slide1 n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Research Report Summary CIS Benchmark Security Configurations Eliminate 80 – 90 % of Known Operating System Vulnerabilit PowerPoint Presentation
Download Presentation
Research Report Summary CIS Benchmark Security Configurations Eliminate 80 – 90 % of Known Operating System Vulnerabilit

Loading in 2 Seconds...

play fullscreen
1 / 13

Research Report Summary CIS Benchmark Security Configurations Eliminate 80 – 90 % of Known Operating System Vulnerabilit - PowerPoint PPT Presentation


  • 169 Views
  • Uploaded on

Research Report Summary CIS Benchmark Security Configurations Eliminate 80 – 90 % of Known Operating System Vulnerabilities Bert Miuccio www.cisecurity.org bmiuccio@cisecurity.org.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

Research Report Summary CIS Benchmark Security Configurations Eliminate 80 – 90 % of Known Operating System Vulnerabilit


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
slide1

Research Report Summary

CIS Benchmark Security Configurations

Eliminate 80 – 90 % of Known Operating System Vulnerabilities

Bert Miuccio

www.cisecurity.org

bmiuccio@cisecurity.org

slide2
“Through 2005, 90 percent of cyber attacks will continue to exploit known security flaws for which a patch is available or a preventive measure known.”
  • Gartner Group, May 6, 2002
where are most of the vulnerabilities that are being exploited
Where are most of the Vulnerabilities that are being exploited?

1. Insecure Accounts

  • Null Password, Admin no PW, no PW expiration…

2. Unnecessary Services

  • Telnet, Remote Access,

Remote Execution…

3. Backdoors

  • NETBUS, BACKORIFICE, SUBSEVEN…

4. Mis-configurations

  • NetBIOS null sessions…

5. Software Defects

  • Hot-fixes, Patches…

These are controlled by configuration settings.

Patches fix software defects

slide4

Case studies and research show that 80-90% of known vulnerabilities are blocked by the security settings in the consensus benchmarks.

case study research methodology
Case Study / Research Methodology
  • (1) Scan a system “out of the box” or in its existing production configuration, and list identified vulnerabilities
  • (2) Configure the system with the appropriate CIS benchmark
  • (3) Rescan the system and note the reduction in vulnerabilities
citadel research win 2000 pro cis level 1 benchmark
Citadel Research - Win 2000 Pro(CIS Level-1 Benchmark)

Using Harris STAT Vulnerability Scanner 5.11

Default config.Post CIS config.

  • High: 131
  • Medium: 57 5
  • Low: 117 30
  • Warning: 11 1
  • Total: 198 37
slide8

Solutionary Study – Win 2000 Server

(Level-1 Benchmark)

Using Solutionary’s Vulnerability Scanning Methodology

slide10

The Mitre Study

Windows 2000 Professional

Level-2 configuration

reduced CVE vulnerabilities by 83%

ia newsletter describing the nsa and mitre studies
IA Newsletter describing the NSA and Mitre studies

Vol 5, Number 3, Fall 2002

  • http://iac.dtic.mil/iatac/news_events/ia_newsletter.htm
citadel research win 2000 server level 2 benchmark
Citadel Research - Win 2000 Server(Level-2 Benchmark)

ISS Internet Scanner 6.2.1

DefaultPost CIS config.

  • High: 30 0
  • Medium: 89 0
  • Low: 109 2
  • Total: 228 2
conclusion
Conclusion

Using the benchmarks and scoring tools available free at

http://www.cisecurity.org

will help you improve and manage the secure configuration of your systems.