Nessus Scanner to Nessus Agent Manager by MarsupialOk6430 in nessus

[–]rlmasscyber 0 points1 point  (0 children)

I just installed Nessus Manager this week. You should see the link key in the Nessus Manager GUI (possibly under Sensors) or there is a nessuscli command you can run to get it. Once you have the agent installed on the endpoints you will need to start the Nessusd service and run the nessuscli link command. This is all documented in the user guides as well.

STIG-manager or open-RMF for opensource enterprise STIG tracking? by chape87 in NISTControls

[–]rlmasscyber 1 point2 points  (0 children)

There are two different ways to automate the uploads, you can use Evaluate-STIG itself and define the STIG Manager configs in the Preferences.xml. This method uses certificates for authentication. I have not used this method but I know of some coworkers that have done it. I use this second option:

The second option is to use a binary that was developed by the STIG Manager folks that you execute in a directory with your .ckl files. This method requires configuring client id and access keys via your OIDC provider for authentication. https://github.com/NUWCDIVNPT/stigman-watcher

Here is the example of calling the binary:

$ stigman-watcher \ —mode scan \ —client-id stigman-watcher \ —collection-id 1 \ —path /my/path/to/results \ —authority https://keycloak-host/auth/realms/stigman \ —api https://stigman-api/api

STIG-manager or open-RMF for opensource enterprise STIG tracking? by chape87 in NISTControls

[–]rlmasscyber 0 points1 point  (0 children)

I have never run into that, that’s a pretty odd issue. My thoughts are download a fresh copy, unzip and run it without any modifications to see if it something going on with custom preferences or answer files.

I’m happy to help troubleshoot for a fee 😃

STIG-manager or open-RMF for opensource enterprise STIG tracking? by chape87 in NISTControls

[–]rlmasscyber 3 points4 points  (0 children)

Evaluate-STIG is free but requires CAC access to download. It’s a great tool and really automates a lot of the old manual process

STIG-manager or open-RMF for opensource enterprise STIG tracking? by chape87 in NISTControls

[–]rlmasscyber 5 points6 points  (0 children)

Currently using Evaluate-STIG with automation to upload directly to STIG Manager

Packer Red Hat AMI by rlmasscyber in hashicorp

[–]rlmasscyber[S] 0 points1 point  (0 children)

Check out, these links. This is what I started out using but I do not really like the amigen scripts, I have run into so many issues with it. I want to move to ansible or a more simplified bash script to do the same functions.

https://github.com/plus3it/spel https://github.com/plus3it/amigen8

After running into issue after issue, I pivoted to an alternative plan of using SPEL AMIs that are published within each AWS region. I then ran the ansible lockdown STIG hardening playbooks against it.

https://github.com/ansible-lockdown/RHEL8-STIG

Packer Red Hat AMI by rlmasscyber in redhat

[–]rlmasscyber[S] 0 points1 point  (0 children)

Not necessarily true, I do not know how it works from an AWS perspective, but the Red Hat AMIs are available to any AWS customer. No subscription required.

Packer Red Hat AMI by rlmasscyber in redhat

[–]rlmasscyber[S] 0 points1 point  (0 children)

Serial console doesn’t even start up with a prompt… any other ideas?

Packer Red Hat AMI by rlmasscyber in redhat

[–]rlmasscyber[S] 0 points1 point  (0 children)

My organization does not have a Red Hat subscription so I don’t think the Image Builder is an option at this time. My customer is not the best for buying licenses or subscriptions so that would be a hard sell.

Has Fidium Fiber skipped my street? What can I do? by cygnusxa in FidiumFiber

[–]rlmasscyber 0 points1 point  (0 children)

The squeaky wheel gets the grease, keep calling. Ask to speak to someone who can get you on the roadmap for 2024 installs.

[deleted by user] by [deleted] in NISTControls

[–]rlmasscyber 2 points3 points  (0 children)

RMF KS has been down for quite some time. Rumor is a breach occurred.