IT Incident Response Process
This is the video that was taped during the April 2012 presentation. This discusses the appropriate response to take if you suspect your computer is compromised. There is a formal process for responding to IT incidents that this presentation outlines.
STEAM Kickoff Presentation
Slides that were presented to the PSCs at the four kickoff information sessions in March/April 2006. Discusses the IT Incident Response Policy, STEAM, and the Handbook.
STEAM-CIRT Incident Response Charter
This charter defines the mission, goals, and roles of the STEAM-CIRT with respect to IT Incident Response for Purdue University.
McAfee Virus Information Library
McAfee's Virus Information Library is a useful resource for tracking down information regarding viruses, Trojans and worms.
Norman Sandbox Live
Norman Sandbox live allows users to upload malware for analysis. Norman sandbox reports provide useful information such as files and registry keys changed by malware, and other actions taken by the malware.
RUS-CERT Passive DNS Replication Service
RUS-CERT offers a passive DNS replication service which allows users to query historically, DNS records. This site, for example, allows abuse handlers to track down Purdue-owned IP addresses which have domain names pointed to them by third parties.
SANS Internet Storm Center
"Today, the ISC provides a free analysis and warning service to thousands of Internet users and organizations, and is actively working with Internet Service Providers to fight back against the most malicious attackers."
Virus Total allows users to submit via email malware and other suspicious files for analysis. Like Norman Sandbox, it can provide useful information about what actions the malware takes when it is executed.