February 2020
Intermediate to advanced
666 pages
15h 45m
English
Content preview from Mastering Linux Security and Hardening - Second Edition
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Scanning the system
In this section, we'll work with our CentOS 7 VM.
This procedure works the same for CentOS 8. As we'll see later, Ubuntu 18.04 has a completely different set of profiles, but other than that, the procedure will still be the same.
Now, let's say that we need to ensure that our systems are compliant with Payment Card Industry standards. First, we'll scan the CentOS machine to see what needs remediation (note that the following command is very long and wraps around on the printed page):
sudo oscap xccdf eval --profile pci-dss --results scan-xccdf-results.xml /usr/share/xml/scap/ssg/content/ssg-centos7-xccdf.xml
As we always like to do, let's break this down:
- xccdf eval: The Extensible Configuration Checklist Description ...