Re: Incident Response Guidelines

[Gene <gyoo () attbi com>]

John Smithson wrote:
> Hello,
>
> I'm about to start huge documentation phase on creating Incident 
> Response Guidelines / Handling - including creating the structure, 
> creating the Incident Response Team, documenting the guidelines per 
> incidents - such as web server hacked, DOS attack, Virus Outbreak
>
> I need your help on pointing me to few good documents / books.  
> Obviously, I have googled, and found good info.  However, I may be 
> missing some good information that you gurus have collected over time.
>
> Please any help would be greatly appreciated.
>
> Thanks,
>
> John Smithson
>
>
>
>
>
> _________________________________________________________________
> MSN 8 limited-time offer: Join now and get 3 months FREE*. 
> http://join.msn.com/?page=dept/dialup&xAPID=42&PS=47575&PI=7324&DI=7474&SU= 
> http://www.hotmail.msn.com/cgi-bin/getmsg&HL=1216hotmailtaglines_newmsn8ishere_3mf 

check out honeynet.org sans.org cert.org as far as books are concerned, 
S. Northcutt has number of these guidelines and books.  I think CERT and 
SANS has series of books on your topic.

most importantly, it should tailor to your organizations needs and 
requirements.

try googling "Rainbow Series" also...

gene

--
<gyoo [at] attbi [dot] com>  ~«©¿©»~