[Snort-users] Course on IDS Log Interpertation

Dan Hollis goemon at ...20...
Wed Nov 22 15:37:07 EST 2000


On Wed, 22 Nov 2000, Lance Spitzner wrote:
> On Wed, 22 Nov 2000, Christopher Northrop wrote:
> >      Just wondering if anyone has heard of any courses on "The Art of
> > Interpreting your IDS data/logs".  Maybe some guru out there might consider
> > offering a similar course? Hands on would be nice..
> Check out "Know Your Enemy: Forensic Analysis"
> http://www.enteract.com/~lspitz/forensics.html

On the topic of forensics, has anyone used snort logs to successfully
prosecute script kiddies? Did you find snort logs lacking in any way for
prosecution?

-Dan




More information about the Snort-users mailing list