How to use CIS-CAT Pro Assessor centralized workflow to assess multiple Unix/Linux targets

Owned by
Chris Boldiston
Last updated: Dec 19, 2023 by
Allan Cornwell
1 min read

 

Product Name

CIS-CAT Pro Assessor v4

Product Version

v4.0.22+

Date

Jul 23, 2020

 

Problem

Can I run a centralized workflow on a Linux target when we have the CIS Host Sever setup on a Windows server?

Solution

This is an example of having CIS Host Server on Windows with a target of Ubuntu. This is for Windows CIS Host Server configured in C:\CIS.

On your Windows Host server

  1. Download AdoptOpenJDK 8 for Linux.

    • For this example the download is OpenJDK8U-jre_x64_linux_hotspot_8u262b10.tar.gz

  2. Extract that archive to C:\CIS\jres\

  3. Rename C:\CIS\jres\jdk8u262-b10-jre\ to C:\CIS\jres\Ubuntu\

  4. Copy all the files in C:\CIS\Assessor-CLI\misc\Unix-Linux\ to C:\CIS

On your Ubuntu Linux system:

  1. Create /cis directory

    • $ sudo mkdir /cis

  2. Mount your Windows directory

    • $ sudo mount -t cifs -o username=bob,password=**** //WindowsIPAddress/cis /cis

  3. Change directory to /cis and run the assessment;

    • $ cd /cis

    • $ sudo ./cis-cat-centralized.sh

 

  • Ensure you are using CIS-CAT Pro Assessor v4.0.22+ to avoid a known java issue with earlier versions of CIS-CAT Pro Assessor

  • For other Linux OS versions you will need to create the OS name in jres/ and have java there also. Check the cis-cat-centralized.sh file which lists the supported versions of Linux.

  • Please check the documentation for more information on assessing multiple Unix / Linux targets

 

Copyright © 2020

Center for Internet Security®