-
Notifications
You must be signed in to change notification settings - Fork 144
Home
RHEL/CentOS 7 STIG/Goss Audit scans.
The Red Hat Enterprise Linux 7 (RHEL)/(CentOS) 7 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of information systems. The requirements were developed from the General Purpose Operating System Security Requirements Guide (GPOS SRG). The vulnerabilities discussed in this document are applicable to RHEL 7/CentOS 7 Desktop and Server installations. This document is meant for use in conjunction with the Enclave, Network Infrastructure, Secure Remote Computing, and appropriate application STIGs. based on DISA STIG compliant (Jan 2021).
You must have goss available to your host in order to test. You must have sudo/root access to the system as some commands require privilege information. Assuming you have already clone this repository you can run goss from where you wish.
Set of configuration files and directories to audit STIG of (RHEL)/(CentOS) 7 servers This is configured in a directory structure level. This could do with further testing but sections 1.x should be complete Goss is run based on the goss.yml file in the top level directory.
This specifies the configuration.This also works alongside the Ansible Lockdown RHEL7-STIG role Which will perform the following related tasks: install, audit, remediate, audit