Monthly Archives: October 2006

Using sshv1 x sshv2

It has become common knowledge that everyone should use ssh version 2 and whenever possible disable support for version 1. The initial version of ssh has some design flaws that makes it vulnerable to some attacks (check out dsniff). However, … Continue reading

Posted in humft | Leave a comment

NIST guide to log management

I don’t need to say much more. The NIST guide to computer security log management is available here. On the bad side, even though they mention swatch, log parser and even the ancient logsentry, they forgot about ossec.

Posted in log analysis | Leave a comment