Security Basics mailing list archives
RE: A basic Question from a new bie!!
From: <Bent.Mathiesen () swisscom com>
Date: Fri, 5 Mar 2004 08:27:45 +0100
Hi Mitchell Beside google - I can recommend you to go to www.giac.org and look at students practicals for Intrusion detection. There are hundreds of reports that are based on a standard method for analyzing network traffic with focus on IDS. (http://www.giac.org/GCIA.php) The GCIA is for GIAC Certified Intrusion Analysts (GCIA). There are also other kinds of reports for firewall, Unix, Windows, etc. Worth reading. Best regards Bent Mathiesen IT Security Specialist MSCS CCSE GCIA -----Original Message----- From: Mitchell Rowton [mailto:mrowton () bdo com] Sent: Monday, March 01, 2004 6:27 PM To: security-basics () securityfocus org; securekaps () yahoo com Subject: Re: A basic Question from a new bie!! Your best bet is to google for specific intrusions and see how others react. In general, after you have been in your job a while you will become accustomed to seeing the same intrusions directed to the same servers/IP ranges. After time you will have a better idea of which are false positives and which you aren't vulnerable to anyway. You just have to get acclimated to your network patterns. If you can google your way through the first month you'll be fine. NIST Computer Security Incident Handling Guide http://csrc.nist.gov/publications/nistpubs/800-61/sp800-61.pdf Intrusion Detection Documents http://www.securitydocs.com/4 Incident Handling Documents http://www.securitydocs.com/17
new bie kapper <securekaps () yahoo com> 02/29/04 03:42PM >>>
Hi all , I just recently started with my new job which involves security monitoring on csids , iss real secure and entercept sensors.I was looking if anybody could help me with like websites on internet which would give good tips on incident response like different ways i could work on a suspiious attack to conclude wheheter its an attack or a fals epositive whetehr ia server was compromised or not and that stuff for example we can telnet to a webserver to see its patchlevel or iis version,do nslookup ,what r other tips and where i could find those. thanks in advance kaps
__________________________________ Do you Yahoo!? Get better spam protection with Yahoo! Mail. http://antispam.yahoo.com/tools
__________________________________ Do you Yahoo!? Get better spam protection with Yahoo! Mail. http://antispam.yahoo.com/tools --------------------------------------------------------------------------- Free 30-day trial: firewall with virus/spam protection, URL filtering, VPN, wireless security Protect your network against hackers, viruses, spam and other risks with Astaro Security Linux, the comprehensive security solution that combines six applications in one software solution for ease of use and lower total cost of ownership. Download your free trial at http://www.securityfocus.com/sponsor/Astaro_security-basics_040301 ---------------------------------------------------------------------------- NOTICE: The contents of this email and any attachments to it may contain privileged and confidential information from BDO Seidman, LLP. This information is only for the viewing or use of the intended recipient. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution or use of, or the taking of any action in reliance upon, the information contained in this e-mail, or any of the attachments to this e-mail, is strictly prohibited and that this e-mail and all of the attachments to this e-mail, if any, must be immediately returned to BDO Seidman, LLP or destroyed and, in either case, this e-mail and all attachments to this e-mail must be immediately deleted from your computer without making any copies thereof. If you have received this e-mail in error, please notify BDO Seidman, LLP by e-mail immediately. --------------------------------------------------------------------------- Free 30-day trial: firewall with virus/spam protection, URL filtering, VPN, wireless security Protect your network against hackers, viruses, spam and other risks with Astaro Security Linux, the comprehensive security solution that combines six applications in one software solution for ease of use and lower total cost of ownership. Download your free trial at http://www.securityfocus.com/sponsor/Astaro_security-basics_040301 ---------------------------------------------------------------------------- --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
Current thread:
- A basic Question from a new bie!! new bie kapper (Mar 01)
- Re: A basic Question from a new bie!! Vishal (Mar 09)
- <Possible follow-ups>
- Re: A basic Question from a new bie!! Mitchell Rowton (Mar 01)
- RE: A basic Question from a new bie!! Bent.Mathiesen (Mar 08)