Re: Incident Response Guidelines

["C. Henderson" <macrackman () netscape net>]

I would start with some of the old agencies.. They have one heck of a 
pile on this stuff.
http://www.cert.org/
http://www.ciac.org/ciac/
http://www.first.org/

I personally would not worry about this new fine NIPC thing, they seem 
to be still getting their act together, and have been now attached to 
the Office of Home Land Security.
So that means they can go through at least one more reorg..
They also seem to be more interested in "Infrastructure" issues, versus 
NET issues.
At all of the talks I have attended, I haven't met one FBI person who 
knows the simple difference between a "Hacker" and a "Cracker". They 
seem to think they are all one in the same..

That scares me.

For What It Is Worth..
CH




John Smithson wrote:

> Hello,
>
> I'm about to start huge documentation phase on creating Incident 
> Response Guidelines / Handling - including creating the structure, 
> creating the Incident Response Team, documenting the guidelines per 
> incidents - such as web server hacked, DOS attack, Virus Outbreak
>
> I need your help on pointing me to few good documents / books.  
> Obviously, I have googled, and found good info.  However, I may be 
> missing some good information that you gurus have collected over time.
>
> Please any help would be greatly appreciated.
>
> Thanks,
>
> John Smithson
>
>
>
>
>
> _________________________________________________________________
> MSN 8 limited-time offer: Join now and get 3 months FREE*. 
> http://join.msn.com/?page=dept/dialup&xAPID=42&PS=47575&PI=7324&DI=7474&SU= 
> http://www.hotmail.msn.com/cgi-bin/getmsg&HL=1216hotmailtaglines_newmsn8ishere_3mf