Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Management
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Major incident response procedure

from [Dimitrios Patsos] Network Security [Permanent Link]
Subject: RE: Major incident response procedure
Date: Fri, 29 Jul 2005 09:25:12 +0300 
Dear Jackqui,

 

I am doing a Ph.D. in this subject and some of the fundamental papers I've come 
across so far are:

 

*         Killcrece, G., Kossakowski, K.P., Ruefle R., and Zajicek M., 
"Organizational Models for Computer Incident Response Teams
(CSIRTs)", Report: CMU/SEI-2003-HB-001, Carnegie Melon University/Software 
Engineering Institute

 

*         Information Security Team, DePaul University, "A Framework for 
Incident Response (Draft)", http://security.depaul.edu
<http://security.depaul.edu/> 

 

*         West-Brown, M. J., Stikvoort, D., and Kossakowski K.P., "Handbook for 
Computer Security Incident Response Teams (CSIRTs)",
Report: CMU/SEI-98-HB-001, Carnegie Melon University/Software Engineering 
Institute

 

*         National Institute of Standards and Technology, "Computer Security 
Incident Handling Guide", NIST Special Publication
800-61

 

*         Kossakowski, K.P., et. al., "Responding to Intrusions", Report: 
CMU/SEI-SIM-006, Carnegie Melon University/Software
Engineering Institute

 

*         Internet Engineering Task Force, Request for Comments (RFC) 2350, 
"Expectations for Computer Security Incident Response" 

 

There are also some interesting books, like:

 

*         Mandia, K., and Procise, C., Incident Response: Investigating 
Computer Crime, Osborne/McGraw-Hill, NY, 2002

 

*         Van Wyk, K., and Forno, R., Incident Response, O'Reilly, NY, 2001

 

I hope these help.

 

Regards,

 

Dimitrios G. Patsos, 

Ph.D(C), M.Sc., CMA, CME

ΙΤ Security Consultant

===================

SPACE HELLAS S.A.

Email dpat@space.gr

 

-----Original Message-----
From: Lalit Gupta [mailto:lalit.gupta@lgsoftindia.com] 
Sent: Tuesday, July 26, 2005 10:15 AM
To: Smith, Jacqui; security-management@securityfocus.com
Subject: RE: Major incident response procedure

 

Get on to Cert.org, probably on this link

http://www.sei.cmu.edu/publications/documents/04.reports/04tr015.html

 

Also NIST has something on this topic, I saw sometime back.

 

Regards,

 

Lalit Gupta "LG"

 

Specialist-Information Security

 

IT & IS Department

 

-----Original Message-----

From: Smith, Jacqui [mailto:Jacqui.Smith@atosorigin.com] 

Sent: Monday, July 25, 2005 9:34 PM

To: security-management@securityfocus.com

Subject: Major incident response procedure

 


Hi, I wonder if anyone has guidelines on the above subject,


specifically around communications to users and best practices.


Many thanks



Jacqui






 

 

________________________________________________________________________

__

This e-mail and the documents attached are confidential and intended 

solely for the addressee; it may also be privileged. If you receive this

 

e-mail in error, please notify the sender immediately and destroy it.

As its integrity cannot be secured on the Internet, the Atos Origin

group 

liability cannot be triggered for the message content. Although the 

sender endeavours to maintain a computer virus-free network, the sender 

does not warrant that this transmission is virus-free and will not be 

liable for any damages resulting from any virus transmitted.

________________________________________________________________________

__

 

 

#####################################################################

THIS EMAIL MESSAGE IS FOR THE SOLE USE OF THE INTENDED RECIPIENT(S) AND MAY 
CONTAIN CONFIDENTIAL AND PRIVILEGED INFORMATION. ANY
UNAUTHORIZED REVIEW, USE, DISCLOSURE OR DISTRIBUTION IS PROHIBITED. BEFORE 
OPENING ANY ATTACHMENTS PLEASE CHECK FOR VIRUSES AND
DEFECTS. IF YOU ARE NOT THE INTENDED RECIPIENT, PLEASE NOTIFY US IMMEDIATELY BY 
REPLY EMAIL AND DELETE THE ORIGINAL MESSAGE.

#####################################################################
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • RE: Major incident response procedure, Dimitrios Patsos <=
Previous by Date:  Re: Is there any way to measure IT Security??, Larry Marin (Irony Account)
Next by Date:  RE: Is there any way to measure IT Security??, Balachendran, Thamilarasu SITI-ITIBHW
Previous by Thread:  Re: Infosec User Awareness And Training Handbook, Gunnar Kopperud
Next by Thread:  Encryption Policies, frank_kenisky
Indexes:  [Date] [Thread] [Top] [All Lists]