I have been doing a full pass/fail test of the RHEL 6 Benchmark and listed below are some of the issues I have come across.
- V-38465 / SV-50265 - The benchmark check returns a passing result, but upon a manual check you can see that /lib/modules/2.6.32-358.el6.x86_64/source and /lib/modules/2.6.32-358.el6.x86_64/build both have group and write permissions. - V-38476 / SV-50276 - Benchmark returns that this check is closed. Manually checking for gpg-pubkey shows that the package is not installed - V-38477 / SV-50277 - This check has been returning a open finding even after the settings have been configured to pass. - V-38499 / SV-50300 - Same as above - V-38501 / SV-50302 - Unable to make this check pass. It appears that the STIG is missing some Fix text that the Benchmark is checking for. - V-38512 / SV-50313 - This check passes but the STIG may need updating as the status does not return what the STIG suggests it should. - V-38519 / SV-50320 - I am unable to get this check to run for some reason. - V-38540 / SV-50341 - STIG may need updated. Benchmark is looking for "-a always,exit... " but the STIG is instructing me to configure it as "-a exit,always..." Check runs properly when I change the order but I am unsure which is the correct way. Jordan Shuhart DISA Field Security Operations IA Standards & Analysis Division (717)267-9078 [email protected]
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ scap-security-guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
