ThinIce
Dec 12 2003, 12:03 AM
http://www.techtv.com/screensavers/darktip...3587648,00.htmlThe links on that page go to nsa.gov which has a HUGE ass guide for lockdowns
H4xorHunt3r
Dec 12 2003, 01:29 PM
ThinIce accurately described the guides, if not colorfully. h**p://www.nsa.gov/snac/index.html takes you straight to the guides. Be sure to go to the bottom of the page and follow the link to the "download single files" pages. They have more than just Win and Cisco guides. The Oracle 9i and MS SQL were particularly helpful.
NSA appears to have been working on a flavor of Linux they call Security Enhanced (SELinux). Looks like the source is availible for download.
h**p://www.nsa.gov/selinux/background.html[/URL]
Cheers
da_echo
Dec 13 2003, 09:09 AM
very interesting... but i dont think that NSA is interested in turning a computer into a fortress
ThinIce
Dec 14 2003, 01:57 AM
It's a fairly thorough guide- It has some pretty good explanation on what's what. As well as presets that you can use.
Although I don't recco them because they're a little too strict for my likening
of course then again I didn't edit them like it said cause I'm a lazy person
l0wkey
Dec 30 2003, 06:53 PM
Wow I am diggin these, I love checking out any governmetn standard!
dfx
Dec 31 2003, 04:12 AM
thanks for the links thinice.
im going to compare how my current windows boxes are setup to how the NSA thinks they should be
Orangey
Jan 4 2004, 02:21 AM
Awesome PDF's There!
Great Find
tstngry
Jan 4 2004, 07:01 AM
I wanna test the security templates but how do i un-install them if i decide to install them. Thnx in advance
cji
Jan 13 2004, 08:27 AM
| QUOTE (da_echo @ Dec 13 2003, 09:09 AM) |
very interesting... but i dont think that NSA is interested in turning a computer into a fortress
|
well these guides
are intended for DoD and other government agencies to implement so yea I'd say they're interested in doing just that - but I guess it depends how deep your conspiracy theories run
great find - thank you
TwitcH
Mar 14 2004, 12:43 PM
Is the setup in this guide how the NSA Setup there computers??
and thnx for the link, great guides there
technoboy
Mar 15 2004, 06:42 PM
welcome 2 years ago guys ...
BlackNet
Mar 16 2004, 11:00 PM
Hello,
If anyone's interested in checking out selinux up close and personal (by that I mean ssh into the box as root) then drop me an email.
Ed
Spookie
Sep 16 2004, 01:02 PM
Heres some interesting reading for you as well regarding your locking down MS boxes
Windows Some of the forum may remember this, to others it may be new. Regardless there have been numerous changes as the German went with Linux staring with Munich back in 99/2000 if I recall correctly as well as this posting by the BBC back in 2002.
IBM signs Linux deal with Germany
whiskah
Sep 17 2004, 12:33 AM
| QUOTE (Spookie @ Sep 16 2004, 09:02 PM) |
Windows Some of the forum may remember this, to others it may be new. Regardless there have been numerous changes as the German went with Linux staring with Munich back in 99/2000 if I recall correctly as well as this posting by the BBC back in 2002.
IBM signs Linux deal with Germany |
nice article spookie..just like the rumor that the NSA stalled the release of XP SP2 for them to incorporate a backdoor!!!
Spookie
Sep 17 2004, 03:17 PM
What is equally interesting Whiskah is that MS released there source code to a foreign country. Just so happens that the person who was representing the so called security center, just happened to be a member of that countries security services, oh sorry as they said
| QUOTE |
| Academy of Engineering |
Go figure then people wonder why guys like Daniel Geer Jr get on the soap box saying M$ is a threat to national security. Instead of someone saying humm he might have a point, and doing some research into it, he gets canned because it's easier to remove the "Squeaky wheel" then to fix the problem.
Sad part about all of this is that it will take a massive incident, before Daniel Geer is vindicated. Kind of reminds me of what happened to that lady Nancy Floyd. Oh well just my simple ramblings.
dw-chow
Oct 23 2004, 05:34 PM
QUOTE(technoboy @ Mar 15 2004, 06:42 PM)
welcome 2 years ago guys ...
yeah i know right.. they just now rennovated their current website on these guides... but they've hadded a few updates like the sun java plug in security which i find interesting. what's even more shocking is that top IT companies or most people in the service industry doesn't give any thought to these guides.
brixster
Oct 26 2004, 04:31 PM
NSA has been working real hard to perfect SElinux. NSA also put code into the 2.6 kernel. Now SElinux is going for DOD level certification up there with Solaris
Geilt
Dec 10 2004, 06:41 PM
QUOTE(ThinIce @ Dec 12 2003, 12:03 AM)
http://www.techtv.com/screensavers/darktip...3587648,00.htmlThe links on that page go to nsa.gov which has a HUGE ass guide for lockdowns
I've seen these before related to a mailing I received from the NSA directly. I am on some odd mailing lists so imagine my concern when I recieved a big manilla envelop from Ft. Mead.
They are one of the documentation sets you have to be perfectly familiar with to successfully pass the NSA Gov't Security Professional certification test. I may be off on the name of the cert itself but it's close enough.
Lots of good information but not useful in the "real world" as we don't have access to some of the underlying systems and technologies they reference from time to time.
sh@dy
Feb 21 2005, 11:19 PM
dw-chow
May 27 2005, 10:41 PM
yeah these guides aren't bad. of course these are declassified, which means they're either somewhat dated material (but still good) or in use for external computers and networks that aren't mission critical. i've been using them for years with my company. i must say, they are comprehensive... i emailed the webmaste rof that website, you can actually call the NSA and request a burnt disc of all the guides if you cannot dl them. They don't give you hard copies
lol
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please
click here.
