On Wed, 2015-04-22 at 10:16 +0200, Tim wrote: > I think, this SIG would/should care about hardening CentOS itself as a system not a complete environment (proxies, firewalls, etc.) > The examples of the opener show this. > > Something else could be integrity checking possibly. > > I imagine a tool/script that could apply hardening stuff. > > Regards > Tim > > Am 22. April 2015 09:23:52 MESZ, schrieb Eero Volotinen <eero.volotinen at iki.fi>: > >Sounds like a bit basic stuff? How about hardening ciphers, two factor > >authentication, snort, web application firewall and scap scanning? > > > >Eero > >22.4.2015 10.14 ap. "Andrew Holway" <andrew.holway at gmail.com> > >kirjoitti: > > > >> SELinux? > >> > >> On 22 April 2015 at 09:11, John R Pierce <pierce at hogranch.com> wrote: > >> > >> > On 4/21/2015 11:34 PM, Eero Volotinen wrote: > >> > > >> >> apply also ideas from this document: > >> >> > >https://benchmarks.cisecurity.org/downloads/show-single/?file=rhel6.130 > >> >> > >> > > >> > that should be your baseline. I suspect you'll find all the > >things you > >> > mentioned are discussed in the CIS benchmarks. > >> > > >> > > >> > > >> > > >> > > >> > -- > >> > john r pierce, recycling bits in santa cruz > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos Thanks for all of your input guys, there were some discussion on the centos-devel list [0], which will give you a better idea of what this SIG will aim to accomplish. We will be happy to see you guys over on the centos-devel list and if possible chip in to make this SIG a success. [0] http://lists.centos.org/pipermail/centos-devel/2015-April/013280.html -- Earl A Ramirez <earlaramirez at gmail.com>