Hello Kai and all,
> Do you know any resource where log-entries are described and/or
> classified?
There is really nothing of exactly that type of resource. Just look
thru the list archives; some pointers off the top of my head:
1. http://www.loganalysis.org
2. http://www.ossec.net/wiki/index.php/Log_Samples
3. SANS reading room
4. Tina Bird Syslog Attack Signatures (google for it; I saw it somewhere)
> scientific papers. The books I found (e.g. Babbin et al: Security Log
> Management) weren't very useful. Thus I contacting you to get some
Yeah, this book is genuinely bad; one of the few books on security
that I found truly useless for just about any purpose, apart from
removing some "extraneous" trees from the surface of the planet.
Best,
--
Anton Chuvakin, Ph.D., GCIA, GCIH, GCFA
http://www.chuvakin.org
http://chuvakin.blogspot.com
http://www.securitywarrior.com
_______________________________________________
LogAnalysis mailing list
LogAnalysis@private
http://lists.shmoo.com/mailman/listinfo/loganalysis
This archive was generated by hypermail 2.1.3 : Sat Sep 16 2006 - 01:58:46 PDT