Klaus-Peter Kossakowski: IT Incident Response Capabilities

 

Zur Person


Größere Projekte


IT Incident Response


Publikationen


PGP-Schlüssel


Impressum
9th Workshop on Computer Security Incident Handling 1997

Die Arbeit  |  Teams  |  Konferenzen  |  Bibliographie

2001 2000 1999
1998 1997 1996 1995 1994
1993 1992 1991 1990 1989

 Veranstaltungsort:

Bristol, GB.

 Datum:

Juni 1997

 Tutorien:

  • Katherine T. Fithen (CERT/CC, USA), Sandy Sparks (CIAC, USA), Marianne Swanson (NIST, USA) und Patricia Zechman (SAIC, USA) / Establishing an Incident Response Team
  • William J. Cook (Brinks Hofer Gilson & Lione, USA) / International Internet Law Developments circa June 1997 : If You Can See It, You Can Sue It

 Plenary:

  • Keynote Speaker: John Austen (Computer Crime Ltd., GB)

 Team Presentations:

  • Vorträge von AUSCERT, CARNet CERT, CERT Coordination Center, CERT-IT, MOREnet, MYCERT, NU-CERT und SUNSet.
  • European CERT Coordination Projekt: Vorträge von Don Stikvoort (CERT-NL, NL), Dennis Jackson (UKERNA, GB) und John Horton (DANTE, GB).

 Incident Characterization:

  • John Pescatore (Trusted Information Systems, USA) / The Evolution and Mutation of Hacks/Incidents
  • Steve Romig (Ohio State University, USA) / Characterizing Intruder(s) Methods of Operation
  • Wolfgang Ley (DFN-CERT, DE) / Why Are Some Incidents Never Solved?

 Future of FIRST:

  • Richard O. Hundley (RAND, USA) / Report of the Task Force on the Future of FIRST [Hundley 1997a]

 Tools for Incident Response:

  • Dr. Eric A. Fisch (Trident Data Systems, USA), Udo Pooch (Texas A&M University, USA) und Greg White (USAF Academy, USA) / The Design and Creation of a UNIX Based Automated Incident Response System
  • Paul C. Brutch (Texas A&M University, USA), Willis Marti (Texas A&M University, USA), Udo Pooch (Texas A&M University, USA), Dhiraj Pradhan (Texas A&M University, USA) und Greg White (USAF Academy) / Intruder Containment : An Automated Method of Response to Potential Security Incidents
  • John Fisher (CIAC, USA) / Incident Request and Ticketing System (IRTS) [Fisher 1997]

 Response Team Operations:

  • Michel Miqueu (CNES, FR) und Serge Tapia (Alcatel TITN Answare, FR) / Third Party Network Audit Experiences
  • Wolfgang Ley (DFN-CERT, DE) / Public Key Infrastructures
  • Eric Halil (AUSCERT, AUS) / Coordinating Multi-Vendor Vulnerabilities : Why is it so difficult? [Halil 1997]

 Opening The Vendor Black Box:

  • Vorträge von Vertretern verschiedener Hersteller

 Information Sharing Amongst Incident Response Teams:

  • Vorträge von Eric A. Fisch (Trident Data Systems, USA) und Paul Leyland (Oxford University, GB)
  • Klaus-Peter Kossakowski (DFN-CERT, DE) / Information Sharing : The IRT Perspective [Kossakowski 1997a]
  • R. Hardy Dexter (ASSIST, USA) / Information Sharing and the Joint Information Assurance Operations Working Group (JIWG) [Dexter 1997]

 Public Communications in the World of Incident Response:

  • Terry McGillen (CERT/CC, USA) / Public Communications in the World of Incident Response [McGillen 1997]

 Tools for Incident Monitoring and Management:

  • Steven Branigan (Lucent Technologies, USA) / Hey, Who Took My Keyboard?
  • Steve Romig (Ohio State University, USA) / Review - A Tool for Reviewing Tcpdump Packet Logs

 Response Team Management:

  • Eric A. Fisch (Trident Data Systems, USA) / Incident Control via Incident Prevention
  • Klaus-Peter Kossakowski (DFN-CERT, DE) / From Incident Response to Incident Control Management [Kossakowski 1997]
  • Ahmet Koltuksuz (Izmir Institute of Technology, TR) / An Institutional Approach to Incident Response Team Staff Education & Certification [Koltuksuz 1997]

© 1998-2001 by Klaus-Peter Kossakowski, Germany.