Linux system administration methodology or best pratice
Kenneth Holter
kenneho.ndu at gmail.com
Fri Sep 4 11:13:54 UTC 2009
We've actually implemented pretty much all of the Bastille functionality in
our system admin tool (puppet). So instead of running bastille we let puppet
handle this sort of thing. This way it's pretty easy to add or remove
security policies without having to make changes to a script like bastille.
On 8/30/09, mark <m.roth at 5-cent.us> wrote:
>
> Kristopher Kane wrote:
> > Hello,
> >
> > The U.S. NSA has two guides on securing RHEL5:
> >
> >
> http://www.nsa.gov/ia/guidance/security_configuration_guides/operating_systems.shtml#linux2
>
> Consider Bastille Linux. It's not a distro, but a set of hardening scripts
> that
> I understand NIST's recommendations on hardening use most of. I've used it
> on
> my own firewall/router, and have been on broadband since 98 or 99, and to
> the
> best of my knowledge, have never had an intrusion.
>
> mark
>
> --
> >From CNN (11/19/2008): "Retiring GOP Congressman Tom Davis memorably
> declared
> that if Republicans were a dog food, they'd be pulled off the shelves."
>
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
>
More information about the redhat-list
mailing list