Educause Security Discussion mailing list archives
Re: Security Checklists or Scripts
From: Anthony Maszeroski <maszeroskia3 () SCRANTON EDU>
Date: Fri, 16 Jan 2009 10:39:07 -0500
We've used the CIS benchmarks as well. Someday I'd like to get to a more formalized certification and accreditation process. In the meantime, I'm hoping to publish recommended baseline security standards. Holland II, Richard H wrote:
On 1/15/09 2:09 PM, "Brenda B Gombosky" <brenda.gombosky () LOUISVILLE EDU> wrote: I am interested in what others are using to check security of new servers being placed in production - Windows, Linux etc. Are you using scripts or checklists? Thanks in advance! Brenda B. Gombosky, CISSP, CISM, CHSP Director, Enterprise Security Information Technology University of Louisville Miller IT Center, Room 109 Louisville, KY 40292 (502)852-5037 (502)419-6689 We use the CIS Benchmarks scripts. They work really well and cover many of the OSes that we run. They provide pdf documents as well as script scoring tools. http://www.cisecurity.org/ -- Rick Holland rick {dot} holland {at} utdallas {dot} edu Senior Information Security Analyst The University of Texas at Dallas
-- - Anthony Maszeroski, CCNA ----------------------------------- Information Security Manager The University of Scranton email : maszeroskia3 () scranton edu phone : 570-941-4226 -----------------------------------
Current thread:
- Security Checklists or Scripts Brenda B Gombosky (Jan 15)
- <Possible follow-ups>
- Re: Security Checklists or Scripts Sarazen, Daniel (Jan 15)
- Re: Security Checklists or Scripts Holland II, Richard H (Jan 15)
- Re: Security Checklists or Scripts Anthony Maszeroski (Jan 16)