Noticeboard posted an article today about a number of system security checklist and configuration guides recently added to the NIST web site:
A raft of new or updated security checklists and verification tools have been released by NIST covering: access control; application & database security; DNS; Enclave; .NET framework; network infrastructure; SAN/sharing peripherals across the network; UNIX; VoIP; and Windows 2000, XP and 2003 Server. The combination of comprehensive security checklists recommending specific parameter settings and automated tools to check system configurations against the recommendations makes the security manager's job that bit easier.
The majority of these guides are from DISA (Defense Information Systems Agency). A few are from DOT. Remember the source of these guideline; they may not be totally applicable to your environment.
The NIST Practices & Checklists / Implementation Guides web site contains a wealth of information on federal agency and civilian security practices and guidelines.