Audit (0)

GAISP is based on a solid consensus-building process that is central to the success of this approach. Principles at all levels are developed by information security practitioners who fully understand the underlying issues of the
documented practices and their application in the real world. Then, these principles will be reviewed and vetted by
skilled information security experts and authorities who will ensure that each principle is:

• Accurate, complete, and consistent
• Compliant with its stated objective
• Technically reasonable
• Well-presented, grammatically and editorially correct
• Conforms to applicable standards and guideline

FreeBSD Portaudit is a software vulnerability auditing software for Free BSD. The ports-mgmt/portaudit port polls a database, updated and maintained by the FreeBSD Security Team and ports developers, for known security issues.

How to use Portaudit
To begin using Portaudit, one must install it from the Ports Collection:

# cd /usr/ports/ports-mgmt/portaudit && make install clean

During the install process, the configuration files for periodic(8) will be updated, permitting Portaudit output in the daily security runs. Ensure the daily security run emails, which are sent to root's email account, are being read. No more configuration will be required here.

The web-based Policy & Procedure Manager provides your staff with instant access to your organization's policies and procedures. It notifies those who are required to read specific documents and tracks who has read them. You can use the software to create, review, approve, and archive all of your documents, not just policies and procedures. Email reminders and reports ensure that everything stays up to date. You can also organize documents according to any regulatory compliance standards - such as Sarbanes Oxley, ISO 9000, JCAHO, HIPAA, state guidelines.

Size: 29.57MB
License: Free to try
Requirements: Windows 95/98/Me/NT/2000/XP
Limitations: 30-day trial
Date Added: February 19, 2008

Download Page

The top five internal security threats from ITsecurity.com

1. Your Employees Are Selling You Out, Part 1
Spear phishing is an e-mail spoofing fraud attempt that targets a specific organization in an effort to gain unauthorized access to confidential data. While not exactly a new phenomenon, attacks are becoming increasingly sophisticated, according to Paul Stamp, a Forrester Research senior analyst.

“A phishing attack used to be a request from the deposed governor of Nigeria,” says Stamp. “These days, a phishing attack is almost indistinguishable from the real thing.”

The result: unwitting employees disclosing confidential information, from passwords to financial data, to ill-intentioned intruders. Unable to identify fraudulent websites and counterfeit email messages, these internal workers are essentially opening a company’s closed doors to criminals.

2. Laptops on the Loose
Accidentally bequeathing your forgotten laptop to a hotel’s cleaning staff is more than an inconvenience. According to software security firm Symantec, the theft or loss of a computer or other data-storage medium made up 54 percent of all identity theft-related data breaches in the second half of 2006.

But that’s not all. The theft or loss of a laptop can cost a company big bucks. The 2006 CSI/FBI Computer Crime and Security survey reveals that laptops and the theft of proprietary information are the third and fourth-greatest sources of respondents’ financial losses. Nevertheless, a startling 47 percent of respondents detected laptop/mobile theft last year.

3. Unintentional Access and Disgruntled Ex-Employees
One of the many perks of working for a company is the access one gains to multiple computer systems, from e-mail messaging to

Certain prerequisites are necessary to make an intrusion detection system worthwhile, including the following:
• Network administrators with intrusion detection experience.
• Network administrators with the spare time to monitor a network.
• A security philosophy that includes the willingness to integrate business processes with logging technologies.
• A network infrastructure that has been well designed and hardened.

Without these elements, the intrusion detection system will be an expensive system that won’t produce results. IDSs are powerful, but complicated. They can be used to catch hackers, but they need to be wielded by an experienced network administrator. However, when they are purchased by an organization that mistakenly thinks the system will create results automatically, they fail miserably.

TrueCrypt is a software application used for on-the-fly encryption. It can create a virtual encrypted disk in a file (container), which can be mounted as if it were a real disk. TrueCrypt also supports device-hosted volumes, which can be created on either an individual partition or an entire disk. As of version 5.0, it can encrypt the Windows boot partition or entire boot drive. It is distributed under the TrueCrypt Collective License. TrueCrypt is available for Microsoft Windows, Mac OS X, and Linux.

Download Page:
Size: 3062 KB
License Type: Free

An auditing system consists of three components: the logger, the analyzer, and the notifier. These components collect data, analyze it, and report the results.

1. Logger
Logging mechanisms record information. The type and quantity of information are dictated by system or program configuration parameters. The mechanisms may record information in binary or human-readable form or transmit it directly to an analysis mechanism (see Section 21.2.2). A log-viewing tool is usually provided if the logs are recorded in binary form, so a user can examine the raw data or manipulate it using text-processing tools.

EXAMPLE: Microsoft's Windows NT has three different sets of logs. The system event log contains records of events that Microsoft has determined warrant recording, such as system crashes, component failures, and other events. The application event log contains records that applications have added. These records are under the control of the applications. The security event log contains records corresponding to security-critical events such as logging in and out, system resource overuses, and accesses to system files. Only administrators can access the security event log.