Re: [Fed-Talk] Draft DISA STIG for OSX 10.6 now available
Re: [Fed-Talk] Draft DISA STIG for OSX 10.6 now available
- Subject: Re: [Fed-Talk] Draft DISA STIG for OSX 10.6 now available
- From: "Link, Peter R." <email@hidden>
- Date: Tue, 04 Oct 2011 15:31:00 -0700
- Acceptlanguage: en-US
- Thread-topic: [Fed-Talk] Draft DISA STIG for OSX 10.6 now available
The whole Apple/NIST/Army/? SCAP project is supposed to be dealing with this. They are supposed to be working on the configuration settings, creating the various SCAP content stuff, then giving us some status. From what I've seen, the DoD STIG only contains the XCCDF content, which isn't enough for full automated SCAP usage. I know there are people on this list that have knowledge of this project who could update us on it, however, they seen to be keeping pretty quiet lately.
I personally don't know the status of this project.
On Oct 4, 2011, at 3:11 PM, Dan Beatty wrote:
> Greetings Allan and gang,
> Does anybody know what the channels (proper or otherwise) to get on the
> contributing side of this NIST STIG? Obviously, there are a lot of errors.
> They could be attributed to Linux v/s Mac OSX differences. They could be
> attributed to a particular distribution of Linux. Whatever the case, it
> helps for us to get it right.
>
> It would be even better for us to come up with a project to make an
> automated Cocoa STIG configuration tool that will help us manage these
> things. Naturally, having an install package would be good, too. We can
> build that. What we need are the contacts at NIST to help make this happen.
>
> Is there anyone that can help?
>
> Thank you,
>
> --
> Daniel Beatty
> Information Assurance Officer (IAO), Energetics Research Division
> Code 474300D
> 1 Administration Circle M/S 1109
> China Lake, CA 93555
> email@hidden
> (LandLine) (760)939-7097
> (iPhone) (806)438-6620
>
>
>
> On 9/16/11 3:02 PM, "Marcus, Allan B" <email@hidden> wrote:
>
>> Wow, lot's a technical errors. Much of it is good, but lots was copied
>> over from a Linux STIG with no Mac knowledge. I just submitted technical
>> comments. I got up to V-25204 and conked out.
>>
>> -Allan
>>
>> From: "O'Donnell, Dan" <email@hidden>
>> Date: Fri, 2 Sep 2011 17:43:49 -0600
>> To: "email@hidden" <email@hidden>
>> Subject: [Fed-Talk] Draft DISA STIG for OSX 10.6 now available
>>
>>
>> New draft DISA Secure Technical Implementation Guideline for OSX 10.6,
>> version 1.0, UNCLAS has been released on DISA's public internet site.
>> <http://iase.disa.mil/stigs/os/mac/mac.html>
>> (Note that this set of documents was prepared before the recent DigiNotar
>> vulnerability.)
>>
>> 1.
>> DISA FSO has developed the draft MAC OSX 10.6 STIG. The STIG is available
>> on
>> the NIPRNet at
>> http://iase.disa.millstigs/os/mac/mac.html
>> <http://iase.disa.millstigs/os/mac/mac.html> for your review and comments.
>>
>> 2.
>> The STIG requirements were derived from the MAC OSX 10.6 Snow Leopard
>> Security Guide published by Apple Corporation and in collaboration with
>> DoD consensus team. DISA FSO is disseminating the draft STIG to provide
>> an opportunity for your review and feedback/comments prior to the STIG
>> release. Please note, any requests for changes to a baseline requirement
>> must be coordinated/approved by the DoD consensus group before we can
>> implement the change in the STIG.
>>
>> 3.
>> Please provide comments, recommended changes, and/or additions to the
>> draft STIG
>> by
>> 19 September 2011 on
>> the Comment Matrix spreadsheet. The spreadsheet is available at:
>> http://iase.disa.millstigs/os/mac/mac.html. Comments should be sent via
>> NIPRNet email to:
>> email@hidden. Include the title and version
>> of
>> the STIG in the subject line of
>> your email.
>>
>>
>>
>>
>>
>> __________________________________________________________________________
>>
>> This email message is for the sole use of the intended recipient(s) and
>> may contain confidential information. Any unauthorized review, use,
>> disclosure or distribution is prohibited. If you are not the intended
>> recipient, please contact the sender by reply email and destroy all copies
>> of the original message.
>>
>> _______________________________________________
>> Do not post admin requests to the list. They will be ignored.
>> Fed-talk mailing list (email@hidden)
>> Help/Unsubscribe/Update your Subscription:
>>
>> This email sent to email@hidden
>
> _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> Fed-talk mailing list (email@hidden)
> Help/Unsubscribe/Update your Subscription:
>
> This email sent to email@hidden
Peter Link
Cyber Security Analyst
Cyber Security Program
Lawrence Livermore National Laboratory
PO Box 808, L-315
Livermore, CA 94550
email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden