> Use Cases - Are they all covered? Are we trying to cover too many?
> OS - OS ver, init handling, packaging, updating, building, etc.
> Data Control - Snort-Inline, IPTables config etc.
> Data Capture - Hflow, Sebek, Argus, TCPDump, Snort
> Data Analysis - Walleye, others?
> Build Process
>
> Let me know if this sounds like a good place to start and if so,
> what else needs to be listed above or removed form above before we
> start. If this does make sense, kets all agree on the list above
> before we dig in...
Well done, Earl!
Two minor questions:
- what's the difference between the "build process"
and "OS ... building"?
- do we need a separate topic on "general roo config"?
Cheers,
Stefan.
--------------------------------------------------------
T.I.S.P. - Lassen Sie Ihre Qualifikation zertifizieren
vom 25.-30.06.2007 - http://www.secorvo.de/college/tisp/
--------------------------------------------------------
Stefan Kelm
Security Consultant
Secorvo Security Consulting GmbH
Ettlinger Strasse 12-14, D-76137 Karlsruhe
Tel. +49 721 255171-304, Fax +49 721 255171-100
[EMAIL PROTECTED], http://www.secorvo.de/
PGP: 87AE E858 CCBC C3A2 E633 D139 B0D9 212B
Mannheim HRB 108319, Geschaeftsfuehrer: Dirk Fox
_______________________________________________
Honeywall mailing list
[email protected]
https://public.honeynet.org/mailman/listinfo/honeywall
