1 / 10

Security Self-Help

Security Self-Help. Program Summary. Purpose. To provide a way to automate the “hardening” of computer systems by applying security settings and configuration changes. Insure consistency Save time Encourage secure configuration of desktops

sela
Download Presentation

Security Self-Help

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Security Self-Help Program Summary

  2. Purpose • To provide a way to automate the “hardening” of computer systems by applying security settings and configuration changes. • Insure consistency • Save time • Encourage secure configuration of desktops • Currently Windows 2000 and XP only (OSX version may be developed, but is currently not critical)

  3. Who do we want to run it? • By end users who want to make sure that their computers are configured properly for Stanford’s infrastructure. • By schools and departments that want to use the tool to configure new computers before they connect to Stanford’s infrastructure. • By students that bring computers that will connect to Stanford’s network. • By other universities that want to establish their own set of security standards. • By ITSS consultants to quickly apply security settings to their client’s computers to insure consistency of configuration settings.

  4. History • January – June 2003 Security Awareness Campaign (Security Self-Test tool) • August 2003 RPC worm attack • August – September 2003 RpcCleaner • September 2003 host-security group • September – December 2003 Self-Help working group • March 2004 – July 16 program design, coding, and testing of Self-Help tool • July 16 Release

  5. Program Features • Auto Update

  6. Function Upgrade Example

  7. Core Program Upgrade Example

  8. Program Features • Built in “Run As” capability • All Functionality is dynamic, & updated at run time • Most UI elements are configurable & external to core program • Local group support • Undo Wizard • Password strength test (improved from Self-Test tool) • High Risk Services display and control improved from Self-Test tool

  9. Program Features • Blank admin password change • Tests for password strength before setting • Can change Administrator password on XP home machines without booting into safe mode • Batch mode (auto run without UI) • Does not require Stanford’s infrastructure (can be used by other universities)

  10. What Next • Review the documents • http://security-self-help.stanford.edu/docs • TechnicalDocumentation.doc (~ 100 pages) • program_summary.html • Security-Self-Help.ppt • Essential Stanford Software • http://security-self-help.stanford.edu Demo…

More Related