Personal tools

AusCERT Conference

The annual AusCERT conference is Australia's best cyber security event for anyone with an interest in cyber and information security.

AusCERT PKI certificate service

The AusCERT Certificate Service offers PKI certificates for people, servers and software for Australian and New Zealand education and research organisations.

AusCERT Vision & Mission Statement

AusCERT is the trusted cyber emergency response team for the Australian information economy, providing valued incident prevention and detection.

Useful Security Resources

At AusCERT, we're often asked for information about security guides and
checklists. Here's what I hope will be a handy roundup and our intention
is to add to this document as useful resources come to hand.

Operating System / Application / Hardware

This is a guide to securing a RedHat Linux system:

This is a guide to using SELinux on a RedHat Linux system:

This is a set of recommendations used by the
Linux Foundation for their systems administrators.

NIST DOD Windows 7 security recommendations:

Mac OS X Security Configuration Guides:

Oracle database security guides:

Cisco Firewall Best Practices Guide

Cisco Guide to Harden Cisco IOS Devices

IPtables DDoS Protection: The Best Rules to Mitigate DDoS Attacks

The US-CERT guide to Securing Your Home Network

This is the AusCERT Unix Security Checklist:

General Cyber Security

This is the Australian Signals Directorate (ASD) Australian
Government Information Security Manual (ISM). The manual is the
standard which governs the security of government ICT systems:

ASD Strategies to Mitigate Targeted Cyber Intrusions

ASD Publications

This is the Australian Government Protective Security Policy Framework
site. The PSPF defines security measures for government agencies:

The OWASP top ten most critical web application security flaws:

The SANS Critical Security Controls for Effective Cyber Defense:

The Center for Internet Security, Inc. publishes a
set of Critical Security Controls for cyber defense:

SANS SCORE - Security Consensus Operational Readiness Evaluation. A
repository of security checklists:

National Security Agency security configuration guides - includes
network, operating systems and industrial control systems:

Cyber security guides from the Multi-State Information Sharing & Analysis Center (MS-ISAC)

The NIST Guide to Malware Incident Prevention and Handling:

The NIST Guidelines for Securing Wireless Local Area Networks (WLANs):

The US-CERT guide to Understanding Denial-of-Service Attacks: 

The NCSC Factsheet - Technical measures for the continuity of online services - This factsheet provides advice regarding multiple technical measures to protect your infrastructure against the various forms of DDoS attack: 

Cloud Security

Security resources for Amazon Web Services, including an audit checklist,
are found at:

Cloud computing security resources from enisa, the European Union Agency for Network
and Information Security:

Cloud Controls Matrix v3.0.1