-
Archives
- March 2013
- June 2012
- May 2012
- April 2012
- March 2012
- October 2011
- September 2011
- July 2011
- June 2011
- May 2011
- April 2011
- February 2011
- January 2011
- October 2010
- September 2010
- April 2010
- March 2010
- February 2010
- January 2010
- December 2009
- November 2009
- October 2009
- August 2009
- June 2009
- April 2009
- March 2009
- February 2009
- January 2009
- December 2008
- November 2008
- October 2008
- September 2008
- August 2008
- July 2008
- June 2008
- May 2008
- April 2008
- March 2008
- February 2008
- January 2008
- December 2007
- November 2007
- October 2007
- September 2007
- August 2007
- July 2007
- June 2007
- May 2007
- April 2007
- March 2007
- February 2007
- January 2007
- December 2006
- November 2006
- October 2006
- September 2006
- May 2006
- March 2006
Monthly Archives: May 2006
Log analysis for intrusion detection
I just released the document Log analysis for Intrusion Detection at the ossec web site. It shows how some threats can be detected by correlating specific patterns on web logs, proxy logs and authentication logs..” Log analysis is one of … Continue reading
Posted in log analysis
Leave a comment
OSSEC presentation
Ahmet Ozturk, one of OSSEC developers, spoke about OSSEC (Capabilities, Architecture and plans) at the 5th Linux and Free Software Festival (Ankara / Turkey). His presentation in English is available bellow: http://www.ossec.net/en/manual.html#others http://www.ossec.net/ossec-docs/ossec-hids_oahmet_eng.pdf Good work Ahmet!
Posted in ossec
Leave a comment
High volume of web (mambo) scans.
Since Thursday night I’m seeing a high volume of scans on different web servers for possibly the following vulns: http://secunia.com/advisories/14337/ http://www.osvdb.org/displayvuln.php?osvdb_id=10180 However, they say the problem is on function.php and I’m seeing them on index.php. Can anyone confirm that? Some … Continue reading
Posted in log analysis, ossec
Leave a comment