Full Disclosure mailing list archives
RE: Reacting to a server compromise
From: "Brad Bemis" <Brad.Bemis () airborne com>
Date: Mon, 4 Aug 2003 09:04:00 -0700
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 If you are new to the process of incident response and computer forensics it might be a good idea to review a couple of books on the subject and/or see if you have a local HTCIA chapter in your area. There are lots of good books you could flip through, but I think that "Computer Forensics - Incident Response Essentials" by Warren Kruse and Jay Heiser offers a thorough treatment of the subject matter. The process of incident response and computer forensics can get quite complex, and it is extremely important to understand the process in detail. You only have one chance to do an investigation the right way, after that, your evidence will be suspect. Thank you for your time and attention, ======================== Brad Bemis ======================== Email Notice: This communication may contain sensitive information. If you are not the intended recipient, or believe that you have received this communication in error; do not print, copy, retransmit, disseminate, or otherwise use the information contained herein for any purpose. Please alert the sender that you have received this message in error, and delete the copy that you received. -----BEGIN PGP SIGNATURE----- iQA/AwUBPy6D8JDnOfS48mrdEQKyHwCgn3Q969Y78U4AacMKtUAkW698GN0AnjyH lbUBrZ9WjNQeiG2TV3S5nrHV =76LI -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: Re: Reacting to a server compromise, (continued)
- Re: Re: Reacting to a server compromise manohar singh (Aug 03)
- Re: Reacting to a server compromise James A. Cox (Aug 03)
- RE: Re: Reacting to a server compromise Richard Stevens (Aug 04)
- Re: Re: Reacting to a server compromise Frank Bruzzaniti (Aug 04)
- RE: Re: Reacting to a server compromise Ron DuFresne (Aug 04)
- RE: Re: Reacting to a server compromise security snot (Aug 04)
- SV: Re: Reacting to a server compromise martin scherer (Aug 04)
- RE: Re: Reacting to a server compromise madsaxon (Aug 04)
- Re: Re: Reacting to a server compromise Darren Reed (Aug 04)
- RE: Reacting to a server compromise Brad Bemis (Aug 04)
- RE: Reacting to a server compromise Brad Bemis (Aug 04)
- RE: Reacting to a server compromise Jones, David H (Aug 04)
- Re: Reacting to a server compromise Jason Ellison (Aug 04)
- Re: Re: Reacting to a server compromise northern snowfall (Aug 04)
- RE: Reacting to a server compromise John . Airey (Aug 05)