Hi again,
I don't quite understand how these checks work.
Rootcheck complains about the following checks:
2015 Jul 28 20:24:43 (first time detected: 2015 Jul 27 17:21:47)
System Audit: System Audit: CIS - RHEL6 1.4.2 - SELinux not set to enforcing
. File: /etc/selinux/config. Reference:
Yes, looks like those rule should have an !
I think it would make sense rules like this instead:
# 1.4.2 Set selinux state
[CIS - RHEL6 1.4.2 - SELinux not set to enforcing] [any] [http://
www.ossec.net/wiki/index.php/CIS_RHEL6]
f:/etc/selinux/config - !r:SELINUX=enforcing;
# 1.4.3 Set seliux
Hi all,
since
https://github.com/ossec/ossec-hids/blob/master/src/rootcheck/db/cis_rhel6_linux_rcl.txt
seems a bit incomplete, I'd start to complete it.
lots of important checks are still tagged as to do
please let me know if anyone is already working on the RHEL6 checks or has
it even
Hi Santi,
great, thanks for looking this up :)
for some reason it works nowsurprising.
maybe it takes some time after an inital run...
I now have plenty of Outstanding events, great :)
best,
theresa
Am Sonntag, 26. Juli 2015 00:54:38 UTC+2 schrieb Santiago Bassett:
Hi Theresa,
I just checked my ossec.conf I was surprised to find out that the rootcheck
for CIS isn't even defined.
but I quickly added the cis_rhel6_linux.rcl.txt that Santi provided, thx
Santi :)
when I called rootcheck_control I got the following return
Resolved events:
** No entries found.
Hi Theresa,
have a look at this doc:
https://benchmarks.cisecurity.org/tools2/linux/CIS_Red_Hat_Enterprise_Linux_6_Benchmark_v1.3.0.pdf
I was also curious and found the explanation in page 5:
Scored:
Failure to comply with Scored recommendations will decrease the final
benchmark score.
hi folks,
i just found this interesting thread.
wanted to ask, is there any update with this? how could I contribute? I
could do some testing on CentOS 6/RHEL...
Am Mittwoch, 23. Juli 2014 15:45:46 UTC+2 schrieb Michael Starks:
On 2014-07-23 4:56, Christian Beer wrote:
Hi I downloaded the
I think this is the latest version of those rules:
https://github.com/ossec/ossec-hids/blob/master/src/rootcheck/db/cis_rhel6_linux_rcl.txt
On Tue, Jul 14, 2015 at 11:08 AM, theresa mic-snare rockprinz...@gmail.com
wrote:
also, I'd like to update this page to something more up-to-date (RHEL 6
also, I'd like to update this page to something more up-to-date (RHEL 6 /
7) once I understand how it works and what it does
http://ossec-docs.readthedocs.org/en/latest/manual/rootcheck/audit/CIS_rhel5.html
reading into it right now...
Am Dienstag, 14. Juli 2015 20:03:24 UTC+2 schrieb theresa
Hello,
We see that OSSEC does some CIS checks for Red Hat 5 and older.
Is it possible to update the CIS checks in OSSEC to do CIS checks for RHEL
6 etc?
(http://benchmarks.cisecurity.org/downloads/show-single/?file=rhel6.120)
This helps with PCI-DSS v3 compliance (2.2).
Or is it easy to add
Hi I downloaded the Benchmark paper and tool a quick look.
The question is what is to do? As I understand the document one has to
copy the script snippets from the audit sections into the CIS text files
and annotate with some information, right?
This seems to me like a copypaste job and a pull
On Wed, Jul 23, 2014 at 4:31 AM, Michiel van Es vanesmich...@gmail.com wrote:
Hello,
We see that OSSEC does some CIS checks for Red Hat 5 and older.
Is it possible to update the CIS checks in OSSEC to do CIS checks for RHEL 6
etc?
On Wed, Jul 23, 2014 at 5:56 AM, Christian Beer
cb.mailli...@googlemail.com wrote:
Hi I downloaded the Benchmark paper and tool a quick look.
The question is what is to do? As I understand the document one has to
copy the script snippets from the audit sections into the CIS text files
and
On 2014-07-23 4:56, Christian Beer wrote:
Hi I downloaded the Benchmark paper and tool a quick look.
The question is what is to do? As I understand the document one has to
copy the script snippets from the audit sections into the CIS text
files
and annotate with some information, right?
This
14 matches
Mail list logo