slide1 n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Research Report Summary CIS Benchmark Security Configurations Eliminate 80 – 90 % of Known Operating System Vulnerabilit PowerPoint Presentation
Download Presentation
Research Report Summary CIS Benchmark Security Configurations Eliminate 80 – 90 % of Known Operating System Vulnerabilit

Loading in 2 Seconds...

play fullscreen
1 / 13

Research Report Summary CIS Benchmark Security Configurations Eliminate 80 – 90 % of Known Operating System Vulnerabilit - PowerPoint PPT Presentation


  • 168 Views
  • Uploaded on

Research Report Summary CIS Benchmark Security Configurations Eliminate 80 – 90 % of Known Operating System Vulnerabilities Bert Miuccio www.cisecurity.org bmiuccio@cisecurity.org.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Research Report Summary CIS Benchmark Security Configurations Eliminate 80 – 90 % of Known Operating System Vulnerabilit' - gitel


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
slide1

Research Report Summary

CIS Benchmark Security Configurations

Eliminate 80 – 90 % of Known Operating System Vulnerabilities

Bert Miuccio

www.cisecurity.org

bmiuccio@cisecurity.org

slide2
“Through 2005, 90 percent of cyber attacks will continue to exploit known security flaws for which a patch is available or a preventive measure known.”
  • Gartner Group, May 6, 2002
where are most of the vulnerabilities that are being exploited
Where are most of the Vulnerabilities that are being exploited?

1. Insecure Accounts

  • Null Password, Admin no PW, no PW expiration…

2. Unnecessary Services

  • Telnet, Remote Access,

Remote Execution…

3. Backdoors

  • NETBUS, BACKORIFICE, SUBSEVEN…

4. Mis-configurations

  • NetBIOS null sessions…

5. Software Defects

  • Hot-fixes, Patches…

These are controlled by configuration settings.

Patches fix software defects

slide4

Case studies and research show that 80-90% of known vulnerabilities are blocked by the security settings in the consensus benchmarks.

case study research methodology
Case Study / Research Methodology
  • (1) Scan a system “out of the box” or in its existing production configuration, and list identified vulnerabilities
  • (2) Configure the system with the appropriate CIS benchmark
  • (3) Rescan the system and note the reduction in vulnerabilities
citadel research win 2000 pro cis level 1 benchmark
Citadel Research - Win 2000 Pro(CIS Level-1 Benchmark)

Using Harris STAT Vulnerability Scanner 5.11

Default config.Post CIS config.

  • High: 131
  • Medium: 57 5
  • Low: 117 30
  • Warning: 11 1
  • Total: 198 37
slide8

Solutionary Study – Win 2000 Server

(Level-1 Benchmark)

Using Solutionary’s Vulnerability Scanning Methodology

slide10

The Mitre Study

Windows 2000 Professional

Level-2 configuration

reduced CVE vulnerabilities by 83%

ia newsletter describing the nsa and mitre studies
IA Newsletter describing the NSA and Mitre studies

Vol 5, Number 3, Fall 2002

  • http://iac.dtic.mil/iatac/news_events/ia_newsletter.htm
citadel research win 2000 server level 2 benchmark
Citadel Research - Win 2000 Server(Level-2 Benchmark)

ISS Internet Scanner 6.2.1

DefaultPost CIS config.

  • High: 30 0
  • Medium: 89 0
  • Low: 109 2
  • Total: 228 2
conclusion
Conclusion

Using the benchmarks and scoring tools available free at

http://www.cisecurity.org

will help you improve and manage the secure configuration of your systems.