AIX Open Source

 View Only
  • 1.  openscap for AIX?

    Posted Wed August 05, 2020 01:34 AM
    Hi,

    could You imagine to provide us with openscap for AIX?
    On Linux this tool generates great reports which I need for external crontrollers.

    Thanks

    ------------------------------
    Opensource the Planet ;-)
    ------------------------------


  • 2.  RE: openscap for AIX?

    Posted Thu August 06, 2020 06:21 AM
    Hi Martin,

    We have looked in past for porting openscap on AIX but encountered some Linux specific code in packages.
    Hence it is difficult to port this packages.
    Right now we do not have plan to pursue it further because of Linux specific requirement from package.

    ------------------------------
    SANKET RATHI
    ------------------------------



  • 3.  RE: openscap for AIX?

    Posted Thu August 06, 2020 08:06 AM
    Hi,

    Thanks for the information.
    I will have a look from time to time on the openscap project site - maybe they will consider a better integration with AIX.

    Thank You
    Martin

    ------------------------------
    Opensource the Planet ;-)
    ------------------------------



  • 4.  RE: openscap for AIX?

    Posted Fri August 07, 2020 04:15 AM
    Try inspec https://inspec.io or https://www.power-devops.com/chef-inspec. You don't need any agent on AIX, just an SSH connection to it and it also generates reports for auditors.

    ------------------------------
    Andrey Klyachkin
    ------------------------------



  • 5.  RE: openscap for AIX?

    Posted Thu August 27, 2020 04:50 PM
    Have you looked into aixpert?​

    ------------------------------
    Bruce Landrum
    ------------------------------



  • 6.  RE: openscap for AIX?

    Posted Fri August 28, 2020 03:59 AM
    Hi, thanks for the hint. We know the tool but the idea was to use one tool for Linux and AIX.

    AIX has another great option - PowerSC - which You can use for Reporting and setting baselines. But You still habe to do a lot on the command line. I'm testing this at the moment.

    But first of all we have 300 AIX LPAR's and 600 Linux systems - and while the number of AIX images is decreasing, Linux is becoming more and more.
    The other thing is that the staff responsible for those AIX and Linux installations was reduced. We are now 5 experienced admins and another one is new and still learning.
    And because we also manage the disk subsystems, the SAN infrastructure and the backup infrastructure (Spectrum Protect), we want to keep that as simple as possible.

    Another option we evaluate at the moment ist Nessus. Works fine for Vulnerability Management but it seems to has a bug for compliance scans regarding our SSH/sudo configuration.

    Thanks

    ------------------------------
    Opensource the Planet ;-)
    ------------------------------