Displaying 20 results from an estimated 2000 matches similar to: "OVAL support for CentOS"
2017 Mar 17
3
lock out account after 3 failures
I?m looking to configure a centos 7 server to lock out anaccount after 3 login failures.
I?ve followed this
?
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Security_Guide/chap-Security_Guide-Securing_Your_Network.html#sect-Security_Guide-Workstation_Security-Administrative_Controls
?
Section2.1.9.5 Account Locking
?
And even rebooted the serverbut it
2017 Mar 17
0
lock out account after 3 failures
On 03/17/2017 02:41 AM, Ian Diddams wrote:
> I?ve followed this
>
>
>
> https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Security_Guide/chap-Security_Guide-Securing_Your_Network.html#sect-Security_Guide-Workstation_Security-Administrative_Controls
Can you send the /etc/pam.d/system-auth that you used for your test?
2013 Jan 13
0
luks and aes-ni
Hi,
Short version: If I had a CPU with the aes-ni [1] feature would luks use it?
I know that Upstream Vendors Security Guide [2] says:
...snip
The default cipher used for LUKS (refer to cryptsetup --help) is
aes-cbc-essiv:sha256 (ESSIV - Encrypted Salt-Sector Initialization
Vector). Note that the installation program, Anaconda, uses by default
XTS mode (aes-xts-plain64)
snap...
I also found a
2015 Oct 23
1
OpenSSL and OpenSSH on CentOS (FIPS enabled)
Hi experts,
Current I am doing FIPS gap analysis for our product, can someone help to have a look my questions?
Our product is server running under CentOS 6.x, and according to the upstream (RedHat) document, CentOS can be configured to FIPS mode:
2019 Sep 03
2
oval support for centos
We use oval to check the system vulnerability.
Redhat offer official oval(https://www.redhat.com/security/data/oval/), and
it works well on redhat.
There is no official centos oval, and using redhat oval on centos got
false results.
centos is based redhat, so I wrote a script fetch redhat oval files and
convert it to useful for centos.
And I push the oval to my github:
2019 Sep 05
0
oval support for centos
On 9/3/19 3:27 AM, Sep0lkit wrote:
> We use oval to check the system vulnerability.
>
> Redhat offer official oval(https://www.redhat.com/security/data/oval/), and
> it works well on redhat.
>
> There is no official centos oval, and using redhat oval on centos got
> false results.
> centos is based redhat, so I wrote a script fetch redhat oval files and
> convert it
2019 Feb 01
0
OVAL content
Hi all,
Much like Ubuntu and Debian teams have OVAL content published for detecting
vulnerabilities, are there plans of publishing such content? e.g.
https://people.canonical.com/~ubuntu-security/oval/
On a related note, has anybody looked into using RHEL oval content on
CentOS?
2020 Aug 04
3
CentOS Security Advisories OVAL feed??
Dear List,
I have spent some time playing around with oscap and the RHEL OVAL feed
(https://www.redhat.com/security/data/oval/v2/RHEL8/, also check Chapter
16 of the RHEL 8 Design Guide). Because I could not find an existing
OVAL file for CentOS, I downloaded one of the RHEL8 files and managed to
modify (eg. the rhel-8.1-e4s.oval.xml) it to make it work on a CentOS
machine. Basically I just
2020 Aug 05
0
CentOS Security Advisories OVAL feed??
On 8/5/20 10:45 AM, centos at niob.at wrote:
> On 05/08/2020 16:49, Johnny Hughes wrote:
>> On 8/5/20 1:05 AM, centos at niob.at wrote:
>>> On 04/08/2020 23:50, Jon Pruente wrote:
>>>> On Tue, Aug 4, 2020 at 11:34 AM <centos at niob.at> wrote:
>>>>
>>>>> Q5) If the answer to the last question is "no": shouldn't there be
2015 Jul 13
0
Modifying RHEL OVAL CVE feed for use with CentOS 7
Hi all.
I am curious if anyone has experience using the OVAL tests for CVEs provided by Red Hat (https://www.redhat.com/security/data/metrics/) for CentOS 7.
I was able to get the tests working for the non modified packages provided by RHEL but not the packages modified by CentOS.
I believe this is because CentOS 7 no longer has minor versions (PACKAGE.VERSION.el7.*.rpm) whereas RHEL does
2020 Aug 05
0
CentOS Security Advisories OVAL feed??
On 8/5/20 1:05 AM, centos at niob.at wrote:
> On 04/08/2020 23:50, Jon Pruente wrote:
>> On Tue, Aug 4, 2020 at 11:34 AM <centos at niob.at> wrote:
>>
>>> Q5) If the answer to the last question is "no": shouldn't there be such
>>> a resource?
>>>
>> CentOS doesn't publish security errata. If you need it then you should
2020 Aug 05
3
CentOS Security Advisories OVAL feed??
On 05/08/2020 16:49, Johnny Hughes wrote:
> On 8/5/20 1:05 AM, centos at niob.at wrote:
>> On 04/08/2020 23:50, Jon Pruente wrote:
>>> On Tue, Aug 4, 2020 at 11:34 AM <centos at niob.at> wrote:
>>>
>>>> Q5) If the answer to the last question is "no": shouldn't there be such
>>>> a resource?
>>>>
>>> CentOS
2020 Aug 05
2
CentOS Security Advisories OVAL feed??
On 04/08/2020 23:50, Jon Pruente wrote:
> On Tue, Aug 4, 2020 at 11:34 AM <centos at niob.at> wrote:
>
>> Q5) If the answer to the last question is "no": shouldn't there be such
>> a resource?
>>
> CentOS doesn't publish security errata. If you need it then you should
> either buy RHEL, or deal with putting together your own set up with
>
2017 Apr 29
0
SCSI drives and Centos 7
On 04/29/2017 06:50 AM, Gregory P. Ennis wrote:
> about 4 years ago, I tried to install CentOS 6 on a Supermicro server
> with SCSI drives using a LSI raid system.
Red Hat does discontinue support for some storage driver for very old
hardware when they start a new release series. For EL6, that list is here:
2004 Jun 25
7
circle / oval / semicircle ?
hi: where would I find facilities to draw circles, ovals, and
semicircles? (or should I construct them myself using curve?)
regards, /ivo
2017 Jan 05
0
OpenSCAP failures to to OS version?
Hi - I?m running the OpenSCAP STIG profile on a new CentOS 7.1611 installation, and I get a few failures that look like this (output from openscap scan ?verbosity INFO). I suspect this is because the openscap module is not accepting CentOS 7 as RHEL 7 for rules purposes, despite an early check for "Community Enterprise Operating System 7? which succeeds.
1. Am I correct in why it?s
2016 Sep 29
0
Virtualization Networking
On 09/28/2016 08:43 AM, tdukes at palmettoshopper.com wrote:
> I have one of those free domains/DNS from no-ip.com, centos7vm.ddns.net
> I plan to use as the host name.
>
> I want to be able to access this VM from the internet.
...
> This is what I was seeing. Either it lands on the DSL router's login
> page or the host's website.
If you only have one address, you'll
2015 Feb 09
0
Another Fedora decision
On Mon, Feb 9, 2015 at 3:42 PM, Valeri Galtsev
<galtsev at kicp.uchicago.edu> wrote:
> >
> Still, there are many knowledgeable people on the list, they may give
> different recommendation, which will create some pool of choices. I asked
> John and Jonathan, I'd like to ask also Les Mikesell and Mr. SilverTip257:
> what would you, gentlemen, recommend? Anybody? (I know
2015 Feb 09
2
Another Fedora decision
On Mon, Feb 9, 2015 at 2:06 PM, Les Mikesell <lesmikesell at gmail.com> wrote:
> On Mon, Feb 9, 2015 at 3:42 PM, Valeri Galtsev
> <galtsev at kicp.uchicago.edu> wrote:
>> >
>> Still, there are many knowledgeable people on the list, they may give
>> different recommendation, which will create some pool of choices. I asked
>> John and Jonathan, I'd
2016 Sep 30
2
Virtualization Networking
> -----Original Message-----
> From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On
> Behalf Of Gordon Messmer
> Sent: Thursday, September 29, 2016 11:47 AM
> To: CentOS mailing list
> Subject: Re: [CentOS] Virtualization Networking
>
> On 09/28/2016 08:43 AM, tdukes at palmettoshopper.com wrote:
> > I have one of those free domains/DNS from