On 01/08/2015 09:04 PM, Lesley Kimmel wrote:
I just downloaded the RHEL7 SCAP content and was 'playing' with it on a CentOS 6 system. I found that in order to make the checks run I needed to add 'cpe:/o:centos:centos:6' in a <platform> tag near the beginning of the XCCDF component. I found this, in part, from various posts on the interwebs. I'm really curious how this validation occurs and where the information comes from on the target OS. Can anyone give me insight to this issue?
If you really wish to understand the things, your best bet would be to read the actual standards.
For example XCCDF Standard document (NIST Interagency Report 7275) gives basic insight into CPE matching.
Best regards, -- Simon Lukasik Security Technologies, Red Hat, Inc. -- SCAP Security Guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide https://github.com/OpenSCAP/scap-security-guide/
