Share on Facebook2Share on Google+0Tweet about this on Twitter4

The National Institute of Standards and Technology is asking for comments on two guides pertaining to malicious computer attacks.

The “Guide to Intrusion Detection and Prevention Systems” focuses on preventing, detecting and responding to attacks and the “Guide to Malware Incident Prevention and Handling for Desktops and Laptops” on preventing and mitigating the effects of malware.

The updated “Guide to Intrusion Detection and Prevention Systems” describes software that has become a necessary addition to the security infrastructure of many organizations. The guidance describes the characteristics of IDPS technologies and provides recommendations for designing, implementing, configuring, securing, monitoring and maintaining them.

The publication discusses four types of IDPS technologies: network-based, wireless, network behavior analysis and host-based.

Comments on this guide should be sent to 800-94comments@nist.gov by August 31.

The “Guide to Malware Incident Prevention and Handling for Desktops and Laptops” is a supplement to another draft document, “Computer Security Incident Handling Guide” (SP 800-61).

It gives background information on the major categories of malware that afflict desktop and laptop computers and provides practical guidance on how to prevent malware incidents and on what to do when a system is infected.

The revised version of SP 800-61 is expected to be published later this summer, NIST said.

Comments on this publication should be sent to 800-83comments@nist.gov by August 31.