Lee, The SSG is the script being maintained and supported by going forward - the scripts I have out there are for historical reference or further knockdowns beyond the DISA STIG - Shawn likes to call them STIG++ - it's really just ICD 503 requirements.
-Frank ----- Original Message ----- From: "Lee Meinecke" <[email protected]> To: [email protected] Sent: Monday, August 24, 2015 6:34:48 PM Subject: Red Hat 6 STIG Benchmark - Version 1, Release 8 - Online Remediation I'm running the latest openscap and scap-workbench for RHEL6 using Red Hat repositories. If I feed the workbench the XCCDF file from DISA (http://iasecontent.disa.mil/stigs/zip/July2015/U_RedHat_6_V1R8_STIG_SCAP_1-1_Benchmark.zip) and ask for online remediation I'm not getting any fixes. Does this remediation functionality exist or is the benchmark content lacking? I can't seem to get that working. I've been using hardening scripts from https://github.com/fcaviggia/hardening-script-el6 but without commenting out some things those scripts are stricter than needed. Thanks, Lee -- SCAP Security Guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide https://github.com/OpenSCAP/scap-security-guide/ -- Frank Caviggia Senior Consultant, Red Hat [email protected] (M) (571) 295-4560 -- SCAP Security Guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide https://github.com/OpenSCAP/scap-security-guide/
