[Open-scap] RES: [Marketing Mail] Re: OSCAP on Windows: UNKNOWN results

Carlos Eduardo Miranda Zottmann carlos.zottmann at tse.jus.br
Mon Jan 7 20:09:10 UTC 2019 

Hello all!

Barath, where did you get the Security Policies for windows? I´m trying to find them, but, with the lack of funding from the US government, it seems that all the security policies sources are shut down.

Best regards,
[marca_conjunta_completa_cor_simplificada_email]

 Carlos Zottmann

COGTI/STI/TSE

carlos.zottmann at tse.jus.br<mailto:virginia.almeida at tse.jus.br>



De: open-scap-list-bounces at redhat.com [mailto:open-scap-list-bounces at redhat.com] Em nome de Watson Sato
Enviada em: segunda-feira, 7 de janeiro de 2019 12:12
Para: Mohanraj, Bharath
Cc: open-scap-list at redhat.com
Assunto: [Marketing Mail] Re: [Open-scap] OSCAP on Windows: UNKNOWN results

Hello,

A result of "unknown" often means that the scanner was not able to collect information about the system.
It is likely that OpenSCAP hasn't implemented the probes necessary to collect the data to assess the checks which resulted in "unknown".

Currently there are only a few probes enabled for Windows:

  *   accesstoken
  *   registry
  *   wmi
  *   system_info


On Mon, Dec 24, 2018 at 2:41 PM Mohanraj, Bharath <bharath_mohanraj_tp at bmc.com<mailto:bharath_mohanraj_tp at bmc.com>> wrote:

Hi Team,



I'm evaluating oscap 1.3.0 on windows, and I have a query on the same.



I'm trying out oscap scanner in some of the test Windows machines (with different versions like win 7, 8, 8.1, 10, 2012, 2016...). I do see the oscap.exe scan getting triggered and evaluating the OVAL definitions successfully, however when I look at the html report generated, there are lot of definitions marked with "UNKNOWN" as result.



Can someone please help me understand the possible reasons, that can result in "UNKNOWN" result? Also, is there anything I can do to get this working?



Below is a snippet of the report from a Windows 8.1 machine, which shows UNKNOWN results.

[cid:image002.png at 01D4A6B4.163A7180]



Thanks.





Regards,

Bharath M
_______________________________________________
Open-scap-list mailing list
Open-scap-list at redhat.com<mailto:Open-scap-list at redhat.com>
https://www.redhat.com/mailman/listinfo/open-scap-list


--
Watson Sato
Security Technologies | Red Hat, Inc
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/open-scap-list/attachments/20190107/2556e242/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.jpg
Type: image/jpeg
Size: 8335 bytes
Desc: image001.jpg
URL: <http://listman.redhat.com/archives/open-scap-list/attachments/20190107/2556e242/attachment.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.png
Type: image/png
Size: 1009153 bytes
Desc: image002.png
URL: <http://listman.redhat.com/archives/open-scap-list/attachments/20190107/2556e242/attachment.png>

More information about the Open-scap-list mailing list