[mdlug] Cool benchmark website from mdlug meeting
David Wood
dwood169 at gmail.com
Sat Feb 2 16:45:07 EST 2013
Its just how to secure the os/app or whatever. You don't need to sign up.
When it request your info just enter some generic stuff so it let you
procede.
On Feb 2, 2013 9:01 AM, "Mat Enders" <mat.enders at gmail.com> wrote:
> They're just going to tell you how to lock it down
>
>
> On Sat, Feb 2, 2013 at 8:59 AM, Carl T. Miller <carl at carltm.com> wrote:
>
> > Thanks, Mat. That sounds like a winner. I want to see
> > what they have to say about Red Hat.
> >
> > c
> >
> >
> >
> > On 02/02/2013 08:57 AM, Mat Enders wrote:
> >
> >> Let click one page deep on their site for you and copy out the relevant
> >> statement.
> >>
> >>
> >> The CIS Benchmarks are the *only* consensus-based, best-practice
> security
> >>
> >> configuration guides both developed and accepted by government,
> business,
> >> industry, and academia.
> >>
> >> The Benchmarks are:
> >>
> >> - Recommended technical control rules/values for hardening operating
> >>
> >> systems, middleware and software applications, and network devices;
> >> - Unique, because the recommendations are defined via consensus
> among
> >>
> >> hundreds of security professionals worldwide;
> >> - Downloaded several hundred thousand times per year;
> >> - Distributed free of charge by CIS in .PDF format (many benchmarks
> >> are
> >>
> >> also available to CIS Security Benchmarks Members
> >> inXCCDF<http://scap.nist.gov/**specifications/xccdf/<
> http://scap.nist.gov/specifications/xccdf/>
> >> >,
> >>
> >> a machine-readable XML format for use with benchmark assessment
> >> tools<http://benchmarks.**cisecurity.org/downloads/**audit-tools/<
> http://benchmarks.cisecurity.org/downloads/audit-tools/>>
> >> and
> >> Members' custom scripts);
> >> - Used by thousands of enterprises as the basis for security
> >>
> >> configuration policies and the de facto standard for IT
> configuration
> >> best
> >> practices.
> >>
> >>
> >>
> >> On Sat, Feb 2, 2013 at 8:52 AM, Carl T. Miller<carl at carltm.com> wrote:
> >>
> >> On 01/12/2013 02:21 PM, Tony Bemus wrote:
> >>>
> >>> David Wood talked about this website during the meeting and it looked
> >>>> realy cool and useful for business:
> >>>>
> >>>> http://benchmarks.cisecurity.****org/<http://benchmarks.**
> >>>> cisecurity.org/ <http://benchmarks.cisecurity.org/>>
> >>>>
> >>>>
> >>>> Just catching up on email for the last month.
> >>>
> >>> I took a quick look at this site and wondered what it's all about.
> >>>
> >>> When I think of benchmarks, I think of specs that tell how something
> >>> is performing. But if this is about security, I would expect it
> >>> would have best practices for securing servers. Is that what they
> >>> mean by a benchmark?
> >>>
> >>> I'd like a better description of what they provide before I sign up
> >>> for an account. So...what exactly do they provide?
> >>>
> >>> c
> >>> ______________________________****_________________
> >>> mdlug mailing list
> >>> mdlug at mdlug.org
> >>> http://mdlug.org/mailman/****listinfo/mdlug<
> http://mdlug.org/mailman/**listinfo/mdlug>
> >>> <http://mdlug.**org/mailman/listinfo/mdlug<
> http://mdlug.org/mailman/listinfo/mdlug>
> >>> >
> >>>
> >>>
> >>
> >>
> >>
> > ______________________________**_________________
> > mdlug mailing list
> > mdlug at mdlug.org
> > http://mdlug.org/mailman/**listinfo/mdlug<
> http://mdlug.org/mailman/listinfo/mdlug>
> >
>
>
>
> --
> Mathew E. Enders
>
> "Where once Samba and Apache sold Linux to the world they are now just part
> of the plumbing. But that's OK, plumbers make good money."
> --Jeremy Allison
> _______________________________________________
> mdlug mailing list
> mdlug at mdlug.org
> http://mdlug.org/mailman/listinfo/mdlug
>
More information about the mdlug
mailing list