On 6/27/12 6:18 PM, Willy Santos wrote:
Another set of CCI mappings.
Willy Santos (25):
Mapped CCI-1127 to network_ssl.
Mapped CCI-001154 to set_iptables_default_rule
Mapped CCI-001250 to kernel_module_usb-storage_disabled.
Mapped CCI-001250 to kernel_module_usb-storage_removed.
Mapped CCI-001250 to bootloader_nousb_argument.
Mapped CCI-001250 to kernel_module_usb-storage_removed.
Mapped CCI-001250 to service_autofs_disabled.
Mapped CCI-001343 to new_rule_needed.
Mapped CCI-001348 to rsyslog_remote_loghost.
Mapped CCI-001493 to met_inherently.
Mapped CCI-001494 to met_inherently.
Mapped CCI-001495 to met_inherently.
Mapped CCI-001557 to service_rsyslog_enabled
Mapped CCI-000017 to new_rule_needed.
Mapped CCI-000052 to new_rule_needed.
Mapped CCI-000053 to new_rule_needed.
Mapped CCI-000226 to met_inherently.
Mapped CCI-000386 to requirement_unclear.
Mapped CCI-001092 to requirement_unclear.
Mapped CCI-00197 to requirement_unclear.
Mapped CCI-001096 to met_inherently.
Mapped CCI-001128 to network_ssl.
Mapped CCI-001135 to network_ssl.
Mapped CCI-001135 to package_openswan_installed.
Mapped CCI-001135 to sshd_allow_only_protocol2.
rhel6/src/input/auxiliary/srg_support.xml | 5 +++--
rhel6/src/input/services/ssh.xml | 2 +-
rhel6/src/input/system/logging.xml | 4 ++--
rhel6/src/input/system/network/ipsec.xml | 2 +-
rhel6/src/input/system/network/iptables.xml | 2 +-
rhel6/src/input/system/network/ssl.xml | 2 +-
rhel6/src/input/system/permissions/mounting.xml | 10 +++++-----
7 files changed, 14 insertions(+), 13 deletions(-)
nack to the following - I think we can hash them out a bit:
- [PATCH 18/25] Mapped CCI-000386 to requirement_unclear
- [PATCH 19/25] Mapped CCI-001092 to requirement_unclear.
- [PATCH 20/25] Mapped CCI-00197 to requirement_unclear.
I responded directly to those patches to start the conversation on them.
_______________________________________________
scap-security-guide mailing list
[email protected]
https://fedorahosted.org/mailman/listinfo/scap-security-guide
