Lately the OSSTMM methodology has been converted into a very good course called OPST (OSSTMM Professionnal Security Tester). The course is delivered in the states by www.intenseschool.com and other providers worldwide.
Enjoy Clement > -----Original Message----- > From: Rapaille Max [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, January 08, 2003 1:06 AM > To: Dallas Hindle; [EMAIL PROTECTED]; > [EMAIL PROTECTED] > Subject: RE: General Security audit question > > > HI. > > You could have a look at the osstmm : Open Source Security > Testing Methodology Manual. A very good doc for Sec audit. > Available for free at www.osstmm.org, or perhaps www.ideahamster.org... I think they changed the name not so long ago, but you should be able to find the link easely to the new address. A very nice and recommended reading. They give a good description and follow some international standards.. Should you not find it, send me a mail off-list, I will send you a copy. Regards, MAx -----Original Message----- From: Dallas Hindle [mailto:[EMAIL PROTECTED]] Sent: 07 January 2003 06:11 To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: General Security audit question Hi I've been asked to perform a security audit on a site (Stock Broker) and to report on all Site, network, server and software issues that I encounter I have a pretty decent idea of what I'm looking for, but if anyone has any links to, or templates of what you would find in a security audit could you please let me know or send me a copy? Thanks Dallas
