Home page logo
/

basics logo Security Basics mailing list archives

Re: A basic Question from a new bie!!
From: Vishal <dhrakol () myrealbox com>
Date: Mon, 8 Mar 2004 20:46:10 -0500

Hi kaps

Sunday, February 29, 2004, 3:42:04 PM, you wrote:

nbk> I just recently started with my new job

Congratulations!

nbk> which involves security monitoring on csids , iss real secure and
nbk> entercept sensors.I was looking if anybody could help me with like
nbk> websites on internet which would give good tips on incident
nbk> response like different ways i could work on a suspiious attack to
nbk> conclude wheheter its an attack or a fals epositive whetehr ia
nbk> server was compromised or not and that stuff for example we can
nbk> telnet to a webserver to see its patchlevel or iis version,do
nbk> nslookup ,what r other tips and where i could find those. thanks
nbk> in advance kaps

One of the best resources for security, over and above network
monitoring, is the SANS Institute's website at www.SANS.org. Have a
look at the reading room section, which has useful information on
incident response.

What I would suggest, however, is to learn from a good book that
focuses on exactly what you want:

Network Intrusion Detection: An Analyst's Handbook (2nd Edition) by
Stephen Northcutt.
http://www.amazon.com/exec/obidos/tg/detail/-/0735710082/104-3383741-0932736?v=glance

This is the book all good intrusion detection analysts learn from. I
highly recommend it. Before you do that, though, I would recommend
brushing up on TCP/IP through Richard Stevens or Douglas Comer's books,
if you aren't familiar with it already.

Quite aside from your question, may I ask you something else? You
mentioned that you are new to the security field. If you don't mind, I
am curious to know how you found your job. I am currently searching for
a position in the field myself, and would really appreciate your
advice, since you are someone who recently found a junior level
position.

Cheers,

-- 
Vishal

 


---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault