Security Basics mailing list archives
Re: Need Basic
From: Vic Vandal <vvandal () well com>
Date: Tue, 22 Nov 2011 12:06:26 -0800 (PST)
Since you said "Free Tool to check Security for Windows" before mentioning logs and whatnot, try MBSA to do some compliance/attestation checking for small environments. You can run it against different hosts across the network, or locally. If it's a larger environment you should use an enterprise solution, which usually are not free. In a heterogeneous environment you can buy and use tools like Lumension STAT scanner, Rapid-7, GFI LanGuard, etc. If it's a Windows-centric environment then Microsoft's SCCM (System Center Configuration Manager) provides some useful features. Don't get me wrong...monitoring logs is fine and has value. But what you probably want to focus on first is risk prevention, not incident detection. Keeping systems patched and hardened has much value. "An ounce of prevention is worth a pound of cure" and whatnot. And of course you'll need good malware prevention and detection (network and host-based), as well as good user awareness to take another large swipe at risk. By the way I'm not endorsing any of those named products because I don't know what your specific environment needs are. But none of them are junk for what it's worth. There are many junk products out there though, so my advice is to try before you buy. Happy learning, ya n00b (heh, no offense intended). -Vic ----- Original Message ----- From: "Ukpong" <ukpong.ukpong () gmail com> To: shivaone () gmail com Cc: security-basics () securityfocus com Sent: Tuesday, November 22, 2011 12:14:51 PM Subject: Re: Need Basic Hi, The more infomation your provide, the easier it is for us to help you: 1. How to implement ISO27001 - Try this http://www.iso27001security.com/html/27001.html for info on implementing. There have a news group that is very good. For something authorithative, then get a book...amazon is again good. You need to purhased or gain access to the Standard some how... 2. Free Tool to check Security for Windows and Network point like log monitoring,event monitoring tools. I assume you are looking for a SIEM solution. Splunk is a good log monitoring tools that accepts Syslog and other logs formats , but you may need to do event correlations your self, not sure if it has any stools 3. Related information on Security aspects. What do you need ? Google is your best friend unless you are more specific ? The CISSP CBK by Shon Harris will give you a good over view of various aspects of security.
On 22 November 2011 11:22, <shivaone () gmail com> wrote:Hi Team, I am learner in Security, and started working in Security domain in one of the company, I need some information for the below mentioned points. 1. How to implement ISO27001 2. Free Tool to check Security for Windows and Network point like log monitoring,event monitoring tools. 3. Related information on Security aspects. ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------ ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Need Basic shivaone (Nov 22)
- Message not available
- Re: Need Basic Ukpong (Nov 22)
- Re: Need Basic Vic Vandal (Nov 22)
- Re: Need Basic Ukpong (Nov 22)
- Message not available
- Re: Need Basic gold flake (Nov 23)
- <Possible follow-ups>
- Re: Need Basic shivaone (Nov 25)
- Re: Need Basic Jennifer Wachter (Nov 25)
- Re: Need Basic Jennifer Wachter (Nov 25)
- RE: Need Basic Unmesh (Nov 28)
- Re: Need Basic gold flake (Nov 30)