Best IT Documents.com Blog


Microsoft Patch Matrix Analysis

Posted in O S (375),Policies - Standards (600),Security (1500) by Guest on the September 19th, 2016

This information allows you to see at a glance which Microsoft Security Bulletins apply to which products and the Severity Rating for each bulletin.  Each Security Bulletin is listed complete with links to the full bulletin on Microsoft’s website. You can view Security Bulletins sorted in reverse numerical order or by the date the Bulletin was last updated.
Microsoft believe you should always apply patches to any software you’re using for which they issue a patch with either a Critical or Important rating and these patches should be applied as soon as is practically possible (especially Critical ones). For patches rated as either Moderate or Low Microsoft recommend you read the related security bulletin to decide whether you should apply the patch to your environment. Personally if Microsoft issues a patch for something I’d seriously consider installing it (after testing) regardless of the Rating.  Easier said than done I know in a lot of environments but if you don’t patch you’re asking for trouble.

 

Severity Ratings Microsoft use the following system to rate the severity for each vulnerability.  This information has been reproduced from the “Microsoft Security Response Center Security Bulletin Severity Rating System” which you can find at:

 

https://technet.microsoft.com/en-us/security/hh314216.aspx

 

We’ve added the “Color” column onto the end of the table so that you can tell at a glance what Severity Rating Microsoft have assigned to the software affected by each vulnerability.

Rating Definition Color
Critical A vulnerability whose exploitation could allow the propagation of an Internet worm without user action Red
Important A vulnerability whose exploitation could result in compromise of the confidentiality, integrity, or availability of user data, or of the integrity or availability of processing resources. Orange
Moderate Exploitability is mitigated to a significant degree by factors such as default configuration, auditing, or difficulty of exploitation Green
Low A vulnerability whose exploitation is extremely difficult, or whose impact is minimal. Black

 

Security Vulnerabilities by Number

The following is a list of Security Vulnerabilities issued year-to-date (dd/mm/yy) with the most recent first.

Patch No. Title Affects/ Severity Issued/ Updated
Comments Off on Microsoft Patch Matrix Analysis

Sample – Word Clinical – Role Based Access Actors and Key Use Cases

Posted in Business (600),O S (375),Security (1500) by Guest on the August 7th, 2016
Comments Off on Sample – Word Clinical – Role Based Access Actors and Key Use Cases

Sample – Unix – Nightly backup script

Posted in Data Center - SOC - NOC,O S (375) by Guest on the June 28th, 2016

Unix – Nightly backup script

For the nightly backup, UNIX’s find has an option to identify files newer than a named file.
(Tar has a newer than date option but the format doesn’t seem to be documented and I’ve never
found the right format.) I created a zero byte root only readable /etc/installed with a time stamp
just after the end of the last Linux install. A similar marker file could be used following a full
backup which could be done instead of the postinstall tar but this would take a lot more media.

#
#
# Anyone may use or modify this code for any purpose PROVIDED
# that as long as it is recognizably derived from this code,
# that this copyright notice, remains intact and unchanged.
# No warrantees of any kind are expressed or implied.
#
# Most of the time tar is run with the -r, append, option but the
# tar file must first be created before this can be used. Any small
# file in a known location will do hence /etc/shells.
cd /var/local/backup
tar -cvf backup /etc/shells >backup.log
/usr/bin/find /bin -type f -newer /etc/installed -exec tar -rvf backup {} \; >>backup.log
/usr/bin/find /etc -type f -newer /etc/installed -exec tar -rvf backup {} \; >>backup.log
/usr/bin/find /home -type f -newer /etc/installed -exec tar -rvf backup {} \; >>backup.log
/usr/bin/find /lib -type f -newer /etc/installed -exec tar -rvf backup {} \; >>backup.log
/usr/bin/find /root -type f -newer /etc/installed -exec tar -rvf backup {} \; >>backup.log
/usr/bin/find /usr -type f -newer /etc/installed -exec tar -rvf backup {} \; >>backup.log
/usr/bin/find /sbin -type f -newer /etc/installed -exec tar -rvf backup {} \; >>backup.log
/usr/bin/find /var/db -type f -newer /etc/installed -exec tar -rvf backup {} \; >>backup.log
/usr/bin/find /var/gdm -type f -newer /etc/installed -exec tar -rvf backup {} \; >>backup.log
/usr/bin/find /var/lib -type f -newer /etc/installed -exec tar -rvf backup {} \; >>backup.log
/usr/bin/find /var/local/downloads -type f -newer /etc/installed -exec tar -rvf backup {} \; >>backup.log
/usr/bin/find /var/local/logs -type f -newer /etc/installed -exec tar -rvf backup {} \; >>backup.log
/usr/bin/find /var/log -type f -newer /etc/installed -exec tar -rvf backup {} \; >>backup.log
/usr/bin/find /var/named -type f -newer /etc/installed -exec tar -rvf backup {} \; >>backup.log
/usr/bin/find /var/nis -type f -newer /etc/installed -exec tar -rvf backup {} \; >>backup.log
/usr/bin/find /var/preserve -type f -newer /etc/installed -exec tar -rvf backup {} \; >>backup.log
/usr/bin/find /var/state -type f -newer /etc/installed -exec tar -rvf backup {} \; >>backup.log
/usr/bin/find /var/yp -type f -newer /etc/installed -exec tar -rvf backup {} \; >>backup.log

chgrp wheel backup*
chmod 640 backup*
mv backup `date +%y%m%d`.tar
gzip `date +%y%m%d`.tar
mv backup.log `date +%y%m%d`.log

. /usr/local/bin/backup_to_other

 

Sample only – Always verify scripts run on your systems

Comments Off on Sample – Unix – Nightly backup script

Sample – Word – Server Installation Request Process

Posted in Business (600),Data Center - SOC - NOC,O S (375) by Guest on the June 22nd, 2016

Word – Server Installation Request Process

Server_Installation_Request_Process.doc

Comments Off on Sample – Word – Server Installation Request Process

Sample – Word – UNIX Security Checklist

Posted in Data Center - SOC - NOC,O S (375) by Guest on the June 21st, 2016

Word – UNIX Security Checklist

UNIX_Security_Checklist.doc

Comments Off on Sample – Word – UNIX Security Checklist

Transition Server Build Checklist

Posted in O S (375) by Guest on the June 7th, 2016

Server build requirements, objectives, assumptions, dependencies, completion criteria, timeline review completed.

Server build issues / exceptions with technical solution identified and documented as appropriate (issues, action items, risks, etc…).

Server build exceptions and solutions to issues with technical solution agreement completed.

 

Server Build

Server build documenting operating system build and configuration completed.

Notify application owners after build completed – verify current configuration matches build requirements.

Server build documenting operating system build provided to support team.

 

Server Build Information

Server Image location information, as available like OSP team OS images and install process.

Monitoring / Admin Tools Documentation published – Website URL, and contact information provided.

 

Server build information provided to support team

 

Server Security

Initial security Health check scan (automatic or manual) per servers build with compliance with governing security document.

 

Results:

1.    Each factory manager has a defined list of their production lines

2.    Each manager knows the number of steps required to produce their end product

3.    The workflow is defined through MS project and validated by the validation team

4.    Once the integrated project plan is baselined, transition is a fixed schedule with minimal unknowns

5.    We can determine if we were ahead or behind schedule by reviewing task completion dates

Comments Off on Transition Server Build Checklist
Next Page »