-1

I just installed OpenSCAP Benchmark scanner on a CentOS7 box I had stigged by hand. There are a huge number of false positives showing up and I'm not sure if it's a bug or somehow it's not remediated when it should be.

I followed the STIGs from STIGViewer directly from DISA and it includes what commands or things to do for remediation so I have a hard time believing a lot of these findings.

I can provide some examples if need be. Please let me know if this is somehow normal or where I can go to submit bugs.

Jean
  • 1
  • Please take a look at the argument I make [here](https://serverfault.com/a/737872/37681) which may be related to your observations. – HBruijn Sep 19 '18 at 16:31

1 Answers1

0

Which version of OpenSCAP do you use? Do you use SCAP files provided by DISA or files from "scap-security-guide" RPM package and which version? False positives are likely to happen, especially in special workloads, but "a huge number" is not normal. Could you provide an example?

Jan Cerny
  • 141
  • 1