I am very interested. One of my suggestions: Firewall: Network based firewall zone assignment (possibly disabling interface based assignment) Regards Tim Am 22. April 2015 07:13:52 MESZ, schrieb Earl A Ramirez <earlaramirez at gmail.com>: >Dear All, > >About a week ago; I posted a proposal over on the centos-devel mailing >list, the proposal is for a SIG 'CentOS hardening', there were a few of >the members of the community who are also interested in this. >Therefore, >I am extending that email to this community; where there is a larger >community. > >Some things that we will like to achieve are as follows: >SSH: >disable root (uncomment 'PermitRootLogin' and change to no) >enable 'strictMode' >modify 'MaxAuthTries' >modify 'ClientAliveInterval' >modify 'ClientAliveCountMax' > >Gnome: >disable Gnome user list > >Console: >Remove reboot, halt poweroff from /etc/security/console.app > >Applying security best practises from various compliance perspective, >e.g. STIG, SOX, PCI etc... We may also use NSA RHEL 5 secure >configuration guide to get some insight or use it as a baseline. The >members of the community who are interested in this SIG or are willing >to contribute are: >Leam Hall >Corey Henderson >Jason Pyeron > >You can find the post here [0] > >We will really like to get SIG approved by the CentOS board so if >anyone >is interested or willing to contribute we will be happy to have you >onboard. > >[0] >http://lists.centos.org/pipermail/centos-devel/2015-April/013197.html > >-- >Earl A Ramirez <earlaramirez at gmail.com> > >_______________________________________________ >CentOS mailing list >CentOS at centos.org >http://lists.centos.org/mailman/listinfo/centos