From mark at curphey.com Thu Jan 1 17:20:49 2004 From: mark at curphey.com (Mark Curphey) Date: Thu, 01 Jan 2004 17:20:49 -0500 (EST) Subject: [Owasp-iso17799] Re: ISO17799 In-Reply-To: <200401012137.i01LbNkV054161@mailserver2.hushmail.com> from scott.ammon@hushmail.com on Thu, 1 Jan 2004 13:37:22 -0800 Message-ID: <200401012220.RAA12878@swiftsure.cnchost.com> An embedded and charset-unspecified text was scrubbed... Name: not available Url: http://lists.owasp.org/pipermail/owasp-iso17799/attachments/20040101/287add39/attachment.pl From SGuzik at ImmediaTech.com Fri Jan 2 09:01:28 2004 From: SGuzik at ImmediaTech.com (Stan Guzik) Date: Fri, 2 Jan 2004 09:01:28 -0500 Subject: [Owasp-iso17799] Re: ISO17799 Message-ID: <5A3B9A45CA8C724AB0BEC2E147DBA4B7021A3287@bears.immediatech.com> Hello All, I have been away on vacation for the past week so I haven't been monitoring my emails. I'm back now and I attached an updated project plan. The sections in the project plan that do not have a resource assigned are still open for someone to grab. Scott, feel free to take one :-) Scott, I'll send you an email that will give you an overview of the project. Thanks, Stan -----Original Message----- From: Mark Curphey [mailto:mark at curphey.com] Sent: Thursday, January 01, 2004 5:21 PM To: scott.ammon at hushmail.com; owasp-iso17799 at lists.sourceforge.net Subject: [Owasp-iso17799] Re: ISO17799 Hi, I have cc'd the projects working mailing list to introduce you. Cheers Mark ---- scott.ammon at hushmail.com wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > I might be interested in contributing to your ISO17799 efforts. If you > could let me know more about what your needs are please do so. > > regards, > > scott ammon > -----BEGIN PGP SIGNATURE----- > Note: This signature can be verified at https://www.hushtools.com/verify > Version: Hush 2.3 > > wkYEARECAAYFAj/15XkACgkQzhSc4ju+ZEKSogCgrWN/eyFJHgB+TckfPMg8eTaYYf4A > n3nU19KWxp2Q60pULgAA+5VXrSsm > =YDBX > -----END PGP SIGNATURE----- > > > ------------------------------------------------------- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click _______________________________________________ Owasp-iso17799 mailing list Owasp-iso17799 at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/owasp-iso17799 From SGuzik at ImmediaTech.com Fri Jan 2 09:02:34 2004 From: SGuzik at ImmediaTech.com (Stan Guzik) Date: Fri, 2 Jan 2004 09:02:34 -0500 Subject: [Owasp-iso17799] Re: ISO17799 Message-ID: <5A3B9A45CA8C724AB0BEC2E147DBA4B702431208@bears.immediatech.com> The PP is attached. -----Original Message----- From: Stan Guzik Sent: Friday, January 02, 2004 9:01 AM To: 'mark at curphey.com'; scott.ammon at hushmail.com; owasp-iso17799 at lists.sourceforge.net Subject: RE: [Owasp-iso17799] Re: ISO17799 Hello All, I have been away on vacation for the past week so I haven't been monitoring my emails. I'm back now and I attached an updated project plan. The sections in the project plan that do not have a resource assigned are still open for someone to grab. Scott, feel free to take one :-) Scott, I'll send you an email that will give you an overview of the project. Thanks, Stan -----Original Message----- From: Mark Curphey [mailto:mark at curphey.com] Sent: Thursday, January 01, 2004 5:21 PM To: scott.ammon at hushmail.com; owasp-iso17799 at lists.sourceforge.net Subject: [Owasp-iso17799] Re: ISO17799 Hi, I have cc'd the projects working mailing list to introduce you. Cheers Mark ---- scott.ammon at hushmail.com wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > I might be interested in contributing to your ISO17799 efforts. If you > could let me know more about what your needs are please do so. > > regards, > > scott ammon > -----BEGIN PGP SIGNATURE----- > Note: This signature can be verified at https://www.hushtools.com/verify > Version: Hush 2.3 > > wkYEARECAAYFAj/15XkACgkQzhSc4ju+ZEKSogCgrWN/eyFJHgB+TckfPMg8eTaYYf4A > n3nU19KWxp2Q60pULgAA+5VXrSsm > =YDBX > -----END PGP SIGNATURE----- > > > ------------------------------------------------------- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click _______________________________________________ Owasp-iso17799 mailing list Owasp-iso17799 at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/owasp-iso17799 -------------- next part -------------- A non-text attachment was scrubbed... Name: ProjectPlan.xls Type: application/vnd.ms-excel Size: 17408 bytes Desc: ProjectPlan.xls Url : http://lists.owasp.org/pipermail/owasp-iso17799/attachments/20040102/81ae688a/attachment.xls From SGuzik at ImmediaTech.com Sun Jan 4 09:22:36 2004 From: SGuzik at ImmediaTech.com (Stan Guzik) Date: Sun, 4 Jan 2004 09:22:36 -0500 Subject: [Owasp-iso17799] Foreword - 1st Draft Message-ID: <5A3B9A45CA8C724AB0BEC2E147DBA4B7021A3294@bears.immediatech.com> Hello Everyone, Attached is the 1st draft of the Foreward. I did not apply any formatting or any OWASP logos and etc... Once we have more content I'll apply the formatting. I?ll try to get the Introduction complete this week and have a few templates by next weekend. Please take another look at the project plan and try to give an estimate