How to use CIS-CAT Pro Assessor centralized workflow to assess multiple Unix/Linux targets
Ā
Product Name
CIS-CAT Pro Assessor v4
Product Version
v4.0.22+
Date
Jul 23, 2020
Ā
Problem
Can I run a centralized workflow on a Linux target when we have the CIS Host Sever setup on a Windows server?
Solution
This is an example of having CIS Host Server on Windows with a target of Ubuntu. This is for Windows CIS Host Server configured in C:\CIS.
On your Windows Host server
Download AdoptOpenJDK 8 for Linux.
For this example the download is OpenJDK8U-jre_x64_linux_hotspot_8u262b10.tar.gz
Extract that archive to
C:\CIS\jres\
Rename
C:\CIS\jres\jdk8u262-b10-jre\
toC:\CIS\jres\Ubuntu\
Copy all the files in
C:\CIS\Assessor-CLI\misc\Unix-Linux\
toC:\CIS
On your Ubuntu Linux system:
Create /cis directory
$ sudo mkdir /cis
Mount your Windows directory
$ sudo mount -t cifs -o username=bob,password=**** //WindowsIPAddress/cis /cis
Change directory to /cis and run the assessment;
$ cd /cis
$ sudo ./cis-cat-centralized.sh
Ā
Ensure you are using CIS-CAT Pro Assessor v4.0.22+ to avoid a known java issue with earlier versions of CIS-CAT Pro Assessor
For other Linux OS versions you will need to create the OS name in jres/ and have java there also. Check the cis-cat-centralized.sh file which lists the supported versions of Linux.
Please check the documentation for more information on assessing multiple Unix / Linux targets
Ā
Ā