Hosting Provided By

RE: Incident Response Guidelines

From: Rosado, Rafael (Rafael) <rarosado(at)lucent.com>
Date: Mon Dec 30 2002 - 13:06:46 EST

Check the document created by CIO Magazine, FBI and Secret Service Agency (CIO CYBERTHREAT RESPONSE & REPORTING GUIDELINES --> http://www.cio.com/research/security/incident_response.pdf). Although it is not very specific to internal incident response guidelines, it sheds some light over the process of getting the FBI/SSA involved if prosecution is necessary.

Rafael Rosado
IT Security Manager
Caribbean and Latin America Region (CALA) Lucent Technologies O
Corporate Security
Business Assurance and Risk Mitigation Services (B.A.R.M.S.) 2400 SW 145th Avenue - Room 3S039
Miramar, Florida 33027
+1 954-885-2176 (voice) *
+1 954-885-3861 (fax) *
+1 954-648-3532 (mobile) or 9546483532@mobile.att.net (text message) *
rarosado@lucent.com (email) *

This electronic mail message contains information belonging to Lucent Technologies, which may be confidential and/or legal privileged. The information is intended only for the use of the individual or entity named above. If you are not the intended recipient, you are hereby notified that any disclosure, printing, copying, distribution, or the taking of any action in reliance on the contents of this electronically mailed information is strictly prohibited. If you receive this message in error, please immediately notify us by electronic mail and delete this message.

-----Original Message-----
From: John Smithson [mailto:why1234@hotmail.com] Sent: Friday, December 27, 2002 11:42 AM To: security-basics@security-focus.com; forensics@securityfocus.com Subject: Incident Response Guidelines

Hello,

I'm about to start huge documentation phase on creating Incident Response Guidelines / Handling - including creating the structure, creating the Incident Response Team, documenting the guidelines per incidents - such as web server hacked, DOS attack, Virus Outbreak

I need your help on pointing me to few good documents / books. Obviously, I

have googled, and found good info. However, I may be missing some good information that you gurus have collected over time.

Do you need help?

Please any help would be greatly appreciated.

Thanks,

John Smithson

MSN 8 limited-time offer: Join now and get 3 months FREE*. http://join.msn.com/?page=dept/dialup&xAPID=42&PS=47575&PI=7324&DI=7474&SU= http://www.hotmail.msn.com/cgi-bin/getmsg&HL=1216hotmailtaglines_newmsn8ishe re_3mf Received on Tue Dec 31 13:25:50 2002

This message: [ Message body ]
Next message: Robinson, Sonja: "RE: Incident Response Guidelines"
Previous message: DeGennaro, Gregory: "RE: Incident Response Guidelines"
Maybe in reply to: John Smithson: "Incident Response Guidelines"
Reply: Rosado, Rafael (Rafael): "RE: Windows Network Audit Tool Question"
Reply: Rosado, Rafael (Rafael): "RE: Associating Windows Processes to TCPIP Ports?"
Reply: Rosado, Rafael (Rafael): "RE: Associating Windows Processes to TCPIP Ports?"
Reply: Rosado, Rafael (Rafael): "RE: Securing NT4 Server Websites"
Reply: Rosado, Rafael (Rafael): "RE: Database Vulnerability Scanners"
Reply: Rosado, Rafael (Rafael): "PKI and Digital Certificates Best Practices"
Reply: Brad Bemis: "RE: Book Review"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:03:33 EDT