when you believe you will have your first draft complete. Thanks, Stan -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.owasp.org/pipermail/owasp-iso17799/attachments/20040104/0816fe4e/attachment.html -------------- next part -------------- A non-text attachment was scrubbed... Name: 17799Foreward.doc Type: application/msword Size: 22528 bytes Desc: 17799Foreward.doc Url : http://lists.owasp.org/pipermail/owasp-iso17799/attachments/20040104/0816fe4e/attachment.doc From mark at curphey.com Sun Jan 11 08:46:53 2004 From: mark at curphey.com (Mark Curphey) Date: Sun, 11 Jan 2004 08:46:53 -0500 (EST) Subject: [Owasp-iso17799] Re: ISO 17799 In-Reply-To: <1073798358.1299.29.camel@ethshar> from Kevin Johnson on Sun, 11 Jan 2004 00:19:18 -0500 Message-ID: <200401111346.IAA15203@alexander.cnchost.com> An embedded and charset-unspecified text was scrubbed... Name: not available Url: http://lists.owasp.org/pipermail/owasp-iso17799/attachments/20040111/bfcf4128/attachment.pl From SGuzik at ImmediaTech.com Sun Jan 11 11:06:48 2004 From: SGuzik at ImmediaTech.com (Stan Guzik) Date: Sun, 11 Jan 2004 11:06:48 -0500 Subject: [Owasp-iso17799] Re: ISO 17799 Message-ID: <5A3B9A45CA8C724AB0BEC2E147DBA4B7021A32B5@bears.immediatech.com> Hello Kevin, You are now on the email list. Please let me know if you received the "Work In Progress Document". Thanks, Stan -----Original Message----- From: Mark Curphey [mailto:mark at curphey.com] Sent: Sun 2004-01-11 14:46 To: Kevin Johnson; owasp-iso17799 at lists.sourceforge.net Cc: Subject: [Owasp-iso17799] Re: ISO 17799 Kevin You can sign up the mailing list. I have cc'd you for now. Stan is running things for that project. Thanks, look forward to working with you ! Mark ---- Kevin Johnson wrote: > Hi- > > I read on the site about the ISO 17799 project and would be interested > in assisting. I have been following OWASP for a bit and like what I > see. Please let me know what you need. > > Thanks > Kevin > > > > ------------------------------------------------------- This SF.net email is sponsored by: Perforce Software. Perforce is the Fast Software Configuration Management System offering advanced branching capabilities and atomic changes on 50+ platforms. Free Eval! http://www.perforce.com/perforce/loadprog.html _______________________________________________ Owasp-iso17799 mailing list Owasp-iso17799 at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/owasp-iso17799 -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.owasp.org/pipermail/owasp-iso17799/attachments/20040111/2ee11d6d/attachment.html From SGuzik at ImmediaTech.com Sun Jan 11 11:03:54 2004 From: SGuzik at ImmediaTech.com (Stan Guzik) Date: Sun, 11 Jan 2004 11:03:54 -0500 Subject: [Owasp-iso17799] ISO 17799 Work In Progress Document Message-ID: <5A3B9A45CA8C724AB0BEC2E147DBA4B7021A32B4@bears.immediatech.com> Hello Everyone, Attached is a work in progress of our document. Foreword, Introduction, Asset Classification and Control, and System Development and Management are included. We?ll move forward with the format as laid out in this document. We still have the following sections unassigned: 1) Personnel Security 2) Communications and Operations Management 3) Access Control 4) Compliance We have a couple of new people added to the project so feel free to take one. Any help is greatly appreciated. I?ll take Communications and Operations Management but if some else wants it I?ll take something different. Please let me know by Wednesday 1/14/2004. Anyone new to this project, please read the Introduction of the attached document to get a picture of what will be in this document. Thanks, Stan Guzik -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.owasp.org/pipermail/owasp-iso17799/attachments/20040111/491d9f05/attachment.html -------------- next part -------------- A non-text attachment was scrubbed... Name: ISO17799Outline.doc Type: application/msword Size: 196608 bytes Desc: ISO17799Outline.doc Url : http://lists.owasp.org/pipermail/owasp-iso17799/attachments/20040111/491d9f05/attachment.doc From avanderstock at b-sec.com Sun Jan 11 17:07:52 2004 From: avanderstock at b-sec.com (Andrew van der Stock) Date: Mon, 12 Jan 2004 09:07:52 +1100 Subject: [Owasp-iso17799] Project Plan In-Reply-To: <5A3B9A45CA8C724AB0BEC2E147DBA4B7021A326B@bears.immediatech.com> Message-ID: Stan, If no one has grabbed it yet, please assign me Personnel security. I'm back from leave today, and will grok all my messages by the end of the day. Andrew _____ From: owasp-iso17799-admin at lists.sourceforge.net [mailto:owasp-iso17799-admin at lists.sourceforge.net] On Behalf Of Stan Guzik Sent: Thursday, 25 December 2003 2:37 AM To: owasp-iso17799 at lists.sourceforge.net Subject: [Owasp-iso17799] Project Plan Hello Everyone, Attached you will find our project plan. Based on feedback from the email list I assigned people to some of the tasks. I did not assign dates to the tasks so please send me an email when you expect your task, first draft, to be completed. Terumi, you are assigned to Organizational Security, please let me know if this is OK. We have 4 sections unassigned, so we are still looking for volunteers. If you already have a task, feel free to volunteer for another section. Once I receive your dates I'll update the project plan and we'll have a clear road map on how to complete this project successfully. The objective of this documentation project will be to create a supplement to the ISO 17799 document. 