From mboxrd@z Thu Jan  1 00:00:00 1970
From: Brian LaMere <brianl@clinicomp.com>
Subject: Re: no logging of successful events?
Date: Mon, 18 Aug 2008 15:13:58 -0700
Message-ID: <1219097638.6522.74.camel@orpheus.clinicomp.com>
References: <1219086574.6522.8.camel@orpheus.clinicomp.com>
	<200808181607.55239.sgrubb@redhat.com>
	<1219092199.6522.48.camel@orpheus.clinicomp.com>
	<200808181652.24871.sgrubb@redhat.com>
Mime-Version: 1.0
Content-Type: text/plain
Content-Transfer-Encoding: 7bit
Return-path: <linux-audit-bounces@redhat.com>
In-Reply-To: <200808181652.24871.sgrubb@redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/listinfo/linux-audit>,
	<mailto:linux-audit-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/linux-audit>
List-Post: <mailto:linux-audit@redhat.com>
List-Help: <mailto:linux-audit-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/linux-audit>,
	<mailto:linux-audit-request@redhat.com?subject=subscribe>
Sender: linux-audit-bounces@redhat.com
Errors-To: linux-audit-bounces@redhat.com
To: Steve Grubb <sgrubb@redhat.com>
Cc: linux-audit@redhat.com
List-Id: linux-audit@redhat.com

> possible with a real life security target people have to meet. I don't have 
> any feedback from disa as to whether or not they like it. :)

I have an "official" position (SYSIAO) that requires I interact with
those darn things constantly.  Plus, the errors in the guides actually
cause me significant problems during scanning, with false positives and
such (because they exist in the automated scan tools too).

So, I've begun looking into getting feedback to/from the drafters of the
UNIX Checklist; I'll let you know if anything comes of it.

Brian