Hi Jason-
I would think Nessus as more of a (folks on the list please forgive me) dumb
tool - You'd need human intervention to match it up - SOX, for example -
doesn't really mention any specific technologies (although GLB/HIPAA mandate
encryption).
Ideally for a SOX audit you could use nessus to check whether:
-Patches are applied routinely to systems.
-Administrator and other default accounts are secured/renamed/default
password changed.
-password policies
-unprotected smb shares
-Unnecessary services are disabled (and is the client running "in the clear"
services like ftp, telnet when per HIPAA or GLB they should be using SCP,
SSH?).
-Virus Software up to date (I'm also on an IT audit sox list and I just
recommended to someone that they could use nessus to test their anti-virus
software..) If your client is not running one of the common ones you may
need to roll your own plugin for this.
The list could probably be expanded, and I haven't done anything with the
new local security checks so I don't know if they could help with things
such as "can root login in remotely?", db_roles in MS Sql, etc.
Hopefully your client is using some sort of control framework (Cobit, COSO,
ISO17799, etc). You should be able to take that and find all sorts of
checks Nessus can perform - but I would think of it in the high level as I
have above rather than matching specific control objectives to a pluginID.
I know that's not exactly what you were looking for but I hope that helps...
-----Original Message-----
From: nessus-bounces@list.nessus.org [mailto:nessus-
bounces@list.nessus.org] On Behalf Of securityfool@hushmail.com
Sent: Thursday, October 21, 2004 12:00 PM
To: nessus@list.nessus.org
Subject: nessus checks / SOX, GLBA, HIPAA
Hi,
I'm working at a client who is looking for a list of nessus checks which
covers particular regulations (i.e. SOX, GLBA, etc.). Anyone have
something
for this?
Thanks!
-jason
Concerned about your privacy? Follow this link to get
secure FREE email: http://www.hushmail.com/?l=2
Free, ultra-private instant messaging with Hush Messenger
http://www.hushmail.com/services-messenger?l=434
Promote security and make money with the Hushmail Affiliate Program:
http://www.hushmail.com/about-affiliate?l=427
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
----------------------------------------------------------------------------
This message contains information which is privileged and confidential and
is solely for the use of the intended recipient. If you are not the
intended recipient, be aware that any review, disclosure, copying,
distribution, or use of the contents of this message is strictly prohibited.
If you have received this in error, please destroy it immediately and notify
us at PrivacyAct@torchmarkcorp.com.
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
