- 安装
[root@localhost ~]# yum install scap-security-guide -y
- 修改配置
如果使用的是 redhat 则可以跳过此步
[root@localhost ~]# sed -i -e "s#<platform>Red Hat Enterprise Linux 6</platform>#<platform>CentOS 6</platform>##g" /usr/share/xml/scap/ssg/content/ssg-rhel6-cpe-oval.xml
[root@localhost ~]# sed -i -e "s#cpe:/o:redhat:enterprise_linux:6#cpe:/o:centos:centos:6##g" /usr/share/xml/scap/ssg/content/ssg-rhel6-cpe-oval.xml
[root@localhost ~]# sed -i -e "s#cpe:/o:redhat:enterprise_linux#cpe:/o:centos:centos##g" /usr/share/xml/scap/ssg/content/ssg-rhel6-xccdf.xml
-
评估PCI DSS合规的内容
oscap xccdf eval --results results.xml --profile xccdf_org.ssgproject.content_profile_pci-dss /usr/share/xml/scap/ssg/content/ssg-rhel6-ds.xml
- 生成HTML的报告
oscap xccdf generate report --output report.html results.xml