Tuesday, April 21, 2009

Side Project - SSLF Baseline

Has anyone ever really tested how the SSLF baseline for windows workstations affects different software products and comm pipes used on the network? I have had so many experiences with the SSLF "breaking" this or that client/server application, and yet the documentation available is minimal. Anyone can find what each setting means and does. The problem is that most commercial software is not well documented at the lower layers
So one of my side projects is to test the SSLF baseline in a virtual environment and to see how each setting affects whatever product I am using at that time. I think that this is going to turn into a long-term project as there is a large number of security applications that I want to test against this baseline.