Thursday, September 16, 2004

News SANS Practical Discusses Sguil

SANS' GIAC just published Sguil contributor Chris Reining's GCIA practical titled The State of Intrusion Detection (.pdf). This is not a follow-on to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 1999 CERT classic State of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Practice of Intrusion Detection Technologies. Racá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r, Chris describes cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 shortcomings of ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r technologies like ACID, and how to use Sguil to detect and respond to intrusions. I like seeing discussion of Sguil infiltrate cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 SANS Reading Room. Incidentally -- I haven't read all of Chris' paper with a critical eye yet, so I can't vouch for his conclusions right now.

On cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 lighter side, system administrator extraordinaire Bill Bilano just announced "Severe exploit found, all UNIX are affected!" This was my favorite line:

"Northcutt better take out that section about cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Mitnik attack in that terrible book he is always rehasing with only a spit-shine and fancy new cover because here comes something leaner and meaner! (I have re-bought that nut's book eight times and it is always cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 same old cruft over and over but here wont be a ninth purchase, you bet your pink pajamas!) Someone needs to tell him that SANS is not cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 MANS! LOL!"

1 comment:

Anonymous said...
This comment has been removed by a blog administrator.