfully pinged, then it will be added into the list

of available devices.

Again, all selected devices need and administrator/root username and password before they can be

audited by Paws Studio.

Once you have selected which machine(s) to create an audit report for, click Select Reports to

choose which pre-defined policies to audit the network machines against.

____________ of 42

Again, you can select a policies you have created using the Paws Policy Editor. The blank ‘Policy’

operation is where you are able to add custom policies, which we will discuss in ‘Policy Editor’

section of this guide.

Once you add your chosen policies, select ‘Create Report’.

At this point, Paws Studio will gather and process the required data to generate your report,

providing you feedback as it goes.

Once complete, you will see the following screen (or similar):

Please note, it may take some time to connect to network machines so please be patient.

____________ of 42

Manual This option is used when you have audited machines using the Paws Data Collector on external

machines. The process of exporting and using the Data Collector for external machines is described

in sections below.

Paws Studio Data Collector The Data Collector enables you to export a small executable or shell script file that you can run on

external systems and create reports based on those systems.

To create an audit report, you will need to create Paws Studio specific files (.paws) using the Paws

Data Collector tool provided. The Data Collector works on both Windows and Linux systems.

Exporting the Data Collector From the Paws Studio homepage, click on Export Data Collector:

This will open a window presenting you with a dialog where you must choose what platform you will

be using the Data Collector on.

____________ of 42

Note the two Windows buttons. Please ensure you choose the correct one for the Windows system

to be audited.

By default, all available policies for the selected operating system(s) will be included in the export. If

you wish to make the export folder smaller, remove any unnecessary policies. Please also note, you

can add further custom policies to the export.

Then you will need to select the location to export the Data Collector. You can save the files onto a

USB stick for transfer, or you could save them to a convenient location and email them.

In your selected location a folder will be created containing the Data Collector and policy files.

____________ of 42

Running the Data Collector Once you have the Data Collector on the system you wish to audit, run the program and you will be

presented with this interface:

The data collector has options for the pre-set policies, the ones unavailable to you will be greyed

out. To create a .paws file based on those, simply click on the required report. If you wish to create a

.paws file based on your own created policy file, click on the Import button and locate that policy file

in the dialogue box (see the ‘Policy Editor’ section, below).

A .paws file will be created in your specified directory. This can then be used in Paws Studio to create

a report.

Using .paws files to create a report From the Paws Studio homepage, select ‘Create New Report’. Use the ‘Add Manual Files’ button, to

add the .paws files you require:

____________ of 42

After the .paws files have been added, the relevant report types will automatically be selected based

on which report type you carried out. Paws Studio will then process the .paws files you have

imported and produce your report.

Paws Studio provides feedback while it creates the report. You will see the time taken to generate the report is displayed. This is often extremely quick, although it can take longer depending on what options are selected. Once complete, select the ‘Finish’ button and your report is displayed:

____________ of 42

You may now like to take the time to read through the report and see the issues highlighted. Next we will move on to various options for customising your reports.

Report options

To access Report options, select Tools, Settings either from the Paws Studio homepage or from the

Report itself.

Global options In Global options tab you can change a number of settings:

____________ of 42

You can set the date format and select where Paws Studio resources are located.

You can change report customisation options here.

Customising reports with company details

You can customise your Paws Studio reports to display your own company details if you wish.

That will display the following screen where you can customise the reports as you wish:

You can change the company name; add a logo, change report title and classification.

Company name will be changed globally throughout the report to whatever you enter, useful if you

____________ of 42

are preparing a report for a client.

The Company Logo selection button allows you to pick from a number of image formats.

Similarly you can change the Report Title.

‘Classification’ refers to the security classification of the report itself, e.g., ‘Restricted’

If you want to apply these changes to a report you currently have open, you will need to go to Tools,

Regenerate Report.

Reporting options In the Reporting options you can set preferences for connecting online (e.g., to check for updates),

locations for remote network auditing and various other reporting options:

On the Checks tab you can change many settings for individual report Checks, including vulnerability

issues, Interactive Mode (see later section in this guide), accounts to include and so on.

____________ of 42

Policy Editor Options

These options are relevant to the Policy Editor – see the relevant section below.

Maintenance options Maintenance options include options for Paws Studio update checks and proxy settings, among

other things:

____________ of 42

Saving Your Reports

Paws Studio reports can be saved out into a variety of formats, including PDF, HTML and XML. You

can view the saving options by selecting File, Save.

Interactive Mode When you have manual Checks included in your report, Paws Studio will be unable to automatically

audit against them. These are policy requirements that require manual auditing, such as visibility of

ID tags on visitors and staff, relevant signage on your premises and so on.

