Klaus-Peter Kossakowski: IT Incident Response Capabilities


Zur Person

Größere Projekte

IT Incident Response




FIRST Conference on Computer Security Incident Handling & Response 1999

Die Arbeit  |  Teams  |  Konferenzen  |  Bibliographie

2001 2000 1999
1998 1997 1996 1995 1994
1993 1992 1991 1990 1989


Brisbane, Australien.


13. - 18. Juni 1999

 Primary Tutorial Track:

  • Walter Belgers (Origin, NL) / Black Hats Session
  • Jeffrey J. Carpenter (CERT/CC, USA), Brian P. Dunphy (ASSIST, USA) / Will the real owner of this IP address please stand up?
  • Steve Acheson (Cisco Systems, USA) / Secure Shell (SSH)
  • Sandy Sparks (CIAC, USA), Marianne Swanson (NIST, USA), Judith A. Spencer (FedCIRC, USA) / Creating an Incident Response Team

 Advanced Tutorial Track:

  • George Mohay (Queensland University of Technology, AU), Rodney McKemmish (Queensland Forensic Computing Examination Unit, AU), Alison Anderson (Queensland University of Technology, AU), Byron Collie (Directorate of Information Warfare, Headquarters Air Command, AU), Olivier de Vel (Defense Science and Technology Organization, AU) / Computer Forensics
  • William J. Orvis (CIAC, USA) / Computer Virus Operation and New Directions
  • Bob Ayers (Admiral Management Services, UK) / Risk Avoidance and Risk Management : Phrenology in Cyberspace


  • Welcoming Address: Senator the Honourable Amanda Vanstone (Minister for Justice and Customs, AU)
  • Keynote Speaker: Prof. William Caelli (Queensland University of Technology, AU)
  • Endnote Speaker: Steve Orlowski (Special Advisor on IT Security Policy, Australian Federal Attorney-General's Department, AU)

 CSIRT Foundation: Gaining and Operating "Trust":

  • Teams in the Asian / Pacific Area (Panel)
    Vorträge von Vertretern von CERTCC-KR, JPCERT/CC und SINGCERT.
  • Teun Nijssen (Tilburg University & CERT-NL, NL), Stefan Kelm (University of Hamburg & DFN-PCA) / Setting up a Policy Certification Authority

 Vulnerability Prevention and Insurance:

  • Topher Hughes (Cisco Systems, USA) / Assessing Network Security for Insurability
  • Dr. Brian Denehy (SecureGate Limited, AU), Jeremy Hamlyn (SecureGate Limited, AU) / On the Management of Secure Gateways
  • Dr. Wietse Venema (IBM, USA) Bugs per Amount of Code


  • Jeffrey J. Carpenter (CERT/CC, USA), Katherine T. Fithen (CERT/CC, USA) / A Case Study in Incident and Vulnerability Handling Coordination [Carpenter, Fithen 1999]

 Vulnerability Handling:

  • Jane M. Lemmer (World Wide Digital Security, Inc., USA) / Vulnerability Assessment Using SAINT
  • Christina Serban (AT&T Laboratories, USA) / Security Issues for "Always-On" Devices: ADSL and Cable Modem Access
  • Marko Laakso (University of Oulu, FI) / A tiger team approach to resolving vulnerability cases

 What Incident Response Personnel need to know about today's hacker world (Panel):

  • Diskussionsrunde mit Wietse Venema (IBM, USA), Mowgli Assor (OSU-IRT, USA), Byron Collie (Directorate of Information Warfare, Headquarters Air Command, AU), und Walter Belgers (Origin, NL)

 Intrusion Detection:

  • Midori Asaka (Information-technology Promotion Agency, JP) / The Implementation of IDA: An Intrusion Detection Agent System
  • Michael L. Puldy (IBM ERS, USA) / Lessons Learned in the Implementation of a Multi-Location Network Based Real-Time Intrusion System

 "Year 2000" (Panel):

  • Diskussionsrunde mit mehreren Vertretern verschiedener Teams

 Incident Handling:

  • Chaeho Lim (CERTCC-KR) / Semi-Auto Intruder Retracing Using Autonomous Intrusion Analysis Agent
  • Jed M. Pickel (CERT/CC, USA), Chris Rouland (ISS, USA) / Automating Incident Reporting [Pickel, Rouland 1999]

 "Ask the Experts" (Panel):

  • Diskussionsrunde mit mehreren Vertretern verschiedener Teams

© 1998-2001 by Klaus-Peter Kossakowski, Germany.