Hi, You're correct that SCAP Security Guide was not shipped as a package in Ubuntu 16.04, but it is shipped in Ubuntu 18.04.
The file “U_Canonical_16-04_LTS_V1R1_STIG.zip" is a different content, which isn't provided by SCAP Security Guide project, but is provided by DISA. Regards Jan Černý Security Technologies | Red Hat, Inc. ----- Original Message ----- > From: "William Boucher" <[email protected]> > To: "Watson Sato" <[email protected]> > Cc: [email protected] > Sent: Monday, January 21, 2019 11:55:54 PM > Subject: Re: [Open-scap] Benchmark for Canonical Ubuntu 16.04 LTS > > > > Stuart and Watson, > > > > I found the packages for Ubuntu 18.04 (“cosmic”) but not for Ubuntu 16.04 > (“xenial”). The DISA STIG is written specifically for Ubuntu 16.04 > (“U_Canonical_16-04_LTS_V1R1_STIG.zip”). Am I not looking in the right place > for the SSG? > > > > I found the ssg packages for Ubuntu 18.04 at > https://packages.ubuntu.com/search?suite=cosmic&searchon=names&keywords=ssg > , but they are not in the 16.04 package listing at > https://packages.ubuntu.com/search?suite=xenial&searchon=names&keywords=ssg > . > > > > Could they be in another repository for 16.04? (Note I am using the latest > xenial, 16.04.5, which has the same Linux kernel as the latest cosmic > release, 4.15.) > > > > Thank you for your help and patience, > > > > --Bill > > > > William B. Boucher, BSEE > > Embedded Systems Software Engineer > Information Systems Security Manager > > MZA Associates Corporation > > 4900 Lang Ave. NE, Suite 100 > > Albuquerque, NM 87109-9708 > > Phone: 505.245.9970 x166 > > Fax: 505.245.9971 > > Cell: 505.459.7620 > > [email protected] > > > > From: Watson Sato [mailto:[email protected]] > Sent: Monday, January 7, 2019 7:58 AM > To: Boucher, William <[email protected]> > Cc: Newman, Stuart J. (GSFC-491.0)[KBRwyle] <[email protected]>; > [email protected] > Subject: Re: [Open-scap] Benchmark for Canonical Ubuntu 16.04 LTS > > > > > Hello, > > > > > > > > > On Wed, Nov 28, 2018 at 5:39 PM Boucher, William < [email protected] > > wrote: > > > > > > Stuart, > > > > How do I get the current/latest scap security guide? > > > > > Latest pre-built content can be grabbed at > https://github.com/ComplianceAsCode/content/releases , just download the zip > file. > > > > > > 1) I went to https://www.open-scap.org/security-policies/scap-security-guide/ > and clicked on the Ubuntu symbol to get directions for installing it, but > that gave message “The SCAP Security Guide package is not available on the > Ubuntu distribution yet. Check for update.” > > > The website needs to updated, there are SCAP Security Guide packages for > Ubuntu and Debian. > > > > > > 2) “apt-get install scap-security-guide” produced the error “Unable to locate > package scap-security-guide.” > > > > > > It seems that the packages are named slightly different in Ubuntu, see: > https://packages.ubuntu.com/source/disco/scap-security-guide > > > > > > > > I did successfully install libopenscap8 (“apt-get install libopenscap8”). > > > > All help is appreciated. > > > > > William B. Boucher, BSEE > > Embedded Systems Software Engineer > Information Systems Security Manager > > MZA Associates Corporation > > 2021 Girard Blvd., SE, Suite 150 > > Albuquerque, New Mexico 87106 > > Phone: 505.245.9970 x166 > > Fax: 505.245.9971 > > Cell: 505.459.7620 > > [email protected] > > > > > > From: Newman, Stuart J. (GSFC-491.0)[KBRwyle] [mailto: > [email protected] ] > Sent: Wednesday, November 28, 2018 4:19 AM > To: Boucher, William < [email protected] >; [email protected] > Subject: RE: Benchmark for Canonical Ubuntu 16.04 LTS > > > > > The current (0.1.41) version of the scap security guide has Ubuntu > benchmarks. > > > > > Stuart J Newman > > > > > > > > Engineer 4; Systems > > NASA/Goddard Space Flight Center, Building 14 Room 252 | Greenbelt, Maryland > 20771 | USA > > Office: +1 301. 286.5145 | Mobile: +1443.878.6146 | [email protected] > > > > > > > > This e-mail, including any attached files, may contain confidential and > privileged information for the sole use of the intended recipient. Any > review, use, distribution, or disclosure by others is strictly prohibited. > If you are not the intended recipient (or authorized to receive information > for the intended recipient), please contact the sender by reply e-mail and > delete all copies of this message. > > > > > > From: [email protected] < [email protected] > > On Behalf Of Boucher, William > Sent: November 27, 2018 18:23 > To: [email protected] > Subject: [Open-scap] Benchmark for Canonical Ubuntu 16.04 LTS > > > > > > > Hi folks, > > > > I am currently hardening an Ubuntu embedded system for delivery to a > customer. > > > > I have downloaded the “Canonical Ubuntu 16.04 LTS STIG Ver 1, Rel 1” from > DISA, and I have obtained a copy of the SCAP Compliance checker tool “SCC > 5.0.2 Ubuntu 16 AMD64”. > > > > What I am missing is an SCAP Benchmark file for Ubuntu 16.04. Does one exist? > > > > I would like to use OpenSCAP to harden then scan this IS. The Open-SCAP BASE > page says that Ubuntu is supported, so I can get the tools installed. But > without a benchmark how would I proceed from there? > > > > Thank you, > > > > --Bill > > William B. Boucher, BSEE > > Embedded Systems Software Engineer > Information Systems Security Manager > > MZA Associates Corporation > > 2021 Girard Blvd., SE, Suite 150 > > Albuquerque, New Mexico 87106 > > Phone: 505.245.9970 x166 > > Fax: 505.245.9971 > > Cell: 505.459.7620 > > [email protected] > > > > > _______________________________________________ > Open-scap-list mailing list > [email protected] > https://www.redhat.com/mailman/listinfo/open-scap-list > > > > > -- > > > Watson Sato > Security Technologies | Red Hat, Inc > > _______________________________________________ > Open-scap-list mailing list > [email protected] > https://www.redhat.com/mailman/listinfo/open-scap-list _______________________________________________ Open-scap-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/open-scap-list
