HI. You could have a look at the osstmm : Open Source Security Testing Methodology Manual. A very good doc for Sec audit. Available for free at www.osstmm.org, or perhaps www.ideahamster.org... I think they changed the name not so long ago, but you should be able to find the link easely to the new address.
A very nice and recommended reading. They give a good description and follow some international standards.. Should you not find it, send me a mail off-list, I will send you a copy. Regards, MAx -----Original Message----- From: Dallas Hindle [mailto:[EMAIL PROTECTED]] Sent: 07 January 2003 06:11 To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: General Security audit question Hi I've been asked to perform a security audit on a site (Stock Broker) and to report on all Site, network, server and software issues that I encounter I have a pretty decent idea of what I'm looking for, but if anyone has any links to, or templates of what you would find in a security audit could you please let me know or send me a copy? Thanks Dallas
