On Fri, 19 Jun 2009 01:28:32 -0700 (PDT), Robert Kochem
<> wrote:
>Hi NG.
>
>I am tasked with a security audit of a Windows 2003 server. The
>problem is that I don't get direct access to the server - instead I
>have to provide tool(s) and/or script(s) that gather information on
>the server. Those gathering tools are executed by an admin of the
>machine and I get only the output for auditing the server.
>
>The problem is that the audit is not limited to certain parts of the
>server (users, services, filesystem). Therefore the standard tools I
>know would generate a large amount of data - and finding security
>issuses in this data would be like finding Needle in a Haystack...
>
>Does anybody know good tools or scripts that would help me gathering
>the required information I need in an intelligent way?
>
>Thanks in advance, Robert
Here
http://iase.disa.mil/stigs/checklist/index.html is a list of
checklists that the Gov't (should) use to secure their computers. Not
scripts, just checklists.
here
http://iase.disa.mil/stigs/SRR/index.html you can download the
Windows Gold disk (link is near the bottom). This has to be run on
the computer (can be local or via RDP) and save the OPEN results only
(the closed, n/a and unknowns are not worth the paper IMO). Do NOT, I
repeat DO NOT use the "mitigate" button on this disk to fix ANY of the
problems or you most likely will find yourself locked out of, or in
control of a non-usable server.
There are SRR (scripts) that you CAN use to look at Windowsn NT (on
the SRR page) but I personally have never used them so I can't vouch
for them.
Mike
Similar Threads
Linear Mode
