Educause Security Discussion mailing list archives

Re: Secure Server Procedure

From: Brian Smith-Sweeney <bsmithsweeney () NYU EDU>
Date: Tue, 27 Feb 2007 11:42:16 -0500

I would suggest checking out http://www.cisecurity.com/ for these types
of standards.  You can either adopt a standards doc whole-hog, or
pick-and-choose what you think is appropriate for your purposes.

Cheers,
Brian

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Brian Smith-Sweeney      Sr. Network Security Analyst
ITS Technology Security Services, New York University
bsmithsweeney () nyu edu
http://www.nyu.edu/its/security
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Charlie D. Kutil wrote:

We are defining some new servers that we wish to classify as Secure
Servers.  We have a policy in place for server hardening, however we do
not have a step based procedure or checklist. Is anyone willing to share
their procedure for developing a Secure Server?

Thank you,
Charlie Kutil

Charlie Kutil, M.P.H., CISSP
Information Policy & Security Officer
Office of Information Technology (OIT)
Texas A&M Health Science Center
Coastal Bend Health Education Center
(O) 361-825-2805
(C) 361-876-3781

Current thread:

Secure Server Procedure Charlie D. Kutil (Feb 23)
- <Possible follow-ups>
- Re: Secure Server Procedure Chad McDonald (Feb 27)
- Re: Secure Server Procedure Brian Smith-Sweeney (Feb 27)
- Re: Secure Server Procedure Casas, Victoriano (ISO) (Feb 27)
- Re: Secure Server Procedure Jim Dillon (Feb 27)