Harro - A couple books that I have in my library...
The Design of the Unix Operating System, by Maurice J. Bach. I believe by running through a book of this detail, one can "piece together" how a UNIX box is secured, by understanding how it is constructed. I know that helped me a lot. Incident Response, Investigating Computer Crime, by Kevin Mandia and Chris Prosise. This book primarily focuses on intrusion detection, but does help you create the checklists you were asking about. Some of the stuff it covers would be handling of events, building audit lists, etc etc. It is more focused around Linux, but the info is helpful, none the less. Lastly, but definitely not least, Essential System Administration, by AEleen Frisch. This book covers many common UNIX practices, including what's "right" and what's "wrong" - however, it is truly up to the Administrator to decide that. This book just gives insight. It also defines many UNIX standards and explains how they work. That's my $0.02, if there's anything else I can help with, let me know. I'd be glad to. -dt -----Original Message----- From: Ziggy [mailto:[EMAIL PROTECTED]] Sent: Saturday, December 01, 2001 7:13 AM To: tony toni; [EMAIL PROTECTED] Subject: RE: Unix Security Standards, books, tools... you might want to get Unix in a Nutshell the ORA book !! if you want it i could send you a zipped up version of it :) , and you can get most of the info you need about Unix Ziggy -----Original Message----- From: tony toni [mailto:[EMAIL PROTECTED]] Sent: Thursday, November 29, 2001 5:09 AM To: [EMAIL PROTECTED] Subject: Unix Security Standards, books, tools... Folks, I recently was assigned the project of developing security standards for our Unix environment. We have about 400 unix box's (HP-UX, Sun Solaris, AIX, etc)and the admins do their *own thing* with these boxes. This is not a project I exactly like...I am buried with 20 other projects...and I am not Unix guru. For each Unix *flavor*, I need to develop Unix security standards that will cover areas like configuration settings, defaults, permissions, admin. account, password file, shells, trusts, root, patch's, logging, etc. These are my questions: (1) Does anyone know where I can quickly get my hands on some high quality, concise security standards/templates/checklists? for each Unix *flavor*? (2) What about good books/sites on Unix Security? (3) What about user friendly software tool(s) that I can periodically use to audit the Unix boxes for compliance to the new security standards I developed? Thanks Tony IT Security Manager Major Telecommunications Company _________________________________________________________________ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp