Security Basics mailing list archives

Re: Security Checklist

From: Venkatesh Selvaraju <venkatesh.selvaraju () gmail com>
Date: Tue, 5 May 2009 22:53:28 +0530

CIS benchmarks are the industry wide acceptable standards for IT
security controls and they have got it all from operating systems to
routers to web servers:
http://www.cisecurity.com/benchmarks.html

HTH

On Mon, May 4, 2009 at 10:31 PM, James Attard <james.attard () gmail com> wrote:

Dear list,

I need some help to build up a security checklist for my company
running mainly windows operating systems, apache webservers, and
checkpoint firewall. What I have in mind is that everyday I dedicate
not more than 1 hour and I look at this checklist and see whether the
health status from a security point of view of the whole IT
infrastructure is OK. What should I be looking at? What logs do I need
to generate if they don't exist, and what information patterns should
I look at in the Apache logs/Windows logviewers? Do I need some
software to help me aggregate and process all this information?

Regards,
J

------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

Learn all of the latest penetration testing techniques in InfoSec Institute's Ethical Hacking class.
Totally hands-on course with evening Capture The Flag (CTF) exercises, Certified Ethical Hacker and Certified 
Penetration Tester exams, taught by an expert with years of real pen testing experience.

http://www.infosecinstitute.com/courses/ethical_hacking_training.html
------------------------------------------------------------------------


------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

Learn all of the latest penetration testing techniques in InfoSec Institute's Ethical Hacking class. 
Totally hands-on course with evening Capture The Flag (CTF) exercises, Certified Ethical Hacker and Certified 
Penetration Tester exams, taught by an expert with years of real pen testing experience.

http://www.infosecinstitute.com/courses/ethical_hacking_training.html
------------------------------------------------------------------------

Current thread:

Security Checklist James Attard (May 04)
- Re: Security Checklist Joseph McCray (May 05)
- Message not available
  - Re: Security Checklist Sebastien MAHIEUX (May 05)
- Re: Security Checklist aditya mukadam (May 05)
- Re: Security Checklist exzactly (May 05)
- Re: Security Checklist Venkatesh Selvaraju (May 05)
  - RE: Security Checklist Dave Kleiman (May 06)
- <Possible follow-ups>
- Security Checklist James Attard (May 05)
  - Re: Security Checklist Ricardo Carrillo (May 05)
  - Re: Security Checklist Richard Thomas (May 05)