Thanks for the info and background! Some of us are going to be at the NIST IT Security Automation Conference this week in case you're planning to attend.
We're hoping for sooner than "months" for a QA'ed release candidate. Much of the development has gone a lot slower than expected, due to the overhead/formatting requirements of SCAP. That said, figuring out hot to do this the open-source way should hopefully be a one-time cost (and future releases would happen much faster). On 10/01/2012 11:52 AM, Andrew Gilmore wrote: > Date: Sun, 30 Sep 2012 14:50:15 -0400 > From: Shawn Wells <[email protected] <mailto:[email protected]>> > To: [email protected] > <mailto:[email protected]> > Subject: Re: [PATCH] Fixed typo in example iptables network/netmask > pair for limiting ssh port to trusted networks. > Message-ID: <[email protected] > <mailto:[email protected]>> > Content-Type: text/plain; charset=UTF-8; format=flowed > > On 9/28/12 1:21 PM, Andrew Gilmore wrote: > > -<pre>-A RH-Firewall-1-INPUT -s netwk /mask -m state --state NEW > -p tcp --dport 22 -j ACCEPT</pre> > > +<pre>-A RH-Firewall-1-INPUT -s netwk/mask -m state --state NEW -p > tcp --dport 22 -j ACCEPT</pre> > > Thanks for the catch! Ack > > Please push (or indicate you need someone to do so for you). > > > I don't have write access, this patch was mostly a drive by. > > Please push. > > My agency is attempting to STIG a CentOS 6 image themselves, and I both > don't have time to wait, and thought someone else was probably doing it. > I'm glad you all are, but seems like you're months out as well from > production release. I know, I know, it is done when it is done. :) > > I should probably introduce myself, as well. > I work for a Dept. of Interior agency on databases and hydrology, but > sometimes dabble here and there. :) I have contributed to the CIS > benchmarks for RHEL 5 and 6, and have all of two lines of code in the > linux kernel. :) > > Thanks, > > Andrew > > > > _______________________________________________ > scap-security-guide mailing list > [email protected] > https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide _______________________________________________ scap-security-guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
