Security Basics mailing list archives
Re: STIG Implementation
From: Rob Riggins <rigtenzin () gmail com>
Date: Thu, 16 Aug 2012 13:56:52 -0500
My advice with the Gold Disk is to definitely not run the automated remediation process. Make the changes manually, because the remediation process can break things. But of course, you can break things manually too, but at least you will have an idea what you did, if you remediate manually. Gold Disk only reviews Windows and some installed components. The Gold Disk is being phased out this year. You have two other choices: SCAP tools and manual reviews. What other components are on the server? You will need to review those components with the corresponding STIGs too. For STIG reviews, use the STIG Viewer. It will create checklists from STIGs. After you manually run through the checklist items, you can create an export file to upload to VMS (if that's where the results are going). Will you upload the results into VMS? I could write a tiny book on this. This process can be very frustrating if you are doing it without someone guiding you. Rob On Tue, Jul 31, 2012 at 4:59 PM, <JNMiller1978 () gmail com> wrote:
Hello All, I am new to the IA field and was wondering if anyone would like to share some of their experience with STIG Implementation. I am going through them manually no as I have not gained access to Gold Disk yet. ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
-- Rob Riggins Minneapolis, MN ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- STIG Implementation JNMiller1978 (Aug 01)
- RE: STIG Implementation Cate, Jim (Aug 01)
- Re: STIG Implementation Rob Riggins (Aug 16)
- RE: STIG Implementation Keith Kooyman (Aug 17)
- RE: STIG Implementation THOMAS, DEDRIC (Aug 21)
- RE: STIG Implementation Keith Kooyman (Aug 17)