{{tag>Brouillon}} # Notes IDS Voir aussi : * OSSEC * EDR (Endpoint detection and response) CrowdSec https://linuxfr.org/news/detectez-et-bloquez-les-tentatives-d-exploitation-de-log4j-avec-crowdsec ## open-scap / oscap ~~~bash oscap info /usr/share/xml/scap/ssg/content/ssg-rhel8-ds.xml oscap-ssh root@plop 22 xccdf --profile pci-dss --report /tmp/report.html /usr/share/xml/scap/ssg/content/ssg-rhel8-ds.xml ~~~ Scanning the system for configuration compliance and vulnerabilities Source : https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/security_hardening/scanning-the-system-for-configuration-compliance-and-vulnerabilities_security-hardening ~~~bash wget -O - https://www.redhat.com/security/data/oval/v2/RHEL8/rhel-8.oval.xml.bz2 | bzip2 --decompress > rhel-8.oval.xml oscap oval eval --report vulnerability.html rhel-8.oval.xml ~~~ Voir : * xccdf Report au format ARF ou HTML