similar to: OVAL support for CentOS

I?m looking to configure a centos 7 server to lock out anaccount after 3 login failures. I?ve followed this ? https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Security_Guide/chap-Security_Guide-Securing_Your_Network.html#sect-Security_Guide-Workstation_Security-Administrative_Controls ? Section2.1.9.5 Account Locking ? And even rebooted the serverbut it

On 03/17/2017 02:41 AM, Ian Diddams wrote: > I?ve followed this > > > > https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Security_Guide/chap-Security_Guide-Securing_Your_Network.html#sect-Security_Guide-Workstation_Security-Administrative_Controls Can you send the /etc/pam.d/system-auth that you used for your test?

Hi, Short version: If I had a CPU with the aes-ni [1] feature would luks use it? I know that Upstream Vendors Security Guide [2] says: ...snip The default cipher used for LUKS (refer to cryptsetup --help) is aes-cbc-essiv:sha256 (ESSIV - Encrypted Salt-Sector Initialization Vector). Note that the installation program, Anaconda, uses by default XTS mode (aes-xts-plain64) snap... I also found a

Hi experts, Current I am doing FIPS gap analysis for our product, can someone help to have a look my questions? Our product is server running under CentOS 6.x, and according to the upstream (RedHat) document, CentOS can be configured to FIPS mode:

We use oval to check the system vulnerability. Redhat offer official oval(https://www.redhat.com/security/data/oval/), and it works well on redhat. There is no official centos oval, and using redhat oval on centos got false results. centos is based redhat, so I wrote a script fetch redhat oval files and convert it to useful for centos. And I push the oval to my github:

On 9/3/19 3:27 AM, Sep0lkit wrote: > We use oval to check the system vulnerability. > > Redhat offer official oval(https://www.redhat.com/security/data/oval/), and > it works well on redhat. > > There is no official centos oval, and using redhat oval on centos got > false results. > centos is based redhat, so I wrote a script fetch redhat oval files and > convert it

Hi all, Much like Ubuntu and Debian teams have OVAL content published for detecting vulnerabilities, are there plans of publishing such content? e.g. https://people.canonical.com/~ubuntu-security/oval/ On a related note, has anybody looked into using RHEL oval content on CentOS?

Dear List, I have spent some time playing around with oscap and the RHEL OVAL feed (https://www.redhat.com/security/data/oval/v2/RHEL8/, also check Chapter 16 of the RHEL 8 Design Guide). Because I could not find an existing OVAL file for CentOS, I downloaded one of the RHEL8 files and managed to modify (eg. the rhel-8.1-e4s.oval.xml) it to make it work on a CentOS machine. Basically I just

On 8/5/20 10:45 AM, centos at niob.at wrote: > On 05/08/2020 16:49, Johnny Hughes wrote: >> On 8/5/20 1:05 AM, centos at niob.at wrote: >>> On 04/08/2020 23:50, Jon Pruente wrote: >>>> On Tue, Aug 4, 2020 at 11:34 AM <centos at niob.at> wrote: >>>> >>>>> Q5) If the answer to the last question is "no": shouldn't there be

Hi all. I am curious if anyone has experience using the OVAL tests for CVEs provided by Red Hat (https://www.redhat.com/security/data/metrics/) for CentOS 7. I was able to get the tests working for the non modified packages provided by RHEL but not the packages modified by CentOS. I believe this is because CentOS 7 no longer has minor versions (PACKAGE.VERSION.el7.*.rpm) whereas RHEL does

On 8/5/20 1:05 AM, centos at niob.at wrote: > On 04/08/2020 23:50, Jon Pruente wrote: >> On Tue, Aug 4, 2020 at 11:34 AM <centos at niob.at> wrote: >> >>> Q5) If the answer to the last question is "no": shouldn't there be such >>> a resource? >>> >> CentOS doesn't publish security errata. If you need it then you should

On 05/08/2020 16:49, Johnny Hughes wrote: > On 8/5/20 1:05 AM, centos at niob.at wrote: >> On 04/08/2020 23:50, Jon Pruente wrote: >>> On Tue, Aug 4, 2020 at 11:34 AM <centos at niob.at> wrote: >>> >>>> Q5) If the answer to the last question is "no": shouldn't there be such >>>> a resource? >>>> >>> CentOS

On 04/08/2020 23:50, Jon Pruente wrote: > On Tue, Aug 4, 2020 at 11:34 AM <centos at niob.at> wrote: > >> Q5) If the answer to the last question is "no": shouldn't there be such >> a resource? >> > CentOS doesn't publish security errata. If you need it then you should > either buy RHEL, or deal with putting together your own set up with >

On 04/29/2017 06:50 AM, Gregory P. Ennis wrote: > about 4 years ago, I tried to install CentOS 6 on a Supermicro server > with SCSI drives using a LSI raid system. Red Hat does discontinue support for some storage driver for very old hardware when they start a new release series. For EL6, that list is here:

hi: where would I find facilities to draw circles, ovals, and semicircles? (or should I construct them myself using curve?) regards, /ivo

Hi - I?m running the OpenSCAP STIG profile on a new CentOS 7.1611 installation, and I get a few failures that look like this (output from openscap scan ?verbosity INFO). I suspect this is because the openscap module is not accepting CentOS 7 as RHEL 7 for rules purposes, despite an early check for "Community Enterprise Operating System 7? which succeeds. 1. Am I correct in why it?s

On 09/28/2016 08:43 AM, tdukes at palmettoshopper.com wrote: > I have one of those free domains/DNS from no-ip.com, centos7vm.ddns.net > I plan to use as the host name. > > I want to be able to access this VM from the internet. ... > This is what I was seeing. Either it lands on the DSL router's login > page or the host's website. If you only have one address, you'll

On Mon, Feb 9, 2015 at 3:42 PM, Valeri Galtsev <galtsev at kicp.uchicago.edu> wrote: > > > Still, there are many knowledgeable people on the list, they may give > different recommendation, which will create some pool of choices. I asked > John and Jonathan, I'd like to ask also Les Mikesell and Mr. SilverTip257: > what would you, gentlemen, recommend? Anybody? (I know

On Mon, Feb 9, 2015 at 2:06 PM, Les Mikesell <lesmikesell at gmail.com> wrote: > On Mon, Feb 9, 2015 at 3:42 PM, Valeri Galtsev > <galtsev at kicp.uchicago.edu> wrote: >> > >> Still, there are many knowledgeable people on the list, they may give >> different recommendation, which will create some pool of choices. I asked >> John and Jonathan, I'd

> -----Original Message----- > From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On > Behalf Of Gordon Messmer > Sent: Thursday, September 29, 2016 11:47 AM > To: CentOS mailing list > Subject: Re: [CentOS] Virtualization Networking > > On 09/28/2016 08:43 AM, tdukes at palmettoshopper.com wrote: > > I have one of those free domains/DNS from