Security Basics mailing list archives

Re: Incident Response

From: Neil <neil () horizontheory com>
Date: Thu, 07 Jun 2007 22:38:11 +0530

esecuritydude () gmail com wrote:

Hi List,



I'm currently doing a uni assignment where I have to investigate an intrusion into a *nix file server and describe:



a) What I would do for the current incident



b) What I would recommend for the future.



Does anyone have any classic real life examples of  this? and where could I find a good/standard incident response 
procedure?



Thanks in Advance,

Miguel


The Incidents mailing list is really more directed towards actual
incidents, not hypotheticals, but they might have some good stuff.
The Forensics mailing list would probably also be able to give you some
good stuff.

Nonetheless, a nice example case can be found at the Honeynet project's
Forensic Challenge: http://www.honeynet.org/challenge/index.html

Enjoy.

Current thread:

Incident Response esecuritydude (Jun 07)
- Re: Incident Response Neil (Jun 07)
- RE: Incident Response Murda Mcloud (Jun 07)
- <Possible follow-ups>
- Re: Re: Incident Response sam . d101 (Jun 12)