Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



IDS: Re: Intrusion Risk Assessment

Re: Intrusion Risk Assessment

From: Fernando Cardoso <fernando.cardoso_at_whatevernet.com>
Date: Wed, 08 Jan 2003 09:58:19 +2400

Something that might help you is Common Criteria's "Characterisation of
Attack Potential" draft. Check it out in
http://www.commoncriteria.org/review_docs/docs/AttackPotentialv05.pdf

Fernando

> Anyone know of any IDS risk assessment matrixes out there? I'm
> looking for something like the following:
>
> Rating Severity
> 1 No Damage a. Not possible to exploit (or)
> b. No damage (or)
> c. Hoax
>
> 2 Harassment a. Possible damage, unconfirmed (or)
> b. Temporarily shuts down services and/or
> temporarily prevents access to information
>
> 3 Minor Damage a. Short-term impact (or)
> b. Exploit allows access to view files (or)
> c. Minimal effort required to recover
>
> 4 Moderate Damage a. The exploit is easy to perform (or)
> b. Important systems can be effected with
> administrative compromise (or)
> c. Exploit allows full access to files (or)
> d. Long-term effects, significant effort
> may be required to recover
>
> 5 Heavy Damage a. The exploit is easy to perform (and)
> b. An exploit will cause severe damage to
> multiple computers (and/or)
> c. Requires reinstallation or recovery
> from backup
>
>
> Robert Huber
> Bank One Information Security
> Phone: 302-282-2234
> Pager: 888-646-3502
>
>
>
> **********************************************************************
> This transmission may contain information that is privileged,
> confidential and/or exempt from disclosure under applicable law. If
> you are not the intended recipient, you are hereby notified that
> any disclosure, copying, distribution, or use of the information
> contained herein (including any reliance thereon) is STRICTLY
> PROHIBITED. If you received this transmission in error, please
> immediately contact the sender and destroy the material in its
> entirety, whether in electronic or hard copy format. Thank you
> **********************************************************************
>
>

WhatEverNet Computing, S.A. http://www.whatevernet.com
Praça de Alvalade, n.º 6 - 6.º piso Tel: +351 217994200
1700-036 Lisboa, PORTUGAL Fax: +351 217994242
_____________________________________________________________________
                      INTERNET MAIL FOOTER
A presente mensagem pode conter informação considerada confidencial.
Se o receptor desta mensagem não for o destinatário indicado, fica
expressamente proibido de copiar ou endereçar a mensagem a terceiros.
Em tal situação, o receptor deverá destruir a presente mensagem e por
gentileza informar o emissor de tal facto.
---------------------------------------------------------------------
Privileged or confidential information may be contained in this
message. If you are not the addressee indicated in this message, you
may not copy or deliver this message to anyone. In such case, you
should destroy this message and kindly notify the sender by reply
email.
---------------------------------------------------------------------
Received on Jan 07 2003

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]