I am trying to work with OSCAP and I want to do vulnerabilities assessment in centos 7, Fedora and RHEL. I found it for RHEL in OpenSCAP site but my question is, Is it possible to do it in CentOS or Fedora. because apparently there is no OVAL file for them.
Asked
Active
Viewed 2,262 times
2 Answers
1
Yes. The OpenSCAP website specifically mentions how to install it on both Fedora and CentOS 7:
To download the OVAL files, run: yum install scap-security-guide
https://www.open-scap.org/tools/openscap-base/
https://static.open-scap.org/openscap-1.2/oscap_user_manual.html#_installation
Davidw
- 1,222
- 3
- 14
- 25
-
Thanks @Davidw but SSG does not have OVAL file for centos. – afsane Oct 15 '18 at 13:37
-
actually I want to do vulnerabilities assessment for these 3 OS for same vulnerabilities. I mean I want to see for example if all them has vulnerability X or not! – afsane Oct 15 '18 at 13:47
-
something like a same checklist for all of them, so I can compare them. – afsane Oct 15 '18 at 13:56
0
I found this site which has some OVAL files, it is not exactly what i wanted (as I commented above I want a same checklist for these 3 OS) but I hope it would be useful for others.
https://oval.cisecurity.org/repository/download/5.11.2/vulnerability
afsane
- 1
- 4