RE: General Security audit question

From: Clement Dupuis (
Date: 01/09/03

  • Next message: James-lists: "Re: Making a W2K with Internet Connection Sharing secure"
    From: "Clement Dupuis" <>
    To: "'Rapaille Max'" <>, "'Dallas Hindle'" <>, <>, <>
    Date: Thu, 9 Jan 2003 16:06:54 -0600

    Lately the OSSTMM methodology has been converted into a very good course
    called OPST (OSSTMM Professionnal Security Tester). The course is
    delivered in the states by and other providers



    > -----Original Message-----
    > From: Rapaille Max []
    > Sent: Wednesday, January 08, 2003 1:06 AM
    > To: Dallas Hindle;;
    > Subject: RE: General Security audit question
    > HI.
    > You could have a look at the osstmm : Open Source Security
    > Testing Methodology Manual. A very good doc for Sec audit.
    > Available for free at, or perhaps I think they changed the name not so long ago,
    but you should be able to find the link easely to the new address.

    A very nice and recommended reading. They give a good description and
    follow some international standards.. Should you not find it, send me a
    mail off-list, I will send you a copy.



    -----Original Message-----
    From: Dallas Hindle []
    Sent: 07 January 2003 06:11
    Subject: General Security audit question

    I've been asked to perform a security audit on a site (Stock Broker) and
    to report on all Site, network, server and software issues that I
    I have a pretty decent idea of what I'm looking for, but if anyone has
    any links to, or templates of what you would find in a security audit
    could you please let me know or send me a copy?