[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
shupaza: Server Hardening via Cfengine
From: |
Christian Pearce |
Subject: |
shupaza: Server Hardening via Cfengine |
Date: |
Wed, 29 Jun 2005 00:13:47 -0400 (EDT) |
I put together some thoughts on a project for converting the
Solaris Security Toolkit (SST) into a Cfengine implementation. I
hope to learn how to create cfengine configurations that will
plugin to existing cfengine configuration files or work
standalone. I chose this existing body of work so we would not
have to decide "what" the best practice is. The Solaris Security
Toolkit project in Cfengine will benefit from a Cfengine since it
can continue to check to make sure the SST policy is converged.
After that I hope to have the convention and architecture defined
to communicating other best practices via Cfengine. This way the
community can start sharing their configs more.
http://www.pearcec.com/a_shupaza.php
For now I am reading the SST code. I admit I haven't done a lot
of research to see what others have done to attempt this. I know
there are a few Cfengine configuration projects out there. I
intend to review and use them were applicable.
All input is appreciated. I will need people to write and test
the code once I have written the architecture.
--
Christian Pearce
http://www.commnav.com
http://www.perfectorder.com
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- shupaza: Server Hardening via Cfengine,
Christian Pearce <=