Just out of curiousity, is there any remediation support in Windows yet, and if so, what type of shell will it support (cmd or powershell)?
I may look at creating some SSG content for Windows. Thanks! Best regards, Trey Henefield, CISSP Senior IAVA Engineer Ultra Electronics Advanced Tactical Systems, Inc. 4101 Smith School Road Building IV, Suite 100 Austin, TX 78744 USA trey.henefi...@ultra-ats.com Tel: +1 512 327 6795 ext. 647 Fax: +1 512 327 8043 Mobile: +1 512 541 6450 -----Original Message----- From: open-scap-list-boun...@redhat.com <open-scap-list-boun...@redhat.com> On Behalf Of Jan Cerny Sent: Wednesday, October 10, 2018 4:02 AM To: Shawn Wells <sh...@redhat.com> Cc: firstname.lastname@example.org Subject: Re: [Open-scap] OpenSCAP 1.3.0 Hi, OpenSCAP support for Windows hasn't been improved much since the 1.3.0_alpha1 releases. The only thing that we have done recently is that we added Windows CPEs to the inbuilt CPE dictionary. > How far along is Windows support? Saw the mention of 'basic' -- but > how should OpenSCAP on Windows be positioned? OpenSCAP 1.3.0 can be compiled and installed on Windows, it runs, it produces "some" results. But it's very bad. > - How many Windows probes are implemented? OpenSCAP 1.3.0 for Windows has the following 4 probes: * system_info * registry * wmi57 * accesstoken > - Does OpenSCAP on Windows pass the NIST automated tooling? Nobody tried that. I expect that it doesn't pass. > - Where can we send people who want to find out more? For people that would like to contribute code I would point them to developer's manual where they can find how to build it on Windows. https://github.com/OpenSCAP/openscap/blob/master/docs/developer/developer.adoc For normal users we don't have anything. I think we definitely should mention that it exists on http://www.open-scap.org. The problem with OpenSCAP for Windows is that nobody is working on that now, and it is not tested at all. Also, it is not supported by Red Hat in any way. I'm sorry if the release announcement email caused a confusion. I mentioned the Windows support under "Key differences from 1.2.x series" because the 1.3.0_alpha1 and 1.3.0_alpha2 releases were intended as pre-releases. I supposed most people didn't follow their changelog. I wanted to point out there at least the main differences of 1.3.0 for users of 1.2.x releases. However, as usually, the full changelog is located at: https://github.com/OpenSCAP/openscap/blob/master/NEWS Regards Jan Černý Security Technologies | Red Hat, Inc. ----- Original Message ----- > From: "Shawn Wells" <sh...@redhat.com> > To: email@example.com > Sent: Tuesday, October 9, 2018 5:53:08 PM > Subject: Re: [Open-scap] OpenSCAP 1.3.0 > > > > On 10/9/18 7:38 AM, Jan Cerny wrote: > > Hello OpenSCAPers, > > > > We are thrilled to announce general availability of OpenSCAP 1.3.0 release. > > > > This is the first release from maint-1.3 maintenance branch. API/ABI > > is not compatible with 1.2.x releases. API/ABI is not compatible > > with 1.3.0_alpha releases. > > > > Changes from 1.3.0_alpha2: > > - New features > > - Introduced a virtual '(all)' profile selecting all rules > > - Verbose mode is a global option in all modules > > - Added Microsoft Windows CPEs > > - oscap-ssh can supply SSH options into an environment variable > > - Maintenance > > - Removed SEXP parser > > - Added Fedora 30 CPE > > - Fixed many Coverity defects (memory leaks etc.) > > - SCE builds are enabled by default > > - Moved many low-level functions out of public API > > - Removed unused and dead code > > - Updated manual pages > > - Numerous small fixes > > > > Key differences from 1.2.x series: > > - Basic Microsoft Windows support > > - Removed deprecated command line interfaces > > - Removed deprecated API symbols > > - Probes are not separate processes anymore > > - CMake used as build system > > - CTest used as a test framework > > > > Download: > > https://github.com/OpenSCAP/openscap/releases/download/1.3.0/openscap-1.3.0.tar.gz > > > > SHA512: > > 9405d0f17b60ab4a52ddd0f49d0e2395eb2540f0d07d68dfd142e2b8b2988e88cf12 > > 7230523e68f67d3d22a6dd4eb2397f9468c923d19bb7cb059abf487ab5a1 > > > > Audit, Fix, And Be Merry! > > Thanks Jan! > > How far along is Windows support? Saw the mention of 'basic' -- but > how should OpenSCAP on Windows be positioned? > > For example: > - How many Windows probes are implemented? > - Does OpenSCAP on Windows pass the NIST automated tooling? > - Where can we send people who want to find out more? > > _______________________________________________ > Open-scap-list mailing list > Openfirstname.lastname@example.org > https://www.redhat.com/mailman/listinfo/open-scap-list > _______________________________________________ Open-scap-list mailing list Openemail@example.com https://www.redhat.com/mailman/listinfo/open-scap-list Disclaimer The information contained in this communication from trey.henefi...@ultra-ats.com sent at 2018-10-12 08:32:10 is confidential and may be legally privileged. It is intended solely for use by firstname.lastname@example.org and others authorized to receive it. If you are not email@example.com you are hereby notified that any disclosure, copying, distribution or taking action in reliance of the contents of this information is strictly prohibited and may be unlawful.
_______________________________________________ Open-scap-list mailing list Openfirstname.lastname@example.org https://www.redhat.com/mailman/listinfo/open-scap-list