i am trying to run cis hardening script ,
getting below output , help please ,
does anyone know right procedure to run this and expected output
Best answer by Scott Moseman
View originali am trying to run cis hardening script ,
getting below output , help please ,
does anyone know right procedure to run this and expected output
Best answer by Scott Moseman
View original
You pick a subsystem and the action. Read the notes on Store for additional details. Note that SQL and IIS are supported under Windows, and Tomcat under Linux.
# Usage
python cvcishardener.py [-h] [-s {sqlserver,IIS,tomcat}] [-o {audit,remedy,rollback}]
# Example
C:\Temp\cis hardeningautomation> python cvcishardener.py -s IIS -o remedy
Attempting stop…
Internet services successfully stopped
Attempting start…
Internet services successfully restarted
Reboot the system for all remedy changes to take effect.
Thanks,
Scott
we have all in one setup in windows , so security team asking for tomcat security compliance ,
their tool is not able to access it ,
tomcat is installed in commserv as part of installation if i am not wrong , what are the basic securty measure we have in terms of tomcat appache
what is role of this in all in one setup,
i would appreciate if you can give a brief about this , thanks a ton again
Run both of these in audit more and check the under the “Logs” folder to see what they’re doing.
python cvcishardener.py -s IIS -o audit
python cvcishardener.py -s sqlserver -o audit
C:\Temp\cis hardeningautomation> dir Logs
Directory of C:\Temp\cis hardeningautomation\Logs
08/25/2023 02:52 PM 10,126 IIS.log
08/25/2023 02:53 PM 17,096 SQLSERVER.log
I don’t have an answer to why the script doesn’t work for Tomcat on Windows.
python cvcishardener.py -s tomcat -o audit
Exception: tomcat is not supported service for Windows platform
Thanks,
Scott
In addition for SQL Server you have to create this file:
..\SQL\resources\databaseinputs.json
An example for those who runs HDPS instead of pure Commvault:
{
"db_credentials" : {
"windows_authentication": true,
"username" : "",
"password" : "",
"server" : "myCSname\\HDPS",
"database" : "CommServ"
}
}
Note: Yes, the double backslash is the key to get it work.
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.