==============================================
"The Unix Auditor's Practical Handbook"
http://www.nii.co.in/tuaph.html
by
K. K. Mookhey
Network Intelligence India Pvt. Ltd.
http://www.nii.co.in
==============================================
We at Network Intelligence India Pvt. Ltd. have written a document on unix
auditing called "The Unix Auditor's Practical Handbook", which is available
for download from our website http://www.nii.co.in/tuaph.html
The idea behind this is to present a step-by-step practical guide to
auditors when carrying out a Unix Audit. It mostly covers Sun Solaris
systems, but it has cross-references for AIX and Linux.
It details the auditing procedure right from the moment you enter the
client's server room, to running the automated auditing tools.
It covers the following areas of an Audit:
1. Preliminary Steps
2. Documentation
3. Physical Security
4. Operating System Security
5. Network Security
6. Filesystem Security
7. User and Group Security
8. Sun Built-in Auditing
9. Backup and Emergency Response
10. Automated Auditing Tools
11. References
We have kept the focus on the practicality of conducting an audit, providing
the reader with the commands, filenames, tools, and techniques for carrying
out the
audit.
It is also useful for security administrators, who might be looking to
implement security on their Unix Servers.
Please send all feedback to unixat_private
Sincerely,
K. K. Mookhey
CTO
Network Intelligence India Pvt. Ltd.
Tel: 91-22-22001530, 22006019
Email: ctoat_private
Web: www.nii.co.in
============================================================
The steps carried out as part of this document are already present in our
automated Unix auditing tool:
AuditPro for Unix:
http://www.nii.co.in/software/apunix.html
============================================================
This archive was generated by hypermail 2b30 : Thu Nov 14 2002 - 06:35:03 PST