Hi, I'm Jared Jennings. I work under contract as an admin at the US Air Force SEEK EAGLE Office (AFSEO). Engineers here deal with the problem of aircraft-store compatibility, where "store" means "something you put on the aircraft," like a missile, bomb or fuel tank. There's lots of modelling and simulation going on here, on Windows, Linux and Mac workstations, and Linux HPC clusters. I make the Linux and Mac stuff compliant with STIGs, and document the compliance.
So I've built CMITS (Configuration Management for IT Systems), out of Puppet, LaTeX and Python. Folks with DoD certificates can check it out from <https://software.forge.mil/svn/repos/dodpuppet/cmits-release>. Besides configuring RHEL5, RHEL6 and Snow Leopard hosts, it builds documentation that answers the questions, "Do we have everything covered? How are we complying with requirement X? Why are we not complying with requirement Y? Requirement Z says something should be written down; where is it?" Now, RHEL7 is out. Dave and Gunnar have been going on about it for months <http://dgshow.org/>. I want to run it. But I need a STIG to comply with. And here is a community where I can help build such a thing. Hello, community! -- Jared Jennings, RHCE, Network Administrator, SURVICE Engineering Co. -- SCAP Security Guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide https://github.com/OpenSCAP/scap-security-guide/
