Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Security Incidents: Re: Need Incident Handling Process Framework

Re: Need Incident Handling Process Framework

From: Yuri Demchenko <demch_at_terena.nl>
Date: Fri, 09 Nov 2001 21:40:00 +0100

There is a Trans-European activity on CSIRT coordination (TF-CSIRT) that
is also developing common Incident response framework based on IODEF
(Incident Object Description and Exchange Format) RFC3067

All information is available at the TF-CSIRT and IODEF WG webpages
http://www.terena.nl/task-forces/tf-csirt/
http://www.terena.nl/task-forces/tf-csirt/iodef/

And more is coming with Extended Incident Handling BOF (inch) to take
place at IETF52 on Monday 13.00-15.00 December 10, 2001
http://www.terena.nl/task-forces/tf-csirt/inch/inch-bof-ietf52-draft.txt

Yuri

J Jewitt wrote:
>
> Hi all,
>
> I'm looking for a source for boilerplate incident
> response policies, plans, forms, checklists, etc. The
> whole package.
> I work for a global company and I am responsible
> for incidents occurring in North and South America,
> and I'd like to have a nice, clean process.
> I have looked at "Incident Response" (O'Reilly) and
> "Incident Response: Investigating Computer Crime"
> (Mandia & Prosise) as well as some CERT and SANS
> course materials.
> If someone knows of a resource, or would care to
> send me sanitized versions of their framework, it
> would be of benefit to anyone on the list wishing to
> normalize their incident response process.
>
> thanks!
> J
>
> __________________________________________________
> Do You Yahoo!?
> Find a job, post your resume.
> http://careers.yahoo.com
>
> ----------------------------------------------------------------------------
> This list is provided by the SecurityFocus ARIS analyzer service.
> For more information on this free incident handling, management
> and tracking system please see: http://aris.securityfocus.com 

-- 
-----------------------------------------------------------------------
Yuri Demchenko, TERENA, Singel 468D, 1017 AW Amsterdam, The Netherlands 
Tel: +31 20 530 4488  Fax: +31 20 530 4499  E-mail: demchenko_at_terena.nl
-----------------------------------------------------------------------
----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com
Received on Nov 09 2001
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos