Security Basics mailing list archives
Re: A basic Question from a new bie!!
From: "Mitchell Rowton" <mrowton () bdo com>
Date: Mon, 01 Mar 2004 12:27:27 -0500
Your best bet is to google for specific intrusions and see how others react. In general, after you have been in your job a while you will become accustomed to seeing the same intrusions directed to the same servers/IP ranges. After time you will have a better idea of which are false positives and which you aren't vulnerable to anyway. You just have to get acclimated to your network patterns. If you can google your way through the first month you'll be fine. NIST Computer Security Incident Handling Guide http://csrc.nist.gov/publications/nistpubs/800-61/sp800-61.pdf Intrusion Detection Documents http://www.securitydocs.com/4 Incident Handling Documents http://www.securitydocs.com/17
new bie kapper <securekaps () yahoo com> 02/29/04 03:42PM >>>
Hi all , I just recently started with my new job which involves security monitoring on csids , iss real secure and entercept sensors.I was looking if anybody could help me with like websites on internet which would give good tips on incident response like different ways i could work on a suspiious attack to conclude wheheter its an attack or a fals epositive whetehr ia server was compromised or not and that stuff for example we can telnet to a webserver to see its patchlevel or iis version,do nslookup ,what r other tips and where i could find those. thanks in advance kaps
__________________________________ Do you Yahoo!? Get better spam protection with Yahoo! Mail. http://antispam.yahoo.com/tools
__________________________________ Do you Yahoo!? Get better spam protection with Yahoo! Mail. http://antispam.yahoo.com/tools --------------------------------------------------------------------------- Free 30-day trial: firewall with virus/spam protection, URL filtering, VPN, wireless security Protect your network against hackers, viruses, spam and other risks with Astaro Security Linux, the comprehensive security solution that combines six applications in one software solution for ease of use and lower total cost of ownership. Download your free trial at http://www.securityfocus.com/sponsor/Astaro_security-basics_040301 ---------------------------------------------------------------------------- NOTICE: The contents of this email and any attachments to it may contain privileged and confidential information from BDO Seidman, LLP. This information is only for the viewing or use of the intended recipient. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution or use of, or the taking of any action in reliance upon, the information contained in this e-mail, or any of the attachments to this e-mail, is strictly prohibited and that this e-mail and all of the attachments to this e-mail, if any, must be immediately returned to BDO Seidman, LLP or destroyed and, in either case, this e-mail and all attachments to this e-mail must be immediately deleted from your computer without making any copies thereof. If you have received this e-mail in error, please notify BDO Seidman, LLP by e-mail immediately. --------------------------------------------------------------------------- Free 30-day trial: firewall with virus/spam protection, URL filtering, VPN, wireless security Protect your network against hackers, viruses, spam and other risks with Astaro Security Linux, the comprehensive security solution that combines six applications in one software solution for ease of use and lower total cost of ownership. Download your free trial at http://www.securityfocus.com/sponsor/Astaro_security-basics_040301 ----------------------------------------------------------------------------
Current thread:
- A basic Question from a new bie!! new bie kapper (Mar 01)
- Re: A basic Question from a new bie!! Vishal (Mar 09)
- <Possible follow-ups>
- Re: A basic Question from a new bie!! Mitchell Rowton (Mar 01)
- RE: A basic Question from a new bie!! Bent.Mathiesen (Mar 08)