Results 1 to 3 of 3

Thread: STIG / SCAP files for SUSE 11/12

  1. #1

    STIG / SCAP files for SUSE 11/12

    Hi - apparently there is some amount of vendor support for SLES 11, and I hear 12 is coming - for STIG / SCAPs. These define sets of tests to run against the OS for configuration mainly to asses security of the system. This is implemented through XCCDF and OVAL xml files.

    Here are a few examples:
    SLES11 for System Z: https://web.nvd.nist.gov/view/ncp/re...tDetail?id=407 (not that this is an incomplete fileset, seems to be missing DPMS_XCCDF_Benchmark_SuSe zLinux.xml). I've emailed the point of contact about this, and they said it's coming from the vendor and they don't know anything otherwise.

    RHEL6: https://web.nvd.nist.gov/view/ncp/re...tDetail?id=438

    RHEL7 is going under draft and mainly being worked on here: https://github.com/OpenSCAP/scap-security-guide

    I'm wondering if anyone at Novel is in the know on these files or if it's something that slipped by the wayside. They're basically a requirement for DoD usage of SUSE.

  2. #2

    Re: STIG / SCAP files for SUSE 11/12

    Btw, the oval files implement different checks, e.g. not wrt CVEs as the files here: http://ftp.suse.com/pub/projects/security/oval/

  3. Re: STIG / SCAP files for SUSE 11/12

    Hi jenewton,

    Quote Originally Posted by jenewton View Post
    Hi - apparently there is some amount of vendor support for SLES 11, and I hear 12 is coming - for STIG / SCAPs. These define sets of tests to run against the OS for configuration mainly to asses security of the system. This is implemented through XCCDF and OVAL xml files.

    Here are a few examples:
    SLES11 for System Z: https://web.nvd.nist.gov/view/ncp/re...tDetail?id=407 (not that this is an incomplete fileset, seems to be missing DPMS_XCCDF_Benchmark_SuSe zLinux.xml). I've emailed the point of contact about this, and they said it's coming from the vendor and they don't know anything otherwise.

    RHEL6: https://web.nvd.nist.gov/view/ncp/re...tDetail?id=438

    RHEL7 is going under draft and mainly being worked on here: https://github.com/OpenSCAP/scap-security-guide

    I'm wondering if anyone at Novel is in the know on these files or if it's something that slipped by the wayside. They're basically a requirement for DoD usage of SUSE.
    I'm not sure what you're looking for - if it's an official SUSE position on the issue, asking in the forums isn't the most effective way to go: These forums are "peer-to-peer" support from fellow SLES users.

    Regards,
    J.
    From the times when today's "old school" was "new school"

    If you find this post helpful and are logged into the web interface, show your appreciation and click on the star below...

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •