> -----Original Message----- > From: Earl A Ramirez > Sent: Monday, April 13, 2015 7:24 > > Dear CentOS Development Team, > > I am interested in starting a new SIG or merging with the > 'Hardening' SIG, I didn't find sufficient information about > the hardening SIG. I have been on the mailing list for some > years and I have noticed a number of concerns with regards to > security, e.g. the default sshd_config, gnome user list and more. I have been patching/rebuilding RHEL/Centos RPMs to comply with the STIGs. This sounds interesting. > > My goal is to use the base and modify the OS with these > changes and make it available for the CentOS community, I > will mention this on the mailing list to get the community > feedback so that they can have an opportunity to contribute, > and more importantly get an OS that meets their needs, with > regards to their security concerns. > > I'm not too familiar with the CentOS build system, however I > started to read up on it and practice to get a feel on > things. Some of the things that I will like to change are as follow: > > SSH: > disable root (uncomment 'PermitRootLogin' and change to no) > enable 'strictMode' > modify 'MaxAuthTries' > modify 'ClientAliveInterval' > modify 'ClientAliveCountMax' > > Gnome: > disable Gnome user list > > Console: > Remove reboot, halt poweroff from /etc/security/console.app > > > Looking forward for your response on how can I proceed with this? > > > > -- > > Kind Regards > Earl Ramirez > > -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- - - - Jason Pyeron PD Inc. http://www.pdinc.us - - Principal Consultant 10 West 24th Street #100 - - +1 (443) 269-1555 x333 Baltimore, Maryland 21218 - - - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- This message is copyright PD Inc, subject to license 20080407P00.