[Offtopic] US Gov computer security checklists

stephen at melbpc.org.au stephen at melbpc.org.au
Fri May 9 06:51:03 EST 2008


The US Government 'National Vulnerability Database' http://nvd.nist.gov

The US Government tasks the National Institute of Standards and Technology 
(NIST) to "develop, and revise as necessary, checklists setting forth 
settings and option selections that minimize the security risks associated 
with each computer hardware or software system that is, or is likely to 
become widely used within the US Federal Government.

The National Checklist Program (NCP) is the U.S. government repository of 
publicly available security checklists (or benchmarks) that provide 
detailed guidance on setting the security configuration of operating 
systems and applications."

For example, here's what they say about their WinXP security checklist:

(Note: they also have security checklists for the flavours of *nix)

--
NIST Special Publication 800-68 has been created to assist IT 
professionals, in particular Windows XP system administrators and 
information security personnel, in effectively securing Windows XP 
Professional systems. 

It discusses Windows XP and various application security settings in 
technical detail. The guide provides insight into the threats and security 
controls that are relevant for various operational environments, such as 
for a large enterprise or home office. It describes the need to implement 
and test security controls, as well as to monitor and maintain systems on 
an ongoing basis. It presents an overview of the security components 
offered by Windows XP and provides guidance on installing, backing up, and 
patching Windows XP systems. It discusses security policy configuration, 
provides an overview of the settings in the accompanying security 
templates, and discusses how to apply additional security settings that 
are not included in the NIST security templates. It demonstrates securing 
popular office productivity applications, Web browsers, e-mail clients, 
personal firewalls, antivirus software, and spyware detection and removal 
utilities on Windows XP systems to provide protection against viruses, 
worms, Trojan horses, and other types of malicious code..
--

Message sent using MelbPC WebMail Server





More information about the offtopic mailing list