In light of the upcoming month of Incident Handling, I thought it would be good to start with Step 0 and that is Detection. Before you ever begin your incident handling process, you have to know you are compromised. Sometimes its readily apparent and sometimes it isn't. However, there are some indicators that are often ignored or not thought of having "malicious" possibilities. These reports can be big clues and often go unchecked. Here are some of these ideas, in no particular order, yet are good indicators that something may be amiss.
If you have other indicators that you have encountered in the past that have clued you in to a compromise, please let us know and we'll update the list. |
Lorna 165 Posts ISC Handler Sep 29th 2008 |
Thread locked Subscribe |
Sep 29th 2008 1 decade ago |
Sign Up for Free or Log In to start participating in the conversation!