Iv?n Arce <[EMAIL PROTECTED]> wrote: "... an auditor client is an agent that retrieves logged data from the syslog server and presents it for visualization either by a human being or a program." This is an important point - in security defense, detection and response should be part of the solution, as well as technology (e.g. crypto). The human analysis task is the most expensive part of a total solution! Also, note that this needs to be far more flexible than other parts of the system, because organization needs and human inclinations vary so much. "... doing yet a bit more of a summary (btw, someone should summarize all the traffic in the list at least once a week)..." Thanks for your summary. I will also try to digest the week's list over the weekend, to produce a high-level issues summary or at least some form of "minutes"; perhaps we can get it onto http://njlug.rutgers.edu/projects/syslog. Alex
Re: and.. what if we define the goals first?
by way of "Chris M. Lonvick" <[EMAIL PROTECTED]> Mon, 10 Apr 2000 10:37:35 -0700
- and.. wha... Ivan Arce
- by way of "Chris M. Lonvick" <[EMAIL PROTECTED]>