Product Name
CIS-CAT Pro Assessor
Product Version
All
Date
Problem
I understand that there isn’t a GUI that can be hosted on a Mac. However, I do not see much in the CIS-CAT Pro Assessor User and Configuration guide specific to Mac scans.
Solution
While the Configuration and User Guide may not specifically mention MacOS', all of the Unix/ Linux information will apply to MacOS systems hosting Assessor.
Basics:
Here is the basic information for running Assessor-CLI: Command Line Interface (CLI) | CIS-CAT Pro Assessor v4
Here is a list all of the basic Assessor-CLI commands you’ll use: Basic operation of CIS-CAT Pro Assessor CLI | User Guide v4 Assessor
Further down there are more in depth commands such as Benchmark (& Data-Stream Collection) and Options Reporting Options
The basic option will be something to the effect of:
Assessor-CLI_v4.15.0/Assessor-CLI> sudo ./Assessor-CLI.sh -i - html
This command calls on the Assessor tool as sudo, launches an interactive scan (-i), and will produce an HTML (-html) report to your /reports directory when you complete the scan.
Configuration Files and Remote Scans:
All of the configuration files for Assessor-CLI and the Assessor-GUI are the same, and accomplish the same tasks as if you manually entered the information into the GUI every time.
One notable difference for Remote Scans is you’ll need to make a remote SSH connection, and not a WinRM connection as mentioned in the webinars.
This section of the guide discusses using the Remote Assessment - Sessions Configuration file | CIS-CAT Pro Assessor v4 for Linux.
This is the file that would load into the GUI on the “Load Configuration File” screen, or manually enter the information therein into the GUI. Here is an additional note on Remote Setup for Unix/Linux/OSX | Configuration Guide | CIS-CAT Pro Assessor v4
You will need sudo permissions to run the scans as well as open access to the various file systems and programs including, but not limited to, Terminal, Finder, /tmp, /var, /usr, /home, etc.
Add Comment