Re: IDS Incident Escalation Procedure

Instead of re-inventing the wheel, suggest browse
through NIST publications.

Cheers
Vijay

--- jimmy wong <me1743@xxxxxxxxx> wrote:

Hi There,



Hi,

Would appreciate if anyone can share what should we
include to formulate a IDS/IPS incident escalation
procedure.





Thanks,

Jim





____________________________________________________________________________________
Yahoo! oneSearch: Finally, mobile search
that gives answers, not web links.

http://mobile.yahoo.com/mobileweb/onesearch?refer=1ONXIC


------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to

http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw

to learn more.

------------------------------------------------------------------------






____________________________________________________________________________________
Yahoo! oneSearch: Finally, mobile search
that gives answers, not web links.
http://mobile.yahoo.com/mobileweb/onesearch?refer=1ONXIC

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw
to learn more.
------------------------------------------------------------------------

Relevant Pages

  • Re: Tracking back internal incidents to users, not IPs
    ... Note that I am assuming that the source is a DHCP system here (otherwise ... Note that I would take an open source or a commercial product as a ... with real-world attacks from CORE IMPACT. ...
    (Focus-IDS)
  • Re: Tracking back internal incidents to users, not IPs
    ... Note that I am assuming that the source is a DHCP system here (otherwise ... it is much easier problem). ... with real-world attacks from CORE IMPACT. ...
    (Focus-IDS)
  • Re: What type of IDS should I use?
    ... communication is strictly prohibited. ... with real-world attacks from CORE IMPACT. ... Do You Yahoo!? ...
    (Focus-IDS)
  • SV: Bittorrent - utorrent
    ... As I am a contractor on the job – I could not controle their policies to whats legal and whats not – so that issue was out of the question. ... If it's not based on protocol interpretation and file type look up, ... Find out quickly and easily by testing it with real-world attacks from ... with real-world attacks from CORE IMPACT. ...
    (Focus-IDS)
  • RE: Need Help in My Project
    ... Packet Decoding ... Find out by easily testing it with real-world attacks from CORE IMPACT. ...
    (Focus-IDS)