The Center for Internet Security, http://www.cisecurity.org/, has scanning and benchmarking tools for W2K and Solaris. They also have a version of SARA that will scan for the SANS/FBI top 20, if you have a Unix system to run it from.
On 13 Mar 2002 at 10:05, Eric Zatko wrote: Hello Everyone, I'm looking for some open source or freeware that will scan a given box and guide me through a hardening process. I know that ISS has a product called System Scanner, but if I can find something comparable for free, I'm all for saving the taxpayer's money. Many thanks in advance. Eric Zatko e-mail: [EMAIL PROTECTED] - Greg Schmidt, Manager Network Technology Services - Software Licensing Washington University in St. Louis One Brookings Drive, Campus Box 1048 Prince Hall, Room 112 St. Louis, MO 63130 Phone (314) 935-7049 Fax (314) 935-7142 [EMAIL PROTECTED] http://sl.wustl.edu
