Re: [Open-scap] Scanning Ubuntu / Debian servers with openscap

2018-08-23 Thread Dhanushka Parakrama
ns-5#linux}systemdunitdependency_state': This element is not expected.^M [../../../src/XCCDF/xccdf_session.c:341]^M On Wed, 22 Aug 2018 at 23:31, Marek Haicman wrote: > On 08/22/2018 07:37 PM, Dhanushka Parakrama wrote: > > Hi Team > > > > I'm new to Openscap > > > > I

[Open-scap] syslog-ng setting issue in debian 8

2018-08-29 Thread Dhanushka Parakrama
Hi Team We have ran the scan for debian 8 using below command *oscap xccdf eval --profile xccdf_org.ssgproject.content_profile_anssi_np_nt28_high --report report.html ssg-debian8-ds.xml* Got alerts as below , == [image: image.png] To Fixed it we ran the below commands as

Re: [Open-scap] syslog-ng setting issue in debian 8

2018-08-29 Thread Dhanushka Parakrama
Hi Watson On Wed, 29 Aug 2018 at 14:51, Watson Yuuma Sato wrote: > On 29/08/18 11:05, Dhanushka Parakrama wrote: > > Hi Team > > > Hello Dhanushka, > > What version of SSG are you using? > This looks like a bug on 0.1.40 release, the package and service names

[Open-scap] Scanning Ubuntu / Debian servers with openscap

2018-08-22 Thread Dhanushka Parakrama
Hi Team I'm new to Openscap I able to scan my redhat and centos machines with Openscap for compliance . oscap xccdf eval --profile "usgcb-rhel6-server" --report /tmp/report.html /usr/share/xml/scap/ssg/content/ssg-rhel6-xccdf.xml 1. Is there any way to scan Ubuntu and Debian machine for

[Open-scap] Ensure Log Files Are Owned By Appropriate Group setting Issue in Debian 8

2018-08-29 Thread Dhanushka Parakrama
Hi Team We have ran the scan for debian 8 using below command *oscap xccdf eval --profile xccdf_org.ssgproject.content_profile_anssi_np_nt28_high --report report.html ssg-debian8-ds.xml* Got alerts as below , === [image: image.png] As the solution suggested change the group

[Open-scap] ntp and auditd setting issue in debian 8

2018-08-29 Thread Dhanushka Parakrama
Hi Team We have ran the scan for debian 8 using below command *oscap xccdf eval --profile xccdf_org.ssgproject.content_profile_anssi_np_nt28_high --report report.html ssg-debian8-ds.xml* Got alerts as below , === [image: image.png] To Fixed it we ran the below commands as

[Open-scap] Set SSH Idle Timeout Interval Debian 8

2018-08-29 Thread Dhanushka Parakrama
Guys In Debian 8 i have configured the settings as below for ssh client timeout ClientAliveInterval 400 but seems like scan is not picking it up , Version scap-security-guide-0.1.40 *oscap-ssh --sudo wso2@192.168.8.150 22 xccdf eval --profile

Re: [Open-scap] Ensure Log Files Are Owned By Appropriate Group setting Issue in Debian 8

2018-09-06 Thread Dhanushka Parakrama
/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/oval/shared.xml Thank you Dhanushka On Fri, 31 Aug 2018 at 18:28, Watson Yuuma Sato wrote: > On 29/08/18 18:34, Dhanushka Parakrama wrote: > > Hi Team > > We have ran the scan for debian 8 using below command &g

Re: [Open-scap] Ensure that official distribution repositories are used check failed in Debian 8

2018-09-07 Thread Dhanushka Parakrama
regexes, so if you find an issue, > pull request with the fix would be awesome, but explanation what is the > bug will also do. > > Thanks! > Marek > > On 09/07/2018 07:38 AM, Dhanushka Parakrama wrote: > > Hi Team > > > > In Debian 8 */etc/apt/sources.list *f

[Open-scap] Ensure that official distribution repositories are used check failed in Debian 8

2018-09-06 Thread Dhanushka Parakrama
Hi Team In Debian 8 */etc/apt/sources.list *file include below repositories deb http://ftp.us.debian.org/debian/ jessie main deb-src http://ftp.us.debian.org/debian/ jessie main deb http://security.debian.org/ jessie/updates main deb-src http://security.debian.org/ jessie/updates main but

Re: [Open-scap] ntp and auditd setting issue in debian 8

2018-09-03 Thread Dhanushka Parakrama
Guys Any news regarding the error On Wed, 29 Aug 2018 at 21:33, Dhanushka Parakrama wrote: > > Hi Team > > We have ran the scan for debian 8 using below command > > *oscap xccdf eval --profile > xccdf_org.ssgproject.content_profile_anssi_np_nt28_high --report >