Interactive Mode allows you to update results for these checks in real time. Checks are carried out

one at a time with automatable Checks being carried out automatically and user interaction

requested by Paws Studio for each manual Check. To switch Interactive Mode on, go to Tools,

Settings, Reporting and then select the ‘Checks’ tab. Check the Interactive Mode box.

____________ of 42

When activated, Paws Studio will prompt you with a dialog for each report displaying all the manual

checks. You can double click checks to view more information about each one. You then just need to

select Passed, Failed or Pending for each and this will be the result printed in the report.

STIG Converter / Oval converter Paws Studio is constantly updated to ensure that the most up to date compliance check versions are

included. However, Paws Studio does provide the ability to create STIG and OVAL policy files as soon

as you wish by providing the STIG Benchmark XCCDF, STIG Benchmark OVAL XML files and OVAL

files.

To access the Policy Converter, from the Paws Studio homepage, select Utilities then Policy

Converter:

Follow the prompts to enter the location of the XCCDF and OVAL files, together with which Windows

platform they are for and the location of where you would like to output the policy file.

Then select Convert and in a few moments you will have a completely up to date STIG policy file that

is useable within Paws Studio.

____________ of 42

Policy Editor Paws Studio is provided with a comprehensive Policy Editor which allows you to create custom

policies for your organisation which Paws Studio will perform audits against.

Structure When you create policy documentation for staff in your organisation, if you expect them to

understand it and adhere to it, you would apply some structure to it to make it more readable,

Similarly, Paws Studio requires a simple structure in order to understand your policy.

Paws Studio policies are divided into three separate elements: ‘Requirements’, ‘Groups’ and

‘Checks’.

Requirements are like the chapter headings in your policy, so for example you might have a section

dealing with internet usage and a section dealing with users own devices. Requirements are

mandatory elements in Paws Studio policies. They must be present and they must have some

content.

These broad categories can then, if you wish, be subdivided further into Groups. So for example

under your internet usage Requirement, you might have Groups dealing with approved browser

software and restrictions on downloads. Groups are not mandatory. While they must be present in

the policies, you can leave them blank if you wish. They are simply available to add a more granular

structure if required.

Groups are then subdivided into Checks. Checks are where Paws Studio actually performs an audit

on the subject machine. So for example, Paws Studio might check the installed software on the

machine for approved or unapproved web browsers. Paws Studio is provided with comprehensive

check library and you are also now able to run a custom command of your own on the subject

machine.

Overall the structure is tree like:

Requirement

Group

Check

Policy Editor Types There are three ways to edit Paws Studio policy files: Wizard, Simple Editor and Advanced Code.

Wizard

This is designed to be the simplest, most accessible way of editing or creating policies. Selecting this

method will take you through step by step. At each stage you are able to edit the elements or add

new ones, and Paws Studio will ensure that you add all the required elements. So for example, you

will be prevented from creating a Group that has no Checks.

____________ of 42

Simple Editor

This version of the Policy Editor will display the policy in a tree view so that you are able to see an

overall view of the structure of your policy and edit it accordingly. Many users find this the most

straightforward way of editing or creating policies.

Advanced Code

Paws Studio uses XML for policy files. For those of you familiar with XML, this may be the best way

to edit policies. We provide a simple XML editor with an XML validation function. Naturally if you

wish, you could also use an XML editor of your choice.

Check types There are a variety of different Check types available. This list gives you a brief overview of them.

Manual Manual Checks are those that cannot be checked by a computer and require human involvement, for example, ensuring that there is a physical lock on the server room door or that a particular notice is displayed in an office. Antivirus Antivirus Checks look for installed instances of anti-virus software and ensure it is up to date. Spyware Spyware Checks look for installed instances of anti-spyware software and ensure it is up to date. Firewall Firewall Checks look for a software firewall on the subject system and ensure it is up to date. System Updates The System Updates Check looks at whether any system updates need to be installed or not. Password Warnings This Check looks at the strengths and weaknesses of user passwords and reports accordingly. Password Policy This Check audits the password policy against values you set. User Policy The User Policy Check provides additional password checks, including the maximum incorrect password count. Software Installed The Software Installed Check requires a list of programs that MUST be installed on the subject system. If the software is not found on the system, the Check reports a fail Unauthorized Software

____________ of 42

The Unauthorised Software Check requires you to enter a list of authorised software which IS ALLOWED on the subject system. Any software found on the system which is not on the list will be reported by the Check as a fail. Software Versions This Check lets you specify version numbers for software installed on the subject system and ensure that the installed software is equal to or higher than this version. File Exists This Check simply looks for a specified file on the subject system. File Content This Check examines the content of a given file for a value you define. Permissions This Check allows you specify a file, directory or registry value and audit the permissions settings. Audit Policy This Check examines the logging settings on the subject system for categories you define. User Rights This Check lets you specify a user right then add a list of users who should have that right. Unauthorized Start-up Items This Check allows you to list programs which are authorized to be in the Start-up folder of the subject machine. Paws Studio will then compare this list to software that is actually present in the start-up folder and report any mismatches. Registry This Check allows you to look for defined Registry values. Custom Command This Check allows you specify any command you wish and define an expected output. This applies to Windows command line interface and Linux terminal interface.

