[Open-scap] EXT :Re: SecState Evaluation

Rodrian, Logan P (IS) Logan.Rodrian at ngc.com
Tue Dec 11 23:35:47 UTC 2012 

Steve-

I in-lined my answers to your questions.  Did the CSV or XLS come through on the list?

I am using the CLIP RedHat 6.2 distribution and the versions of the tools that are included with it.  I can certainly run any other tools to verify if that will help.  As I mentioned, I have emailed the secstate list and they directed me here due to the explanation of where the problem could exist.

> Hello-
>
> Along with the recent release of CLIP, I have begun using SecState to
> perform auditing and remediation for my system. In performing these tasks
> and viewing the reports, I found that there were multiple issues with the
> checks being performed incorrectly.
> >From the common profile, which is what I am running, I found the following:
> Check Incorrect (Pre Remediation) 15
> Check Incorrect (Post Remediation) 15+19 (34)
>
> I have compiled a spreadsheet documenting my findings.
>
> I have contacted the SecState mailing list and I was directed to submit
> identified errors in the checks to this list. I have attached 2 CSV files
> containing both the Pre and Post incorrectness as well as the larger XLS
> spreadsheet.

The problem could be in 3 places: the content, openscap, or secstate. Writing
good content is hard. Much harder than it should be due to lack of good
authoring tools. Perhaps you are on an old version of openscap and these are
fixed?


> Please take a look at the findings. If you could provide any detail on the
> status/state of these issues (are they already known? are these new?)

What OS are you using?
RedHat 6.2 from the CLIP release

What version of openscap?
0.9.1-1

What version of secstate?
0.6.0

What content and its version number?
SSG content ssg-rhel6-xccdf.xml

Without any of these its hard to reproduce.


> and/or the planned date of future release that may include any fixes, it
> would be much appreciated. Additionally, if there is a single point of
> contact appropriate to work with on this, that information would be useful.

This is the openscap list which provides its own security scanner, oscap. You
may be asked to reproduce the problem using the oscap utility to see if there
is still a problem. But lets start with just letting us know the versions of
the different pieces.

Thanks,
-Steve
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/open-scap-list/attachments/20121211/6adfe86f/attachment.htm>

More information about the Open-scap-list mailing list