We’ve been uncovering quite the mother lode of excellent docs lately. This one is from FIRST (Forum of Incident Response and Security Teams).
Highlights include:
- Acceptable Use Policy Template
- CERT-in-a-box
- CSIRT Case Classification (Example for enterprise CSIRT)
- CSIRT Setting up Guide
- CVSS based patch policy for enterprise (example)
- Checking Microsoft Windows Systems for Signs of Compromise
- Checking UNIX/LINUX Systems for Signs of Compromise
- Cloud Computing
- Guide to Tunneling Windows NT VNC traffic with SSH2
- IIS and NTS 4.0 Hardening Guide
- Online Forensics of Win32 System Guide
- SSH Public Key Configuration Windows NT/2000/XP Guide
- Secure BGP Template
- Secure BIND Template
- Secure IOS Configuration Template
- Windows 2000 / IIS 5.0 DMZ Hardening Guide
- Windows 2003 / IIS 6.0 DMZ Hardening Guidelines
Enjoy!
