Resources

Slides that were presented to the PSCs at the four kickoff information sessions in March/April 2006. Discusses the IT Incident Response Policy, STEAM, and the Handbook.

STEAM-CIRT Incident Response Charter

This charter defines the mission, goals, and roles of the STEAM-CIRT with respect to IT Incident Response for Purdue University.

McAfee Virus Information Library

McAfee's Virus Information Library is a useful resource for tracking down information regarding viruses, Trojans and worms.

Norman Sandbox Live

Norman Sandbox live allows users to upload malware for analysis. Norman sandbox reports provide useful information such as files and registry keys changed by malware, and other actions taken by the malware.

RUS-CERT Passive DNS Replication Service

RUS-CERT offers a passive DNS replication service which allows users to query historically, DNS records. This site, for example, allows abuse handlers to track down Purdue-owned IP addresses which have domain names pointed to them by third parties.

SANS Internet Storm Center

"Today, the ISC provides a free analysis and warning service to thousands of Internet users and organizations, and is actively working with Internet Service Providers to fight back against the most malicious attackers."

Virus Total

Virus Total allows users to submit via email malware and other suspicious files for analysis. Like Norman Sandbox, it can provide useful information about what actions the malware takes when it is executed.

STEAM-CIRT PGP Public key
The STEAM-CIRT's PGP Public Key can be found at http://www.purdue.edu/securePurdue/steam/steam-cirt.txt. Communications, such as STEAM Advisories, will be signed with this key for authentication purposes.

The key can also be found on MIT's public PGP key server: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xA706F78C

Resources

Documents

Links

Other