-
October 15th, 2002, 08:34 PM
#1
Fingerprinting exploits in system and application log files
Here is an exerpt from an article on Security Focus I found today. I thought that it looked quite informative and ideal for someone new to forensics since it gives good insight into what forensics analysts do and how.
Forensic analysts and incident response engineers are armed with a slew of open source and commercial forensic toolsets to attempt to understand and analyze break-ins they did not witness. The most critical component of forensic analysis is system log files. In particular, the analyst must be able to understand and recognize footprints that exploits leave on system logfiles. Identifying these signatures, and their impact on the application within the log files, is the key to understanding what took place during a security incident.
The article is pretty lengthy, but you can find it here .
Opinions are like holes - everybody\'s got\'em.
Smile
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|