Transcription
Cloud Agent Tech NoteCloud Agent SUDO CommandsMay 2018OverviewThe Qualys Cloud Agent offers multiple deployment methods for Linux, Mac, and AIX operatingsystems to support an organization’s security policy for running third-party applications and leastprivilege configuration.The Cloud Agent Installation Guides document how the Cloud Agent can be deployed running as root,a sudo user, or privileged user.This Tech Note describes the current commands executed by the Cloud Agent for deployments thatutilize sudo users for configuration of the sudoers file.Note: Qualys recommends that Cloud Agent is deployed running as root, as required by other securityagents, to achieve the highest fidelity assessments with least management overhead.Use of CommandsThe Cloud Agent uses multiple methods to collect metadata to provide asset inventory, vulnerabilitymanagement, and policy compliance use cases. Some of these methods include running commands tocollect list of installed applications and versions, running processes, network interfaces, and so on.The list of commands is generally static but may change as new vulnerabilities require additionalmetadata to be collected using other commands. One example is the recent Meltdown/Spectrevulnerabilities that require specific new commands provided by operating system vendors to collectprocessor and BIOS information.List of CommandsThe following are the commands utilized by the Cloud Agent as of May 2018. ORACLE sco/vpn/bin/vpn 2018 Qualys, Inc. Under NDA Only. Distribution for Qualys Customers, Prospects, and Partners Only.Page 1 of 5
Cloud Agent Tech c/WLSbin/WLS1213/A WebLogic/Oracle G1 WebLogic/Oracle G3 WebLogic/Oracle R1 AdmConsole/Oracle R1 n/WLS1213/R1 n/WLS1213/R1 n/WLS1213/R1 /WLS1213/R1 WebLogic/Oracle R2 WebLogic/Oracle R4 WebLogic/Oracle n/db stat/usr/local/BerkeleyDB.5.3/bin/db stat/usr/local/BerkeleyDB/bin/db ls S1213/B WebLogic/Oracle G2 WebLogic/Oracle G4 WebLogic/Oracle R1 CCP/Oracle R1 Corp/Oracle R1 FB2/Oracle Home/Oracle R1 RCS/Oracle R1 UMS/Oracle R2 IVR/Oracle R3 WebLogic/Oracle 5.2/bin/db stat/usr/local/BerkeleyDB.6.0/bin/db omains/CIIM 00/opatch 2018 Qualys, Inc. Under NDA Only. Distribution for Qualys Customers, Prospects, and Partners Only.Page 2 of 5
Cloud Agent Tech Note/usr/local/middleware/domains/wfm online/opatch/usr/local/middleware/user idifconfigipisainfojava 2018 Qualys, Inc. Under NDA Only. Distribution for Qualys Customers, Prospects, and Partners Only.Page 3 of 5
Cloud Agent Tech b dumpopenvpnoslevelpdns elslsattrlscfglsmcodelsnrctlmdlsmesos-mastermmm agentdmount statussneepsnortspamass-milterspctlssh 2018 Qualys, Inc. Under NDA Only. Distribution for Qualys Customers, Prospects, and Partners Only.Page 4 of 5
Cloud Agent Tech Notessh-server-config-toolstclientsudosvcssvnsw verssysinfosystem ssion-remoteunameunzipuustatvm ntopxmmszoneadmstatstringssupervisordsvnsw verssysctlsystem hat-curseswhatwiresharkxexlziproxy 2018 Qualys, Inc. Under NDA Only. Distribution for Qualys Customers, Prospects, and Partners Only.Page 5 of 5
The Cloud Agent uses multiple methods to collect metadata to provide asset inventory, vulnerability management, and policy compliance use cases. Some of these methods include running commands to collect list of installed applications and versio
