Intrusion Detection Systems mailing list archives

RE: Forensics Methodology

From: latyzenhaus () anl gov (Tyzenhaus, Laurie A.)
Date: Sun, 5 Dec 1999 19:59:23 -0600




Try looking at the SANS web site.  Went to the Conference in Oct & it was
great.  The Incident Handling publication is very thorough.

Computer Security Incident Handling: Step-by-Step

 http://www.sans.org/newlook/publications/incident_handling.htm

Laurie Tyzenhaus

-----Original Message-----
From: Subba Rao
To: IDS Discussion List
Sent: 12/4/99 7:00 AM
Subject: IDS: Forensics Methodology

------------------------------------------------------------------------

Is there any forensics methodology that is recommended after IDS/NIDS
reports
about an intrusion or missuse?

Thank you.

Subba Rao
subb3 () ibm net
http://pws.prserv.net/truemax/

Current thread:

Forensics Methodology Subba Rao (Dec 04)
- <Possible follow-ups>
- RE: Forensics Methodology Tyzenhaus, Laurie A. (Dec 05)
- RE: Forensics Methodology Blyth A J C (Comp) (Dec 06)