IDS mailing list archives
Re: Got IDS installed, now need incident response plan document
From: Randy Taylor <gnu () charm net>
Date: Fri, 16 May 2003 11:42:14 -0400
Hi Bryan - Here are two books that may help. "Writing Information Security Policies", by Scott Barman and "Incident Response: A Strategic Guide to Handling System and Network Security Breaches", by Dr. Gene Schultz and Russell Shumway Of the two, the incident response book may give you more short-term benefit, but from the sounds of it, the security policy book will probably help you as well. George Capehart's advice is spot on. Don't let yourself get rushed into putting out a plan. That path will likely do more harm than good long term. Educate your boss! Writing an IR plan isn't "War and Peace", but it isn't something one can just toss off, either. Hope this helps. Randy At 12:54 AM 5/16/2003 +0000, Bryan Morris wrote:
Hello, I was able to get our corporate IDS up and running. Now my boss wants me to design an incident response plan.Does anyone know of any pre-canned documents I can use, so I don't have to spend 2 weeks writing an incident response document from scratch?Thanks, Bryan _________________________________________________________________Tired of spam? Get advanced junk mail protection with MSN 8. http://join.msn.com/?page=features/junkmail------------------------------------------------------------------------------- INTRUSION PREVENTION: READY FOR PRIME TIME?IntruShield now offers unprecedented Intrusion IntelligenceTM capabilities - including intrusion identification, relevancy, direction, impact and analysis - enabling a path to prevention.Download the latest white paper "Intrusion Prevention: Myths, Challenges, and Requirements" at: http://www.securityfocus.com/IntruVert-focus-ids2-------------------------------------------------------------------------------
------------------------------------------------------------------------------- INTRUSION PREVENTION: READY FOR PRIME TIME?IntruShield now offers unprecedented Intrusion IntelligenceTM capabilities - including intrusion identification, relevancy, direction, impact and analysis - enabling a path to prevention.
Download the latest white paper "Intrusion Prevention: Myths, Challenges, and Requirements" at: http://www.securityfocus.com/IntruVert-focus-ids2
-------------------------------------------------------------------------------
Current thread:
- Got IDS installed, now need incident response plan document Bryan Morris (May 15)
- Re: Got IDS installed, now need incident response plan document George W. Capehart (May 16)
- Re: Got IDS installed, now need incident response plan document Mark Phillips (May 16)
- Re: Got IDS installed, now need incident response plan document Randy Taylor (May 16)