Does anyone have an incidence response form that they would be willing to share? I'm looking to see what sort of information others are recording about security incidents. I want to put together something comprehensive to help in documenting incidents that could also serve a sort of check list of things that should be done. Sometimes without a form it's easy to forget to check simple things like is the clock on the compromised system in sync with the rest of the world. Thanks, Desmond. -- Desmond Irvine Security Analyst, Information Technology Sheridan College Phone: 905-845-9430 x2035 1430 Trafalgar Road Fax: 905-815-4011 Oakville, ON L6H 2L1 EMail: desmond.irvineat_private ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Tue Jul 31 2001 - 09:47:30 PDT