| cms on 19 Jan 2005 14:27:04 -0000 |
|
On Tuesday 18 January 2005 15:19, FloydLJohnsonIII@aol.com wrote: > Dear PLUGgers, > > Mr. Kaplowitz's recent (mis?)adventure raised, for me, the question, of > systematically solving these things. Can anyone recommend a beginner's > guide to post-intrusion analysis? A good one would instruct in how to > answer, "how'd they break our defenses?" Check out the challenges at The Honeynet Project. They are very good and they were designed for the 'students' to be able to use OSS tools to solve them. The older challenges, although dated, are still very good and you can even read the winners' answers. <http://www.honeynet.org/misc/chall.html> Also check out the test images Brian Carrier developed at CFTT (Digital Forensics Tool Testing Images). Although more along the lines of forensic work --as opposed to incident response-- they too were designed to be solved using OSS tools. And of course, there is SecurityFocus.com and SANS.org. Like someone else already said, Google. HTH Chris Shanahan Attachment:
pgpY3lHqdRTKf.pgp ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|