-
Notifications
You must be signed in to change notification settings - Fork 144
Home
RHEL 7 & CentOS 7 STIG/Goss Audit scans.
The Red Hat Enterprise Linux 7 (RHEL7)/CentOS 7 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of information systems. The requirements were developed from the General Purpose Operating System Security Requirements Guide (GPOS SRG). The vulnerabilities discussed in this document are applicable to RHEL 7/CentOS 7 Desktop and Server installations. This document is meant for use in conjunction with the Enclave, Network Infrastructure, Secure Remote Computing, and appropriate application STIGs. based on DISA STIG compliant (Jan 2021).
Set of configuration files and directories to audit STIG of RHEL/CentOS 7 servers This is configured in a directory structure level. This could do with further testing but sections 1.x should be complete Goss is run based on the goss.yml file in the top level directory. This specifies the configuration.
You must have goss available to your host you would like to test. You must have sudo/root access to the system as some commands require privilege information. Assuming you have already clone this repository you can run goss from where you wish.
This also works alongside the Ansible Lockdown RHEL7-STIG role Which will perform the following related tasks: install, audit, remediate, audit