Gold disk or STIG for 2008 server specifcally

I am looking for a DOD STIG or GOLD disk that scans for security vulerbilites for 2008 server specifically
LVL 1
NAMEWITHELD12Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

shaynegCommented:
Good Luck :)
0
NAMEWITHELD12Author Commented:
Thanks LOL , if I find something I will let you know
0
NAMEWITHELD12Author Commented:
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

shaynegCommented:
I would be very intrested to see how you get on :)
0
acl-puzzCommented:
iam not familiar with what you are talking but to check you server vulnerability there many tools available

like
 
nessus

nmap

backtrack-linux has built-in tools for DNS spoofing MAC spoofing etc..tons  of tools loaded in it
0
shaynegCommented:
Nothing quite touches the gold disk ;) it's a bit special.
0
acl-puzzCommented:
@Shayneg

have you used this before can you please tell me its qualities,specifications just curious to know about it?

one more thing i tried to download  from http://iase.disa.mil/stigs/compilation/index.html 

link doesnt work!!
0
NAMEWITHELD12Author Commented:
http://iase.disa.mil/stigs/compilation/index.html

this works for me i tried this and downloaded the content and extracted
0
NAMEWITHELD12Author Commented:
want i am finding it that you have to open the INF files with the "mircosoft secirty and analisys " mmc snap in

there is also a way to get LSA to have additital settings adding the evoasfl.dll to the path at

HKLM......CC set\LSA\notifiaction packages

more soon!!!
0
shaynegCommented:
good stuff
0
neelytdCommented:
I believe the tool that you are looking for is called Retina. It is a DoD approved method of scanning your network for security vulnerabilities. It will also break down each vulnerability into a STIG catagory (CAT I, CAT II, etc...)

This tool is very useful if you are trying to attain DIACAP/DITSCAP certification.
0
NAMEWITHELD12Author Commented:
serveral things to note here there is a prescan and a scan or something like that , I dont have it in front of me , but read the screen carefully and obey there are 2 steps when using the scan part of the gold disk

also be awair of the .inf templates and how to use them
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
LaminiCommented:
At this time, even now, there are no scanning tools available for Server 2008 from DISA. The Gold Disk tool was to be cut off in 2010, yet today (2011) they still release updates... but never had a scanning tool for Server 2008. They do have STIGs, dont get me wrong, but if they added it to the Gold Disk utility, then that would be a whole lot of work for them I'm guessing. Its last supported Microsoft Windows operating systems were Microsoft Windows XP (and they still support it), and Server 2003. Note, this is for Department Of Defense users; of course access to the FOUO / https sites will be blocked as it requires you to come in from a .mil domain, and the FOUO docs/stigs require CAC/credentials. THis is for highly secure environments where security is HIGHLY factored in, not for your daily/lab/commercial use vulnerability tools.
0
LaminiCommented:
I failed to mention Server 2008 R2 is not supported; Server 2008 is.on the Gold Disk."Windows Server 2008 R2 is not supported by Gold Disk at this time."
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Legacy OS

From novice to tech pro — start learning today.