|
|
Subscribe / Log in / New account

NSA releases Linux-based open source infosec tool (ITNews)

NSA releases Linux-based open source infosec tool (ITNews)

Posted Jul 14, 2015 20:47 UTC (Tue) by drag (guest, #31333)
In reply to: NSA releases Linux-based open source infosec tool (ITNews) by sytoka
Parent article: NSA releases Linux-based open source infosec tool (ITNews)

NSA publishes guidelines for securing Linux systems (mostly Redhat) that are often supposed to be followed when companies contract with the government. The guidelines themselves are not terrible. Some questionable stuff, bust mostly it involves common sense stuff for securing a Linux server.

This sounds like it's just a compliance testing tool so that contractors can help prove to auditors that they are meeting the requirements neccessary for their contracts. Pretty boring stuff here.

to post comments

NSA releases Linux-based open source infosec tool (ITNews)

Posted Jul 14, 2015 22:17 UTC (Tue) by sjj (guest, #2020) [Link]

Boring, yes, but stuff that can possibly save your bacon, and your company's. If you document and can show that you've secured your systems to a known public standard AT LEAST, lawsuits or certain HR discussions will be easier.

The NSA docs are decent, if partly aimed at 90's thinking. At a previous job we had a government client and they required us to remove all man pages and docs and run a virus scanner... (their checkbox got checked by a daily clamav cronjob - sigh).


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds