These organizations are particularly helpful if you experience a break-in or any kind of security incident at your site. They are also sources of useful general information about Internet security and incident response.
| http://www.cert.org/ |
| ftp://info.cert.org/pub/cert_faq |
From the Computer Emergency Response Team Coordination Center's (CERT-CC) Frequently Asked Questions (FAQ) document:
The CERT Coordination Center is the organization that grew from the computer emergency response team formed by the Defense Advanced Research Projects Agency (DARPA) in November 1988 in response to the needs exhibited during the Internet worm incident. The CERT-CC charter is to work with the Internet community to facilitate its response to computer security events involving Internet hosts; to take proactive steps to raise the community's awareness of computer security issues; and to conduct research targeted at improving the security of existing systems.
CERT-CC products and services include 24-hour technical assistance for responding to computer security incidents, product vulnerability assistance, technical documents, and seminars. In addition, the team maintains a number of mailing lists (including one for CERT-CC advisories) and provides an anonymous FTP server: info.cert.org, where security-related documents, past CERT-CC advisories, and tools are archived.
The CERT-CC FAQ, and other information about CERT-CC are available from info.cert.org via anonymous FTP.
You can contact CERT-CC:
By telephone: +1 412 268-7090 (24 hours a day, seven days a week)
By email: cert@cert.org
| http://www.first.org |
From the FIRST web page:
This coalition, the Forum of Incident Response and Security Teams (FIRST), brings together a variety of computer security incident response teams from government, commercial, and academic organizations. FIRST aims to foster cooperation and coordination in incident prevention, to prompt rapid reaction to incidents, and to promote information sharing among members and the community at large. Currently FIRST has nearly 70 members.
If you're not sure if you are served by an incident response team, contact FIRST; they can probably tell you. You can contact FIRST:
By telephone: +1 301-975-3359
By fax: +1 301 948-0279
By email: first-sec@first.org
| http://csrc.ncsl.nist.gov/ |
From the U.S. National Institute of Standards and Technology CSRC web page:
You are currently accessing the NIST Computer Security Resource Clearinghouse. The Clearinghouse is a National Performance Review (NPR) action. The Clearinghouse project at NIST is on-going; its goals are to
Unify computer security-related information
Ensure the information is complete and accurate
Make the information easily searchable and convenient to obtain
Keep the information current
Make the Clearinghouse self-documenting; a model for how to do it
The main focus is on crisis response information; information on computer security-related threats, vulnerabilities, and solutions. At the same time, the Clearinghouse strives to be a general index to computer security information on a broad variety of subjects, including general risks, privacy, legal issues, viruses, assurance, policy, and training.