Security Incidents mailing list archives
Re: REVIEW: "Incident Response", Douglas Schweitzer
From: "Meadows, Chip" <chip.meadows () usaa com>
Date: Tue, 24 Jan 2006 15:40:28 -0600
Do not forget Brian Carrier's EXCELLENT book, "File System Forensic Analysis". This book and "Real Digital Forensics" were VERY HIGHLY recommended by my mentors... Chip Meadows, CISA, CISSP, CCSE "The significant problems we face cannot be solved by the same level of thinking that created them"... Albert Einstein My opinions, not ANYONE ELSES. So there... -----Original Message----- From: Cooper, Christopher [mailto:Christopher.Cooper () ed gov] Sent: Tuesday, January 24, 2006 3:20 PM To: frank_kenisky () psc uscourts gov; incidents () securityfocus com Subject: RE: Re: REVIEW: "Incident Response", Douglas Schweitzer I can recommend two excellent books, which have recently come out: Real Digital Forensics, Jones, Bejtlich and Rose Forensic Discovery, Farmer and Venema Both have excellent reviews written about them at Amazon. Good luck and happy reading. -----Original Message----- From: frank_kenisky () psc uscourts gov [mailto:frank_kenisky () psc uscourts gov] Sent: Tuesday, January 24, 2006 10:35 AM To: incidents () securityfocus com Subject: Re: Re: REVIEW: "Incident Response", Douglas Schweitzer Good question but too general for any type of specific response. What exactly are you looking to examine? Router activity, servers, workstation (probably considered by many to be one in the same) network, disk, etc. The first thing I would recommend to anyone considering what to do /snip
Current thread:
- REVIEW: "Incident Response", Douglas Schweitzer Rob, grandpa of Ryan, Trevor, Devon & Hannah (Jan 23)
- <Possible follow-ups>
- Re: REVIEW: "Incident Response", Douglas Schweitzer frank_kenisky (Jan 23)
- Re: REVIEW: "Incident Response", Douglas Schweitzer Dude VanWinkle (Jan 23)
- RE: Re: REVIEW: "Incident Response", Douglas Schweitzer Cooper, Christopher (Jan 24)
- RE: Re: REVIEW: "Incident Response", Douglas Schweitzer Robinson, Sonja (Jan 24)
- Re: Re: REVIEW: "Incident Response", Douglas Schweitzer frank_kenisky (Jan 24)
- RE: Re: REVIEW: "Incident Response", Douglas Schweitzer Mike Coliton (Jan 24)
- Re: REVIEW: "Incident Response", Douglas Schweitzer Meadows, Chip (Jan 24)
- Re: REVIEW: "Incident Response", Douglas Schweitzer Stephen J. Smoogen (Jan 24)
- Re: REVIEW: "Incident Response", Douglas Schweitzer Volker Tanger (Jan 25)
- Re: REVIEW: "Incident Response", Douglas Schweitzer Jess Garcia (Jan 25)
- Re: REVIEW: "Incident Response", Douglas Schweitzer Kenneth R. van Wyk (Jan 27)
- Re: REVIEW: "Incident Response", Douglas Schweitzer Stephen J. Smoogen (Jan 24)
- RE: REVIEW: "Incident Response", Douglas Schweitzer Chain, David (NA ITRC Team Lead) (Jan 25)