17799 is basically a guideline which is used as a starting point for developing a "Code of practice for information security management." It states which areas of information security should be addressed but it does not give you the tools to develop the policies and procedures. Therefore, supplementing 17799 with form templates will help organizations jump start their policies and procedures development. Good templates are extremely valuable management tools :-) I will have limited access to may email until 12/26/03. If look forward to working with all of you on a successful documentation project! Happy Holidays, Stan Guzik -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.owasp.org/pipermail/owasp-iso17799/attachments/20040112/9b69460b/attachment.html From SGuzik at ImmediaTech.com Mon Jan 12 12:18:12 2004 From: SGuzik at ImmediaTech.com (Stan Guzik) Date: Mon, 12 Jan 2004 12:18:12 -0500 Subject: [Owasp-iso17799] Project Plan Message-ID: <5A3B9A45CA8C724AB0BEC2E147DBA4B70261CCE8@bears.immediatech.com> Great! You got it. I'll send out an updated Project Plan on Wednesday. Thanks for all your help, Stan -----Original Message----- From: Andrew van der Stock [mailto:avanderstock at b-sec.com] Sent: Sunday, January 11, 2004 5:08 PM To: Stan Guzik Cc: owasp-iso17799 at lists.sourceforge.net Subject: RE: [Owasp-iso17799] Project Plan Stan, If no one has grabbed it yet, please assign me Personnel security. I'm back from leave today, and will grok all my messages by the end of the day. Andrew _____ From: owasp-iso17799-admin at lists.sourceforge.net [mailto:owasp-iso17799-admin at lists.sourceforge.net] On Behalf Of Stan Guzik Sent: Thursday, 25 December 2003 2:37 AM To: owasp-iso17799 at lists.sourceforge.net Subject: [Owasp-iso17799] Project Plan Hello Everyone, Attached you will find our project plan. Based on feedback from the email list I assigned people to some of the tasks. I did not assign dates to the tasks so please send me an email when you expect your task, first draft, to be completed. Terumi, you are assigned to Organizational Security, please let me know if this is OK. We have 4 sections unassigned, so we are still looking for volunteers. If you already have a task, feel free to volunteer for another section. Once I receive your dates I'll update the project plan and we'll have a clear road map on how to complete this project successfully. The objective of this documentation project will be to create a supplement to the ISO 17799 document. 17799 is basically a guideline which is used as a starting point for developing a "Code of practice for information security management." It states which areas of information security should be addressed but it does not give you the tools to develop the policies and procedures. Therefore, supplementing 17799 with form templates will help organizations jump start their policies and procedures development. Good templates are extremely valuable management tools :-) I will have limited access to may email until 12/26/03. If look forward to working with all of you on a successful documentation project! Happy Holidays, Stan Guzik -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.owasp.org/pipermail/owasp-iso17799/attachments/20040112/85ccad66/attachment.html From mark at curphey.com Tue Jan 13 12:31:14 2004 From: mark at curphey.com (Mark Curphey) Date: Tue, 13 Jan 2004 12:31:14 -0500 Subject: [Owasp-iso17799] RE: ISO17799 1.0 -project In-Reply-To: <1074012842.1827.4.camel@linuxden> Message-ID: Thanks. I have CC'd the mailing list. You can go to www.owasp.org, navigate to our Sourceforge project and sign up to the list. The archives have a copy of the project plan and you can volunteer. Thanks -----Original Message----- From: Timo [mailto:Timo.Merilainen at iki.fi] Sent: Tuesday, January 13, 2004 11:54 AM To: owasp at owasp.org Subject: ISO17799 1.0 -project Hi, from your website: "If you are an IS017799 expert and understand web application security, have a few free hours a week and would like to contribute to this project please contact owasp at owasp.org" I do have some professional interest (IT auditor with software engineering back-ground) to this topic. So, if you need additional resource for reviewing / developing material I might be interested. BR, -Timo- Timo Meril?inen From scott.ammon at hushmail.com Tue Jan 13 18:33:32 2004 From: scott.ammon at hushmail.com (scott.ammon at hushmail.com) Date: Tue, 13 Jan 2004 15:33:32 -0800 Subject: [Owasp-iso17799] Project Plan Message-ID: <200401132333.i0DNXXCB070514@mailserver2.hushmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Stan, I'll take on the Compliance section. scott On Mon, 12 Jan 2004 09:18:12 -0800 Stan Guzik wrote: >Great! You got it. I'll send out an updated Project Plan on Wednesday. > > > > >Thanks for all your help, > >Stan > > > >-----Original Message----- >From: Andrew van der Stock [mailto:avanderstock at b-sec.com] >Sent: Sunday, January 11, 2004 5:08 PM >To: Stan Guzik >Cc: owasp-iso17799 at lists.sourceforge.net >Subject: RE: [Owasp-iso17799] Project Plan > > > >Stan, > > > >If no one has grabbed it yet, please assign me Personnel security. >I'm >back from leave today, and will grok all my messages by the end >of the >day. > > > >Andrew > > > > _____ > >From: owasp-iso17799-admin at lists.sourceforge.net >[mailto:owasp-iso17799-admin at lists.sourceforge.net] On Behalf Of >Stan >Guzik >Sent: Thursday, 25 December 2003 2:37 AM >To: owasp-iso17799 at lists.sourceforge.net >Subject: [Owasp-iso17799] Project Plan > > > >Hello Everyone, > >Attached you will find our project plan. Based on feedback from >the >email list I assigned people to some of the tasks. I did not assign >dates to the tasks so please send me an email when you expect your >task, >first draft, to be completed. Terumi, you are assigned to >Organizational Security, please let me know if this is OK. We have >4 >sections unassigned, so we are still looking for volunteers. If >you >already have a task, feel free to volunteer for another section. > Once I >receive your dates I'll update the project plan and we'll have a >clear >road map on how to complete this project successfully. > >The objective of this documentation project will be to create a >supplement to the ISO 17799 document. 17799 is basically a guideline >which is used as a starting point for developing a "Code of practice >for >information security management." It states which areas of information >security should be addressed but it does not give you the tools >to >develop the policies and procedures. Therefore, supplementing 17799 >with >form templates will help organizations jump start their policies >and >procedures development. Good templates are extremely valuable >management tools :-) > > > >I will have limited access to may email until 12/26/03. If look >forward >to working with all of you on a successful documentation project! > > > >Happy Holidays, > >Stan Guzik > > > > -----BEGIN PGP SIGNATURE----- Note: This signature can be verified at https://www.hushtools.com/verify Version: Hush 2.3 wkYEARECAAYFAkAEgGcACgkQzhSc4ju+ZEKj8gCffddowlC8JoSqq8udgdfdBI968TIA oKLUsOVsJ0IOz9uNhWfGm/RpTsyw =AlK7 -----END PGP SIGNATURE----- From SGuzik at ImmediaTech.com Tue Jan 13 19:22:26 2004 From: SGuzik at ImmediaTech.com (Stan Guzik) Date: Tue, 13 Jan 2004 19:22:26 -0500 Subject: [Owasp-iso17799] Project Plan Message-ID: <5A3B9A45CA8C724AB0BEC2E147DBA4B70261CDCA@bears.immediatech.com> Great!!! You got it. Thank you, Stanley Guzik -----Original Message----- From: scott.ammon at hushmail.com To: avanderstock at b-sec.com ; Stan Guzik CC: owasp-iso17799 at lists.sourceforge.net Sent: Tue Jan 13 18:33:32 2004 Subject: RE: [Owasp-iso17799] Project Plan -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Stan, I'll take on the Compliance section. scott On Mon, 12 Jan 2004 09:18:12 -0800 Stan Guzik wrote: >Great! You got it. I'll send out an updated Project Plan on Wednesday. > > > > >Thanks for all your help, > >Stan > > > >-----Original Message----- >From: Andrew van der Stock [mailto:avanderstock at b-sec.com] >Sent: Sunday, January 11, 2004 5:08 PM >To: Stan Guzik >Cc: owasp-iso17799 at lists.sourceforge.net >Subject: RE: [Owasp-iso17799] Project Plan > > > >Stan, > > > >If no one has grabbed it yet, please assign me Personnel security. >I'm >back from leave today, and will grok all my messages by the end >of the >day. > > > >Andrew > > > > _____ > >From: owasp-iso17799-admin at lists.sourceforge.net >[mailto:owasp-iso17799-admin at lists.sourceforge.net] On Behalf Of >Stan >Guzik >Sent: Thursday, 25 December 2003 2:37 AM >To: owasp-iso17799 at lists.sourceforge.net >Subject: [Owasp-iso17799] Project Plan > > > >Hello Everyone, > >Attached you will find our project plan. Based on feedback from >the >email list I assigned people to some of the tasks. I did not assign >dates to the tasks so please send me an email when you expect your >task, >first draft, to be completed. Terumi, you are assigned to >Organizational Security, please let me know if this is OK. We have >4 >sections unassigned, so we are still looking for volunteers. If >you >already have a task, feel free to volunteer for another section. > Once I >receive your dates I'll update the project plan and we'll have a >clear >road map on how to complete this project successfully. > >The objective of this documentation project will be to create a >supplement to the ISO 17799 document. 