> This is because telling what is "odd" is a very difficult thing to do on > a computer. And I mean difficult in the scientific meaning of the world: > we often lack the conceptual tools to do so. > > But really, it's nice to see that my research aren't a total waste of > time :P > Oh, I know -- in an earlier life I worked on statistics -- multivariate hypothesis tests, and that in a situation where I had continuous variables and relatively well tested theories that gave me a reasonable model for things I "ought" to see. But then I decided to move into a field that paid a living wage ;-) Of course, I didn't have the sense to find >easy< problems to work on. This is why whenever I'm looking at logs or doing any other repetitive task, I consciously try to observe what my brain is doing for pattern detection -- and then fire messages off to Marcus and this list, if I notice anything that might be helpful. Like the "sources of remote connections" request yesterday, which came straight out of looking at data from machines compromised in what's now being called the "Teragrid compromises." _______________________________________________ LogAnalysis mailing list LogAnalysis@private http://lists.shmoo.com/mailman/listinfo/loganalysis
This archive was generated by hypermail 2.1.3 : Thu Aug 19 2004 - 11:55:46 PDT