Incident Response Guidelines

["John Smithson" <why1234 () hotmail com>]

Hello,

Thanks for all of your kind responses.  I have just compiled short list 
books and sites that were recommended by some of you.

Sites for research

rr.sans.org.
cert.org
infosyssec.com
rsasecurity.com
www.e-secure-db.us/dscgi/ds.py/View/Collection-1940
www.e-secure-db.us/dscgi/ds.py/View/Collection-1450
honeypot.org
ciac.org/ciac/
www.ietf.org/rfc/rfc2350.txt
www.elytra.com/resources.htm
www.cis.ohio-state.edu/cgi-bin/rfc/rfc2196.html

Books to read

Incident Response: Investigating Computer Crime by Kevin Mandia and Chris 
Prosise
Cyber Foreniscs - Marcella/Greenfield
Handbook of Computer Crime Investigation - Casey
Computer Forensics - Kruse/Heiser
Computer Forensics - Vacca
Security planning and disaster recovery by Maiwald and Sieglein.
Incident Response by Van Wyk & Forno
Few of the SANS series books

Hope that helps everyone.  I'll continue to post more info, if I find it. If 
you have more suggestions / recommendations, please drop me an email.

Again, thanks for the input.

John Smithson.


> Hello,
>
> I'm about to start huge documentation phase on creating
> Incident Response Guidelines / Handling - including creating the structure, 
> creating the Incident Response Team, documenting the guidelines per 
> incidents - such as web server hacked, DOS attack, Virus Outbreak
>
> I need your help on pointing me to few good documents /
> books.  Obviously, I have googled, and found good info.  However, I may be 
> missing some good information that you gurus have collected over time.
>
> Please any help would be greatly appreciated.
>
> Thanks,
>
> John Smithson





_________________________________________________________________
The new MSN 8: smart spam protection and 3 months FREE*. 
http://join.msn.com/?page=features/junkmail&xAPID=42&PS=47575&PI=7324&DI=7474&SU= 
http://www.hotmail.msn.com/cgi-bin/getmsg&HL=1216hotmailtaglines_smartspamprotection_3mf