Blog Posts Tagged with "STIG"

4085079c6fe0be2fd371ddbac0c3e7db

Red Hat 5 STIG: Kernel Modules

August 29, 2011 Added by:Jamie Adams

The new draft STIG requires entries in a configuration file to prevent the kernel from loading modules – even if the modules aren't installed on the system. Nonetheless, I have compiled a list of the required settings which must be set in your modprobe.conf configuration file...

Comments  (0)

4085079c6fe0be2fd371ddbac0c3e7db

Red Hat 5 STIG: Network Settings

August 23, 2011 Added by:Jamie Adams

I would caution administrators from rushing to add all because most are defaults. The settings must be implicitly set in the sysctl.conf config file. My recommendation is to review the entire STIG in order to define a complete sysctl.conf file, so that it can be deployed and tested all at once...

Comments  (0)

4085079c6fe0be2fd371ddbac0c3e7db

Getting Started with the New Red Hat 5 STIG

August 18, 2011 Added by:Jamie Adams

The generic UNIX STIG supported numerous UNIX and Linux distributions but never addressed Red Hat Enterprise Linux 5. For many years, this lack of support was a source of frustration for system administrators. I've completed my initial review and I want to share some of my findings and tips...

Comments  (2)

4085079c6fe0be2fd371ddbac0c3e7db

U.S. Gov Configuration Baseline for Red Hat Enterprise Linux

March 01, 2011 Added by:Jamie Adams

On February 28 the U.S. Government Configuration Baseline (USGCB) for Red Hat Enterprise Linux 5 was released. The long awaited Security Content Automation Protocol (SCAP) content is the next phase in supplanting the legacy Bourne shell scripts known as the System Readiness Review (SRR) scripts...

Comments  (0)

4085079c6fe0be2fd371ddbac0c3e7db

DISA UNIX STIG for Red Hat Enterprise Linux 5 and 6

February 10, 2011 Added by:Jamie Adams

Organizations which use Red Hat Enterprise Linux 5 and must adhere to the DISA UNIX STIG have been stuck with documentation and assessment tools which only support up to Red Hat Enterprise Linux 4. This frustrates system administrators because they must deal with false positives From SRR scripts...

Comments  (2)