AdminSysGNULinux

Outils pour utilisateurs

Outils du site

Piste : notes_commande_calendar pb_ssh_long_lent notes_windows_manager script_bash_fonctions_envrac pb_https_ocsp_certificat_ssl_tls_revoque notes_openstack_-_horizon_web_ui scriptinitsysvroot dns_script_check_bind9 notes_web_-_client-side_rendering_-_csr notes_ids
tech:notes_ids

Notes IDS

Voir aussi :

  • OSSEC
  • EDR (Endpoint detection and response)

CrowdSec https://linuxfr.org/news/detectez-et-bloquez-les-tentatives-d-exploitation-de-log4j-avec-crowdsec

open-scap / oscap

oscap info /usr/share/xml/scap/ssg/content/ssg-rhel8-ds.xml
 
oscap-ssh root@plop 22 xccdf --profile pci-dss --report /tmp/report.html /usr/share/xml/scap/ssg/content/ssg-rhel8-ds.xml

Scanning the system for configuration compliance and vulnerabilities

Source : https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/security_hardening/scanning-the-system-for-configuration-compliance-and-vulnerabilities_security-hardening 

wget -O - https://www.redhat.com/security/data/oval/v2/RHEL8/rhel-8.oval.xml.bz2 | bzip2 --decompress > rhel-8.oval.xml
oscap oval eval --report vulnerability.html rhel-8.oval.xml

Voir :

  • xccdf

Report au format ARF ou HTML

tech/notes_ids.txt · Dernière modification : de Jean-Baptiste
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki