Classification: UNCLASSIFIED Caveats: NONE Anyone want to weigh in on this? At the very least, it would be nice if the check also accepted the value of "none", and possibly the guidance should recommend this setting.
-- Ray Shaw (Contractor, STG) Army Research Laboratory CIO, Unix Support -----Original Message----- From: Shaw, Ray V CTR USARMY ARL (US) Sent: Thursday, December 26, 2013 1:27 PM To: '[email protected]' Subject: Disable DHCP client (UNCLASSIFIED) Classification: UNCLASSIFIED Caveats: NONE The Disable DHCP client check specifies that the value of BOOTPROTO should be "static". However, this doesn't list "static" as an option: https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Deployment_Guide/s1-networkscripts-interfaces.html Should the check be for "none" instead? [Aside: I thought this might be a carryover from RHEL5, but the RHEL5 deployment guide lists the same options: https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/5/html/Deployment_Guide/s1-networkscripts-interfaces.html#s2-networkscripts-interfaces-eth0 However, all the RHEL5 clients I've checked have had it set to "static", whereas the RHEL6 clients I've checked have it set to "none". Is setting it to anything other than "bootp" or "dhcp" the equivalent of setting it to "none"? Not that I'm arguing the check should go in that direction...just wondering how we got here.] -- Ray Shaw (Contractor, STG) Army Research Laboratory CIO, Unix Support Classification: UNCLASSIFIED Caveats: NONE Classification: UNCLASSIFIED Caveats: NONE _______________________________________________ scap-security-guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
