Security Log Management : Identifying Patterns in the Chaos

eBook Information

Security Log Management : Identifying Patterns in the Chaos ISBN  1597490423 Release Date  01 November 2005 Category  Computer Security Tags  chaos,   pattern,   security,   management,   patterns,   "security log management",   1597490423,   "log management",   project management,   tier,   information security,   "security log",   patch management,   log analysis,   supply chain management,   design pattern,   This book @Amazon  View Tools Google Search Web flazx.com

Description As a system administrator or security professionals, you probably find yourself inundated each day with a deluge of log files from seemingly countless devices, servers, and applications on your network ranging from Windows Server to Snort to your PIX firewall and everything in between. At times, the task of "seeing the forest through the trees" to extract useful, repeatable information from these logs may seem almost impossible. This unique book will show you how to use a combination of open source software such as Tcpdstats, and Snort perfmonitor to create succinct, meaningful reports that give you the big picture of your network's overall health and well being. So, if you need to analyze and prioritize everything from how much of your bandwidth is devoted to browsing ESPN.com, to the most targeted machines in your IDS logs, this is the book for you. This book teaches IT professionals how to analyze, manage, and automate their security log files to generate useful, repeatable information that can be use to make their networks more efficient and secure using primarily open source tools. The book begins by discussing the "Top 10" security logs that every IT professional should be regularly analyzing. These 10 logs cover everything from the top workstations sending/receiving data through a firewall to the top targets of IDS alerts. The book then goes on to discuss the relevancy of all of this information. Next, the book describes how to script open source reporting tools like Tcpdstats to automatically correlate log files from the various network devices to the "Top 10" list. By doing so, the IT professional is instantly made aware of any critical vulnerabilities or serious degradation of network performance. All of the scripts presented within the book will be available for download from the Syngress Solutions Web site. Other books on Computer Security Applied Security Visualization Ethical Hacking Intrusion Detection Systems (Advances in Information Security) VizSEC 2007: Proceedings of the Workshop on Visualization for Computer Security (Mathematics and Visualization) Crimeware: Understanding New Attacks and Defenses (Symantec Press) Computer Security, Privacy and Politics: Current Issues, Challenges and Solutions No Tech Hacking: A Guide to Social Engineering, Dumpster Diving, and Shoulder Surfing Netcat Power Tools Secrets Stolen, Fortunes Lost: Preventing Intellectual Property Theft and Economic Espionage in the 21st Century Hacking: The Art of Exploitation, 2nd Edition Smart Cards, Tokens, Security and Applications Digital Privacy: Theory, Technologies, and Practices Gray Hat Hacking, Second Edition Insider Computer Fraud: An In-depth Framework for Detecting and Defending against Insider IT Attacks Hacking Exposed Windows: Microsoft Windows Security Secrets and Solutions, Third Edition (Hacking Exposed)