Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: Websphere Configuration File Guides
From: brennan stewart <brennan () ideahamster org>
Date: Sat, 11 Sep 2004 13:50:31 -0400

Since Websphere is rolled out as a system, here are the   resources I
used from a recent VA (probably overkill) 

Websphere App server = IBM redbook, IBM articles on configuration,
guides on web application server configs (turned into checklists)
UNIX/Linux system = Guides/Checklist(s) from standard sources/CO SOP
for each host/scripts
DB = Checklist(s) from standard sources/CO SOP
for each DB/custom SQL scripts
Apache = Checklist(s)/Guide
Actual web app = OWASP guide
Overall process = OSSTMM

With the exception of the vuln scanner, everything used was open
source/public domain  (and if I had it my way, that would be too)

-b



On Thu, 2004-09-02 at 00:19, Robert.L.Grill () wellsfargo com wrote:
Does anyone have any good guides to Websphere security configuration
files ?

Thanks


Attachment: signature.asc
Description: This is a digitally signed message part


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault