Security Basics mailing list archives
Re: A basic Question from a new bie!!
From: Vishal <dhrakol () myrealbox com>
Date: Mon, 8 Mar 2004 20:46:10 -0500
Hi kaps Sunday, February 29, 2004, 3:42:04 PM, you wrote: nbk> I just recently started with my new job Congratulations! nbk> which involves security monitoring on csids , iss real secure and nbk> entercept sensors.I was looking if anybody could help me with like nbk> websites on internet which would give good tips on incident nbk> response like different ways i could work on a suspiious attack to nbk> conclude wheheter its an attack or a fals epositive whetehr ia nbk> server was compromised or not and that stuff for example we can nbk> telnet to a webserver to see its patchlevel or iis version,do nbk> nslookup ,what r other tips and where i could find those. thanks nbk> in advance kaps One of the best resources for security, over and above network monitoring, is the SANS Institute's website at www.SANS.org. Have a look at the reading room section, which has useful information on incident response. What I would suggest, however, is to learn from a good book that focuses on exactly what you want: Network Intrusion Detection: An Analyst's Handbook (2nd Edition) by Stephen Northcutt. http://www.amazon.com/exec/obidos/tg/detail/-/0735710082/104-3383741-0932736?v=glance This is the book all good intrusion detection analysts learn from. I highly recommend it. Before you do that, though, I would recommend brushing up on TCP/IP through Richard Stevens or Douglas Comer's books, if you aren't familiar with it already. Quite aside from your question, may I ask you something else? You mentioned that you are new to the security field. If you don't mind, I am curious to know how you found your job. I am currently searching for a position in the field myself, and would really appreciate your advice, since you are someone who recently found a junior level position. Cheers, -- Vishal --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
Current thread:
- A basic Question from a new bie!! new bie kapper (Mar 01)
- Re: A basic Question from a new bie!! Vishal (Mar 09)
- <Possible follow-ups>
- Re: A basic Question from a new bie!! Mitchell Rowton (Mar 01)
- RE: A basic Question from a new bie!! Bent.Mathiesen (Mar 08)