TF-CSIRT General Information for IRTs/CERTs

How to setup a CERT

• Guide to Setting up a CERT

This document was produced by RARE CERT-TF team in 1993 based on the authoritative writings of individuals either working in, or connected with, operating CERTs, although the informal advice and contacts made with CERT operatives also provided valuable input to the guide.
• Trusted Introducer (TI) process for CSIRTs and basic set of information about CSIRT required by TI
• Forming an Incident Response Team

This paper is based on experience of establishing Australian CERT in 1993 and presents useful tips how to establish a new IRT.
• Establishing a Computer Security Incident Response Capability (CSIRC). NIST Special Publication 800-3, November, 1991

• ---

• Special service for new staff of CSIRTs: 
  5th FP IST Project TRANSITS (Training of Network Security Incident Teams Staff)

• RFC 2196. Site Security Handbook (replaces the now obsolete RFC1244)

This handbook is a guide to setting computer security policies and procedures for sites that have systems on the Internet (however, the information provided should also be useful to sites not yet connected to the Internet).  This guide lists issues and factors that a site must consider when setting their own policies.  It makes a number of recommendations and provides discussions of relevant areas.
• RFC 2350. Expectation for Security Incident Response Teams

This document describes the general Internet community's expectations of Computer Security Incident Response Teams (CSIRTs). It is not possible to define a set of requirements that would be appropriate for all teams, but it is possible and helpful to list and describe the general set of topics and issues which are of concern and interest to constituent communities.
• RFC2505. Users' Security Handbook

This document provides guidance to the end-users of computer systems and networks about what they can do to keep their data and communication private, and their systems and networks secure. Part Two of this document concerns "corporate users" in small, medium and large corporate and campus sites.  Part Three of the document addresses users who administer their own computers, such as home users. System and network administrators may wish to use this document as the foundation of a site-specific users' security guide; however, they should consult the Site Security Handbook first [RFC2196].
• RFC3013. Recommended Internet Service Provider Security Services and Procedures

The purpose of this document is to express what the engineering community as represented by the IETF expects of Internet Service Providers (ISPs) with respect to security. It is not the intent of this document to define a set of requirements that would be appropriate for all ISPs, but rather to raise awareness among ISPs of the community's expectations, and to provide the community with a framework for discussion of security expectations with current and prospective service providers.

• Draft National Startegy to Secure Cyberspace - Published by US President's Critical Infrastructure Protection Board September 18, 2002
  Stategies developed by other sectors:
• Partnership for Criticaql Infrastructure Security
• Critical Infrastructure Assurance Office
• NIST Computer Security Special Publications
• NIST's Special Publication: Internet Security Policy: A Technical Guide [DRAFT] in HTML format. Adobe PDF document can be downloaded or individual chapters may be viewed (in PDF format also).
• Unix System Administration written by Frank G. Fiamingo from University Technology Services The Ohio State University.
• Center for Education and Research in Information Assurance and Security (CERIAS)
• Computer Operations, Audit, and Security Technology (COAST) Project Archive  - COAST is Research project on Techiniques and Tools for Computer Security. COAST is now part of CERIAS.
• Incident Reporting Guidelines. - CERT® Coordination Center. Updated September 2002.
• FIRST Information - Information of general interest and for FIRST members.

| Home | Information | Conferences | Innovation | Technical | Library | News |