Re: Incident Response Database

wozz_at_0xdeadbeef.org
Date: 03/18/04

  • Next message: Lionel Ferette: "Re: Incident Response Database"
    Date: Thu, 18 Mar 2004 14:50:02 -0800
    To: incidents@securityfocus.com
    
    

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    RT for Incident Reponse

    http://www.bestpractical.com/rtir/

    I used RT a few years back to manage a security/abuse mailbox for a nationwide
    broadband ISP. It worked well enough for what it was, but I wish RTIR
    had been around back then. Everything we found missing in RT has been
    addressed in RTIR.

    On Thu, 18 Mar 2004 12:32:24 -0800 Russell Fulton <r.fulton@auckland.ac.nz>
    wrote:
    >On Fri, 2004-03-19 at 05:18, Jason M. Leonard wrote:
    >
    >>
    >> We use RT (Request Tracker) for our help desk and trouble ticket
    >system.
    >> It works great for all sorts of tracking and it's pretty handy
    >for
    >> managing non-human email accounts, as well. Plus it's free.
    >>
    >> http://www.bestpractical.com/rt/
    >
    >At the 2003 FIRST meeting someone described extensions to RT for
    >dealing
    >with security incidents, including being smart abou IP addresses
    >etc
    >(automatically make IPs and dn links that take you to whois info),
    > the
    >ability to link large numbers of calls to a particular incident
    >so they
    >can all be closed together and other stuff.
    >
    >I seem to remember they called the extended version IRT. Dam! I
    >can't
    >find the article in the proceedings. From memory work was done
    >by Best
    >Practice and commissioned by DFN CERT, the intention was to release
    >code
    >under the same terms as RT.
    >
    >--
    >Russell Fulton /~\ The ASCII
    >Network Security Officer \ / Ribbon Campaign
    >The University of Auckland X Against HTML
    >New Zealand / \ Email!
    >
    >
    >
    >----------------------------------------------------------------
    >-----------
    >Free 30-day trial: firewall with virus/spam protection, URL filtering,

    > VPN,
    >wireless security
    >
    >Protect your network against hackers, viruses, spam and other risks
    >with Astaro
    >Security Linux, the comprehensive security solution that combines
    >six
    >applications in one software solution for ease of use and lower
    >total cost of
    >ownership.
    >
    >Download your free trial at
    >http://www.securityfocus.com/sponsor/Astaro_incidents_040301
    >----------------------------------------------------------------
    >------------
    >
    >
    >
    -----BEGIN PGP SIGNATURE-----
    Note: This signature can be verified at https://www.hushtools.com/verify
    Version: Hush 2.3

    wkYEARECAAYFAkBaJ5oACgkQ1vK8vFo3sjz6hACgnH8p8OdPCyMiJV52Y3kEjtoPxfwA
    oJ8v6WfjYh2khlopVBAWEGNB1JDG
    =owkR
    -----END PGP SIGNATURE-----

    ---------------------------------------------------------------------------
    Free 30-day trial: firewall with virus/spam protection, URL filtering, VPN,
    wireless security

    Protect your network against hackers, viruses, spam and other risks with Astaro
    Security Linux, the comprehensive security solution that combines six
    applications in one software solution for ease of use and lower total cost of
    ownership.

    Download your free trial at
    http://www.securityfocus.com/sponsor/Astaro_incidents_040301
    ----------------------------------------------------------------------------


  • Next message: Lionel Ferette: "Re: Incident Response Database"

    Relevant Pages

    • RE: Entercept HIDS Question
      ... Entercept only to give up after two months of silence.. ... > Protect your network against hackers, viruses, spam and other ... > risks with Astaro Security Linux, ... the comprehensive security solution that combines six ...
      (Focus-IDS)
    • RE: Entercept HIDS Question
      ... Subject: Entercept HIDS Question ... > Protect your network against hackers, viruses, spam and other ... > risks with Astaro Security Linux, ... the comprehensive security solution that combines six ...
      (Focus-IDS)
    • RE: Entercept HIDS Question
      ... Entercept only to give up after two months of silence.. ... > Protect your network against hackers, viruses, spam and other ... > risks with Astaro Security Linux, ... the comprehensive security solution that combines six ...
      (Focus-IDS)
    • RE: blocking p2p traffic
      ... than the Packeteer, but IMHO performs better then the Packeteer. ... >> Protect your network against hackers, viruses, spam and other risks with ... >> Security Linux, the comprehensive security solution that combines six ...
      (Focus-IDS)
    • Re: [Full-Disclosure] Reacting to a server compromise
      ... Incident Response Procedures ... Computer security incidents are occurring at an ever-increasing rate on the ... Since we, Company XYZ, depend on the Internet for our livelihood, ...
      (Full-Disclosure)