Re: Audit Tools

From: Michael J. Cannon (mcannon@ubiquicomm.com)
Date: 08/29/01 

Message-ID: <02ac01c130b9$0869d0c0$7a009418@scooby>
From: "Michael J. Cannon" <mcannon@ubiquicomm.com>
To: "Serge Wroclawski" <serge@tux.org>, <milt@necam.com>
Subject: Re: Audit Tools
Date: Wed, 29 Aug 2001 13:32:55 -0500

Novell's ZenWorks...I belive Symantec has a similar tool, as does CA.

Michael J. Cannon
Ubiquicomm
"Si vis pacem, para bellum."
----- Original Message -----
From: "Serge Wroclawski" <serge@tux.org>
To: <milt@necam.com>
Cc: <focus-ms@securityfocus.com>
Sent: Wednesday, August 29, 2001 11:16 AM
Subject: Re: Audit Tools

> On Wed, 29 Aug 2001 milt@necam.com wrote:
>
> > Lets assume our company takes over another ... actually taking place ...
our
> > company wants to audit the other company's network ... at this point we
are
> > told it is NT ... not told too much else like what version, service
packs,
> > controllers, backups, etc. Is there an audit tool that will tell us such
things
> > as security holes, number of users, groups, rights, etc.? I need a
'all-in-one'
> > 'sweeper package'... is there such a thing? ... what would you
recommend?
>
> For Windows I have no clue. I'm not a Windows person (I'm on this list
> just to keep my ear to the ground).
>
> As a Unix admin, for a real complete audit, I recommend you go to
> Usenix/SAGE and pick up a book called "A System Administrator's Guide to
> Auditing" by Geoff Halprin.
>
> Info on all the books here:
> http://www.usenix.org/sage/publications/short_topics.html
>
> It's not tools, but a book giving you a conceptual framework on system
> audits. It's written for a Unix sys admin, but the concepts should be
> easily applied to any environment.
>
> So while I don't have the tool you're asking about, I think you may
> benefit from a good (short) book on conceptual frameworks on system audits
> in general. I know I have.
>
> - Serge Wroclawski
>