17799 is basically a guideline >which is used as a starting point for developing a "Code of practice >for >information security management." It states which areas of information >security should be addressed but it does not give you the tools >to >develop the policies and procedures. Therefore, supplementing 17799 >with >form templates will help organizations jump start their policies >and >procedures development. Good templates are extremely valuable >management tools :-) > > > >I will have limited access to may email until 12/26/03. If look >forward >to working with all of you on a successful documentation project! > > > >Happy Holidays, > >Stan Guzik > > > > -----BEGIN PGP SIGNATURE----- Note: This signature can be verified at https://www.hushtools.com/verify Version: Hush 2.3 wkYEARECAAYFAkAEgGcACgkQzhSc4ju+ZEKj8gCffddowlC8JoSqq8udgdfdBI968TIA oKLUsOVsJ0IOz9uNhWfGm/RpTsyw =AlK7 -----END PGP SIGNATURE----- -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.owasp.org/pipermail/owasp-iso17799/attachments/20040113/ce65fcca/attachment.html From SGuzik at ImmediaTech.com Wed Jan 14 22:54:31 2004 From: SGuzik at ImmediaTech.com (Stan Guzik) Date: Wed, 14 Jan 2004 22:54:31 -0500 Subject: [Owasp-iso17799] Updated Project Plan Message-ID: <5A3B9A45CA8C724AB0BEC2E147DBA4B7021A32CD@bears.immediatech.com> Hello Everyone, Attached is the updated project plan. We just assigned 3 more sections which only leaves Access Control open. If you haven't done so already please send me a status update on when you estimate you will have a first draft. I would like to update the OWASP website with an expected delivery date. Thanks, Stan -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.owasp.org/pipermail/owasp-iso17799/attachments/20040114/8b766bec/attachment.html -------------- next part -------------- A non-text attachment was scrubbed... Name: ProjectPlan.xls Type: application/vnd.ms-excel Size: 14848 bytes Desc: ProjectPlan.xls Url : http://lists.owasp.org/pipermail/owasp-iso17799/attachments/20040114/8b766bec/attachment.xls From mark at curphey.com Tue Jan 20 11:06:09 2004 From: mark at curphey.com (Mark Curphey) Date: Tue, 20 Jan 2004 11:06:09 -0500 Subject: [Owasp-iso17799] RE: ISO 17799 In-Reply-To: <61105.159.50.203.8.1074503142.squirrel@jose.freesurf.fr> Message-ID: <200401201606.LAA20793@agamemnon.cnchost.com> CC'ing the project mailing list -----Original Message----- From: Maxime de Jabrun [mailto:mdejabrun at freesurf.fr] Sent: Monday, January 19, 2004 4:06 AM To: owasp at owasp.org Subject: ISO 17799 Working as Security Auditor in a bank, I am willing to help. Got some spare times to help in your ISO 17799 approach / toolkit. -- Maxime de Jabrun From SGuzik at ImmediaTech.com Tue Jan 20 17:28:21 2004 From: SGuzik at ImmediaTech.com (Stan Guzik) Date: Tue, 20 Jan 2004 17:28:21 -0500 Subject: [Owasp-iso17799] RE: ISO 17799 Message-ID: <5A3B9A45CA8C724AB0BEC2E147DBA4B7021A32F1@bears.immediatech.com> Hello Maxime, We currently have "Access Control" open. I'll send you our work in process doc. The Introduction section of the document should give you an idea of what we are trying to accomplish. If this is something you truly want to work on please let me know how much time and we can assign you something. Thanks, Stan -----Original Message----- From: Mark Curphey [mailto:mark at curphey.com] Sent: Tuesday, January 20, 2004 11:06 AM To: 'Maxime de Jabrun' Cc: owasp-iso17799 at lists.sourceforge.net Subject: [Owasp-iso17799] RE: ISO 17799 CC'ing the project mailing list -----Original Message----- From: Maxime de Jabrun [mailto:mdejabrun at freesurf.fr] Sent: Monday, January 19, 2004 4:06 AM To: owasp at owasp.org Subject: ISO 17799 Working as Security Auditor in a bank, I am willing to help. Got some spare times to help in your ISO 17799 approach / toolkit. -- Maxime de Jabrun ------------------------------------------------------- The SF.Net email is sponsored by EclipseCon 2004 Premiere Conference on Open Tools Development and Integration See the breadth of Eclipse activity. February 3-5 in Anaheim, CA. http://www.eclipsecon.org/osdn _______________________________________________ Owasp-iso17799 mailing list Owasp-iso17799 at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/owasp-iso17799 From scott.ammon at hushmail.com Wed Jan 21 13:20:13 2004 From: scott.ammon at hushmail.com (scott.ammon at hushmail.com) Date: Wed, 21 Jan 2004 10:20:13 -0800 Subject: [Owasp-iso17799] RE: ISO 17799 Message-ID: <200401211820.i0LIKFiS042463@mailserver3.hushmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 All, I hate to do this to everyone but my wife is due on Friday and we are experiencing some issues with the pregnancy that I feel will probably last for some time after the birth. As a consequence, I don't believe I'll be able to commit the time I once thought to the "Compliance" section of this project. I would, however, still be available in about 3 weeks to take on any specific tasks that need done for this project. So please feel free to send any requests for help along to me and I'll field them either yea/nea based upon my availability. Sorry for any inconvenience but family is the priority as I'm sure you understand. Regards, Scott Ammon On Tue, 20 Jan 2004 14:28:21 -0800 Stan Guzik wrote: >Hello Maxime, > >We currently have "Access Control" open. I'll send you our work >in >process doc. The Introduction section of the document should give >you >an idea of what we are trying to accomplish. If this is something >you >truly want to work on please let me know how much time and we can >assign >you something. > >Thanks, >Stan > >-----Original