Security Incident Handling / Organization
|
View:
New views
3 Messages
—
Rating Filter:
Alert me
|
 |
Security Incident Handling / Organization
by Tony Raboza
::
Rate this Message:
Hi all,
Recently I posted regarding a possible "Zombie / Botnet" that I discovered. Anyway - my company does not have yet any IT security group - that's why sometimes its quite hard to do incident handling/analysis. I am one of the Systems and Network Administrator and IT security is a subset of our work. We have lots of remote offices and we have IT Helpdesk in most of them. I'm proposing to our company that an IT security group be formed. For example: You have a workstation broadcasting abnormal high UDP traffic. The IT security group goes in and investigates. They pull out workstation if needed be. IT Helpdesk issues a service unit so that user can continue working. Is this correct? What do you think? What is the recommended best practice? Thanks. Best, Tony ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------ |
|
|
RE: Security Incident Handling / Organization
by Jason Hurst
::
Rate this Message:
Hi Tony,
I would suggest doing some heavy reading first. Familiarize yourself with what are the recommended best practices, and then tailor to your organization. Here are a few places for you to start. National Institute of Standards and Technology: Guide to Incident Handling http://csrc.nist.gov/publications/nistpubs/800-61-rev1/SP800-61rev1.pdf Carnegie Mellon university CERT. http://www.cert.org/archive/pdf/csirt-handbook.pdf Jason Hurst Sr. Network Security Administrator Panda Restaurant Group jason.hurst@... Please consider the environment before printing this email -----Original Message----- From: listbounce@... [mailto:listbounce@...] On Behalf Of Tony Raboza Sent: Wednesday, November 11, 2009 5:32 AM To: security-basics@... Subject: Security Incident Handling / Organization Hi all, Recently I posted regarding a possible "Zombie / Botnet" that I discovered. Anyway - my company does not have yet any IT security group - that's why sometimes its quite hard to do incident handling/analysis. I am one of the Systems and Network Administrator and IT security is a subset of our work. We have lots of remote offices and we have IT Helpdesk in most of them. I'm proposing to our company that an IT security group be formed. For example: You have a workstation broadcasting abnormal high UDP traffic. The IT security group goes in and investigates. They pull out workstation if needed be. IT Helpdesk issues a service unit so that user can continue working. Is this correct? What do you think? What is the recommended best practice? Thanks. Best, Tony ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------ ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------ |
|
|
Re: Security Incident Handling / Organization
by Gleb Paharenko-3
::
Rate this Message:
Hi, Tony!
I suggest you to start from defining roles and assigning them to personnel. It is a good practice for security incidents to form ad-hoc team, which should include IT/helpdesk specialist for technical work and some one from management, who has enough power for administrative actions. Later you can allocate a dedicated persons for a roles. For strategic IT security initiatives you might want to form a security committee (board) in the company. 2009/11/11 Tony Raboza <tonyraboza@...>: > Hi all, > > Recently I posted regarding a possible "Zombie / Botnet" that I > discovered. Anyway - my company does not have yet any IT security > group - that's why sometimes its quite hard to do incident > handling/analysis. I am one of the Systems and Network Administrator > and IT security is a subset of our work. We have lots of remote > offices and we have IT Helpdesk in most of them. > > I'm proposing to our company that an IT security group be formed. For example: > > You have a workstation broadcasting abnormal high UDP traffic. The IT > security group goes in and investigates. They pull out workstation if > needed be. IT Helpdesk issues a service unit so that user can > continue working. > > Is this correct? What do you think? What is the recommended best practice? > > Thanks. > > > > Best, > Tony > > ------------------------------------------------------------------------ > Securing Apache Web Server with thawte Digital Certificate > In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. > > http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 > ------------------------------------------------------------------------ > > -- Best regards. Gleb Pakharenko. http://gpaharenko.livejournal.com http://www.linkedin.com/in/gpaharenko +380503116172 ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------ |
| Free embeddable forum powered by Nabble | Forum Help |
