(the following was copied and edited from the Digital Bond blog post)
Digital Bond is releasing today (January 18, 2011) the Bandolier Baseline Security Audit Files for Windows 7 and Windows 2008R2 Member Server. Like other Bandolier Security Audit Files, these work with a compliance plugin in the Nessus Vulnerability Scanner to do a low impact audit of security configuration parameters.
The Bandolier Baselines Security Audit Files only cover the security settings in the operating system, and they are a starting point for the development of ICS vendor specific Bandolier Security Audit Files. The Bandolier Baselines were developed as follows:
In addition to being useful as a starting point for vendor specific audit files, the Bandolier Baselines can be used to audit security settings on ICS that don’t yet have a Bandolier Security Audit File. Remember they are audits so they don’t change anything or try to exploit any sub-standard security settings.
The Bandolier Baselines for Windows 7 and Windows 2008R2 operating systems are the first developed by Digital Bond. In the past we used the Tenable Security developed OS audit files, with their very kind permission and support.
Based on the number of security checks in other audit files, we believe these Bandolier Baselines are by far the most comprehensive auditing of the Microsoft security recommendations for Windows 7 and 2008R2.
- Digital Bond took the Microsoft security guidance for Windows 7 and Windows 2008R2 Member Server as referenced in the NIST National Checklist Program Repository.
- They then added their recommended settings where Microsoft provided no guidance.
- And they also modified a very small number of settings where the Microsoft recommendation was not appropriate for control systems.
In addition to being useful as a starting point for vendor specific audit files, the Bandolier Baselines can be used to audit security settings on ICS that don’t yet have a Bandolier Security Audit File. Remember they are audits so they don’t change anything or try to exploit any sub-standard security settings.
The Bandolier Baselines for Windows 7 and Windows 2008R2 operating systems are the first developed by Digital Bond. In the past we used the Tenable Security developed OS audit files, with their very kind permission and support.
Based on the number of security checks in other audit files, we believe these Bandolier Baselines are by far the most comprehensive auditing of the Microsoft security recommendations for Windows 7 and 2008R2.
I think the problem with running Nessus isn't Windows servers (like this focuses on) but rather legacy systems e.g. a PLC that don't have a very robust IP stack and crash when you have more than a few TCP sessions open at one time. Then again, most people who run Nessus don't have a clue and run it in a default mode not considering the targets. It isn't the greatest at fingerprinting OSes sometimes and runs tests against systems that don't make sense e.g. runs NetBIOS checks against a linux box running samba. Regargless, if a system crashes from a stupid port scan, that is a VERY valid result i.e it's very DoS friendly. No hacker is going to dance around a fragile system, so why should you as a security professional??
ReplyDeleteOur expertise and craftsmanship is well fame and we have an extensive variety of involvement in taking care of the necessities of customers all things considered, either from office or to home. By always procuring the notoriety from our clients we are today viewed as the home interior decorators in coimbatore
ReplyDelete