RE: Incident investigation methodologies

From: Harlan Carvey (keydet89_at_yahoo.com)
Date: 06/07/04

  • Next message: Harlan Carvey: "RE: Incident investigation methodologies" 
    Date: Mon, 7 Jun 2004 08:25:27 -0700 (PDT)
To: incidents@securityfocus.com

    Steven

    However unknownly, you made my point for me. Thanks.

    Harlan

    --- Steven Trewick <STrewick@joplings.co.uk> wrote:
    >
    > > One more thing to think about...what happens when
    > you
    > > go to the doctor? When you go to a doctor's
    > office
    > > with a complaint, does he simply give you a lethal
    > > injection then perform an autopsy to determine
    > what
    > > was wrong with you? Or does he collect volatile
    > > information...interview you, ask you questions,
    > take
    > > your temperature and blood pressure, etc?
    >
    >
    > That is simply the single most bogus metaphor I've
    > heard this week.
    >
    > In the real world, production systems need to go
    > back into production
    > ASAP.
    >
    > Frontline support staff simply do not have the time
    > or resource
    > (or often even the knowledge) to conduct lengthy
    > forensic investigations.
    >
    > Time = Money, that's a cold, hard fact, and there
    > simply isn't any way
    > around it.
    >
    > If my choice as a human being was to perform a
    > procedure on myself
    > that would cost a minimal amount of resource, and
    > take a minimal
    > amount of time, or a lengthy and costly series of
    > investigations
    > that would take forever, be painful, and possibly,
    > ultimately
    > inconclusive, which would I pick ?
    >
    >
    >
    >
    >
    >
    >
    >
    >
    >
    >
    >
    >
    >
    >
    >
    >
    >
    >
    >
    >
    >
    > </code>
    > The information contained in this e-mail is
    > confidential and may be privileged, it is intended
    > for the addressee only. If you have received this
    > e-mail in error please delete it from your system.
    > The statements and opinions expressed in this
    > message are those of the author and do not
    > necessarily reflect those of the company. Whilst
    > Joplings Group operates an e-mail anti-virus program
    > it does not accept responsibility for any damage
    > whatsoever that is caused by viruses being passed.
    > joplings.co.uk
    >

  • Next message: Harlan Carvey: "RE: Incident investigation methodologies"

    Relevant Pages

    • RE: Incident investigation methodologies
      ... production systems need to go back into production ... Frontline support staff simply do not have the time or resource ... to conduct lengthy forensic investigations. ... that would cost a minimal amount of resource, ...
      (Incidents)
    • RE: Incident investigation methodologies
      ... > that would cost a minimal amount of resource, ... "'Tis but a scratch." ... production systems need to go back into production ...
      (Incidents)
    • Re: Resource Unit field to 0%
      ... Duration = Work/ ... minimal amount of work to a generic resource. ... > with 0% Unit (i use it for my generic resource). ...
      (microsoft.public.project.pro_and_server)
    • Re: Resource Unit field to 0%
      ... future project. ... So task are very high level and work is ... the Resource Usage View. ... >minimal amount of work to a generic resource. ...
      (microsoft.public.project.pro_and_server)