How were USGCB settings for RHEL5 developed?
The Department of Defense (DoD) developed the Red Hat Enterprise Linux 5 (RHEL5) configuration settings based on work represented in the National Security Agency’s “Guide to the Secure Configuration of Red Hat Enterprise Linux 5”. The configuration settings were designed for a system acting as a desktop and were field-tested on typical desktop computers. After field testing, the settings and content were submitted to the NIST National Checklist Program (NCP) as the DoD Consensus Security Configuration Checklist for RedHat Rel5 (1.0). This checklist was posted to checklists.nist.gov according to the process detailed in NIST SP800-70 Revision 1. NIST, at the request of the Federal CIO Council’s Architecture and Infrastructure Committee’s (AIC) Technology Infrastructure Subcommittee (TIS), evaluated these settings for Federal civilian agency use, normalized them as appropriate with existing USGCB recommendations, and recommended them to the TIS for consideration for Federal-wide adoption.
Related Questions
- These USGCB settings are for a desktop system, but Red Hat Enterprise Linux is often used as a server operating system. What exactly is the distinction between a desktop and a server?
- Are all RHEL5 Desktop USGCB settings applicable to all environments?
- Where should I send questions about the RHEL5 USGCB materials?
