[Dshield] New Security Function Tools

Mark Rowlands mark.rowlands at minmail.net
Fri May 10 15:49:38 GMT 2002


On Friday 10 May 2002 3:49 pm, Olsen, Richard wrote:
> We are beginning to really emphasize (my new assignment) security functions
> for our Internet and application servers which have grown from 3 to 50
> servers in the last year and a half or so. At this point we have almost no
> tools. My manager has some year-end money that needs to be committed this
> month and offered it for security tools. Can anyone recommend a basic set
> of tools or point me to a place to seek this? Basically, we're the
> technology behind state.va.us including applications and databases. So
> we're looking at URLScan for starters, but all advise is appreciated. 
> Thanks kindly. Richard


Generically I would spend the money on education and use the free tools 
available but ......

1) Brain....preferably engaged.....
2) Written, up to date and maintained documentation of all systems
3) Written, up to date and maintained policies for data use and access.
4) tested, written, up to date and maintained back up and restore procedures

tools

nessus, tripwire, snort, mrtg,  most of the webtrends stuff if you must spend 
some money on things

anything that can gather your logs into a central location (eventreporter, 
winlogcheck type things) and then mail someone the exceptions
   

any of your stuff accessible from the outside world....get a remote scan done




More information about the list mailing list