____________ of 42

Templates All three types of Paws Studio Policy Editor allow you to use either a pre-defined template we

provide, or to edit an existing policy. This means you can choose to create a completely new policy,

edit one of the supplied pre-defined policies, or be guided by our template.

Using your custom policy Once you have finished editing your policy, save it to a convenient location.

To complete an audit with it, you simply need to select it when creating a new report:

Example – creating a custom policy with the Wizard Select the Policy Editor from the bottom right of the home screen:

When the initial screen opens, select the Wizard button on the left:

____________ of 42

In this example, I have chosen to use the supplied Titania template, which comes as a sample pre-

defined policy. Opening it provides some summary information:

At the top of this screen, you can see the three levels of the hierarchy in the policy file (see

‘Structure’ above). In the next screenshot, below, I am at the Requirement level and choose to add a

Group:

I call this Group ‘Antivirus check’, and add the Check in at the next stage:

____________ of 42

In the next section, you are able to add the details of your specific Check. I give it an ID and a Title,

and then I am able to choose from one of the supported checks (see ‘Check types’ above). In the

example here, I am looking for suitable antivirus software.

On the final screen, you can review all the checks in your file and save it for later use during a Paws

Studio audit:

____________ of 42

Updating Paws Studio

Using the command line Paws Studio and the Data Collector tool come with simple command line interfaces which, amongst

other things, allow Paws Studio to be completely scriptable and automatable.

Paws Studio Paws Studio can be run in two ways from the command line;

Giving –cmd as an argument will present you with the Paws Studio CLI (Command Line Interface).

Follow the on-screen instruction on how to complete a report using the CLI.

Another option is to list (at least 1) of .paws files to generate a report against. You need to provide

the full path to the file including the drive letter. When adding multiple files, separate them with a

space. Then specify the output html file to print the report to. Again, this must be the full path and

should include the .html file extension.

For example,

>Paws C: \Users\Titania\NSAReport.paws C: \Users\John\Documents\PCIReport.paws

C: \Users\Titania\Desktop\ComplianceReport.html

____________ of 42

Data Collector Running the data collector from the command line will simply generate a .paws file to the Windows

machines desktop, based on the type of report specified. To run the data collector tool from the

command line you need to navigate to the collector executable then give it a single option. This

option describes the kind of report the .paws files will be based on. The possible options are

displayed below:

STIG Report Collector stig

PCI Compliance Report Collector pci

SANS Report Collector sans

NSA Guidelines Report Collector nsa

NERC CIP-007 Report Collector cip

Custom Policy File Collector [Full path to policy file]

Managing licenses

Paws Studio allows you to add and view your licenses, manage multiple licenses and view a list of

the devices you have audited. To do this, go to ‘Tools’, ‘Manage Licenses’. The window below will

appear:

____________ of 42

The tabs along the top of the window are: ‘Overview’, ‘Options’, ‘Licensee’ and ‘License’. The

‘Overview’ tab is above, listing key details of the license. ‘Options’ explains what features are

enabled in the license, ‘Licensee’ has the details you entered on the website when you registered

and ‘License’ has the license text, agreed when you activated.

The tabs on the left hand side are labelled with the serial numbers of your respective licenses,

allowing you to look through them for information on each individual license. You will also see the

‘Make Live’ and ‘Remove’ buttons at the base of this license and note that the ‘Make Live’ button is

currently greyed out. Where you have multiple licenses and are currently viewing an inactive

license, this button will make it live. ‘Remove’ will remove the current license.

To add another license click on ‘Add License’ then follow the instructions (which will be the same as

those in ‘Adding a license to Paws Studio’, page 14 of this guide).

If you click on the ‘View’ button next to the device usage, Paws Studio will list the devices you have

audited, by their hostname and the date they were audited.

____________ of 42

Conclusion

We hope that you have found our Beginner’s Guide to Paws Studio useful and now feel confident in

navigating your way around Paws Studio’s features.

There are many more features. If you would like to know more about how to get the most out of

Paws Studio or have any questions then please feel free to contact our support team on:

Telephone Number: (+44)1905 888 785

E-mail: [email protected]

Further support documents can also be found on our website www.titania.com


http://www.titania.com/