“The Center for Internet Security (CIS), a consortium for setting security
best practices and standards, earlier this week released significant
upgrades of its security benchmarks for Cisco Router IOS and the Linux and
HP-UX operating systems.

The CISO IOS Router Audit Tool has more than 10 new items, including
checks for SSH, automated timeouts, the reuse of passwords, restrictions
for usernames, egress filtering, SNMPv3, timestamp debug rules and access
control rules.

For Linux, CIS added support for the commercial implementation, Red Hat
v9, to its extensive list of security checks and hardening instructions.

CIS updated the HP-UX benchmark to make it more accurate, more complete
and easier to undo. The changes are based on user feedback and emphasize
experience with HP-UX 11i, CIS says. An updated scoring tool is also
available.

CIS also released an updated Windows Scoring Tool, which includes support
for locking down service packs and hot fixes for Windows 2000 SP4, Windows
2000 SP4, Windows XP SP1, and Windows Server 2003. The improved tool also
can check Windows XP, [and] Windows Server 2003. CIS is developing templates for locking down XP and Win2003.”