Security Best Practices, Breaking News, & Updates
During October and early November, the Internet Storm Center has published an EXCELLENT set of guidelines. These best practices center around the life cycle for Security Incident Handling. This is HIGHLY RECOMMENDED and EDUCATIONAL for anyone in the IT Security profession.
ISC Cyber Security Awareness Month 2008 - Summary and Links
QUOTE: You can also find the daily subjects by searching on the keyword "Awareness2008" in our diary archive. Because we chose to focus on the six steps of incident handling, we went a bit longer than 31 days to allow for the inclusion of step six, Lessons Learned.
1. Preparation 1 Policies, Management Support, and User Awareness 2 Building a Response Team 3 Building Checklists 4 What Goes Into a Response Kit2. Identification 5 Events versus Incidents 6 Network-based Intrusion Detection Systems 7 Host-based Intrusion Detection Systems 8 Global Incident Awareness 9 Log and Audit Analysis 10 Using Your Help Desk to Identify Security Incidents 11 Other Methods of Identifying an Incident3. Containment 12 Gathering Evidence That Can be Used in Court 13 Containment on Production Systems Such as a Web Server 14 Containing a Personal IdentityTheft Incident 15 Containing the Damage From a Lost or Stolen Laptop 16 Containing a Malware Outbreak 17 Containing a DNS Hijacking 18 Containing Other Incidents4. Eradication 19 Forensic Analysis Tools - What Happened? 20 Eradicating a Rootkit 21 Removing Bots, Keyloggers, and Spyware 22 Wiping Disks and Media 23 Turning off Unused Services 24 Cleaning Email Servers and Clients 25 Finding and Removing Hidden Files and Directories5. Recovery 26 Restoring Systems From Backups 27 Validation via Vulnerability Scanning 28 Avoiding Finger Pointing and the Blame Game 29 Should I Switch Software Vendors? 30 Applying Patches and Updates 31 Legal Awareness (Regulatory, Statutory, etc.)6. Lessons Learned (November) 1 (32) What Should I Make Public? 2 (33) Working With Management to Improve Processes 3 (34) Feeding The Lessons Learned Back to the Preparation Phase