Incident Handling
Sort
Visually Assessing Possible Courses of Action for a Computer Network Incursion
When a computer is compromised a standard incident handling process is followed to mitigate damage, expunge the attack, and recover the system. In order to prevent possible spread of an attack, the incident handler will try to isolate the victimized ...
An Incident Handling Process for Small and Medium Businesses
This paper's intention is to assist you in getting an incident response capability off the ground in a SMB environment by analyzing some of the constraints of a smaller corporate environment. It will specifically recommend that at the beginning y...
Creating and Managing an Incident Response Team for a Large Company
Using good communication skills, clear policies, professional team members and utilizing training opportunities, a company can run a successful incident response team. CSIRTs will continue to serve as an important component in supporting the manageme...
A Common Language for Computer Security Incidents
The Common Language Project was not an effort to develop a comprehensive dictionary of terms used in the field of computer security. Instead, our intention was to develop a minimum set of 'high-level' terms, along with a structure indicating ...
An Introduction to Incident Handling
This paper will provide a logical approach to handling two common forms of attack - virus outbreak and system compromise. The method that this article will propose includes the following sequence of steps that should be followed in the case of all ty...
Autopsy of a successful intrusion (well, two actually)
This paper consists of the recollection and analysis of two network intrusion that I have performed as part of my duties as a computer security consultant. The name of the company I worked, as well as their customers that I hacked into, will remain a...
Calling the CyberCops: Law Enforcement and Incident Handling
It's now 3:00 AM and you're sitting at a console in your computer room at the office, staring at a new directory named "ADMROCKS" You've been hacked. Your personal data space has been violated. Some nameless script kiddie has made...
Case Study in Information Security
This paper outlines the steps taken to secure part of a network belonging to a telecommunications company that was compromised earlier this year. The material gives an overview of the incident handling procedure applied and the follow up vulnerabilit...
CodeRed II: Incident Handling Process and Procedures
The 6-step method for incident handling is to prepare, detect, contain, eradicate, recover, and lessons learned. This paper uses the CodeRed II virus as a template to generate questions to help you better prepare for the next virus outbreak. We will ...
Examining a Public Exploit, Part 1
The purpose of this article is to analyze a public exploit in a lab environment, see the alerts generated by an intrusion detection system, and then do some packet analysis of the malicious binary in order to better understand it.
Add this list to your website
Copy and paste this javascript into your webpage to show a dynamic list of papers in this category. More information
here
Page: 1 2
