Intrusion Detection Systems mailing list archives

Previous By Date Next
Previous By Thread Next

Good source of intrusion detection and response steps?

From: baney () shai-seattle com (Matt Baney)
Date: Fri, 24 Mar 2000 08:05:26 -0800

Archive: http://msgs.securepoint.com/ids
FAQ: http://www.ticm.com/kb/faq/idsfaq.html
IDS: http://www-rnks.informatik.tu-cottbus.de/~sobirey/ids.html
UNSUBSCRIBE: email "unsubscribe ids" to majordomo () uow edu au
What are the best sources for detailed (ie. step by step ) information for
detecting and responding to intrusions?  I'm looking for something that is more
detailed than the CERT advisories, and that may also contain response and
forensic details.  Something that might includes the necessary steps to detect
an intrusion and also provide the necessary response steps to stop or negate the
intrusion while preserving forensic information that would be necessary for
legal action or be useful in identifying the perpetrator or source of the
attack.
Does this kind of information exist anywhere?

Thanks
Matt

--
Matt Baney                               (206)-545-2941
SHAI  Seattle, Washington        baney () shai-seattle com
-------------------------------------------------------
Its hard to predict the unpredictable.
Previous By Date Next
Previous By Thread Next

Current thread: