Security Basics mailing list archives

RE: Incident Response Guidelines

From: "Rosado, Rafael (Rafael)" <rarosado () lucent com>
Date: Mon, 30 Dec 2002 11:06:46 -0700

Check the document created by CIO Magazine, FBI and Secret Service Agency
(CIO CYBERTHREAT RESPONSE & REPORTING GUIDELINES -->
http://www.cio.com/research/security/incident_response.pdf).  Although it is
not very specific to internal incident response guidelines, it sheds some
light over the process of getting the FBI/SSA involved if prosecution is
necessary.

Rafael Rosado
IT Security Manager
Caribbean and Latin America Region (CALA)
Lucent Technologies O  
Corporate Security
Business Assurance and Risk Mitigation Services (B.A.R.M.S.) 
2400 SW 145th Avenue - Room 3S039
Miramar, Florida 33027 
+1 954-885-2176 (voice) *
+1 954-885-3861 (fax) * 
+1 954-648-3532 (mobile) or 9546483532 () mobile att net (text message) *
rarosado () lucent com (email) *

This electronic mail message contains information belonging to Lucent
Technologies, which may be confidential and/or legal privileged. The
information is intended only for the use of the individual or entity named
above. If you are not the intended recipient, you are hereby notified that
any disclosure, printing, copying, distribution, or the taking of any action
in reliance on the contents of this electronically mailed information is
strictly prohibited. If you receive this message in error, please
immediately notify us by electronic mail and delete this message.



-----Original Message-----
From: John Smithson [mailto:why1234 () hotmail com]
Sent: Friday, December 27, 2002 11:42 AM
To: security-basics () security-focus com; forensics () securityfocus com
Subject: Incident Response Guidelines


Hello,

I'm about to start huge documentation phase on creating Incident Response 
Guidelines / Handling - including creating the structure, creating the 
Incident Response Team, documenting the guidelines per incidents - such as 
web server hacked, DOS attack, Virus Outbreak

I need your help on pointing me to few good documents / books.  Obviously, I

have googled, and found good info.  However, I may be missing some good 
information that you gurus have collected over time.

Please any help would be greatly appreciated.

Thanks,

John Smithson





_________________________________________________________________
MSN 8 limited-time offer: Join now and get 3 months FREE*. 
http://join.msn.com/?page=dept/dialup&xAPID=42&PS=47575&PI=7324&DI=7474&SU= 
http://www.hotmail.msn.com/cgi-bin/getmsg&HL=1216hotmailtaglines_newmsn8ishe
re_3mf

Current thread:

Incident Response Guidelines John Smithson (Dec 27)
- Re: Incident Response Guidelines C. Henderson (Dec 30)
- Re: Incident Response Guidelines Gene (Dec 30)
- Re: Incident Response Guidelines Luis Enrique Londono (Dec 30)
- RE: Incident Response Guidelines Ayers, Diane (Dec 30)
- Re: Incident Response Guidelines frame (Dec 30)
- <Possible follow-ups>
- RE: Incident Response Guidelines Robinson, Sonja (Dec 30)
- Incident Response Guidelines John Smithson (Dec 30)
- RE: Incident Response Guidelines DeGennaro, Gregory (Dec 31)
- RE: Incident Response Guidelines Rosado, Rafael (Rafael) (Dec 31)
- RE: Incident Response Guidelines Robinson, Sonja (Dec 31)
- RE: Incident Response Guidelines Scott Schwendinger (Dec 31)