Interesting thought, and something I've looked at doing for quite a long while. However, I've always been hampered by something...red tape, laziness, etc. Here's what I mean...let's say someone took steps to limit the number of active script mappings on an IIS server. Let's say that she spent roughly 10 minutes on one box, going through the MMC. Now, let's say that she's been able to script this for a hundred or more servers, using mdutil.exe, or Perl, or whatever, and the script took 4 hrs to design, test, and put in production. So far, the costs of manpower are pretty low. Now, let's look at sites that didn't do this, and see how long it took them to clean up from Code Red. Given this, how does one put a 'price', or determine ROI, for security? --- Gonzalo Garcia <GO_GARCIAat_private> wrote: > I donīt known if this is off topic, if it is let me > know. > > Due to the result of log analisis ( DCs, IDS, > syslog, etc, etc, etc ) I'm > able to identify many "hack attemps" using exploits, > virus, trojans, ports > scannings, and many other stuffs that are in the > wild. > > Because this tasks requires capital goods, manpower, > bla bla ... this costs > are charged to my department, so I trying to find a > theory ( economic or not > ), way to assign a price to every "hack attempt" > identified with the help of > the log analisis. > > just in a very simple vay: > > 1 hack attempt = $1.- :) > > TIA, > > Gonzalo > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: > loganalysis-unsubscribeat_private > For additional commands, e-mail: loganalysis-helpat_private __________________________________________________ Do You Yahoo!? Got something to say? Say it better with Yahoo! Video Mail http://mail.yahoo.com --------------------------------------------------------------------- To unsubscribe, e-mail: loganalysis-unsubscribeat_private For additional commands, e-mail: loganalysis-helpat_private
This archive was generated by hypermail 2b30 : Fri Feb 15 2002 - 15:03:08 PST