Security Incidents mailing list archives

Re: Incident Response Database

From: Sebastian Jaenicke <sebastian () jaenicke org>
Date: Thu, 18 Mar 2004 22:43:27 +0100

Hi all,

On Fri, Mar 19, 2004 at 09:32:24AM +1300, Russell Fulton wrote:
[..]

At the 2003 FIRST meeting someone described extensions to RT for dealing
with security incidents, including being smart abou IP addresses etc
(automatically make IPs and dn links that take you to whois info), the
ability to link large numbers of calls to a particular incident so they
can all be closed together and other stuff.


| RTIR: RT for Incident Response
| 
| RTIR is the premiere Open Source incident handling system designed with
| the needs of CERT teams and other incident-response teams in mind.

http://bestpractical.com/rtir/

- Sebastian
-- 
Sebastian Jaenicke                                   Disce aut discede!
whois pgpkey-C81115B1 -h whois.ripe.net|perl -ne's-^certif: *--&&print'

Attachment: _bin
Description:

Current thread:

Incident Response Database Jason May (Mar 17)
- Re: Incident Response Database Jordan Wiens (Mar 17)
- Re: Incident Response Database Valdis . Kletnieks (Mar 18)
  - Re: Incident Response Database Jason M. Leonard (Mar 18)
    - RE: Incident Response Database Chris Krough (Mar 18)
    - Re: Incident Response Database Russell Fulton (Mar 18)
    - Re: Incident Response Database John Green (Mar 18)
    - Re: Incident Response Database Lionel Ferette (Mar 18)
    - Re: Incident Response Database Sebastian Jaenicke (Mar 18)
- iptables/netfilter logs viewer/analyzer Sabyasachi Chakrabarty (Mar 22)
  - Re: iptables/netfilter logs viewer/analyzer Tony Carter (Mar 22)
  - Re: iptables/netfilter logs viewer/analyzer Byron Sonne (Mar 23)
- <Possible follow-ups>
- Re: Incident Response Database wozz (Mar 18)