Responding to Intrusions

These practices are intended primarily for system and network administrators, managers of information systems, and security personnel responsible for networked information resources. These practices are applicable to your organization if your networked systems infrastructure includes host systems providing services to multiple users (file servers, timesharing systems, database servers, Internet servers, etc.) local-area or wide-area networks direct connections, gateways, or modem access to and from external networks, such as the Internet We recommend that you read all of the practices in this module before taking any action. To successfully implement the practices, it is important that you understand the overall context and relationships among them. For instance, once you read the practices in the Handle category, it is easier to understand the Practices in the Prepare category (see the Summary of recommended practices table). If you are dealing with an intrusion, you may want to skip the first two preparatory practices and move immediately to Practice 3, Analyze all information necessary to characterize an intrusion. Once you have completed your response and recovery process, we recommend that you review and implement the preparatory practices.

PDF [344 KB]

Authors

Klaus-Peter Kossakowski

Julia H. Allen

Cecilia Albert

Cory Cohen

Gary Ford

Barbara Fraser

Eric Hayes

John Kochmar

Suresh Konda

William R. Wilson

Security Improvement Module
CMU/SEI-99-SIM-006
February 1999

Cite This Report

SEI:

Kossakowski, Klaus-Peter; Allen, Julia; Albert, Cecilia; Cohen, Cory; Ford, Gary; Fraser, Barbara; Hayes, Eric; Kochmar, John; Konda, Suresh; & Wilson, William. Responding to Intrusions (CMU/SEI-99-SIM-006). Software Engineering Institute, Carnegie Mellon University, 1999. http://www.sei.cmu.edu/library/abstracts/reports/99sim006.cfm

IEEE:

K. Kossakowski, J. Allen, C. Albert, C. Cohen, G. Ford, B. Fraser, E. Hayes, J. Kochmar, S. Konda, and W. Wilson, "Responding to Intrusions," Software Engineering Institute, Carnegie Mellon University, Pittsburgh, Pennsylvania, Security Improvement Module CMU/SEI-99-SIM-006, 1999. http://www.sei.cmu.edu/library/abstracts/reports/99sim006.cfm

APA:

Kossakowski, K., Allen, J., Albert, C., Cohen, C., Ford, G., Fraser, B., Hayes, E., Kochmar, J., Konda, S., & Wilson, W. (1999). Responding to Intrusions (CMU/SEI-99-SIM-006). Retrieved May 21, 2013, from the Software Engineering Institute, Carnegie Mellon University website: http://www.sei.cmu.edu/library/abstracts/reports/99sim006.cfm

CHI:

Kossakowski, Klaus-Peter, Julia Allen, Cecilia Albert, Cory Cohen, Gary Ford, Barbara Fraser, Eric Hayes, John Kochmar, Suresh Konda, and William Wilson. Responding to Intrusions (CMU/SEI-99-SIM-006). Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University, 1999. http://www.sei.cmu.edu/library/abstracts/reports/99sim006.cfm

MLA:

Kossakowski, K., Allen, J., Albert, C., Cohen, C., Ford, G., Fraser, B., Hayes, E., Kochmar, J., Konda, S., & Wilson, W. 1999. Responding to Intrusions (Technical Report CMU/SEI-99-SIM-006). Pittsburgh: Software Engineering Institute, Carnegie Mellon University. http://www.sei.cmu.edu/library/abstracts/reports/99sim006.cfm

Find Us Here

Find us on Youtube  Find us on LinkedIn  Find us on twitter  Find us on Facebook

Share This Page

Share on Facebook  Send to your Twitter page  Save to del.ico.us  Save to LinkedIn  Digg this  Stumble this page.  Add to Technorati favorites  Save this page on your Google Home Page 

For more information

Contact Us

info@sei.cmu.edu

412-268-5800

Help us improve

Visitor feedback helps us continually improve our site.

Please tell us what you
think with this short
(< 5 minute) survey.