On Mon, 10 Sep 2001, Tina Bird wrote: > that ought to cause a bit of a rumpus. > > i've been tasked with giving a presentation to a group > of manager types who do not have our understanding of the > importance of staffing for log monitoring. i've got a > couple of analogies to use for them -- things like asking > how many of them balance their checkbooks or read their credit > card statements Tina, I would take a different approach. Most people don't monitor logs because the simply believe that one would want to scan, probe, attack them. I love giving people the 'home user' challenge. Owners who have dedicated connections to the net (Cable, DSL, etc), I challenge them to install a firewall for their desktop. Without fail, they are always flabergast when the firewall reports people attacking them. Why would someone want to attack my desktop? This always gets their attention. If nothing else, monitor a desktop for a week before your presentation, then show the stats and attacks to your group. Explain to them that if this is a simple home system, image what is happening to your network. Then challenge them to try this at home. But, you ask, what happens if no one scans/attacks you? Not to worry, the blackhat community has yet to dissapoint me :) lance --------------------------------------------------------------------- To unsubscribe, e-mail: loganalysis-unsubscribeat_private For additional commands, e-mail: loganalysis-helpat_private
This archive was generated by hypermail 2b30 : Mon Sep 10 2001 - 23:15:04 PDT