linux:security

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision		 Previous revision
linux:security [2024/07/13 04:52] – [FIPS security for ubuntu] adminlinux:security [2025/02/05 12:37] (current) – [Library] admin
Line 1: Line 1:
 +====== Library ======
 +
 +https://wazuh.com/ - XDR , SIEM https://habr.com/ru/articles/867162/ \\
 +
 +https://attack.mitre.org/
 +
 +opensource opsec review
 +
 ====== Linux Security  ====== ====== Linux Security  ======
   * https://pberba.github.io/security/2022/01/30/linux-threat-hunting-for-persistence-systemd-timers-cron/#73-monitoring-addition-to-cron   * https://pberba.github.io/security/2022/01/30/linux-threat-hunting-for-persistence-systemd-timers-cron/#73-monitoring-addition-to-cron
  
 +
 +====== Zerotrust ======
 +https://docs.linuxserver.io/images/docker-kasm/ kasm
  
 ====== Zerotrust Browser ====== ====== Zerotrust Browser ======
Line 61: Line 72:
  
 ====== Openscap ====== ====== Openscap ======
-  - https://medium.com/@raveen.gatla/the-ultimate-guide-for-security-compliance-with-openscap-part-1-26da99824c1b 
-<code BASH> 
-# https://medium.com/defense-unicorns/stig-scanning-with-openscap-675c7292d7cb 
-# Install OpenSCAP 
-sudo apt install libopenscap8 
  
-# Confirm installation and location of OpenSCAP +  -  Security Technical Implementation Guide 
-which oscap+    -  https://medium.com/@aika.nazhimidinova/cis-benchmark-of-ubuntu-22-04-openscap-security-guide-707f206e73c8 
 +    -  https://medium.com/defense-unicorns/stig-scanning-with-openscap-675c7292d7cb  
 +    -  https://medium.com/@raveen.gatla/the-ultimate-guide-for-security-compliance-with-openscap-part-1-26da99824c1b 
 +  -  ++ Detail|<code BASH> 
 +  
 +  sudo apt-get install libopenscap8 
 +  oscap -v 
 +  oscap -V
  
-# Confirm OpenSCAP version +  sudo oscap xccdf eval --profile xccdf_org.ssgproject.content_profile_cis_level1_server --results-arf arf.xml --report $1 /usr/share/ubuntu-scap-security-guides/1/benchmarks/ssg-ubuntu2004-ds.xml
-oscap -V+
  
-# Install SCAP security guide targeting Debian-based OS 
-sudo apt install ssg-debderived 
  
  
-sudo oscap xccdf eval --profile xccdf_org.ssgproject.content_profile_cis_level1_server --results-arf arf.xml --report ./rep /usr/share/ubuntu-scap-security-guides/1/benchmarks/ssg-ubuntu2204-ds.xml > oscap_result_$(date +"%y%m%d").txt+ oscap info /usr/share/ubuntu-scap-security-guides/1/benchmarks/ssg-ubuntu2204-ds-1.2.xml 
 + sudo oscap xccdf eval --profile xccdf_org.ssgproject.content_profile_stig --report report.html /usr/share/ubuntu-scap-security-guides/1/benchmarks/ssg-ubuntu2204-ds-1.2.xml
  
-# Download the latest Scap Security Guide 
-sudo wget https://github.com/ComplianceAsCode/content/releases/download/v0.1.69/scap-security-guide-0.1.69.zip 
-# Unzip Scap Security Guide 
-sudo unzip scap-security-guide-0.1.69.zip 
-cd scap-secuirty-guide-0.1.69/ 
-ls 
  
-# Display a list of available Profiles + oscap xccdf generate fix --profile xccdf_org.ssgproject.content_profile_stig --fix-type bash /usr/share/ubuntu-scap-security-guides/1/benchmarks/ssg-ubuntu2204-ds-1.2.xml > fix_sig.sh 
-oscap info ssg-ubuntu2004-ds-1.2.xml + grep '2 echo "' ./fx_sig.sh
- +
-# Evaluate a STIG Profile and write XCCDF results into a report.html file +
-sudo oscap xccdf eval --profile xccdf_org.ssgproject.content_profile_stig +
---report report.html ssg-ubuntu2004-ds-1.2.xml+
  
 </code> </code>
- +++
  • linux/security.1720846361.txt.gz
  • Last modified: 2024/07/13 04:52
  • by admin