[SFS] STIG?

murph sfs@thegeek.nu
Thu, 7 Nov 2013 13:11:03 -0500


Have you taken a look here?

http://www.open-scap.org/page/Main_Page

On Thu, Nov 7, 2013 at 1:00 PM, Matt James <matuse@gmail.com> wrote:
> Hey Linuxers,
>     I've been working on performing a STIG for some systems and wondering if
> anyone else has had to deal with this stuff.  Now - Willson, calm down, I
> don't work for the DOD/NSA/etc. - but my customers have to comply with their
> standards and are asking for my help. I've found some commercial products
> that act as a scan tool and will report findings, etc. but I was wondering
> if anyone has a secret weapon they have used that might keep me from
> re-inventing the wheel.  It's not that this stuff is overly difficult - it's
> just really tedious to do 500+ checks on a system and apply the appropriate
> configuration changes.
>
> If you're unfamiliar with STIG - here:  http://iase.disa.mil/stigs/
>
> I'm doing this on RHEL / CentOS 5 machines BTW.
>
> TIA,
>
> Matt
>
> --
> Go Green!  Please do not print this e-mail unless it is completely
> necessary.



-- 
Team Amiga  New Jersey - The less that I speak, the smarter I sound.