Educause Security Discussion mailing list archives
Re: Security Guides, Standards, Benchmarks?
From: Brad Judy <Brad.Judy () COLORADO EDU>
Date: Wed, 30 Jan 2008 15:15:12 -0700
Many of the OS and application vendors publish good security guides for their products. Microsoft, Apple and Red Hat have all published OS security guides for their products. Here are some links: http://images.apple.com/server/pdfs/Tiger_Security_Config.pdf http://images.apple.com/server/pdfs/Tiger_Server_Security_Config.pdf http://www.redhat.com/docs/manuals/enterprise/RHEL-4-Manual/pdf/Security _Guide-450.pdf http://www.redhat.com/docs/manuals/enterprise/RHEL-5-manual/en-US/RHEL51 0/pdf/Deployment_Guide.pdf http://www.microsoft.com/technet/security/prodtech/windows2000/secwin2k/ default.mspx http://www.microsoft.com/technet/security/prodtech/windowsserver2003/w20 03hg/sgch00.mspx http://www.microsoft.com/technet/windowsvista/security/guide.mspx http://www.microsoft.com/technet/security/prodtech/windowsxp/secwinxp/de fault.mspx I don't have a list of vendor application and/or database security guides sitting around, but I'm sure there are a number of them. NIST is charged with much of this for the federal government and they have all of their checklists here: http://checklists.nist.gov/ This includes checklists from CIA, NSA and more. It's a good resource. Brad Judy IT Security Office University of Colorado at Boulder
-----Original Message----- From: Drake, Craig [mailto:c-drake () NEIU EDU] Sent: Wednesday, January 30, 2008 2:27 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Security Guides, Standards, Benchmarks? In a previous thread people mentioned the following websites for various Security Configuration Guides and Benchmarks. http://www.cisecurity.org/ http://www.nsa.gov/snac/downloads_all.cfm These are great resources and I have used them from time to time. I was wondering if anybody had other similar sources for Security Configuration Guides that would be useful to share with the rest of the group? Thanks, -Craig Craig Drake Senior Systems Administrator Networking and Distributed Services Northeastern Illinois University Email: c-drake () neiu edu
Current thread:
- Security Guides, Standards, Benchmarks? Drake, Craig (Jan 30)
- <Possible follow-ups>
- Re: Security Guides, Standards, Benchmarks? Brad Judy (Jan 30)
- Re: Security Guides, Standards, Benchmarks? Havens, Ben (Jan 30)