Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Reacting to a server compromise

From: "Brad Bemis" <Brad.Bemis () airborne com>
Date: Mon, 4 Aug 2003 09:04:00 -0700
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

If you are new to the process of incident response and computer forensics
it might be a good idea to review a couple of books on the subject and/or
see if you have a local HTCIA chapter in your area.  There are lots of good
books you could flip through, but I think that "Computer Forensics -
Incident Response Essentials" by Warren Kruse and Jay Heiser offers a
thorough treatment of the subject matter.  The process of incident response
and computer forensics can get quite complex, and it is extremely important
to understand the process in detail.  You only have one chance to do an
investigation the right way, after that, your evidence will be suspect.    

Thank you for your time and attention,

========================
Brad Bemis
========================
Email Notice: This communication may contain sensitive information. If you
are not the intended recipient, or believe that you have received this
communication in error; do not print, copy, retransmit, disseminate, or
otherwise use the information contained herein for any purpose. Please
alert the sender that you have received this message in error, and delete
the copy that you received.


-----BEGIN PGP SIGNATURE-----

iQA/AwUBPy6D8JDnOfS48mrdEQKyHwCgn3Q969Y78U4AacMKtUAkW698GN0AnjyH
lbUBrZ9WjNQeiG2TV3S5nrHV
=76LI
-----END PGP SIGNATURE-----


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: