IDS mailing list archives
Re: Intrusion Risk Assessment
From: "Fernando Cardoso" <fernando.cardoso () whatevernet com>
Date: Wed, 08 Jan 2003 09:58:19 +2400
Something that might help you is Common Criteria's "Characterisation of Attack Potential" draft. Check it out in http://www.commoncriteria.org/review_docs/docs/AttackPotentialv05.pdf Fernando
Anyone know of any IDS risk assessment matrixes out there? I'm looking for something like the following: Rating Severity 1 No Damage a. Not possible to exploit (or) b. No damage (or) c. Hoax 2 Harassment a. Possible damage, unconfirmed (or) b. Temporarily shuts down services and/or temporarily prevents access to information 3 Minor Damage a. Short-term impact (or) b. Exploit allows access to view files (or) c. Minimal effort required to recover 4 Moderate Damage a. The exploit is easy to perform (or) b. Important systems can be effected with administrative compromise (or) c. Exploit allows full access to files (or) d. Long-term effects, significant effort may be required to recover 5 Heavy Damage a. The exploit is easy to perform (and) b. An exploit will cause severe damage to multiple computers (and/or) c. Requires reinstallation or recovery from backup Robert Huber Bank One Information Security Phone: 302-282-2234 Pager: 888-646-3502 ********************************************************************** This transmission may contain information that is privileged, confidential and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is STRICTLY PROHIBITED. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format. Thank you **********************************************************************
WhatEverNet Computing, S.A. http://www.whatevernet.com Praça de Alvalade, n.º 6 - 6.º piso Tel: +351 217994200 1700-036 Lisboa, PORTUGAL Fax: +351 217994242 _____________________________________________________________________ INTERNET MAIL FOOTER A presente mensagem pode conter informação considerada confidencial. Se o receptor desta mensagem não for o destinatário indicado, fica expressamente proibido de copiar ou endereçar a mensagem a terceiros. Em tal situação, o receptor deverá destruir a presente mensagem e por gentileza informar o emissor de tal facto. --------------------------------------------------------------------- Privileged or confidential information may be contained in this message. If you are not the addressee indicated in this message, you may not copy or deliver this message to anyone. In such case, you should destroy this message and kindly notify the sender by reply email. ---------------------------------------------------------------------
Current thread:
- Intrusion Risk Assessment Robert_Huber (Jan 06)
- RE: Intrusion Risk Assessment Rob Shein (Jan 07)
- Re: Intrusion Risk Assessment Herve Debar (Jan 07)
- <Possible follow-ups>
- RE: Intrusion Risk Assessment Alan Shimel (Jan 07)
- Re: Intrusion Risk Assessment Fernando Cardoso (Jan 07)
- RE: Intrusion Risk Assessment Robert Buckley (Jan 07)
- FW: Intrusion Risk Assessment Peter Schwarz (Jan 07)
- re[2]: Intrusion Risk Assessment Richard Bennison (Jan 08)
- re[2]: Intrusion Risk Assessment Ron Gula (Jan 10)
- RE: VA/IDS Integration (Was: RE: re[2]: Intrusion Risk Assessment) David J. Meltzer (Jan 10)
- re[2]: Intrusion Risk Assessment Ron Gula (Jan 10)
- RE: Intrusion Risk Assessment Nicole Nicholson (Jan 08)
- RE: Intrusion Risk Assessment Fengmin Gong (Jan 21)