Additional Information

Additional Information

• RFC 2196: Site Security Handbook (http://www.ietf.org/rfc/rfc2196.txt)

• RFC 2350: Expectations for Computer Security Incident Response (http://www.ietf.org/rfc/rfc2350.txt)

• ISO 17799: Code of Practice for Information Security Management (http://www.iso-17799.com/)

• Microsoft Operations Framework (MOF) Resource Library (http://microsoft.com/technet/itsolutions/tandp/opex/mofrl/default.asp)

• Forum of Incident Response Security Teams Web site (http://www.first.org)

• Steps for Recovering from a UNIX or NT System Compromise white paper from the CERT Coordination Center at Carnegie Mellon University (http://www.cert.org/tech_tips/root_compromise.html)

• Microsoft Solution for Securing Windows 2000 Server (http://www.microsoft.com/technet/security/prodtech/Windows/SecWin2k/default.asp)

• The Cuckoo s Egg: Tracking a Spy Through the Maze of Computer Espionage (Pocket Books, 2000)

• Incident Response: Investigating Computer Crime (Osborne, 2001)

• Incident Response: A Strategic Guide to Handling System and Network Security Breaches (New Riders, 2002)

• Network Intrusion Detection, Third Edition (New Riders, 2002)

• 296085: How to Use SQL Server to Analyze Web Logs

• 313064: Monitor Web Server Performance by Using Counter Logs in System Monitor in IIS

• 326444: How to Configure the URLScan Tool

• 300390: How to Enable IIS Logging Site Activity in Windows 2000

  The previous four articles can be accessed through the Microsoft Knowledge Base. Go to http://support.microsoft.com and enter the article number in the Search The Knowledge Base text box.