[osiris] Files to monitor Best Practices
Gary Doran
GDoran at IntegrityPaymentSystems.com
Tue Feb 19 18:32:04 EST 2008
You want to monitor the OS and program files on windows so you can account
for any change there, via update, or via hacker. You also want to monitor
your source code for any changes there.
_____
From: osiris-bounces at lists.shmoo.com [mailto:osiris-bounces at lists.shmoo.com]
On Behalf Of Tod
Sent: Tuesday, February 19, 2008 4:33 PM
To: osiris at lists.shmoo.com
Subject: [osiris] Files to monitor Best Practices
We are currently using Osiris to monitor Linux and Windows servers. We have
an auditor that is stating that our 'File integrity monitoring is not
appropriately configured'. However, we believe that we are 'appropriately'
monitoring the correct files. He means that he doesn't believe that we are
monitoring all of the proper files on our servers, that we are leaving
important files unmonitored
Question: Is there a Best Practices that anybody is aware of that details
what files should be monitored on Linux and Windows systems?
I don't mind being wrong, and will change the configuration appropriately,
however, I have to find some documentation stating a Best Practice or
something to use as a guide for what files should be monitored.
Thx!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.shmoo.com/pipermail/osiris/attachments/20080219/d28882cb/attachment.htm
More information about the osiris
mailing list