On Wed, Jul 23, 2014 at 5:56 AM, Christian Beer <cb.mailli...@googlemail.com> wrote: > Hi I downloaded the Benchmark paper and tool a quick look. > > The question is what is to do? As I understand the document one has to > copy the script snippets from the audit sections into the CIS text files > and annotate with some information, right? > > This seems to me like a copy&paste job and a pull request on github. >
I'd start by copying one of the older files, modifying the OS version check to work with the version you want to check. Then adjust as new alerts come in. I think I'll give this a shot with Centos 7 and report back. > Regards > Christian > > Am 23.07.2014 10:31, schrieb Michiel van Es: >> Hello, >> >> We see that OSSEC does some CIS checks for Red Hat 5 and older. >> Is it possible to update the CIS checks in OSSEC to do CIS checks for >> RHEL 6 etc? >> (http://benchmarks.cisecurity.org/downloads/show-single/?file=rhel6.120) >> This helps with PCI-DSS v3 compliance (2.2). >> >> Or is it easy to add these checks yourself or are they on the planning >> to be included in a new release? >> >> Michiel >> >> -- >> >> --- >> You received this message because you are subscribed to the Google >> Groups "ossec-list" group. >> To unsubscribe from this group and stop receiving emails from it, send >> an email to ossec-list+unsubscr...@googlegroups.com >> <mailto:ossec-list+unsubscr...@googlegroups.com>. >> For more options, visit https://groups.google.com/d/optout. > > -- > > --- > You received this message because you are subscribed to the Google Groups > "ossec-list" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to ossec-list+unsubscr...@googlegroups.com. > For more options, visit https://groups.google.com/d/optout. -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.