[Open-scap] I want to run this ProfileID: xccdf_org.ssgproject.content_profile_ncp

Gabriel Gaspar Becker ggasparb at redhat.com
Tue Mar 14 12:53:19 UTC 2023 

Please have a look at
https://github.com/ComplianceAsCode/content/issues/7034

Amazon content is not officially supported in the scap-security-guide as
far as I know, someone has probably forked the official repo and made some
extraordinary modifications. I suggest you take a look at the issue and get
acquainted with the documentation of the project in general to understand
how you could contribute to make things available.

Regards.

On Thu, Mar 9, 2023 at 9:19 PM Quick, Bernie <baquick at amazon.com> wrote:

> Hi,
>
>
>
> I have successfully run other profiles, but I really want to run this one:
>
>
>
> xccdf_org.ssgproject.content_profile_ncp
>
>
>
> Documented here:
>
>
>
> http://static.open-scap.org/ssg-guides/ssg-rhel7-guide-ncp.html
>
>
>
> My current use case is an Amazon Linux 2 instance.
>
>
>
> I have successfully ran:
>
>
>
> sudo yum install openscap-scanner
>
>
>
> sudo yum install scap-security-guide
>
>
>
> sudo oscap xccdf eval --profile xccdf_org.ssgproject.content_profile_ncp
> --results-arf arf.xml --report report.html
> /usr/share/xml/scap/ssg/content/ssg-rhel7-ds.xml
>
>
>
> Report generates and I can see, but nothing is relevant.
>
>
>
> When I run
>
>
>
> ls -1 /usr/share/xml/scap/ssg/content/*.xml
>
>
>
> I get:
>
>
>
> */usr/share/xml/scap/ssg/content/ssg-amzn2-ds.xml*
>
> */usr/share/xml/scap/ssg/content/ssg-amzn2-xccdf.xml*
>
> /usr/share/xml/scap/ssg/content/ssg-centos6-ds.xml
>
> /usr/share/xml/scap/ssg/content/ssg-centos6-xccdf.xml
>
> /usr/share/xml/scap/ssg/content/ssg-centos7-ds.xml
>
> /usr/share/xml/scap/ssg/content/ssg-centos7-xccdf.xml
>
> /usr/share/xml/scap/ssg/content/ssg-firefox-cpe-dictionary.xml
>
> /usr/share/xml/scap/ssg/content/ssg-firefox-cpe-oval.xml
>
> /usr/share/xml/scap/ssg/content/ssg-firefox-ds.xml
>
> /usr/share/xml/scap/ssg/content/ssg-firefox-ocil.xml
>
> /usr/share/xml/scap/ssg/content/ssg-firefox-oval.xml
>
> /usr/share/xml/scap/ssg/content/ssg-firefox-xccdf.xml
>
> /usr/share/xml/scap/ssg/content/ssg-jre-cpe-dictionary.xml
>
> /usr/share/xml/scap/ssg/content/ssg-jre-cpe-oval.xml
>
> /usr/share/xml/scap/ssg/content/ssg-jre-ds.xml
>
> /usr/share/xml/scap/ssg/content/ssg-jre-ocil.xml
>
> /usr/share/xml/scap/ssg/content/ssg-jre-oval.xml
>
> /usr/share/xml/scap/ssg/content/ssg-jre-xccdf.xml
>
> /usr/share/xml/scap/ssg/content/ssg-rhel6-cpe-dictionary.xml
>
> /usr/share/xml/scap/ssg/content/ssg-rhel6-cpe-oval.xml
>
> /usr/share/xml/scap/ssg/content/ssg-rhel6-ds.xml
>
> /usr/share/xml/scap/ssg/content/ssg-rhel6-ocil.xml
>
> /usr/share/xml/scap/ssg/content/ssg-rhel6-oval.xml
>
> /usr/share/xml/scap/ssg/content/ssg-rhel6-xccdf.xml
>
> /usr/share/xml/scap/ssg/content/ssg-rhel7-cpe-dictionary.xml
>
> /usr/share/xml/scap/ssg/content/ssg-rhel7-cpe-oval.xml
>
> /usr/share/xml/scap/ssg/content/ssg-rhel7-ds.xml
>
> /usr/share/xml/scap/ssg/content/ssg-rhel7-ocil.xml
>
> /usr/share/xml/scap/ssg/content/ssg-rhel7-oval.xml
>
> /usr/share/xml/scap/ssg/content/ssg-rhel7-xccdf.xml
>
>
>
> The only two that seem relevant are the first two:
>
>
>
> /usr/share/xml/scap/ssg/content/ssg-amzn2-ds.xml
>
> /usr/share/xml/scap/ssg/content/ssg-amzn2-xccdf.xml
>
>
>
> But neither of them offers this scan:
>
>
>
> http://static.open-scap.org/ssg-guides/ssg-rhel7-guide-ncp.html
>
>
>
> I really want this scan:
>
> NIST 800-53 control selections for MODERATE impact systems (NIST 800-53)
>
>
>
> But if I can get the rest that would great.
>
>
>
> Thanks,
>
> -Bernie
>
>
>
>
>
>
>
>
>
>
>
> *bernie**quick *| Senior Cloud Infra Architect
>
> Aerospace and Satellite Professional Services
>
> Worldwide Public Sector | Amazon Web Services
>
> *E: *baquick at amazon.com | *M: *612-963-7742
>
> [image: signature_391156818][image: signature_1649351063]
>
>
>
>
> _______________________________________________
> Open-scap-list mailing list
> Open-scap-list at redhat.com
> https://listman.redhat.com/mailman/listinfo/open-scap-list
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/open-scap-list/attachments/20230314/06b862e0/attachment.htm>

More information about the Open-scap-list mailing list