Re: [ISSForum] System Scanner

[Mark Hayes]

One of the first steps is to establish common builds for your boxes - whether this is done via  Imaging, Ghosting or JumpStarting.    Then you have a 'baseline' with known software in a known configuration - you should also incorporate your hardening and patching processes so that what comes out the end is consistant.  Putting policies in place is then a lot simpler and less prone to error ..... Ill get off my soap box now Mark Hayes Team Leader - Web and Security Technology Group Commercial Services Business Unit Western Power, 363-365 Wellington Street, Perth, WA, 6000, Australia Weiss, Jeffrey H. wrote: Hi, Mike, One approach is to make your own custom policies and then manifest them in System Scanner policies--otherwise, unless you have a monitoring staff, continuously reviewing entire baseline shifts and every possible vulnerability detected wil leave you somewhat fatigued. We did this and it makes it far more manageable. Just my thoughts.... Jeffrey -----Original Message----- From: Reeves, Mike [mailto:[EMAIL PROTECTED]] Sent: Friday, October 17, 2003 8:30 AM To: '[EMAIL PROTECTED]' Subject: [ISSForum] System Scanner Does anyone have any good best practices using System Scanner in a large environment? I have read through the admin and user guides but I am looking for a way to get the best bang for my buck. Thanks, Mike This e-mail transmission contains information that is confidential and may be privileged.   It is intended only for the addressee(s) named above. If you receive this e-mail in error, please do not read, copy or disseminate it in any manner. If you are not the intended recipient, any disclosure, copying, distribution or use of the contents of this information is prohibited. Please reply to the message immediately by informing the sender that the message was misdirected. After replying, please erase it from your computer system. Your assistance in correcting this error is appreciated. _______________________________________________ ISSForum mailing list [EMAIL PROTECTED] TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to https://atla-mm1.iss.net/mailman/listinfo