- Print
- PDF
OS and WAS Inspection
- Print
- PDF
Available in Classic and VPC
How to inspect the security setting of newly created server operating system(OS) and Web Application Server(WAS) in the NAVER Cloud Platform is explained. Find the inspection method for each server operating system.
You can view the inspection result on the NAVER Cloud Platform console. For further information, see OS Security Checker or WAS Security Checker.
Linux Server Inspection
To inspect the OS or WAS security setting of a Linux server, please proceed with the following steps.
1. Access the server for inspection
2. Download the agent
3. Run the agent
1. Access the server for inspection
Access the server you wish to inspect with an account with root authority.
For more information about how to access the server, see Access Server (VPC) or Access Server (Classic).
2. Download the agent
The following is how to download the agent that will run in the server.
- Run the following commands to download the agent file.
# wget http://ossc.ncloud.com/download/sscAgent
- Run the following commands to grant execute permissions to the downloaded file.
# chmod 755 sscAgent
3. Run the agent
Run the agent to inspect the server's security setting. Run the suitable command for the inspection target.
In order to inspect a server, you need an admin(root) authority. To check some important system files you need the admin authority. You must run the agent with the admin authority.
OS / WAS inspection
# ./sscAgent ---- [System Security Checker] User Guide ---- System checks require root permissions. #1. Introduction of inspection targets and criteria + OS - Linux (CSAP): check 36 items of Cloud Security Assurance Program (CSAP) authentication criteria + OS - Linux (KISA): check 72 items of the detailed guide of the technical vulnerability analysis and evaluation method for major information and communications infrastructures + OS - Linux (Finance): check 89 items of the security vulnerability evaluation criteria for electronic financial infrastructures + WAS - Apache httpd (CSAP): check 7 items of CSAP authentication examination criteria + WAS - Apache Tomcat (CSAP): check 9 items of CSAP authentication examination criteria + WAS - Nginx (CSAP): check 7 items of CSAP authentication examination criteria #2. Inspection cost + OS (CSAP) - KRW 100 per case (KRW 80 per case after 100 cases per month) + OS (KISA / Finance) - KRW 500 per case (KRW 400 per case after 100 cases per month) + WAS (httpd / Tomcat / Nginx) - KRW 20,000 per case (One free re-inspection on the same server and process) [System Security Checker] Select the targets you want to check.
When you run the agent, you can use the following options:
-h
: show Help(--help)--update
: show the information for agent updates--debug
: show the information for debugging in the terminal
If the inspection is finished successfully,
Success
will appear.- <example> If a Linux inspection was successfully completed
[Complete] System Security Checker inspection is complete. You can view the inspection results in the NCP Console.
- <example> If a Linux inspection was successfully completed
Windows Server Inspection
To inspect the OS or WAS security setting for Windows server, please proceed with the following steps.
1. Access the server for inspection
2. Download the agent
3. Run the agent
1. Access the server for inspection
Access the server you wish to inspect with an account with root authority.
For more information about how to access the server, see Access Server (VPC) or Access Server (Classic).
2. Download the agent
The following is how to download the agent that will run in the server.
Open an Internet browser and access the following URL to download the agent file.
- Agent file download URL:
http://ossc.ncloud.com/download/ncp_secuagent.zip
cmd> curl http://ossc.ncloud.com/download/ncp_secuagent.zip -o ssc_agent.zip
- Agent file download URL:
Decompress the downloaded file.
3. Run the agent
The following is how to inspect the security setting by running the agent.
Press the [Shift] key and right-click in the directory with ncp_secuagent.exe.
In the pop-up menu, click Open command window here.
Run the following commands to inspect the OS’s security setting.
cmd> ncp_secuagent.exe
- When you run the agent, you can use the following options:
-h
: Show Help(--help)-v
: The version of the agent(--version)-d
: Show the information for debugging in the terminal(--debug)-t
number: If the inspection is not completed within the entered time, it force-quits. You can set by seconds (--timeout, basic value: 60 sec)
- If the inspection is finished successfully,
Success
will appear.[Project : windows] => Success
- When you run the agent, you can use the following options: