Quantcast
Channel: Simplicity is a form of art... » scap
Browsing latest articles
Browse All 8 View Live

Documenting security best practices – XCCDF introduction

When I have some free time, I try to work on a Gentoo Security Benchmark which not only documents security best practices (loosely based on the Gentoo Security Handbook which hasn’t seen much updates...

View Article



An XCCDF skeleton for PostgreSQL

In a previous post I wrote about the documentation structure I have in mind for a PostgreSQL security best practice. Considering what XCCDF can give us, the idea is to have the following structure:...

View Article

XCCDF – Documenting a bit more than just descriptions

In my previous post I made a skeleton XCCDF document. By now, we can create a well documented “baseline” (best practice) for our subject (say PostgreSQL). But for now I only talked about...

View Article

Running a bit with the XCCDF document

In my previous post I introduced automated checking of rules through SCE (Script Check Engine). Let’s focus a bit more now on running with an XCCDF document: how to automatically check the system,...

View Article

Remediation through SCAP

I promised in my previous post to give some information about remediation. Remediation is the process where you fix a system to become compliant again after finding out there is a violation on the...

View Article


What is OVAL?

Time to discuss OVAL (Open Vulnerability Assessment Language). In all the previous posts I focused the checking of rules (does the system comply with the given rule) on scripts, through the Script...

View Article

Doing a content check with OVAL

Let’s create an OVAL check to see if /etc/inittab‘s single user definitions only refer to /sbin/sulogin or /sbin/rc single. First, the skeleton: <?xml version="1.0" encoding="UTF-8"?>...

View Article

Giving weights to compliance rules

Now that we wrote up a few OVAL statements and used those instead of SCE driven checks (where possible), let’s finish up and go back to the XCCDF document and see how we can put weights in place. The...

View Article

Browsing latest articles
Browse All 8 View Live




Latest Images