DoD STIG compliance?
David Hoskins
My initial thought is to put it on FreeIPA in order to comply with the authentication portion, but not much else. Has anyone been through one of these inspections with a SO server? What happened?
Thanks
-Dave
Doug Burks
I can tell you that Security Onion has an Army Certificate of
Networthiness (CoN) if that helps.
> Follow Security Onion on Twitter!
> https://twitter.com/securityonion
> ---
> You received this message because you are subscribed to the Google Groups "security-onion" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to security-onio...@googlegroups.com.
> To post to this group, send email to securit...@googlegroups.com.
> Visit this group at https://groups.google.com/group/security-onion.
> For more options, visit https://groups.google.com/d/optout.
--
Doug Burks
Jay Hawk
This will depend on the policies of your command and the level of risk they are willing to accept for it to be added to their approved software list. This should go without saying but, when connected to the DODIN, never add software to a network that you have not verified is approved.
Also, there are STIGs for RHEL but (to my knowledge) not for Ubuntu or SecurityOnion. https://iase.disa.mil/stigs/scap/pages/index.aspx
That said, if you send me a message from your .mil email address I can provide you with some additional information. As SOP's and TTP's would at a minimum be considered For Official Use Only and should not discussed in a public forum.
id1010terror [at] gmail [dot] com
Thanks,
Jay
David Hoskins
I do have RHEL and CENTOS vm's that are locked up tight. Can I install an instance of SO to it? Will it be more trouble than it is worth?
Thanks
David Hoskins
Roger
There isn't any current guidance on Ubuntu. For anyone in the future reading this, I would say to use the general OS guidance if the DAA isn't willing to accept SO as is.