Hello,
I am using compliance reporting to test for vulnerabilities. In the remediation script, I am selecting "config change template" and looking to test for machine type.
script FixHMAC (
NCM.Nodes ATContextNode,
NCM.MachineType, ~ATmachinetype ) <- This is not correct, but the question.
{
// Enter configuration mode and fix hmac vunerability.
CLI
{
configure terminal
if (ATMachinetype == 'Cisco 37xx')
{
CLI {ip ssh server algorithm mac hmac-sha1}
CLI {ip ssh client algorithm mac hmac-sha}
}
if (ATMachinetype == 'Cisco 38xx')
{
CLI {ip ssh client algorithm mac hmac-sha2-256 hmac-sha2-512}
CLI {ip ssh server algorithm mac hmac-sha2-256 hmac-sha2-512}
}
write
}
Are there any examples I can follow to create this sort of config change template?
Thanks very much
