RE: Incident Response Guidelines

• Previous message: DeGennaro, Gregory: "RE: Incident Response Guidelines"
• Maybe in reply to: John Smithson: "Incident Response Guidelines"
• Next in thread: Robinson, Sonja: "RE: Incident Response Guidelines"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: "Rosado, Rafael (Rafael)" <rarosado@lucent.com>
To: John Smithson <why1234@hotmail.com>
Date: Mon, 30 Dec 2002 11:06:46 -0700

Check the document created by CIO Magazine, FBI and Secret Service Agency
(CIO CYBERTHREAT RESPONSE & REPORTING GUIDELINES -->
http://www.cio.com/research/security/incident_response.pdf). Although it is
not very specific to internal incident response guidelines, it sheds some
light over the process of getting the FBI/SSA involved if prosecution is
necessary.

Rafael Rosado
IT Security Manager
Caribbean and Latin America Region (CALA)
Lucent Technologies O
Corporate Security
Business Assurance and Risk Mitigation Services (B.A.R.M.S.)
2400 SW 145th Avenue - Room 3S039
Miramar, Florida 33027
+1 954-885-2176 (voice) *
+1 954-885-3861 (fax) *
+1 954-648-3532 (mobile) or 9546483532@mobile.att.net (text message) *
rarosado@lucent.com (email) *

This electronic mail message contains information belonging to Lucent
Technologies, which may be confidential and/or legal privileged. The
information is intended only for the use of the individual or entity named
above. If you are not the intended recipient, you are hereby notified that
any disclosure, printing, copying, distribution, or the taking of any action
in reliance on the contents of this electronically mailed information is
strictly prohibited. If you receive this message in error, please
immediately notify us by electronic mail and delete this message.

-----Original Message-----
From: John Smithson [mailto:why1234@hotmail.com]
Sent: Friday, December 27, 2002 11:42 AM
To: security-basics@security-focus.com; forensics@securityfocus.com
Subject: Incident Response Guidelines

Hello,

I'm about to start huge documentation phase on creating Incident Response
Guidelines / Handling - including creating the structure, creating the
Incident Response Team, documenting the guidelines per incidents - such as
web server hacked, DOS attack, Virus Outbreak

I need your help on pointing me to few good documents / books. Obviously, I

have googled, and found good info. However, I may be missing some good
information that you gurus have collected over time.

Please any help would be greatly appreciated.

Thanks,

John Smithson

_________________________________________________________________
MSN 8 limited-time offer: Join now and get 3 months FREE*.
http://join.msn.com/?page=dept/dialup&xAPID=42&PS=47575&PI=7324&DI=7474&SUrensics@securityfocus.com</a>'&quohttp://www.hotmail.msn.com/cgi-bin/getmsg&HL=1216hotmailtaglines_newmsn8isheonse%20Guidelines&replyto=9DF63E863CD3D211BB1F00E
http://www.hotmail.msn.com/cgi-bin/getmsg&HL=1216hotmailtaglines_newmsn8isheonse%20Guidelines&replyto=9DF63E863CD3D211BB1F00E
re_3mf

• Next message: Robinson, Sonja: "RE: Incident Response Guidelines"
• Previous message: DeGennaro, Gregory: "RE: Incident Response Guidelines"
• Maybe in reply to: John Smithson: "Incident Response Guidelines"
• Next in thread: Robinson, Sonja: "RE: Incident Response Guidelines"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]