Free proREG Download
proREG
Turn hours of work into minutes! We’ve gotten tired of manually traversing DISA’s Windows Server 2008 Checklist, so we decided to automate it ourselves. DISA Gold disk doesn’t work on VISTA\Server 2008. So feel free to use proReg until DISA, NIST, and commercial vulnerability assessment developers work out an SCAP-compliant solution. All that is required to run proREG is the Java Runtime Environment v5 or better.
1. Fill out the Download Request form to the left. You will then receive an email with a link to download the software.
2. Start proREG by clicking on “proReg.bat”
3. Choose the Windows 2008 Server DISA Checklist. Click HERE to download.
4. Under “2. Set Results (Output) Location”, select a location where the scan results should be saved. Note: proREG will automatically save the file as [host IP address].xls. Choose a location, but do not manually type in a name or there will be no file created.
5. Manually type in host targets to be scanned. This can also be done by importing a comma-seperated list using the File Menu.
6. Click ‘Begin Scan’ button.
7. Learn about proVM Auditor by clicking on the ‘View proVM Auditor’ button.
Note that this solution does not automate all of the checks on the checklist, but it will give you a substantial head start (163 checks automated) and turns hours of work into minutes. The user scanning the box remotely must have rights to the target’s registry, and the remote registry service needs to be running.
Sample Output (*.xls) is available HERE. Out put includes both the expected value and the value found by the script.