[Open-scap] syslog-ng setting issue in debian 8

Hi Team We have ran the scan for debian 8 using below command *oscap xccdf eval --profile xccdf_org.ssgproject.content_profile_anssi_np_nt28_high --report report.html ssg-debian8-ds.xml* Got alerts as below , == [image: image.png] To Fixed it we ran the below commands as

Re: [Open-scap] syslog-ng setting issue in debian 8

On 29/08/18 11:05, Dhanushka Parakrama wrote: Hi  Team Hello Dhanushka, What version of SSG are you using? This looks like a bug on 0.1.40 release, the package and service names used in bash remediation for syslog-ng are different than your commands, we use "syslogng" for package and

Re: [Open-scap] syslog-ng setting issue in debian 8

Hi Watson On Wed, 29 Aug 2018 at 14:51, Watson Yuuma Sato wrote: > On 29/08/18 11:05, Dhanushka Parakrama wrote: > > Hi Team > > > Hello Dhanushka, > > What version of SSG are you using? > This looks like a bug on 0.1.40 release, the package and service names > used in bash remediation for

Re: [Open-scap] syslog-ng setting issue in debian 8

On 29/08/18 11:35, Dhanushka Parakrama wrote: Hi  Watson On Wed, 29 Aug 2018 at 14:51, Watson Yuuma Sato > wrote: On 29/08/18 11:05, Dhanushka Parakrama wrote: Hi  Team Hello Dhanushka, What version of SSG are you using? This looks like a bug

[Open-scap] Ensure Log Files Are Owned By Appropriate Group setting Issue in Debian 8

Hi Team We have ran the scan for debian 8 using below command *oscap xccdf eval --profile xccdf_org.ssgproject.content_profile_anssi_np_nt28_high --report report.html ssg-debian8-ds.xml* Got alerts as below , === [image: image.png] As the solution suggested change the group

[Open-scap] ntp and auditd setting issue in debian 8

Hi Team We have ran the scan for debian 8 using below command *oscap xccdf eval --profile xccdf_org.ssgproject.content_profile_anssi_np_nt28_high --report report.html ssg-debian8-ds.xml* Got alerts as below , === [image: image.png] To Fixed it we ran the below commands as

[Open-scap] Set SSH Idle Timeout Interval Debian 8

Guys In Debian 8 i have configured the settings as below for ssh client timeout ClientAliveInterval 400 but seems like scan is not picking it up , Version scap-security-guide-0.1.40 *oscap-ssh --sudo wso2@192.168.8.150 22 xccdf eval --profile

Re: [Open-scap] Guide Mergers and Simplifications in SCAP Security Guide

On Thu, Aug 23, 2018 at 10:16 AM Alexander Scheel wrote: > > [snip] > > Thanks everyone for their support, advice, and reviews! As always, we're > happy to receive feedback, issues regarding the content, or PRs helping > to improve the content. We'll do our best to review these in a timely manner

Re: [Open-scap] rsyslog and syslog-ng issue in Debian 8

Hah, that one is funny :) Good catch Dhanushka. Basically what what these rules are trying to achieve is to have logging on your system. So either of those is enough to fulfill that. If you don't mind, could you create PR removing one of the pairs from the profile [1]? I am not Debian user,

Re: [Open-scap] Guide Mergers and Simplifications in SCAP Security Guide

On Thu, Aug 23, 2018 at 11:24 AM Trey Henefield wrote: > > [snip] > > I have contributed a fair ammount of content in the past and would love to > continue to do so. > > The biggest challenge Iv'e had in working with this group is the rapid number > of structural changes. I hear you but it has