I am attempting to secure a RHEL 5 64bit system. I am modifying the stig.rules file to use as the audit.rules file. The NSA guide identifies some rules requiring the ARCH value to be either 64b or 32b. Some existing rules have both OS versions being audited. Should I leave both available even though my system is 64b or should I only use the 64b options?
Thanks Gene Rye
-- Linux-audit mailing list [email protected] https://www.redhat.com/mailman/listinfo/linux-audit