Message----- >From: Mark Curphey [mailto:mark at curphey.com] >Sent: Tuesday, January 20, 2004 11:06 AM >To: 'Maxime de Jabrun' >Cc: owasp-iso17799 at lists.sourceforge.net >Subject: [Owasp-iso17799] RE: ISO 17799 > > CC'ing the project mailing list > >-----Original Message----- >From: Maxime de Jabrun [mailto:mdejabrun at freesurf.fr] >Sent: Monday, January 19, 2004 4:06 AM >To: owasp at owasp.org >Subject: ISO 17799 > >Working as Security Auditor in a bank, I am willing to help. Got >some >spare >times to help in your ISO 17799 approach / toolkit. > >-- Maxime de Jabrun > > > > > >------------------------------------------------------- >The SF.Net email is sponsored by EclipseCon 2004 >Premiere Conference on Open Tools Development and Integration >See the breadth of Eclipse activity. February 3-5 in Anaheim, CA. >http://www.eclipsecon.org/osdn >_______________________________________________ >Owasp-iso17799 mailing list >Owasp-iso17799 at lists.sourceforge.net >https://lists.sourceforge.net/lists/listinfo/owasp-iso17799 > > >------------------------------------------------------- >The SF.Net email is sponsored by EclipseCon 2004 >Premiere Conference on Open Tools Development and Integration >See the breadth of Eclipse activity. February 3-5 in Anaheim, CA. >http://www.eclipsecon.org/osdn >_______________________________________________ >Owasp-iso17799 mailing list >Owasp-iso17799 at lists.sourceforge.net >https://lists.sourceforge.net/lists/listinfo/owasp-iso17799 > > -----BEGIN PGP SIGNATURE----- Note: This signature can be verified at https://www.hushtools.com/verify Version: Hush 2.3 wkYEARECAAYFAkAOw2cACgkQzhSc4ju+ZEJSiQCfSbvxJWa7A/huhqa8tgw0FLmJqUIA n39FqiP+Vj0k7x81FGeRhNl2Kxob =Y0X0 -----END PGP SIGNATURE----- From mark at curphey.com Thu Jan 22 22:25:04 2004 From: mark at curphey.com (Mark Curphey) Date: Thu, 22 Jan 2004 22:25:04 -0500 (EST) Subject: [Owasp-iso17799] Re: owasp/iso 177999 In-Reply-To: from sam heinrich on Fri, 23 Jan 2004 03:16:10 +0000 Message-ID: <200401230325.WAA22889@bellerophon.cnchost.com> An embedded and charset-unspecified text was scrubbed... Name: not available Url: http://lists.owasp.org/pipermail/owasp-iso17799/attachments/20040122/10fbdfc9/attachment.pl From mark at curphey.com Wed Jan 28 09:04:35 2004 From: mark at curphey.com (Mark Curphey) Date: Wed, 28 Jan 2004 09:04:35 -0500 Subject: [Owasp-iso17799] RE: ISO17799 1.0 In-Reply-To: <20040128120305.GA83484@nsegcorp.com> Message-ID: Thanks Jordon, I have CC'd the mailing list. I know there are various tasks to sign up for. -----Original Message----- From: Jordan Dimov [mailto:jdimov at nsegcorp.com] Sent: Wednesday, January 28, 2004 7:03 AM To: owasp at owasp.org Subject: ISO17799 1.0 Hello, I am interested in contributing to the OWASP ISO17799 project, please let me know how I can be of use. Sincerely, Jordan Dimov From mark at curphey.com Wed Jan 28 09:13:59 2004 From: mark at curphey.com (Mark Curphey) Date: Wed, 28 Jan 2004 09:13:59 -0500 Subject: [Owasp-iso17799] RE: owasp/iso 177999 In-Reply-To: Message-ID: Hi Sam..... Hmmm...did you check you are still subscribed ? You can do that at Sourceforge yourself.... -----Original Message----- From: sam heinrich [mailto:samheinrich at hotmail.com] Sent: Thursday, January 22, 2004 10:16 PM To: mark at curphey.com Subject: owasp/iso 177999 hi mark - i hadn't seen any list traffic on the iso 17799 project since the holidays, but i just assumed everyone was busy. then i went to sourceforge and saw that there had been activity but i just hadn't received it. i also couldn't log in to the sourceforge project - was i removed for a reason? i am still very interested in participating - let me know if you can add me back... thanks - sam _________________________________________________________________ There are now three new levels of MSN Hotmail Extra Storage! Learn more. http://join.msn.com/?pgmarket=en-us&page=hotmail/es2&ST=1 From SGuzik at ImmediaTech.com Wed Jan 28 17:51:44 2004 From: SGuzik at ImmediaTech.com (Stan Guzik) Date: Wed, 28 Jan 2004 17:51:44 -0500 Subject: [Owasp-iso17799] RE: ISO17799 1.0 Message-ID: <5A3B9A45CA8C724AB0BEC2E147DBA4B702718F90@bears.immediatech.com> Jordan, a somewhat out of date document is attached. I did some substantial work on COMMUNICATIONS AND OPERATIONS MANAGEMENT but my computer was caught in a flood.... I hope it boots up when its totally dry. Jordan and Sam, if you have the time please feel free to take one of the sections below: -----Original Message----- From: Stan Guzik Sent: Sunday, January 11, 2004 11:04 AM To: owasp-iso17799 at lists.sourceforge.net Subject: [Owasp-iso17799] ISO 17799 Work In Progress Document Hello Everyone, Attached is a work in progress of our document. Foreword, Introduction, Asset Classification and Control, and System Development and Management are included. We'll move forward with the format as laid out in this document. We still have the following sections unassigned: 1) Personnel Security 2) Communications and Operations Management 3) Access Control 4) Compliance We have a couple of new people added to the project so feel free to take