Re: Websphere Configuration File Guides

[brennan stewart <brennan () ideahamster org>]

Since Websphere is rolled out as a system, here are the   resources I
used from a recent VA (probably overkill) 

Websphere App server = IBM redbook, IBM articles on configuration,
guides on web application server configs (turned into checklists)
UNIX/Linux system = Guides/Checklist(s) from standard sources/CO SOP
for each host/scripts
DB = Checklist(s) from standard sources/CO SOP
for each DB/custom SQL scripts
Apache = Checklist(s)/Guide
Actual web app = OWASP guide
Overall process = OSSTMM

With the exception of the vuln scanner, everything used was open
source/public domain  (and if I had it my way, that would be too)

-b



On Thu, 2004-09-02 at 00:19, Robert.L.Grill () wellsfargo com wrote:
> Does anyone have any good guides to Websphere security configuration
> files ?
>
> Thanks

Attachment: signature.asc
Description: This is a digitally signed message part