While the shop is a small one, it seems somewhat inconclusive to me that is only a single server in the environment, vs it being only one server that all that attacking was against.
Either way, larger environments have the benefit of log correlation solutions and a more extensive trail that can be made to get to the important systems. Size works against both parties. *ASB **http://XeeMe.com/AndrewBaker* <http://xeeme.com/AndrewBaker>* **Providing Virtual CIO Services (IT Operations & Information Security) for the SMB market…*** On Sun, Oct 6, 2013 at 10:51 PM, Ken Schaefer <[email protected]> wrote: > Article implies they have all of one server... **** > > Props to them for doing root cause analysis, but when you have that many > eyes watching one box, then life’s a lot easier then when you have 100+ > boxes you need to watch**** > > ** ** > > Cheers**** > > Ken**** > > ** ** > > *From:* [email protected] [mailto: > [email protected]] *On Behalf Of *Ziots, Edward > *Sent:* Friday, 4 October 2013 10:03 PM > *To:* [email protected]; COMPUTING > *Subject:* RE: [NTSysADM] Vigilance and planning save the day**** > > ** ** > > Good article. **** > > ** ** > > Z**** > > ** ** > > Edward E. Ziots, CISSP, CISA, Security +, Network +**** > > Security Engineer**** > > Lifespan Organization**** > > [email protected]**** > > Work:401-255-2497**** > > ** ** > > ** ** > > This electronic message and any attachments may be privileged and > confidential and protected from disclosure. If you are reading this > message, but are not the intended recipient, nor an employee or agent > responsible for delivering this message to the intended recipient, you are > hereby notified that you are strictly prohibited from copying, printing, > forwarding or otherwise disseminating this communication. If you have > received this communication in error, please immediately notify the sender > by replying to the message. Then, delete the message from your computer. > Thank you.**** > > *[image: Description: Description: Lifespan]* > > ** ** > > ** ** > > *From:* [email protected] [ > mailto:[email protected] <[email protected]>] *On > Behalf Of *Andrew S. Baker > *Sent:* Thursday, October 03, 2013 6:44 PM > *To:* COMPUTING > *Subject:* [NTSysADM] Vigilance and planning save the day**** > > ** ** > > Finally, a pretty good security incident response story... > > > http://www.zdnet.com/how-vigilance-saved-a-startup-from-a-sophisticated-robbery-7000021436/ > **** > > **** > > **** > > *ASB > **http://XeeMe.com/AndrewBaker* <http://xeeme.com/AndrewBaker>* > **Providing Virtual CIO Services (IT Operations & Information Security) > for the SMB market…***** > > ** ** >
<<image001.jpg>>
