Hi Todd,

The security content is provided by "ComplianceAsCode" project, which was
up until recently known as "SCAP Security Guide" or "SSG".
See https://github.com/ComplianceAsCode/content

The security content is packaged in Ubuntu since Ubuntu 18.04 (Bionic Beaver).
The packages are: ssg-base, ssg-debderived, ssg-debian,  ssg-nondebian,  

However, the packages contain outdated versions of upstream content, and AFAIK
the content in the packages is applicable to Ubuntu 16.04 an 14.04. That is
kind of useless on 18.04 :)

Therefore, I suggest downloading the latest upstream release from GitHub:
Extract the archive and then open ssg-ubuntu1804-ds.xml in SCAP Workbench.

Thank you very much for reminding us about the outdated web site. I will try
to update the web soon.

Best Regards

Jan Černý
Security Technologies | Red Hat, Inc.

----- Original Message -----
> From: "Todd Williams" <tod...@us.ibm.com>
> To: open-scap-list@redhat.com
> Sent: Wednesday, January 30, 2019 6:58:40 PM
> Subject: [Open-scap] Ubuntu Security Guide content
> Hello,
> I am new to SCAP and have been tasked with setting it up on a Ubuntu test
> system. It is running Ubuntu 18.04.1 LTS. I have these 2 packages installed:
> libopenscap8/bionic,now 1.2.15-1build1 amd64 [installed]
> scap-workbench/bionic,now 1.1.5-1 amd64 [installed]
> I can bring up the GUI for the workbench, but with no security content I am
> stuck as far as being able to run a scan and/or editing the security
> requirements. According to the web site there is no security guide for
> Ubuntu.
> But I have been told that there is a package for Ubuntu out there, "apt-get
> list" did not return anything, can someone tell if there is or not?
>       Thanks,
> Todd M. Williams
> Unix System Admin, devIT-US, AIX/Linux/CC/CQ/SPoRT/DB2
> Phone: 772-257-5706 | Mobile: 772-925-2042
> E-Mail: tod...@us.ibm.com
> devIT
> _______________________________________________
> Open-scap-list mailing list
> Open-scap-list@redhat.com
> https://www.redhat.com/mailman/listinfo/open-scap-list

Open-scap-list mailing list

Reply via email to