Highest Voted 'stig' Questions

9

votes

3 answers

DoD Password Complexity: Users cannot reuse any of their previous X passwords

I have seen a couple of posts on this, but I haven't seen a definitive answer necessarily. Therefore, I thought I would try to restate the question in a new context (Department of Defense). According to DISA's "Application Security and Development…

asked Feb 24 '13 at 09:52

Logan B. Lehman

4,867
7
32
45

6

votes

3 answers

Interpreting Fortify results file (.fpr) through command line

As part of automating the process of running secure code analysis, I have a Jenkins job which uses the sourceanalyzer command line tool to generate an .fpr results file. At the moment I'm opening this results file in Audit Workbench application to…

fortify stig

asked May 13 '16 at 16:49

Gary O' Donoghue

362
2
4
15

2

votes

1 answer

How do I print child nodes on a DISA STIG XML document?

I'm working with DISA STIG xml files, and having some issues. They use an XSL stylesheet file, so when I do a get-content on it all I get is three properties (Benchmark, xml, xml-stylesheet), zero child nodes. I've been looking for DAYS now how to…

xml powershell xslt stig

asked Mar 07 '18 at 14:01

Matthew Hunt

33
1
5

2

votes

2 answers

Is there any method or tool for comparing STIG versions?

Is there an automated way to compare old STIGS to new STIGS? For example, if I'm using Java 7 and the newer version Java 8 comes out, I want to compare the two to see what's changed. Currently I'm doing this manually and it's very painful. Is there…

java stig

asked Apr 21 '16 at 19:57

Jay

21
4

2

votes

3 answers

Is Entity Framework with LINQ compliant with this STIG?

I am working on a project for DoD by using Microsoft's MVC and all other related technologies. For the security purpose, I have to follow the Security Technical Implementation Guide (STIG). In version 3, Release 9, section 3.10.1, it…

c# asp.net-mvc entity-framework stig

asked Dec 02 '14 at 18:52

HorseKing

454
6
19

1

vote

1 answer

Ansilbe XML searching for STIGs

I am working with DISA STIGs and trying to use Ansible to scan a system then populate the information in the XML STIG checklist. The problem is the XML schema is not the easiest. It is a very flat design which means I need to search for a something…

xml ansible stig

asked Feb 21 '23 at 16:19

Kio

23
4

1

vote

0 answers

Failing at creating a Network (EOS/IOS) playbook to validate STIG requirement

Network guy pretending to "code"...(insert laughter/shame here). I am trying to create a playbook full of STIG requirements. I would like to be able to run this playbook against network devices, then easily copy the results into our the .ckl…

ansible yaml stig

asked Apr 17 '20 at 19:08

andrew.howell

11
2

1

vote

1 answer

Why is the 'hosts' field missing from this Ansible playbook?

When running my script I keep getting "ERROR! the field 'hosts' is required but was not set". Can anyone please tell me what it is that I am missing. I am currently trying to implement DISA stig hardening on to 2 centos 6 virtual machines. --- -…

ansible stig

asked Jul 12 '16 at 15:27

Chris Davis

11
1

1

vote

1 answer

How do I find a value based on a text match from another sheet?

I have two standards, ISO and STIG. I am trying to match the ISO policy to STIG policy based on the common text. The text in ISO document is in its own cell. The text in STIG is buried in the paragraph. Example ISO document: |3.1.1.1 | Enforce…

excel excel-formula excel-2010 stig

asked Jan 09 '14 at 02:48

mr.buttons

685
1
9
18

0

votes

1 answer

Asking for assistance with editing STIG CKL file with python

Trying to edit a CKL file, which is really just an XML file. I am using the following python script.... import xml.etree.ElementTree as ET #Load the STIG into a tree structure stig_file = "STIG.ckl" tree = ET.parse(stig_file) root =…

python stig

asked Mar 14 '23 at 13:06

BigJ

1
2

0

votes

0 answers

RHEL UBI8.6-FIPS: yum install aide -> No match for argument: aide

BLUF: I want to install AIDE via package manager but yum is not able to find the rpm SYSTEM SETUP: Docker image/container of RHEL UBI8.6-FIPS running on Ubuntu 20.04 DISA-STIG compliant FIPS enabled HOST. AppStream repo is enabled. DISCLAIMER: I am…

yum aide stig

asked Jan 25 '23 at 09:18

Craig Opie

13
2

0

votes

1 answer

Running STIGViewer on a Mac

I'm trying to run DISA's STIGViewer on my Mac. It is a JAR file, and I have Java installed on my system. Double-clicking on the file does not work, and neither does launching it from the command line. % java -jar…

java macos stig

asked May 12 '22 at 20:20

shepster

339
3
13

0

votes

1 answer

Displaying login information in ColdFusion application. STIG ID APP3660

I am the ISSE for a custom web application for the DoD and we need to display the following information to each user in their home screen: Unsuccessful Logon: Date Time IP Address Successful Logon: Date Time IP Address My developer can't figure it…

security authentication iis coldfusion stig

asked Aug 29 '14 at 17:09

cabo

1

Questions tagged [stig]