Team LiB   Previous Section   Next Section

Handling Intrusions and Incidents

Allen, Julia et al. State of the Practice of Intrusion Detection Technologies. (CMU/SEI-99-TR-028, ADA 357846). Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University, 1999. Available online: <http://www.sei.cmu.edu/publications/documents/99.reports/99tr028/99tr028abstract.html>.

Allen, Julia and Stoner, Ed. Detecting Signs of Intrusion (CMU/SEI-SIM-009). Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University, 2000. Available online: <http://www.cert.org/security-improvement/modules/m09.html>.

Amoroso, Edward. Intrusion Detection: An Introduction to Internet Surveillance, Correlation, Trace Back, Traps, and Response. Sparta, NJ: Intrusion.Net Books, 1999.

Base, Rebecca Gurley. Intrusion Detection. Indianapolis, IN: Macmillan Technical Publishing, 2000.

CERT Coordination Center. Results of the Distributed-Systems Intruder Tools Workshop. Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University, 1999. Available online: <http://www.cert.org/reports/dsit_workshop-final.html>.

CERT Coordination Center. Intruder Detection Checklist (UNIX). Available online: <http://www.cert.org/tech_tips/intruder_detection_checklist.html> (1999).

CERT Coordination Center. How the FBI Investigates Computer Crime. Available online: <http://www.cert.org/tech_tips/FBI_investigates_crime.html> (2000).

Dunigan, Tom and Hinkel, Greg. "Intrusion Detection and Intrusion Prevention on a Large Network: A Case Study." Proceedings of the 1st Workshop on Intrusion Detection and Network Monitoring. Santa Clara, CA. April 9–12, 1999. Available online: <http://www.usenix.org/publications/library/proceedings/detection99/full_papers/dunigan/dunigan_html/index.html>.

Escamilla, Terry. Intrusion Detection: Network Security Beyond the Firewall. New York: Wiley Computer Publishing, 1998.

Howard, John. An Analysis of Security Incidents on the Internet: 1989–1995. Pittsburgh, PA: Carnegie Mellon University, 1997. Available online: <http://www.cert.org/research/JHThesis/Start.html>.

Kossakowski, Klaus-Peter et al. Responding to Intrusions (CMU/SEI-SIM-006, ADA 360500). Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University, 1999. Available online: <http://www.cert.org/security-improvement/modules/m06.html>.

Maiwald, Eric. "Automating Response to Intrusions," Proceedings of the Fourth Annual UNIX and NT Network Security Conference. Orlando, FL, October 24–31, 1998. Bethesda, MD: The SANS Institute, 1998.

Marchany, Randy. "Incident Response: Scenarios and Tactics." Proceedings of the Fourth Annual UNIX and NT Network Security Conference. Orlando, FL, October 24–31, 1998. Bethesda, MD: The SANS Institute, 1998.

Newsham, Tim and Ptacek, Tom. Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection. Available online: <http://www.snort.org> under Security Info (1998).

Northcutt, Stephen. "Computer Security Incident Handling: Step-by-Step." Proceedings of the Fourth Annual UNIX and NT Network Security Conference. Orlando, FL, October 24–31, 1998. Bethesda, MD: The SANS Institute, 1998.

Northcutt, Stephen. Network Intrusion Detection: An Analyst's Handbook. Indianapolis, IN: New Riders Publishing, 1999.

Ranum, Marcus. "Some Tips on Network Forensics." Computer Security Institute 198 (September 1999): 1–8.

Reavis, Jim. "Do You Have an Intrusion Detection Response Plan?" Network World Fusion (September 13, 1999). Available online: <http://www.nwfusion.com/newsletters/sec/0913sec1.html>

SANS Institute. Computer Security Incident Handling Step by Step Guide, vo1. 5. Bethesda, MD: The SANS Institute. May 1998.

Schultz, Eugene. "Effective Incident Response." Proceedings of the Fourth Annual UNIX and NT Network Security Conference. Orlando, FL, October 24–31, 1998: Bethesda, MD: The SANS Institute, 1998.

Toigo, Jon William. Disaster Recovery Planning for Computers and Communication Resources. New York: John Wiley, 1996.

West-Brown, Moira J.; Stikvoort, Don; and Kossakowski, Klaus-Peter. Handbook for Computer Security Incident Response Teams (CSIRTs) (CMU/SEI-98-HB-001). Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University, 1998. Available online: <http://www.sei.cmu.edu/publications/documents/98.reports/98hb001/98hb001abstract.html>.
    Team LiB   Previous Section   Next Section