Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

Contents

Introduction

The purpose of this document is to provide instructions how to install the GYTPOL Validator client on various OS (Windows, Linux and macOS).

Supported Operating Systems

Microsoft:

Endpoints: Windows 7 (x32/x64) and later

Servers: Windows Server 2008 and later

Microsoft Client / OS support matrix:

OS

Detection

Remediation / Revert

Windows 7

V

X

Windows 8 / 8.1

V

X

Windows 10 / 11

V

V

Windows Server 2008 / 2008 r2

V

X

Windows Server 2012 / 2012 r2

V

X

Windows Server 2016 / 2019 / 2022

V

V

Note: Remediation is supported on older versions of Microsoft Windows and Servers if Powershell v5.1 and later is installed.

Linux:

Ubuntu 16 and later

RHEL 7 and later

CentOS 7 and later

Rocky 9 and later

SUSE 12 and later

macOS:

Catalina 10.15 (x64) and later

Windows OS

Pre-Installation

Ports to open:

GYTPOL Client to GYTPOL server on-Prem - port 9093

GYTPOL Client to GYTPOL SaaS - port 443

Does the Endpoint need to be a member of the domain?

No

Installation

Open elevated CMD (r. click on CMD > Run as Administrator).

Once opened, please go to the MSI file you wish to install > hold L. Shift > r. click it > click “Copy as Path”.

Go to the elevated CMD you opened in step 1 and paste the path into the CMD window > Enter.

Once finished, the progress window will be disappeared.

Post-Installation

To check if the client was successfully installed, please open Task Scheduler as Admininstrator and check for gytpol folder under the main Library. Expand it and you should see 3 tasks as shown in the example below:

Where will I see the scanned machine?

Under ‘Windows’ tab in the GYTPOL UI:

Where is the installation path?

C:\Program Files\WindowsPowerShell\Modules\gytpol

Where are the logs?

C:\Program Files\WindowsPowerShell\Modules\gytpol\log


Uninstalling

Please remove the gytpolClient from Program and Features > Uninstall

Linux

Pre-Installation

Ports to open:

GYTPOL Client to GYTPOL server on-Prem - port 9093

GYTPOL Client to GYTPOL SaaS - port 443

Does the Endpoint need to be a member of the domain?

No

Installation

Command to run:

  • Debian (Ubuntu): sudo dpkg -i <gytpol-client-path>

  • RPM (RHEL, centOS, SUSE etc.): sudo rpm -ivh <gytpol-client-path>

Post-Installation

Where will I see the scanned machine?

Under ‘Linux’ tab in the GYTPOL UI:

How do I see and change the service status?

systemctl stop/start/status gytpol-client

Where is the installation path?

/opt/gytpol

Where are the logs?

/opt/gytpol/logs

Where are the configuration folder?

config.json ” for client’s configuration to a dedicated server

metrics.json” for metrics configuration.

config.json

This file contains client’s configuration:

{

"HttpVerifyCert" : false,

"HttpTimeout" : 10000000000,

"ServerAddress" : "_gytpol",

"ArchiveFolderPath" : "archive"

}


Fields explanations:

HttpVerifyCert - Indicate whether to validate the server’s certificate when using HTTP requests.

HttpTimeout - Determine the timeout (in Nano Seconds) for HTTP requests.

ServerAddress - The address of the GYTPOL server.

ArchiveFolderPath - Folder (relative to /opt/gytpol) in which reports are being saved to before sending them to the server.

Uninstalling

Debian: sudo dpkg —remove gytpol-client

* Use the “—purge” instead of “—remove” to also delete the logs, archive etc.

RPM: sudo rpm -e gytpol-client

Both rpm & dpkg commends that are listed above may delete some configuration files related to Gytpol.

Deleting files that may lead to loss is at your own risk, please make sure that nothing important is being removed before deleting!

It's always a good idea to take a backup of important data before making any changes to the system.


macOS

Pre-Installation:

Ports to open:

GYTPOL Client to GYTPOL server on-Prem - port 9093

GYTPOL Client to GYTPOL SaaS - port 443

Does the Endpoint need to be a member of the domain?

No

Installation:

Before running installation, identify the platform architecture. This can be achieved by checking the ‘About this Mac’:

Or by running a terminal command uname -p.

Identify and choose the right package according to the table below:

Platform

Architecture

Terminal output

Package file

macOS

Intel chipset

i386

gytpol-client-<version>_amd64.pkg

macOS

Apple silicon

arm

gytpol-client-<version>_arm64.pkg

Command to run:

sudo /usr/sbin/installer -pkg <pkg_path> -target /

example:

sudo /usr/sbin/installer -pkg ~/Downloads/gytpol-client-0.5.1.0-0_arm64.pkg -target /

To check that the launch daemon is running run:

sudo launchctl list | grep com.gytpol.gytmac

If the daemon is running, you will see its process ID (PID) on the left (highlighted in red):

For further information run:

sudo launchctl list com.gytpol.gytmac

If you’re running the client on an intel processor, please make sure that you are running the correct binary (_amd64 i.e.: gytpol-client-1.2.1.2-28_amd64.pkg).

Note: An amd64 binary will run on an arm64 processor but is not recommended and not officially supported.


Your output should look like this:

Post-Installation

Where will I see the scanned machine?

Under ‘Mac’ tab in the GYTPOL UI:

How do I see and change the service status?

sudo launchctl stop/start/list com.gytpol.gytmac

/opt/gytpol/config/config.json (you may need to create the ‘config’ folder and the config.json file). See the file example below.

Where is the installation path?

/opt/gytpol

Where are the logs?

/opt/gytpol/logs

Where are the configuration folder?

config.json ” for client’s configuration to a dedicated server

metrics.json” for metrics configuration.

config.json

This file contains client’s configuration:

{

"HttpVerifyCert" : false,

"HttpTimeout" : 10000000000,

"ServerAddress" : "_gytpol",

"ArchiveFolderPath" : "archive"

}

Fields explanations:

HttpVerifyCert - Indicate whether to validate the server’s certificate when using HTTP requests.

HttpTimeout - Determine the timeout (in Nano Seconds) for HTTP requests.

ServerAddress - The address of the GYTPOL server.

ArchiveFolderPath - Folder (relative to /opt/gytpol) in which reports are being saved to before sending them to the server.


Uninstalling

Stop the launch daemon.

sudo launchctl stop com.gytpol.gytmac

Unload the launch daemon from launchctl.

sudo launchctl unload -w /Library/LaunchDaemons/com.gytpol.gytmac.plist

Delete the lauanch daemon configuration plist file.

sudo rm -rf /Library/LaunchDaemons/com.gytpol.gytmac.plist

Remove folder (including all sub-directories & sub-files).

sudo rm -rf /opt/gytpol

Discard receipt data.

sudo pkgutil --forget com.gytpol.gytmac

NOTE: Deleting files that may lead to loss and is at your own risk, please make sure that nothing important is being removed before deleting!

  • No labels