Educause Security Discussion mailing list archives
Security Feature Configuration Standards, Guides, and Tools - Survey
From: Jim Moore <jhmfa () RIT EDU>
Date: Fri, 2 Aug 2002 10:11:03 -0400
Hello all, My apologies for double mailings for those of you on both mailing lists. I am. And I might say an advance word of thanks for those of you sharing on these lists. It has been enlightening. We are doing some research into creating baselines for configuration of operating systems security features. There have been some questions as to the need for standards. I have noticed that some people don't have standards but provide the SANS Step By Step guides as tools for members of their community to use. If you can answer the following in line, and send it back to me (not the list), I will summarize it. Are you willing to have this published in RIT documentation (as references)? Do you want the summary of this published back to this list? I would like to find out the following: 1) Do you have baselines or standards for the configuration of operating systems security features? If, Yes, is it a standard or a baseline? When did you start your development efforts? Are you willing to share them (with attribution)? A URL? (Attachments?) If, Yes, for which operating systems Windows 95/98/ME Windows NT Windows 2000 Windows XP Linux Do you differentiate between versions of Linux? Apple OS9.x OS X Solaris 7 8 9 Other Do you have other security related standards/baselines? (URLs if you are willing to share) Firewalls Web server configuation Mail server/relay configuration Wireless networking If you don't have standards or baselines, do you offer configuration guidelines to your campus? Do you offer the SANS Step By Step guides? Windows 2000 Solaris Do you offer security tools? Anti-Virus Personal Firewall Other Are all tools offered supported (or are they just available?) My last question is not related to configuration but incident handling. Do you have an incident handling procedure documented? Is it tied to a policy or standards? Thanks for your time!!! Jim Moore Information Security Officer Rochester Institute of Technology 13 Lomb Memorial Drive Rochester NY 14623-5603 585-475-5406 585-233-3802 (cell) ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/memdir/cg/.
Current thread:
- Security Feature Configuration Standards, Guides, and Tools - Survey Jim Moore (Aug 02)