A client I work for has requested that I perform a security review of a cluster that I am helping them on. I have experience in hardening systems, but I do NOT have experience in performing a formal top-down review. I scanned the pen-test archives, including the recent "Security Audit" thread, but didn't find anything that had a subject line that caught my eye. Also, I tried using the security-focus.com search tool, but it reports it is not available "at this time." Oh well on that front. Can anyone provide links to sites or books or just be helpful by providing information on how a security review is approached? I am not really looking for information on analyzing a particular system or trying to exploit a given service--that information is more than readily available on the net and at the bookstore. Rather, I would like an overview of how a security audit is performed. Something on the lines of: o Create Security Audit Outline 1. List items to be evaluated o web service o smtp ... ... o Review AU, InfoSec, and XYZ Policies o Perform System Analysis 1. Determine running services o http o smtp o Attempt Exploits ... Also, how should results be organized? How are reports organized? And what about checklists? Etc, etc. Any help would be appreciated! Regards, Dustin -- Dustin Puryear <dpuryearat_private> http://members.telocity.com/~dpuryear In the beginning the Universe was created. This has been widely regarded as a bad move. - Douglas Adams ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Fri Sep 07 2001 - 16:08:16 PDT