A fellow Sguil user wrote a surprisingly complete account of a compromise of his Web server, and how he used Sguil to identify the intrusion and respond to the incident. The author, Chas Tomlin, provides a step-by-step walkthrough of his investigation, along with some of his actual findings -- including a transcript of an IRC conversation between bot net operators.
Rabu, 08 Februari 2006
Langganan:
Posting Komentar (Atom)
0 komentar:
Posting Komentar