Mailing List Archive

James Kelly wrote:

[snip]
> I've not had the chance yet to see Windows 2008 and I don't know how
> similar it is to 2003.

2008 is vista-based, 2003 is xp-based; so no, not exactly "similar"!

--
Simon John
nessus at the-jedi.co.uk

_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

James Kelly wrote:
> I checked the Nessus/Tenable support site and didn't see a scap file for
> Windows 2008. I noticed that the SCAP files were still in the beta stage.
> Does anyone have a sense if it would be "reasonable" to use the Windows 2003
> files on Windows 2008. I've not had the chance yet to see Windows 2008 and I
> don't know how similar it is to 2003.

We have 2008 content in development right now.

However, if you want to get 2008 audits right away, you can use the i2a tool
from our support portal and convert any .inf policy file for 2008 into a Nessus
.audit file. It won't have rich content like the SCAP policies, but you will
be able to quickly audit for these required or suggested settings.

There are .inf hardening files for 2008 available from DISA and Microsoft at
these links:

http://iase.disa.mil/stigs/checklist/windows_2008_checklist_v6r1_2_20081226.zip

http://www.microsoft.com/downloads/details.aspx?FamilyID=a46f1dbe-760c-4807-a82f-4f02ae3c97b0&displaylang=en

(note - to get the Microsoft .inf hardening files for 2008, you need to install
their GPO Accelerator)

Ron Gula
Tenable Network Security

_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus