Responding to a Security Incident
Source: Linux Journal - Posted by Jen Olson   
Intrusion Detection The question that often comes up is what to do about it. Unless it's a financial or safety issue, it's probably going to get laughed at by the legal authorities, but it's worth reporting. .. We'll not go into detecting . . . The question that often comes up is what to do about it. Unless it's a financial or safety issue, it's probably going to get laughed at by the legal authorities, but it's worth reporting. .. We'll not go into detecting incidents, but we will define them as port probes, port scans, denial of service (DoS) attempts and unauthorized access attempts. Each of these warrants investigation, some more than others. Combining intrusion detection software with log analysis (which you should be doing anyhow), these events should stand out.

Read this full article at Linux Journal

Only registered users can write comments.
Please login or register.

Powered by AkoComment!