Quick Start Guide: CIS-CAT Remote Linux Scanning From a Windows Host
Overview
This guide will show how to set up a remote Linux scanning environment for CIS-CAT Pro Assessor from a Windows system using a CMD prompt.
Requirements
PowerShell installed on Windows system with Assessor
PowerShell
LanguageMode
is not configured toConstrainedLanguage
ConstrainedLanguage
mode blocks assessor actions as CIS-CAT PowerShell scripts cannot be dot-sourcedVerify LanguageMode using this command:
PS> $ExecutionContext.SessionState.LanguageMode
Jump to:
Implementation Steps
Navigate to
\Assessor\config
and open thesessions.properties
file with Notepad++ or the text editor of your choice. NOTE: The version of Assessor you are using will likely be different, so be sure to change the version number in the path.Edit the “Sample Remote Linux Connection” section by uncommenting (deleting the # symbol) the lines below.
For details on the configuration properties for sessions.properties
, please see the following section from Assessor's Configuration Guide: https://ciscat-assessor.docs.cisecurity.org/en/latest/Configuration Guide/#remote-local-assessment-sessions
If you are using a key pair instead of a password, then remove the #
symbol from the session.2.identity
line and add a # symbol (comment out) to the session.2.cred
line.
3. From a CMD prompt, enter the following command (NOTE: your version of Assessor and the Benchmark name and version may be different than the one seen below):
>Assessor-CLI.bat -b benchmarks/CIS_Ubuntu_Linux_20.04_LTS_Benchmark_v1.1.0-xccdf.xml
You should see output similar to the one below:
On the Linux target, ensure that you have a firewall rule in place to allow port 22.
Guided Video Resource on setting up CIS-CAT Pro Assessor for Remote Linux Scanning
Additional Troubleshooting Information
Network diagram for remote scan setup
Problems with ssh connection for a remote assessment
Differing Results between Local and Remote Linux Assessment
Remote Linux Scan is at Stuck Collecting System Characteristics
Copyright © 2022 Center for Internet Security® Privacy Policy