IDS mailing list archives

RE: Intrusion Risk Assessment

From: "Alan Shimel" <alan () latis com>
Date: Mon, 6 Jan 2003 13:58:20 -0700

Robert

The only one I have heard of and that we use with our product is the 4
levels of criticality that snort uses.

alan

Alan Shimel
VP of Sales & Business Development
Latis Networks, Inc.

303-642-4515 Direct
516-857-7409 Mobile
303-642-4501 Fax

www.stillsecure.com
Reducing your risk has never been this easy.
. . .
The information transmitted is intended only for the person
to which it is addressed and may contain confidential material.
Review or other use of this information by persons other than
the intended recipient is prohibited. If you've received
this in error, please contact the sender and delete
from any computer. 

-----Original Message-----
From: Robert_Huber () bankone com [mailto:Robert_Huber () bankone com] 
Sent: Monday, January 06, 2003 10:54 AM
To: focus-ids () securityfocus com
Subject: Intrusion Risk Assessment

Anyone know of any IDS risk assessment matrixes out there?  I'm looking
for something like the following:

Rating                          Severity
1  No Damage                    a.      Not possible to exploit (or)
                                b.      No damage (or)
                                c.      Hoax
                                 
2 Harassment                    a.      Possible damage, unconfirmed
(or)
                                b.      Temporarily shuts down services
and/or temporarily prevents access to information

3 Minor Damage                  a.      Short-term impact (or)
                                b.      Exploit allows access to view
files (or)
                                c.      Minimal effort required to
recover

4 Moderate Damage               a.      The exploit is easy to perform
(or)
                                b.      Important systems can be
effected with administrative compromise (or)
                                c.      Exploit allows full access to
files (or)
                                d.      Long-term effects, significant
effort may be required to recover

5 Heavy Damage          a.      The exploit is easy to perform (and)
                                b.      An exploit will cause severe
damage to multiple computers (and/or)
                                c.      Requires reinstallation or
recovery from backup


Robert Huber
Bank One Information Security
Phone: 302-282-2234
Pager: 888-646-3502



**********************************************************************
This transmission may contain information that is privileged,
confidential and/or exempt from disclosure under applicable law. If you
are not the intended recipient, you are hereby notified that any
disclosure, copying, distribution, or use of the information contained
herein (including any reliance thereon) is STRICTLY PROHIBITED. If you
received this transmission in error, please immediately contact the
sender and destroy the material in its entirety, whether in electronic
or hard copy format. Thank you
**********************************************************************

Current thread:

Intrusion Risk Assessment Robert_Huber (Jan 06)
- RE: Intrusion Risk Assessment Rob Shein (Jan 07)
- Re: Intrusion Risk Assessment Herve Debar (Jan 07)
- <Possible follow-ups>
- RE: Intrusion Risk Assessment Alan Shimel (Jan 07)
- Re: Intrusion Risk Assessment Fernando Cardoso (Jan 07)
- RE: Intrusion Risk Assessment Robert Buckley (Jan 07)
- FW: Intrusion Risk Assessment Peter Schwarz (Jan 07)
- re[2]: Intrusion Risk Assessment Richard Bennison (Jan 08)
  - re[2]: Intrusion Risk Assessment Ron Gula (Jan 10)
    - RE: VA/IDS Integration (Was: RE: re[2]: Intrusion Risk Assessment) David J. Meltzer (Jan 10)
- RE: Intrusion Risk Assessment Nicole Nicholson (Jan 08)
- RE: Intrusion Risk Assessment Fengmin Gong (Jan 21)