[Dshield] New Security Function Tools
mark.rowlands at minmail.net
Fri May 10 15:49:38 GMT 2002
On Friday 10 May 2002 3:49 pm, Olsen, Richard wrote:
> We are beginning to really emphasize (my new assignment) security functions
> for our Internet and application servers which have grown from 3 to 50
> servers in the last year and a half or so. At this point we have almost no
> tools. My manager has some year-end money that needs to be committed this
> month and offered it for security tools. Can anyone recommend a basic set
> of tools or point me to a place to seek this? Basically, we're the
> technology behind state.va.us including applications and databases. So
> we're looking at URLScan for starters, but all advise is appreciated.
> Thanks kindly. Richard
Generically I would spend the money on education and use the free tools
available but ......
1) Brain....preferably engaged.....
2) Written, up to date and maintained documentation of all systems
3) Written, up to date and maintained policies for data use and access.
4) tested, written, up to date and maintained back up and restore procedures
nessus, tripwire, snort, mrtg, most of the webtrends stuff if you must spend
some money on things
anything that can gather your logs into a central location (eventreporter,
winlogcheck type things) and then mail someone the exceptions
any of your stuff accessible from the outside world....get a remote scan done
More information about the list