Versions Compared

Old Version 13

changes.mady.by.user Amanda McGown

Saved on

compared with

New Version Current

changes.mady.by.user Nick Romanzo

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Overview

This guide will show how to set up a remote Linux scanning environment for CIS-CAT Pro Assessor from a Windows system using a CMD prompt.

Requirements

  • PowerShell installed on Windows system with Assessor

  • PowerShell LanguageMode is not configured to ConstrainedLanguage

    • ConstrainedLanguage mode blocks assessor actions as CIS-CAT PowerShell scripts cannot be dot-sourced

    • Verify LanguageMode using this command: PS> $ExecutionContext.SessionState.LanguageMode

Jump to:

Table of Contents
minLevel3
maxLevel3
outlinefalse
typeflat
separatorpipe
printablefalse

Implementation Steps

  1. Navigate to \Assessor\config and open the sessions.properties file with Notepad++ or the text editor of your choice. NOTE: The version of Assessor you are using will likely be different, so be sure to change the version number in the path.

  2. Edit the “Sample Remote Linux Connection” section by uncommenting (deleting the # symbol) the lines below.

...

Info

For details on the configuration properties for sessions.properties, please see the following section from Assessor's Configuration Guide: https://ccpaciscat-assessor.docs.readthedocscisecurity.ioorg/en/latest/Configuration%20GuideConfiguration Guide/#remote-local-assessment-sessions

Note

If you are using a key pair instead of a password, then remove the # symbol from the session.2.identity line and add a # symbol (comment out) to the session.2.cred line.

...

Note

On the Linux target, ensure that you have a firewall rule in place to allow port 22.

Guided Video Resource on setting up CIS-CAT Pro Assessor for Remote Linux Scanning

...

Additional Troubleshooting Information

Network diagram for remote scan setup

...