Re: Got IDS installed, now need incident response plan document

From: Mark Phillips (mark_at_probably.co.uk)
Date: 05/16/03

  • Next message: Paul Schmehl: "Re: Low cost HID based IDS system"
    Date: Fri, 16 May 2003 13:58:59 +0100 (BST)
    To: Bryan Morris <bryanmorrisjr@hotmail.com>
    
    

    On Fri, 16 May 2003, Bryan Morris wrote:

    > Now my boss wants me to design an incident response plan.
    >
    > Does anyone know of any pre-canned documents I can use, so I donít have to
    > spend 2 weeks writing an incident response document from scratch?

    Give SANS RR a whirl, lots of stuff there (I'm sure there's some example
    policy frameworks too)

    http://www.sans.org/rr/

    Regards,

    --Mark

    -------------------------------------------------------------------------------
    INTRUSION PREVENTION: READY FOR PRIME TIME?

    IntruShield now offers unprecedented Intrusion IntelligenceTM capabilities
    - including intrusion identification, relevancy, direction, impact and analysis
    - enabling a path to prevention.

    Download the latest white paper "Intrusion Prevention: Myths, Challenges, and Requirements" at:
    http://www.securityfocus.com/IntruVert-focus-ids2
    -------------------------------------------------------------------------------


  • Next message: Paul Schmehl: "Re: Low cost HID based IDS system"

    Relevant Pages

    • RE: Rather funny; looks like page defacement to me
      ... another security tool (VA, AV, firewall, etc.) that could have done the job ... I am not saying the IDS are always useless, but they are most useful as ... they denigrate Intrusion Prevention Systems and hail ...
      (Focus-IDS)
    • AW: General term for Gateway IDS, IDP, IPS ...
      ... I'd like to know the general term for Gateway IDS, IDP, IPS ... ... Symantec Symantec Gateway Security,TopLayer Attack Mitigator IPS, ... I know NetScreen call their products "Intrusion Detectsion ... "Intrusion Prevention Solutions." ...
      (Focus-IDS)
    • RE: True definition of Intrusion Prevention
      ... Except that most seasoned Intrusion Detection Protects have had the ... Intrusion Prevention class.. ... and measuring security posture via vulnerability ... "Protect" means trying to prevent intrusions, ...
      (Focus-IDS)
    • Re: True definition of Intrusion Prevention
      ... "intrusion prevention" is the latest bandwagon marketing folks ... What makes matters worse is I think that "intrusion ... and probe detection" but rarely did they actually detect real compromises. ... Network Intrusion ...
      (Focus-IDS)
    • RE: Low cost HID based IDS system
      ... It's a matter of economics, and yes, a false sense of security is worse ... Many customers, those small & ... > INTRUSION PREVENTION: READY FOR PRIME TIME? ... > IntruShield now offers unprecedented Intrusion IntelligenceTM ...
      (Focus-IDS)