| Security Log Management: Identifying Patterns in the Chaos Contributor(s): Babbin, Jacob (Author), Kleiman, Dave (Author), Carter, Everett F., Jr. (Author) |
|
 |
ISBN: 1597490423 ISBN-13: 9781597490429 Publisher: Syngress Publishing OUR PRICE: $54.40 Product Type: Paperback - Other Formats Published: January 2006 Annotation: This unique book details how to use a combination of open source software such as Tcpdstats, and Snort to create succinct, meaningful reports that give the big picture of a network's overall health and well being. |
| Additional Information |
| BISAC Categories: - Computers | Security - General - Business & Economics | Information Management |
| Dewey: 004.62 |
| LCCN: 2006355064 |
| Physical Information: 0.97" H x 7.02" W x 9.16" (1.10 lbs) 354 pages |
| Descriptions, Reviews, Etc. |
| Publisher Description: This book teaches IT professionals how to analyze, manage, and automate their security log files to generate useful, repeatable information that can be use to make their networks more efficient and secure using primarily open source tools. The book begins by discussing the "Top 10" security logs that every IT professional should be regularly analyzing. These 10 logs cover everything from the top workstations sending/receiving data through a firewall to the top targets of IDS alerts. The book then goes on to discuss the relevancy of all of this information. Next, the book describes how to script open source reporting tools like Tcpdstats to automatically correlate log files from the various network devices to the "Top 10" list. By doing so, the IT professional is instantly made aware of any critical vulnerabilities or serious degradation of network performance. All of the scripts presented within the book will be available for download from the Syngress Solutions Web site. Almost every operating system, firewall, router, switch, intrusion detection system, mail server, Web server, and database produces some type of "log file." This is true of both open source tools and commercial software and hardware from every IT manufacturer. Each of these logs is reviewed and analyzed by a system administrator or security professional responsible for that particular piece of hardware or software. As a result, almost everyone involved in the IT industry works with log files in some capacity. |
