Security Basics mailing list archives

RE: Any security attack state model

From: "Cronican, John" <JCronican () sempra com>
Date: Mon, 11 Jul 2005 15:39:06 -0700

Google  "Attack Tree"
http://www.schneier.com/paper-attacktrees-ddj-ft.html
You will find some fine work such as this one "Modeling Security
Threats" By Bruce Schneier
J

John G. Cronican, Jr. (BEE, MSSM, CISSP, IAM)
Sr. Infrastructure Technologist
iProtect Sempra Energy
Sempra Energy Corporate Center & Sempra Energy Utilities
10949 Technology Place
San Diego, CA  92127
(858) 613-5738 (Desk)
(619) 787-1906 (Cell)
(619) 978-2493 (Pager)
 
JCronican () sempra com


-----Original Message-----
From: ricci [mailto:ricci () cs ust hk] 
Sent: Wednesday, July 06, 2005 9:55 PM
To: 'security-basics'
Subject: Any security attack state model
Importance: High


Hello All,

I have been working on IT security attack methodology. Is there any
security attack methodology and category information that has been
adopted by IT market?

Besides, as I thought through security attack methodology, there should
be some step by step attack states. That is, after port scanning, you
will be able to attack web, etc. Is there any methodology or good
reference document?

Please advise.

Thx.

Ricci

Current thread:

Re: Any security attack state model mike king (Jul 12)
- <Possible follow-ups>
- RE: Any security attack state model Cronican, John (Jul 12)