Re: [logs] Log Analysis Book

From: Sweth Chandramouli (loganalysisat_private)
Date: Thu Jan 30 2003 - 14:20:41 PST

  • Next message: Tina Bird: "[logs] Kiwi perspective on logs in court"

    On Thu, Jan 30, 2003 at 12:18:54PM -0800, durnieat_private wrote:
    > I would recommend Stephen Northcutt's Intrusion Signatures and
    > Analysis" as well as Mike Schiffman and Bill Pennington's  "Hackers
    > Challenge 1 & 2" for reading material...
    	I haven't looked at the latter, but my problem with
    Northcutt's book is that it is too much of "here are some specific
    examples of exploits" book--there's not nearly enough context there
    (IMHO) for most people to be able to extrapolate the info there to
    what they will see in real life, unless what they see happens to
    be exactly what was being discussed in the book.
    	-- Sweth.
    Sweth Chandramouli      Idiopathic Systems Consulting
    LogAnalysis mailing list

    This archive was generated by hypermail 2b30 : Thu Jan 30 2003 - 18:27:14 PST