All, Sorry for yet another bit of shameless self-promotion :-), but I thought this can come handy for those list members who thinking of going to SANS 2006 in Orlando. There, I will be giving a talk on "Baselining Logs and Audit Trails for Security." Here is the outline from the SANS site (http://www.sans.org/sans2006/) "This presentation will focus on creating the methodology for learning the log baselines and then matching the current state of the environment against the baselines. It sounds simple, but an effective methodology for it still hasn't been created. The talk will cover what the good (and bad) possible baselines are, how to create them and how to use them for security. " This builds on my previous SANS presentation on "Log Mining: Knowledge Discovery in Logs" (see http://www.sans.org/ns2004/night.php), but I will focus on what techniques ended up being the most useful. Best, -- Anton Chuvakin, Ph.D., GCIA, GCIH, GCFA http://www.chuvakin.org http://www.securitywarrior.com _______________________________________________ LogAnalysis mailing list LogAnalysis@private http://lists.shmoo.com/mailman/listinfo/loganalysis
This archive was generated by hypermail 2.1.3 : Fri Jan 13 2006 - 11:04:01 PST