Compliance Monitoring

Nessus UNIX Configuration Auditing "sudo" Support

by Ron Gula
January 31, 2008

Tenable's research group recently added support to all SSH enabled UNIX configuration audits to make use of "sudo". Support is available in version 1.4.4 of the UNIX compliance checks. 

Some organizations explicitly prohibit remote "root" logins to their UNIX servers. However, many of these organizations do allow a "non-root" login which has access to the "sudo" command. The "sudo" facility allows a non-root user to run specific restricted commands at the root level. Activity related to "sudo" can be logged as well.

NIST FDCC Implementor's Workshop Notes

by Ron Gula
January 25, 2008

I attended the January 25th, NIST Federal Desktop Core Configuration Implementers Workshop  this  past week and wanted to share some of my thoughts and take-aways from it.

Some Organizations Were Already Close to FDCC

Several CSO/CTO speakers from a variety of different federal agencies spoke about how they went about doing a gap analysis between their current configuration policies and those of the FDCC.

Exceeding CIS and NIST Benchmarks - Third Party Patch Auditing

by Ron Gula
November 26, 2007

For organizations that actively keep track of and manage their base operating system patches and configurations, a somewhat lofty goal is to try and tighten down third party patches. Organizations can have all Microsoft patches installed and their systems hardened to NIST, CIS and vendor recommendations, and still have major exposure and security issues issues tracking down open source, freeware and third party applications.