[Open-scap] ntp and auditd setting issue in debian 8

Dhanushka Parakrama parakrama1282 at gmail.com
Mon Sep 3 09:59:58 UTC 2018 

Guys

Any news regarding  the error

On Wed, 29 Aug 2018 at 21:33, Dhanushka Parakrama <parakrama1282 at gmail.com>
wrote:

>
> Hi  Team
>
> We have ran the scan for debian 8 using below command
>
> *oscap  xccdf eval   --profile
> xccdf_org.ssgproject.content_profile_anssi_np_nt28_high --report
> report.html  ssg-debian8-ds.xml*
>
> Got alerts as below ,
> ===============
>
> [image: image.png]
>
>
>
> To Fixed it we ran the below commands as suggested by the report
>
> *service ntp status*
> ● ntp.service - LSB: Start NTP daemon
>    Loaded: loaded (/etc/init.d/ntp)
>    Active: active (running) since Mon 2018-08-27 18:24:21 IST; 2 days ago
>    CGroup: /system.slice/ntp.service
>            └─473 /usr/sbin/ntpd -p /var/run/ntpd.pid -g -u 112:120
>
> Aug 27 18:24:21 oscapserver ntpd[473]: Listen and drop on 0 v4wildcard
> 0.0.0.0 UDP 123
> Aug 27 18:24:21 oscapserver ntpd[473]: Listen and drop on 1 v6wildcard ::
> UDP 123
> Aug 27 18:24:21 oscapserver ntpd[473]: Listen normally on 2 lo 127.0.0.1
> UDP 123
> Aug 27 18:24:21 oscapserver ntpd[473]: Listen normally on 3 eth0
> 192.168.8.150 UDP 123
> Aug 27 18:24:21 oscapserver ntpd[473]: Listen normally on 4 lo ::1 UDP 123
> Aug 27 18:24:21 oscapserver ntpd[473]: peers refreshed
> Aug 27 18:24:21 oscapserver ntpd[473]: Listening on routing socket on fd
> #21 for interface updates
> Aug 27 18:24:21 oscapserver systemd[1]: Started LSB: Start NTP daemon.
> Aug 27 18:24:24 oscapserver ntpd[473]: Listen normally on 5 eth0
> fe80::250:56ff:fe94:6150 UDP 123
> Aug 27 18:24:24 oscapserver ntpd[473]: peers refreshed
>
>
> *service auditd status*
> ● auditd.service - Security Auditing Service
>    Loaded: loaded (/lib/systemd/system/auditd.service; enabled)
>    Active: active (running) since Tue 2018-08-28 14:41:28 IST; 1 day 6h ago
>  Main PID: 12464 (auditd)
>    CGroup: /system.slice/auditd.service
>            └─12464 /sbin/auditd -n
>
>
> But even after we ran the scan after fixing it  Report still shows as
>
>
> [image: image.png]
>
> Is there any reason for that ?
>
>
> Thank You
> Dhanushka
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/open-scap-list/attachments/20180903/9b1c7b0a/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image.png
Type: image/png
Size: 8661 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/open-scap-list/attachments/20180903/9b1c7b0a/attachment.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image.png
Type: image/png
Size: 8661 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/open-scap-list/attachments/20180903/9b1c7b0a/attachment-0001.png>

More information about the Open-scap-list mailing list