Re: Configuration Compliance auditing for many CentOS 5.x boxes

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



> -----Original Message-----
> From: centos-bounces@xxxxxxxxxx [mailto:centos-bounces@xxxxxxxxxx] On
> Behalf Of Tom H
> Sent: Wednesday, February 01, 2012 14:54
> To: CentOS mailing list
> Subject:  Configuration Compliance auditing for many CentOS
5.x
> boxes
> 
> Hi CentOS experts,*
> 
> Short Version*
> 
> I would like to produce a weekly report in HTML for each CentOS 5.x
> server we have indicating configuration compliance with some industry
> benchmark. I am looking for a tool or tools to implement this, I am
> happy to use 3rd party proprietary stuff if necessary.


> Current progress is...
> 
> I see that OPENSCAP and OVAL have tools in CentOS-base or EPEL, such
as
> 
>      OpenSCAP-utils
>      ovaldi - oval reference interpreter
> 
> Which can be used to create reports. However they seem a little
> unrefined.
> 
> For SCAP and OVAL content I have found the following.
> 
> 1. NIST provide SCAP content for RHEL desktop, which is kinda close;
> 2. http://usgcb.nist.gov/usgcb/rhel_content.html
> 3. There is a tool called sectool in the fedora repos, but I can't get
> it to run on CentOS due to a missing python-slip module.
> 
> Any suggestions on functioning stacks for this problem would be
> helpful.

Sorry about no suggestions, but seeing where you are I have a question
back at you:
The http://usgcb.nist.gov/usgcb/rhel_content.html seemed to me to be a
newer schema than the openscap in RH/CentOS 5, did you find a way to run
it on 5?

And I sort of assume you have seen 
http://www.redhat.com/security/data/oval/?C=M;O=D
for the RHEL boxes...

Thanks for any pointers.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos


[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux