Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Next »

Space Index

0-9 ... 4 A ... 4 B ... 0 C ... 13 D ... 1 E ... 0
F ... 2 G ... 0 H ... 1 I ... 2 J ... 0 K ... 0
L ... 1 M ... 1 N ... 0 O ... 0 P ... 0 Q ... 0
R ... 3 S ... 15 T ... 0 U ... 1 V ... 1 W ... 1
X ... 0 Y ... 0 Z ... 0 !@#$ ... 0    

0-9

Page: 2.8.5 Training Videos
Related articles
Page: 2024.1 Release Notes
Forge CIS expansion Includes import of SteelCloud CIS baseline policies, viewing, modifying for custom baselines, and export for distribution to Commander and Shields. Script expansion Increased vulnerability coverage using scripts for validation and reme
Page: 2024.2 Release Notes
Forge Features Improved comparison view during import to increase accuracy in actual changes between new and upgraded policies. Added Linux policy support, including RHEL 8/9 and a placeholder for Ubuntu 22. Added support for Script Entry control parts wr
Page: 2024.2.238 Hotfix - Release Notes
Forge You can import a new version of SteelCloud Baseline Policies that contains updated Linux policies. When you import the new version of SteelCloud Baseline Policies using the Update Affected feature, custom Script Entry control parts are no longer

A

Page: Account
The Account element is to verify parity of groups with GIDs and users with UIDs. These are specialty controls used for 2 STIG IDs. UID:0 Some systems may allow for a user not named root to have UID 0 and this control can be adjusted accordingly. <Group> <
Page: Auditing System
There are two control types pertaining to the Linux Auditing System. These rules are only for adding / changing audit rules which typically live in /etc/audit/rules.d/audit.rules . rule:file system Designator for <Type> field specifically for creating aud
Page: Available ConfigOS MPO Policies
Page: Available ConfigOS STIG Signatures
MS-Windows-2012-and-2012-R2-DC MS-Windows-2012-and-2012-R2-MS MS-Windows-Server-2016 MS-Windows-Server-2019 MS-Windows-Server-2022 CAN-Ubuntu-18-04-LTS CAN-Ubuntu-20-04-LTS Oracle-Linux-7 Oracle-Linux-8 RHEL-7 RHEL-8 SLES-12 Microsoft-Word-2016 Ad

B

C

Page: Command Center 2.8.5 - Release Notes
Security Enhancement General Security Enhancements Updated SQL libraries to resolve CVE-2022-35737. Enhanced security between the Foundry (and the containers it produces) and the Command Center. Changed the policy container file features to use only the n
Page: Command Center 2.8.5 Hotfix 2 - Release Notes
Command Center 2.8.5 Hotfix 2 contains the fixes from Hotfix 1(2.8.5.0021) as well as the following: Security Updates Removed ImageSharp from ConfigOS Command Center to address a CVE http://url5812.steelcloud.com/ls/click?upn=u001.RWZwCI-2BVghWJBaDODVxUV9
Page: Command Center 2.8.7 - Release Notes
IIS Enhancement - Added support for Windows 10 and Windows 11 operating systems. ESXi Enhancement - Coverage improved for DISA VMWare ESXi 7 and ESXi 8 Report Fix - Fixed CIS level filter in HTML report. Client Enhancement - Session time out for idl
Page: ConfigOS 2.8.5 Applying the Hotfix
2.8.5hotfix.mp4 Summary: This video covers how to apply the 2.8.5 hotfix
Page: ConfigOS 2.8.5 Command Center Preference Set Up
Prefsetup.mp4 Summary: In this video we will be covering all of the preference settings within the Command Center application.
Page: ConfigOS 2.8.5 Foundry Training
Foundry.mp4 Summary: This video covers the creation of signature containers, Customizing a signature, comparing 2 different signatures together and, the use of the splitting tool.
Page: ConfigOS 2.8.5 Scan and Remediation Training Video
scanremediate.mp4 Summary: This video detail how to run a scan, remediation and a rollback. This video also covers the different methods of exporting your results.
Page: ConfigOS Classic export/import Treelist
Occasionally, there may be cause to migrate an endpoint tree to a new installation of Command Center without retaining the database. We’ll go over this process in this article, as the treelist export and the bulkload csv files are not exactly identical wi
Page: ConfigOS Classic/Legacy CLI
Table of Contents Help Text from CLI For version 2.8.5+ there are two different operating modes for the CLI; "auto" and "legacy". Below is the basic help topic included with the CLI as well as separate "auto" and "legacy" help topics. Ver. 2.8.5+ ConfigOS
Page: ConfigOS Suite
Page: ConfigOS Suite Command Center
Page: ConfigOS Suite Foundry
Page: Configuration
Multifunction element for specialized file creation and editing (by line or by parameter on matching line,) in addition to running kernel parameters and kernel configuration. Special character usage: < when combined with a phrase will be used to place the

D

Page: DISA Signature Update Support
Document Overview This document describes SteelCloud’s objective for maintaining and updating SteelCloud provided Signature baseline files for the ConfigOS software suite in accordance with the Defense Information Systems Agency's https://disa.mil/(DISA)

E

F

Page: File
Control type designed to check whether files exist and optionally remove them. [!exists],[remove] Will delete files detected on remediation. Please check the scan value before proceeding with remediate and ensure you have backed up all relevant data. <Gro
Page: Foundry 1.2.1 - Release Notes
Bug Fixes General bug fixes

G

H

Page: How-to articles

I

Page: Ignore
The <Ignore> element allows you finer control over the behavior of an individual control’s <Value> effects as follows: case Ignores case in the <Value> element. space Ignores whitespace in the <Value> element. order When comparing this will ignore the ord
Page: ImageSharp and .NET SqlClient CVE
Affected Product: Product Affected Version/Build Patched Version/Build ConfigOS Command Center 2.8.5 2.8.5.00219 and earlier 2.8.5.00236 and later ConfigOS Command Center 2.8.6 2.8.6 (Internal Build) and Earlier 2.8.6.74 and later Vulnerability Overview:

J

K

L

Page: Linux Security
Using the stat command to scan Linux user/group ownership as well as permissions on files and directories. These are usually combined with the find command to traverse multiple directories or an entire filesystem. The following example controls go over th

M

Page: Mount Options
Allows for checking parameters on currently mounted filesystems. Separate checks may be added to also check in the /etc/fstab file using other types like Configuration. Mount Options Examples: <Group> <GroupId>V-204483</GroupId> <GroupTitle>SRG-OS-000480-

N

O

P

Q

R

Page: Regular Expression Matching and Special Characters
Special Characters When not using regular expressions, the bracket characters enclosing <Value> entries indicate that the text should be matched literally (for example with a set amount of whitespace, or an entire line of a file.) This can also be used to
Page: Required Ports
Required Ports - Windows (WMI): Port Number Port assignment 135 RPC DCOM Service Control 139 NetBIOS Session Service 445 Microsoft Directory Services SMB 49152-65535 WMI (DCOM) 5985 WinRM (HTTP) 5986 WinRM (HTTPS) Required Ports - Linux/Cisco (SSH): 2
Page: RPC Error
Problem Endpoint reporting RPC Error when attempting Scan or Remediation. Solution Verify ConfigOS Command Center has the proper credential set for the Endpoint(s) Start ConfigOS Command Center and choose Setup Endpoints. image-20220801-175948.png Click

S

Page: Signature Types
Overview Signature Types are groupings of fields in SteelCloud’s XML format designed to provide extensible coverage of multiple operating systems and releases. Our coverage and controls are written with remediation & rollback as the primary goal. The gene
Page: Software Package (Linux)
Used in the <Where> section with the <Type> / <Values> to interface with local system package management. Installation: Installed / Not Installed ConfigOS will both scan for and remediate package installation and removal using the local package management
Page: SQL Server 2016 Guide
Performing a Scan in Command Center Requirements for scanning The user account performing the scan must have sysadmin rights to the instance. The SQL Server instance firewall ports (generally 1433) are open to the Command Center server. Instance Scan (Win
Page: SteelCloud Knowledge Base
SteelCloud shield RGB.png
Page: SteelCloud Security Advisories
Page: SteelCloud ShareFile
Content Related Articles
Page: SteelCloud ShareFile FTPS
Our File Portal also includes FTPS access. This can be beneficial for users who cannot hit the File Portal on the web but still need access, and can use FTP. FTP is the File Transfer Protocol, FTPS is one of several secured versions of this protocol. In t
Page: SteelCloud ShareFile Invite
This article shows how to accept the SteelCloud ShareFile invite and complete the processes on gaining access to the SteelCloud File repository. Instructions Create a step-by-step guide: You will receive an e-mail from ShareFile Support <donotreply@steel
Page: SteelCloud ShareFile Login
SteelCloud leverages Citrix’s ShareFile platform to provide a safe and secure method to share our latest Software and Policy files with our users. In this article we will show how you can reach our ShareFile instance, login and access the provided files.
Page: SteelCloud ShareFile Reset Password
This article will show how to reset your SteelCloud ShareFile Password Instructions Create a step-by-step guide: Click the “Forgot Password: link on the login page located at steelcloud.sharefile.com https://steelcloud.sharefile.com/ forgot password.png
Page: SteelCloud ShareFile Whitelist
We recommend a wildcard domain *.sharefile.com to be added for web access to ShareFile. For FTPS, we recommend adding *.sharefileftp.com. Here is a list of other ShareFile-recommended whitelist targets: Firewall configuration | ShareFile https://docs.shar
Page: SteelCloud Software Release Notes
Page: SteelCloud Support Code of Conduct
This Customer Code of Conduct sets out the standards you can expect from us and in turn the responsibilities and standards we expect from our customers. As a customer of SteelCloud you should expect from us: We will communicate with our customers as laid
Page: SteelCloud Support Service-level Prioritization
Document Overview This document describes SteelCloud’s objectives for supporting the ConfigOS software suite and its end users. Method of Performing Support SteelCloud shall provide Maintenance and Support to Client using SteelCloud’s employees, agents, c
Home page: Support
SteelCloud+Logo+RGB.pngSteelCloud shield RGB.png

T

U

Page: User Defined Rule
This is a work in progress of conversion of our existing Best Practices and Signature Creation document. User Defined Rules (UDR) controls should never perform a remediation action. Therefore, they’re nearly exclusively used for custom regex and find comm

V

Page: Videos

W

Page: WinRM Troubleshooting Guide
ConfigOS leverages PowerShell to perform scans and remediations. PowerShell uses WinRM to execute commands on remote systems. This guide walks through steps for enabling, verifying, and testing WinRM. Requirements Ports required for scanning the ConfigOS

X

Y

Z

!@#$

  • No labels