[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
A Revised Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the G and R for Security Incident Processing Working Group of the IETF.
Title : Expectations for Computer Security Incident Response
Author(s) : N. Brownlee, E. Guttman
Filename : draft-ietf-grip-framework-irt-07.txt
Pages : 33
Date : 11-Sep-97
The purpose of this document is to express the general Internet
community's expectations of Computer Security Incident Response
Teams (CSIRTs). It is not possible to define a set of requirements
that would be appropriate for all teams, but it is possible and
helpful to list and describe the general set of topics and issues
which are of concern and interest to constituent communities.
CSIRT constituents have a legitimate need and right to fully
understand the policies and procedures of 'their' Computer Security
Incident Response Team. One way to support this understanding is to
supply detailed information which users may consider, in the form of
a formal template completed by the CSIRT. An outline of such a
template and a filled in example are provided.
Internet-Drafts are available by anonymous FTP. Login wih the username
"anonymous" and a password of your e-mail address. After logging in,
type "cd internet-drafts" and then
A URL for the Internet-Draft is:
Internet-Drafts directories are located at:
Pacific Rim: munnari.oz.au
US East Coast: ds.internic.net
US West Coast: ftp.isi.edu
Internet-Drafts are also available by mail.
Send a message to: email@example.com. In the body type:
NOTE: The mail server at ds.internic.net can return the document in
MIME-encoded form by using the "mpack" utility. To use this
feature, insert the command "ENCODING mime" before the "FILE"
command. To decode the response(s), you will need "munpack" or
a MIME-compliant mail reader. Different MIME-compliant mail readers
exhibit different behavior, especially when dealing with
"multipart" MIME messages (i.e. documents which have been split
up into multiple messages), so check your local documentation on
how to manipulate these messages.
Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the