Slashdot Mirror

← Back to Stories (view on slashdot.org)

NIST Releases Guide to Cyber Attacks

Posted by CowboyNeal on from the get-a-security-plan dept.

treerex writes "NIST (the US National Institute of Standards and Technology) has just released a 148 page report entitled Computer Security Incident Handling Guide (PDF). It covers the gamut, from setting up a response team to dealing with specific types of attacks: DoS, trojans, worms, malicious code, and unauthorized access. While written by a team from NIST and the contractor Booz-Allen Hamilton (BAH), they appear to have taken input from CERT and luminaries like Spafford. It is an interesting read."

6 of 126 comments (clear)

  1. Re:Are these all the attacks? by ElGnomo · · Score: 5, Insightful

    I would think that if the majority of people did something so simple as to patch their machines, worms would posed half the threat they do now. So, yes, Education is a simple but effective measure to combat security exploits.

  2. Gleam Something From This by munch0wnsy0u · · Score: 5, Insightful

    Beyond the typical vapid governmental reports, this is a step in the right direction. Anything to create a buzz around security, especially computer security, will serve the public well. This is what needs to happen: standardization. The government has done a commendable job in creating standards for dealing with national security - why not extend that to computer security. All these posts that do nothing to note the fact that this is a good thing don't see past the .gov TLD

  3. Re:Interesting! by zensufi · · Score: 3, Insightful
    Exactly! It's like U.S. Army Manuals. They are very bland, general procedures for any platoon to follow to do things that a Green Beret team could do fluidly and efficiently without even thinking about it. They aren't written for the elite though, they are written for the common man.

    "What are the basic things I should do in this particular situation?"

    The idea is to write something that someone of an IQ of 100 can understand and implement without causing too many problems. Someone in another thread made a comment about how this might cause increased security risk because people will know the defenses against any possible attack. This is obviously not true. Any cracker will know anyway what the basic defenses are, and a good system admin will be flexible enough that this will not be a problem.

    --
    I have two eyes, I have two feet.
  4. A good idea by unstable23 · · Score: 5, Insightful

    I think it's actually a good use of taxpayer money, which is the first time that I've said that in public.

    If nothing else, it provides a good framework to start from, especially small companies/non-profits etc, where they don't have the resources to hire a full-time crack security team. This helps them set priorities and useful business things like that.

    I'm really quite surprised people are being negative about it.

  5. Why is it? by treerex · · Score: 4, Insightful

    I don't understand why people immediately dismiss a report coming from NIST as being worthless USG noise while many of the same "arguments" against this paper could be made against books like Incident Response: Investigating Computer Crime or Counter Attack or any of the other n+1 books on this topic that exist.

    Harumph.

  6. Re:Are these all the attacks? by Flower · · Score: 3, Insightful
    Wow! Who would ever think that there should be a methodology for dealing with security incidents? We should all just run around and do our own thing and, of course, the problem will be resolved. And when we catch the guy, our lack of methodology will ensure that any evidence we acquire will be usable in court.

    I'm just going to leave it at that. Anything else is just going to be a derogatory rant. IHBT HAND

    --
    I don't want knowledge. I want certainty. - Law, David Bowie