Home page logo

pen-test logo Penetration Testing mailing list archives

Re: Security Baseline Tools
From: "Stephen J. Smoogen" <smooge () gmail com>
Date: Mon, 22 Aug 2005 08:52:16 -0600

On 8/20/05, David Boynton <david.boynton2 () cox net> wrote:
Hello everyone,

Is anyone aware of any security baseline assessment tools like the ones
provided by the Center for Internet Security?  We are researching the
possibility of using a "Baseline Compliance" metric, so the tools will need
to be mostly automated (no manual checklists - we have enough of those!)

Thanks for any and all help!

Moderator: I know this barely qualifies as penetration testing, but the mod for Security Management kicked it back 
because it will start a discussion of technical tools.  Please help me out! :)

At the moment, we are writing our own. I have found that the CIS tools
linked to from the NIST.gov worked well for a first best guess, but in
order to see if 4000 desktops matched those and could report
centrally.. plus deal with specialized network areas.. they needed a
lot of work.

To keep this with a penetration point of view, most of the baseline
tools are sort of a reverse penetration test. Penetrators usually go
for flag A, B, C... make sure they are turned off. It also seems to be
a lot harder to write versus some scripts to exploit :).

Stephen J Smoogen.
CSIRT/Linux System Administrator

FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't

Learn the hacker's secrets that compromise wireless LANs. Secure your
WLAN by understanding these threats, available hacking tools and proven
countermeasures. Defend your WLAN against man-in-the-Middle attacks and
session hijacking, denial-of-service, rogue access points, identity
thefts and MAC spoofing. Request your complimentary white paper at:


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]