Comment on What are You Working on Wednesday
redfox@infosec.pub 11 months agoCan you share any of the baseline that’s not specific to your org/sensitive? What sources are you using as a reference?
Comment on What are You Working on Wednesday
redfox@infosec.pub 11 months agoCan you share any of the baseline that’s not specific to your org/sensitive? What sources are you using as a reference?
slazer2au@lemmy.world 11 months ago
I am using the Cisco hardening guide with some tweeks.
cisco.com/…/220270-use-cisco-ios-xe-hardening-gui…
Covers things like only allowing sshv2, enable logging of commands to syslog, disabling the switch web servers.
redfox@infosec.pub 11 months ago
Nice. You guys allowing the playbooks to configure or just audit?
slazer2au@lemmy.world 11 months ago
we use the playbooks to configure, the trick is to do it in an idempotent way so when something is changed it doesn’t kick off alarm bells.
SNMPv3 is my current bane as snmpv3 accounts are not stored in running config so snmp always says something is changed.