Mondoo Inc
cnspec scan winrm over http #1168
-
|
Hello everyone Is there a way to specify the winrm transport method and port cnspec should use for a scan? We opted to use cnspec to verify the correct system hardening of our os images. It's planned that new servers are built automatically based on these images on a regular basis, hence we'd like to avoid the configuration of a https listener for winrm during the staging process. Could the "--option" flag be used? Thanks a lot in advance |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 1 reply
-
|
Hi @CedBau That is great to hear. In case you build cloud images, also have a look at https://github.com/mondoohq/packer-plugin-cnspec. To connect via winrm, you normally call: To specify the port, you can use the following format: As default Let me know if this was helpful. |
Beta Was this translation helpful? Give feedback.
-
|
Thanks for the quick reply, specifying the port after the ip address did the trick, my bad for not reading the documentation properly! Have a nice day |
Beta Was this translation helpful? Give feedback.
Hi @CedBau That is great to hear. In case you build cloud images, also have a look at https://github.com/mondoohq/packer-plugin-cnspec.
To connect via winrm, you normally call:
To specify the port, you can use the following format:
As default
5986is used. If you use port5985, we automatically expect http listener and disable the ssl. If you use a different port, you need to set the env variableWINRM_DISABLE_HTTPS="true". I think it makes sense to add the option to a flag so that it is easier to discover.Let me know if this was helpful.