[unisog] Mac OS X 10.5 Hardening Guide

Stephen John Smoogen smooge at unm.edu
Thu Mar 6 20:59:02 GMT 2008


markm196 at netscape.net wrote:
> The hardening guide at Osx-benchmark at lists.cisecurity.org is good.
> 
> The problem is that it is 80 pages long.
> 
> Does anyone have any server security checklists that are only a few 
> pages long that they use before they put servers on the network?
> 
> I am looking to make some, but thought I would check to see if there 
> where some out there.
> 
> 
> I plan to make them for windows, linux and mac.
> 

The big issue with shorter ones is that they can miss a lot of items.
However, in the end any security checklist is 'site' specific. Each step
really needs to be a business decision by the University/department/etc.

The best thing would be to have a way to take the 'long' form.. and a
way to 'shorten' it to meet a particular sites needs. So if you don't
have a business case that /etc/sysctl.conf is 0400 on your server, it
can be 'dropped', and if it is needed you can see it.

-- 
Stephen Smoogen -- ITS/Linux Administrator
  MSC02 1520 1 University of New Mexico Albuquerque, NM  87131-0001
  Phone: (505) 277-8219  Email: smooge at unm.edu
 How far that little candle throws his beams! So shines a good deed
 in a naughty world. = Shakespeare. "The Merchant of Venice"


More information about the unisog mailing list