Audit and security resources

Last week, I helped present an overview course for a bunch of IS Auditors of various backgrounds and experience; as part of my research for it, I built up a little collection of links, which I list below. There is a lot out there!

General internet knowledge

This tool shows what can be done by mashing activity logs with knowledge of who owns what IP address. See who has been editing your truth, at least until they start using IP anonymisers…:

…conversely, you could use it to see who from your organisation has been messing with Wikipedia when they should be doing real work.

Security hacking tricks

Network analysis

Dedicated Linux distributions

A few people are working on putting together bootable Live CDs with a collection of handy audit and security tools pre-loaded. Unfortunately none of them met my need for a simple to use basic package, but I guess someone will get there one day, so I will be watching developments.

  • This site is dedicated to the topic. The their FAQ claims to give all the information you need about the latest live security distributions, with links, articles, downloads and more. They encourage you to comment on articles or send in your own for posting.

    (tags: linux security tool networking)

I started down this route after coming across this:

One of the reviewed Live CDs was DEFT, which seems closest to what I was looking for. With desktop access for Nessus and Airsnort it could cover about 80% of routine security audit work. So far though I’ve not been able to get the Nessus server to run on DEFT (crucial if you want to have a self-contained audit-system-on-a-CD) – I’ll post updates if I’m able to make any progress. Only then will I tackle Airsnort!

The other distrubutions are more hardcore, often consisting of shortcuts to the relevant console commands. Much more powerful and flexible, but dangerous and difficult to learn too! Other than the three above, I have also looked at:

Audit programmes

Finally, some general resources for auditors:

All these links and more are in my del.icio.us collection here.

Advertisements

About Peter Cruickshank

Lecturer in the School of Computing and a member of the Centre for Social Informatics at Edinburgh Napier University, Scotland. Interested in information systems, learning, politics, society, security and where they intersect. My attempts at rounding out my character include food, cinema, running, history and, together with my lovely wife, bringing up a cat and a couple of kids.
This entry was posted in Audit, Daily Links, open-source, opensource, Security, Techie. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s