RIT
Information Security

Systems Administrators Resources

Find tools and documentation specifically for use by systems administrators here, including published security standards and supporting software.

What are my responsibilities as a systems administrator?

You are responsible for ensuring that all computers, servers, network devices, and any other types of computing devices that you support comply with all published standards. This includes educating your supported users about their role in securing their computing devices and data.

You are also responsible for prompt reporting of computer incidents to the ISO in accordance with the Computer Incident Handling Standard.

Computer Incident Handling Resources

Security Checklists

Approved Encryption Methods

Under development. Contact Infosec@rit.edu with specific questions.

Login/Trespassing Banner

RIT information technology resources are for the use of the RIT community only. By using RIT information technology resources you acknowledge that you have read and comply with RIT's Code of Conduct for Computer and Network Use and RIT's Information Security Policy and Standards. Use of RIT information technology resources may be monitored and unauthorized use is strictly prohibited.

Secure Administrative/Login Credential Transmission Protocols

Please direct comments or questions about protocols to Infosec@rit.edu.

Best Practices & Recommendations

Recommended Host-based Intrusion Prevention Software

Server

Program Description
Ossec Open source intrusion detection (multiple platforms) (ISO-tested)
McAfee HIPS Desktop and server intrusion prevention (Windows) (ISO-tested)
Bit9 Application whitelisting (Windows) (non ISO-tested)
Cimcor Protects against unauthorized changes (Server and Network) (non ISO-tested)
Tripwire (commercial version) Configuration assessment and change auditing (Desktops and Servers; VMware coming) (non ISO-tested)

Desktop

Program Description
Ossec Open source intrusion detection (multiple platforms) (ISO-tested)
McAfee HIPS Desktop intrusion prevention (Windows) (ISO-tested)
Comodo Internet Security Suite (ISO-tested)
Online Armor - Tall - Emu Firewall (ISO-tested)

Security Assessment Tools

The following tools should be used in combination to conduct security assessments.

Tool Description
Rapid 7 Nexpose (RIT Enterprise Licensed by ISO) Unified vulnerability management enterprise solution
Nessus Network Vulnerability Scanner
CIS Score Security Consensus Operational Readiness Evaluation provides various security checklists.
Secunia Vulnerability Scanners Secunia Software Inspectors provide detection and assessment of missing security patches and end-of-life programs.
Microsoft Baseline Security Analyzer (MBSA) MBSA helps determine their security state in accordance with Microsoft security recommendations and offers specific remediation guidance.
Nipper Nipper enables network administrators, security professionals and auditors to quickly produce reports on key network infrastructure devices.
Scrawlr HP SQL Injector and Crawler. Scrawlr will crawl a website while simultaneously analyzing the parameters of each individual web page for SQL Injection vulnerabilities.
Core Impact Penetration testing software
Qualys Provides a suite of tools for:
  • Vulnerability Management
  • Policy Compliance
  • PCI Compliance
  • Web Application Scanning
NMAP Nmap ("Network Mapper") is a free and open source utility for network exploration or security auditing.
BidiBlah The BiDiBLAH utility is a framework that can be used to assist in automating existing vulnerability assessment tools

Quick Links

Exceptions

The Information Security Office has provided a method for obtaining an exception to compliance with the published security standards.

Questions

If you have any questions or feedback about specific information security requirements, please e-mail us at infosec@rit.edu.