Intrusion Detection Systems mailing list archives
Know Your Enemy: A Forensic Analysis
From: lance () spitzner net (Lance Spitzner)
Date: Sun, 21 May 2000 18:30:18 -0500 (CDT)
Archive: http://msgs.securepoint.com/ids FAQ: http://www.ticm.com/kb/faq/idsfaq.html IDS: http://www-rnks.informatik.tu-cottbus.de/~sobirey/ids.html UNSUBSCRIBE: email "unsubscribe ids" to majordomo () uow edu au I've completed a whitepaper that I feel memebers of this group may be interested in. Know Your Enemy: A Forensics Analysis This paper is a continuation of the Know Your Enemy series. The first three papers covered the tools and tactics of the black-hat community. This paper, the fourth of the series, studies step by step a successful attack of a system. However, instead of focusing on the tools and tactics used, we will focus on how we learned what happened and pieced the information together. The purpose is to give you the forensic skills necessary to analyze and learn on your own the threats your organization faces. http://www.enteract.com/~lspitz/forensics Hope it helps :) Lance Spitzner http://www.enteract.com/~lspitz/papers.html
Current thread:
- RE: IDS & SNMP Sanchez-Cherry, Kevin (May 19)
- Re: IDS & SNMP Nuno Miguel Neves (May 19)
- <Possible follow-ups>
- RE: IDS & SNMP Sanchez-Cherry, Kevin (May 19)
- Re: IDS & SNMP Talisker (May 19)
- Know Your Enemy: A Forensic Analysis Lance Spitzner (May 21)
- Gnutella/Napster thomas sjogren (May 22)
- Date: Tue, 23 May 2000 10:36:35 +0800 tongcd (May 22)
- Re: Date: Tue, 23 May 2000 10:36:35 +0800 Inno Eroraha (May 23)
- Intrusion Detection and Incident Handling Authors Needed Jensenne Roculan (May 23)
- Please excuse me, this is a test mail. Akshay Kumar Sreeramoju (May 23)
- TESTING: Please disregard this Akshay Kumar Sreeramoju (May 23)
- TESTING: Please disregard this message Akshay Kumar Sreeramoju (May 23)
- RE: Intrusion Detection and Incident Handling Authors Needed Lubbers, Louis (May 23)
- core dump SHAIFUL HASHIM (May 26)
- Re: core dump Johnathan Norman (May 26)