Monday, November 25, 2013

PC Security Stuff

So, one of the younger bears has taken up the CyberPatriot thing.  It's really a pretty good talent
identification and development project in the IS world.  It is also good experience developing security skills and awareness.  If you don't have a clue on computer security peruse the powerpoints on the above site.

In that theme, here are a few resources Windows and Linux:

Security configuration guides from No Such Agency.  Look at the archived guides too.

Security configuration guides from CIS.  Login required.

Command line for lots of platforms

Windows:  The problem with windows is that they practice security through obscurity:  each flavor of windows has different methods to achieve the same goals.  

Securing W7 from Microsoft.  
Securing W7 from NIST.  (Wow!  A little difference in the level of detail!)
Securing W8 from NIST

Master Control Panel or "godmode"  make a folder on your desktop named God Mode.{ED7BA470-8E54-465E-825C-99712043E01C}  Other special modes  or here 

Is anyone else curious that the only Windows security guides are by (or derived directly from) Microsoft or DHS?  Just makes me wonder....

Linux:  Most of the approaches for one flavor of linux will translate to the others.  The main differences are in the package management tools: yum, apt-get, pkgtool...

Securing Slackware:  Keep it patched and minimize services.  Reminds me: "If you want to learn RedHat, use RedHat.  If you want to learn linux, use Slackware."  

Linux security references: this is an encyclopedic collection of links


Any other recommendations?