This is pretty accurate: http://www.corsec.com/fips-services/fips-federaldirectives/
On Thu, May 22, 2014 at 9:00 PM, Spencer Shimko <[email protected]>wrote: > On Thu, May 22, 2014 at 5:06 PM, Shawn Wells <[email protected]> wrote: > > > > On 5/22/14, 3:43 PM, Derek Warner wrote: > >> > >> Any chance anyone is working on getting SCAP to work on CENTOS? I would > >> love to use the scap security guide and secstate to validate CENTOS 6.5. > >> Right now its a manual process going line by line in the RHEL 5 STIG. I > >> would really love to find out if anyone has anything automated that > works on > >> CENTOS. > > > > > > Given that CentOS isn't allowed on DoD networks, there is no STIG, no > common > > criteria, no support, and doesn't meet any of the mandatory regulatory > > requirements, what's driving the need? > > I apologize as I replied elsewhere but should have read through the > entire thread first. > > Shawn, what leads you to believe CentOS isn't allowed on DoD networks? > The 8500.1 section 4.19 makes the contrary quite clear to me - CentOS > (et al) are acceptable component in a solution when it comes to > meeting a compelling operational requirement. Perhaps I'm > misinterpreting that document though. > > Thanks, > --Spencer > _______________________________________________ > scap-security-guide mailing list > [email protected] > https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide > -- Trevor Vaughan Vice President, Onyx Point, Inc (410) 541-6699 [email protected] -- This account not approved for unencrypted proprietary information --
_______________________________________________ scap-security-guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
