Skip to content

Releases: simeononsecurity/.NET-STIG-Script

Automate the .NET Framework 4 STIG with PowerShell

11 Jul 18:15
@simeononsecurity simeononsecurity
1.0
0a4f904
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Automate the .NET Framework 4 STIG with PowerShell Latest
Latest

Automate the .NET Framework STIG

Applying the .NET STIG is definitely not straightforward. For many administrators it can take hours to fully implement on a single system. This script applies the required registry changes and modifies the machine.config file to implement FIPS and other controls as required.

Notes:

This script can not and will not ever get the .NET stig to 100% compliance. Right now, as is, it stands to complete roughly 75% of the checks and does go back and complete the applicable checks on all previous .NET versions.

Manual intervention is required for any .NET application or IIS Site.

Requirements:

  • Windows 7, Windows Server 2008 or newer
  • Testing in your environment before running on production systems.

STIGS/SRGs Applied:

Sources:

Download the required files

You may download the required files from the GitHub Repository

How to run the script

The script may be launched from the extracted GitHub download like this:

How to run the script

Manual Install:

If manually downloaded, the script must be launched from an administrative powershell in the directory containing all the files from the GitHub Repository

Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force
Get-ChildItem -Recurse *.ps1 | Unblock-File
.\sos-.net-4-stig.ps1

Automated Install:

Use this one-liner to automatically download, unzip all supporting files, and run the latest version of the script.

iwr -useb 'https://simeononsecurity.ch/scripts/sosdotnet.ps1'|iex
Assets 2
Loading

0.5.0 - .Net STIG Script

08 Sep 06:51
@simeononsecurity simeononsecurity
0.5.0
e5c80e6
This commit was signed with the committer’s verified signature. The key has expired.
simeononsecurity SimeonOnSecurity
GPG key ID: 8464D39CE898F69B
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
0.5.0 - .Net STIG Script Pre-release
Pre-release

Automate the .NET Framework 4 STIG

Work in Progress

DO NOT APPLY IN PRODUCTION

Notes:

This script can not and will not ever get the .NET stig to 100% compliance.
Manual intervention is required for any .NET application or IIS Site.

STIGS/SRGs Applied:

How to run the script

The script may be lauched from the extracted GitHub download like this:

.\sos-.net-4-stig.ps1
Assets 2
Loading