Security Basics mailing list archives

RE: General Security audit question

From: "Rapaille Max" <Max.Rapaille () nbb be>
Date: Wed, 8 Jan 2003 08:06:19 +0100

HI.

You could have a look at the osstmm : Open Source Security Testing Methodology Manual.  A very good doc for Sec audit.
Available for free at www.osstmm.org, or perhaps www.ideahamster.org...  I think they changed the name not so long ago, 
but you should be able to find the link easely to the new address.

A very nice and recommended reading.  They give a good description and follow some international standards..
Should you not find it, send me a mail off-list, I will send you a copy.

Regards,

MAx



-----Original Message-----
From: Dallas Hindle [mailto:dallash () optushome com au] 
Sent: 07 January 2003 06:11
To: security-basics () securityfocus com; focus-ids () securityfocus com
Subject: General Security audit question


Hi
 
I've been asked to perform a security audit on a site (Stock Broker) and to report on all Site, network, server and 
software issues that I encounter
 
I have a pretty decent idea of what I'm looking for, but if anyone has any links to, or templates of what you would 
find in a security audit could you please let me know or send me a copy?
 
 
 
Thanks
 
Dallas

Current thread:

General Security audit question Dallas Hindle (Jan 07)
- Re: General Security audit question Alexandros Papadopoulos (Jan 08)
- <Possible follow-ups>
- RE: General Security audit question Rapaille Max (Jan 09)
  - RE: General Security audit question Clement Dupuis (Jan 10)
- re: General Security audit question H C (Jan 09)
- Re: General Security audit question David Verty (Jan 13)