one. Any help is greatly appreciated. I'll take Communications and Operations Management but if some else wants it I'll take something different. Please let me know by Wednesday 1/14/2004. Anyone new to this project, please read the Introduction of the attached document to get a picture of what will be in this document. Thanks, Stan Guzik -----Original Message----- From: Mark Curphey [mailto:mark at curphey.com] Sent: Wednesday, January 28, 2004 9:05 AM To: 'Jordan Dimov'; owasp-iso17799 at lists.sourceforge.net Subject: [Owasp-iso17799] RE: ISO17799 1.0 Thanks Jordon, I have CC'd the mailing list. I know there are various tasks to sign up for. -----Original Message----- From: Jordan Dimov [mailto:jdimov at nsegcorp.com] Sent: Wednesday, January 28, 2004 7:03 AM To: owasp at owasp.org Subject: ISO17799 1.0 Hello, I am interested in contributing to the OWASP ISO17799 project, please let me know how I can be of use. Sincerely, Jordan Dimov ------------------------------------------------------- The SF.Net email is sponsored by EclipseCon 2004 Premiere Conference on Open Tools Development and Integration See the breadth of Eclipse activity. February 3-5 in Anaheim, CA. http://www.eclipsecon.org/osdn _______________________________________________ Owasp-iso17799 mailing list Owasp-iso17799 at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/owasp-iso17799 -------------- next part -------------- A non-text attachment was scrubbed... Name: ISO17799Outline.doc Type: application/msword Size: 204288 bytes Desc: ISO17799Outline.doc Url : http://lists.owasp.org/pipermail/owasp-iso17799/attachments/20040128/99f4fe1f/attachment.doc From avanderstock at b-sec.com Thu Jan 29 18:40:27 2004 From: avanderstock at b-sec.com (Andrew van der Stock) Date: Fri, 30 Jan 2004 10:40:27 +1100 Subject: [Owasp-iso17799] RE: ISO17799 1.0 In-Reply-To: <5A3B9A45CA8C724AB0BEC2E147DBA4B702718F90@bears.immediatech.com> Message-ID: Stan, This is to let you know that I'm going to be late on the Personnel one. My customer is being extorted by criminals who have been DDoSing them. I'll be back on deck after Superbowl. Maybe I'll get some sleep then, too. Thanks, Andrew -----Original Message----- From: owasp-iso17799-admin at lists.sourceforge.net [mailto:owasp-iso17799-admin at lists.sourceforge.net] On Behalf Of Stan Guzik Sent: Thursday, 29 January 2004 9:52 AM To: Mark Curphey; Jordan Dimov; owasp-iso17799 at lists.sourceforge.net Cc: samheinrich at hotmail.com Subject: RE: [Owasp-iso17799] RE: ISO17799 1.0 Jordan, a somewhat out of date document is attached. I did some substantial work on COMMUNICATIONS AND OPERATIONS MANAGEMENT but my computer was caught in a flood.... I hope it boots up when its totally dry. Jordan and Sam, if you have the time please feel free to take one of the sections below: -----Original Message----- From: Stan Guzik Sent: Sunday, January 11, 2004 11:04 AM To: owasp-iso17799 at lists.sourceforge.net Subject: [Owasp-iso17799] ISO 17799 Work In Progress Document Hello Everyone, Attached is a work in progress of our document. Foreword, Introduction, Asset Classification and Control, and System Development and Management are included. We'll move forward with the format as laid out in this document. We still have the following sections unassigned: 1) Personnel Security 2) Communications and Operations Management 3) Access Control 4) Compliance We have a couple of new people added to the project so feel free to take one. Any help is greatly appreciated. I'll take Communications and Operations Management but if some else wants it I'll take something different. Please let me know by Wednesday 1/14/2004. Anyone new to this project, please read the Introduction of the attached document to get a picture of what will be in this document. Thanks, Stan Guzik -----Original Message----- From: Mark Curphey [mailto:mark at curphey.com] Sent: Wednesday, January 28, 2004 9:05 AM To: 'Jordan Dimov'; owasp-iso17799 at lists.sourceforge.net Subject: [Owasp-iso17799] RE: ISO17799 1.0 Thanks Jordon, I have CC'd the mailing list. I know there are various tasks to sign up for. -----Original Message----- From: Jordan Dimov [mailto:jdimov at nsegcorp.com] Sent: Wednesday, January 28, 2004 7:03 AM To: owasp at owasp.org Subject: ISO17799 1.0 Hello, I am interested in contributing to the OWASP ISO17799 project, please let me know how I can be of use. Sincerely, Jordan Dimov ------------------------------------------------------- The SF.Net email is sponsored by EclipseCon 2004 Premiere Conference on Open Tools Development and Integration See the breadth of Eclipse activity. February 3-5 in Anaheim, CA. http://www.eclipsecon.org/osdn _______________________________________________ Owasp-iso17799 mailing list Owasp-iso17799 at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/owasp-iso17799 From SGuzik at ImmediaTech.com Thu Jan 29 23:06:09 2004 From: SGuzik at ImmediaTech.com (Stan Guzik) Date: Thu, 29 Jan 2004 23:06:09 -0500 Subject: [Owasp-iso17799] RE: ISO17799 1.0 Message-ID: <5A3B9A45CA8C724AB0BEC2E147DBA4B7021A336E@bears.immediatech.com> Thanks for the update. Go New England :-) -----Original Message----- From: Andrew van der Stock [mailto:avanderstock at b-sec.com] Sent: Fri 2004-01-30 00:40 To: Stan Guzik Cc: samheinrich at hotmail.com; owasp-iso17799 at lists.sourceforge.net; 'Mark Curphey'; 'Jordan Dimov' Subject: RE: [Owasp-iso17799] RE: ISO17799 1.0 Stan, This is to let you know that I'm going to be late on the Personnel one. My customer is being extorted by criminals who have been DDoSing them. I'll be back on deck after Superbowl. Maybe I'll get some sleep then, too. Thanks, Andrew -----Original Message----- From: owasp-iso17799-admin at lists.sourceforge.net [mailto:owasp-iso17799-admin at lists.sourceforge.net] On Behalf Of Stan Guzik Sent: Thursday, 29 January 2004 9:52 AM To: Mark Curphey; Jordan Dimov; owasp-iso17799 at lists.sourceforge.net Cc: samheinrich at hotmail.com Subject: RE: [Owasp-iso17799] RE: ISO17799 1.0 Jordan, a somewhat out of date document is attached. I did some substantial work on COMMUNICATIONS AND OPERATIONS MANAGEMENT but my computer was caught in a flood.... I hope it boots up when its totally dry. Jordan and Sam, if you have the time please feel free to take one of the sections below: -----Original Message----- From: Stan Guzik Sent: Sunday, January 11, 2004 11:04 AM To: owasp-iso17799 at lists.sourceforge.net Subject: [Owasp-iso17799] ISO 17799 Work In Progress Document Hello Everyone, Attached is a work in progress of our document. Foreword, Introduction, Asset Classification and Control, and System Development and Management are included. We'll move forward with the format as laid out in this document. We still have the following sections unassigned: 1) Personnel Security 2) Communications and Operations Management 3) Access Control 4) Compliance We have a couple of new people added to the project so feel free to take one. Any help is greatly appreciated. I'll take Communications and Operations Management but if some else wants it I'll take something different. Please let me know by Wednesday 1/14/2004. Anyone new to this project, please read the Introduction of the attached document to get a picture of what will be in this document. Thanks, Stan Guzik -----Original Message----- From: Mark Curphey [mailto:mark at curphey.com] Sent: Wednesday, January 28, 2004 9:05 AM To: 'Jordan Dimov'; owasp-iso17799 at lists.sourceforge.net Subject: [Owasp-iso17799] RE: ISO17799 1.0 Thanks Jordon, I have CC'd the mailing list. I know there are various tasks to sign up for. -----Original Message----- From: Jordan Dimov [mailto:jdimov at nsegcorp.com] Sent: Wednesday, January 28, 2004 7:03 AM To: owasp at owasp.org Subject: ISO17799 1.0 Hello, I am interested in contributing to the OWASP ISO17799 project, please let me know how I can be of use. Sincerely, Jordan Dimov ------------------------------------------------------- The SF.Net email is sponsored by EclipseCon 2004 Premiere Conference on Open Tools Development and Integration See the breadth of Eclipse activity. February 3-5 in Anaheim, CA. http://www.eclipsecon.org/osdn _______________________________________________ Owasp-iso17799 mailing list Owasp-iso17799 at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/owasp-iso17799 -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.owasp.org/pipermail/owasp-iso17799/attachments/20040129/be9043fc/attachment.html From samheinrich at hotmail.com Thu Jan 29 01:45:59 2004 From: samheinrich at hotmail.com (sam heinrich) Date: Thu, 29 Jan 2004 06:45:59 +0000 Subject: [Owasp-iso17799] RE: owasp/iso 177999 Message-ID: Hi Mark, Stan - Re-subscribed tonight, thanks - I thought I remembered there being a distinct sourceforge project for owasp-iso17799 before? I didn't find it just now - maybe I'm just inventing the memory... Stan, I'll take a crack at the Compliance section... I think I saw a project plan go out to the list a little while back - can you send it or put it in the repository so I have an idea of our current timeline? Thanks - sam ----Original Message Follows---- From: "Mark Curphey" To: "'sam heinrich'" CC: Subject: RE: owasp/iso 177999 Date: Wed, 28 Jan 2004 09:13:59 -0500 Hi Sam..... Hmmm...did you check you are still subscribed ? You can do that at Sourceforge yourself.... -----Original Message----- From: sam heinrich [mailto:samheinrich at hotmail.com] Sent: Thursday, January 22, 2004 10:16 PM To: mark at curphey.com Subject: owasp/iso 177999 hi mark - i hadn't seen any list traffic on the iso 17799 project since the holidays, but i just assumed everyone was busy. then i went to sourceforge and saw that there had been activity but i just hadn't received it. i also couldn't log in to the sourceforge project - was i removed for a reason? i am still very interested in participating - let me know if you can add me back... thanks - sam _________________________________________________________________ There are now three new levels of MSN Hotmail Extra Storage! Learn more. http://join.msn.com/?pgmarket=en-us&page=hotmail/es2&ST=1 _________________________________________________________________ Find high-speed ?net deals ? comparison-shop your local providers here. https://broadband.msn.com