-----Original Message----- From: Earl A Ramirez Sent: Monday, April 13, 2015 7:24
Dear CentOS Development Team,
I am interested in starting a new SIG or merging with the 'Hardening' SIG, I didn't find sufficient information about the hardening SIG. I have been on the mailing list for some years and I have noticed a number of concerns with regards to security, e.g. the default sshd_config, gnome user list and more.
I have been patching/rebuilding RHEL/Centos RPMs to comply with the STIGs. This sounds interesting.
My goal is to use the base and modify the OS with these changes and make it available for the CentOS community, I will mention this on the mailing list to get the community feedback so that they can have an opportunity to contribute, and more importantly get an OS that meets their needs, with regards to their security concerns.
I'm not too familiar with the CentOS build system, however I started to read up on it and practice to get a feel on things. Some of the things that I will like to change are as follow:
SSH: disable root (uncomment 'PermitRootLogin' and change to no) enable 'strictMode' modify 'MaxAuthTries' modify 'ClientAliveInterval' modify 'ClientAliveCountMax'
Gnome: disable Gnome user list
Console: Remove reboot, halt poweroff from /etc/security/console.app
Looking forward for your response on how can I proceed with this?
--
Kind Regards Earl Ramirez
-- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- - - - Jason Pyeron PD Inc. http://www.pdinc.us - - Principal Consultant 10 West 24th Street #100 - - +1 (443) 269-1555 x333 Baltimore, Maryland 21218 - - - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- This message is copyright PD Inc, subject to license 20080407P00.