Notes IDS

Voir aussi :

• OSSEC
• EDR (Endpoint detection and response)

CrowdSec https://linuxfr.org/news/detectez-et-bloquez-les-tentatives-d-exploitation-de-log4j-avec-crowdsec

oscap info /usr/share/xml/scap/ssg/content/ssg-rhel8-ds.xml
 
oscap-ssh root@plop 22 xccdf --profile pci-dss --report /tmp/report.html /usr/share/xml/scap/ssg/content/ssg-rhel8-ds.xml

Scanning the system for configuration compliance and vulnerabilities

Source : https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/security_hardening/scanning-the-system-for-configuration-compliance-and-vulnerabilities_security-hardening

wget -O - https://www.redhat.com/security/data/oval/v2/RHEL8/rhel-8.oval.xml.bz2 | bzip2 --decompress > rhel-8.oval.xml
oscap oval eval --report vulnerability.html rhel-8.oval.xml

Voir :

• xccdf

Report au format ARF ou HTML