On 20/01/12 16:40, S Ahmed wrote:
" type="cite">For hardening, what I'm ideally looking for is an example repo that has general server hardening. Typically server hardening is achieved through a combined effect of many cookbooks, and then test the applied configuration using some security auditing tool. I am actually working on a compliance cookbook at the moment, and I am evaluating the following tools; secstate sectool openvas openSCAP You can download OpenSCAP OVAL and XCCDF checklists for various platforms and run them using the OpenSCAP utils, or you can download compliance checklists in pdf format from CIS or redhat for EAL. The cookbook I am working on is for a client, so I can't release any code specific to the internal stuff, but I am going to try to release the openSCAP-utils wrapper that configures itself using chef search node roles:somegroup etc. |
Archive powered by MHonArc 2.6.16.