Verfügbarkeit: Security log management

Security log management: identifying patterns in the chaos

Gespeichert in:

Bibliographische Detailangaben
1. Verfasser:	Babbin, Jacob (VerfasserIn)
Format:	Elektronisch E-Book
Sprache:	English
Veröffentlicht:	Rockland, MA Syngress ©2006
Schlagworte:	COMPUTERS / Internet / Security COMPUTERS / Networking / Security COMPUTERS / Security / General Computer networks / Security measures Computer networks > Security measures
Online-Zugang:	FAW01 FAW02 Volltext
Beschreibung:	Includes index Log analysis : overall issues -- IDS reporting -- Firewall reporting -- Systems and network device reporting -- Creating a reporting infrastructure -- Scalable enterprise Solutions (ESM deployments) -- Managing log files with Microsoft Log Parser -- Investigating intrusions with Microsoft Log Parser -- Managing Snort alerts with Microsoft Log Parser This book teaches IT professionals how to analyze, manage, and automate their security log files to generate useful, repeatable information that can be use to make their networks more efficient and secure using primarily open source tools. The book begins by discussing the Top 10 security logs that every IT professional should be regularly analyzing. These 10 logs cover everything from the top workstations sending/receiving data through a firewall to the top targets of IDS alerts. The book then goes on to discuss the relevancy of all of this information. Next, the book describes how to script open source reporting tools like Tcpdstats to automatically correlate log files from the various network devices to the Top 10 list. By doing so, the IT professional is instantly made aware of any critical vulnerabilities or serious degradation of network performance. All of the scripts presented within the book will be available for download from the Syngress Solutions Web site. Almost every operating system, firewall, router, switch, intrusion detection system, mail server, Web server, and database produces some type of log file. This is true of both open source tools and commercial software and hardware from every IT manufacturer. Each of these logs is reviewed and analyzed by a system administrator or security professional responsible for that particular piece of hardware or software. As a result, almost everyone involved in the IT industry works with log files in some capacity. * Provides turn-key, inexpensive, open source solutions for system administrators to analyze and evaluate the overall performance and security of their network * Dozens of working scripts and tools presented throughout the book are available for download from Syngress Solutions Web site. * Will save system administrators countless hours by scripting and automating the most common to the most complex log analysis tasks
Beschreibung:	1 Online-Ressource (xviii, 333 pages)
ISBN:	0080489702 1423754174 1597490423 9780080489704 9781423754176 9781597490429

Internformat

MARC


LEADER	00000nmm a2200000zc 4500
001	BV043165989
003	DE-604
005	00000000000000.0
007	cr\|uuu---uuuuu
008	151126s2006 \|\|\|\| o\|\|u\| \|\|\|\|\|\|eng d
020			\|a 0080489702 \|9 0-08-048970-2
020			\|a 1423754174 \|9 1-4237-5417-4
020			\|a 1597490423 \|9 1-59749-042-3
020			\|a 9780080489704 \|9 978-0-08-048970-4
020			\|a 9781423754176 \|9 978-1-4237-5417-6
020			\|a 9781597490429 \|9 978-1-59749-042-9
035			\|a (OCoLC)64274794
035			\|a (DE-599)BVBBV043165989
040			\|a DE-604 \|b ger \|e aacr
041	0		\|a eng
049			\|a DE-1046 \|a DE-1047
082	0		\|a 005.8 \|2 22
100	1		\|a Babbin, Jacob \|e Verfasser \|4 aut
245	1	0	\|a Security log management \|b identifying patterns in the chaos \|c Jacob Babbin [and others]
264		1	\|a Rockland, MA \|b Syngress \|c ©2006
300			\|a 1 Online-Ressource (xviii, 333 pages)
336			\|b txt \|2 rdacontent
337			\|b c \|2 rdamedia
338			\|b cr \|2 rdacarrier
500			\|a Includes index
500			\|a Log analysis : overall issues -- IDS reporting -- Firewall reporting -- Systems and network device reporting -- Creating a reporting infrastructure -- Scalable enterprise Solutions (ESM deployments) -- Managing log files with Microsoft Log Parser -- Investigating intrusions with Microsoft Log Parser -- Managing Snort alerts with Microsoft Log Parser
500			\|a This book teaches IT professionals how to analyze, manage, and automate their security log files to generate useful, repeatable information that can be use to make their networks more efficient and secure using primarily open source tools. The book begins by discussing the Top 10 security logs that every IT professional should be regularly analyzing. These 10 logs cover everything from the top workstations sending/receiving data through a firewall to the top targets of IDS alerts. The book then goes on to discuss the relevancy of all of this information. Next, the book describes how to script open source reporting tools like Tcpdstats to automatically correlate log files from the various network devices to the Top 10 list. By doing so, the IT professional is instantly made aware of any critical vulnerabilities or serious degradation of network performance. All of the scripts presented within the book will be available for download from the Syngress Solutions Web site. Almost every operating system, firewall, router, switch, intrusion detection system, mail server, Web server, and database produces some type of log file. This is true of both open source tools and commercial software and hardware from every IT manufacturer. Each of these logs is reviewed and analyzed by a system administrator or security professional responsible for that particular piece of hardware or software. As a result, almost everyone involved in the IT industry works with log files in some capacity. * Provides turn-key, inexpensive, open source solutions for system administrators to analyze and evaluate the overall performance and security of their network * Dozens of working scripts and tools presented throughout the book are available for download from Syngress Solutions Web site. * Will save system administrators countless hours by scripting and automating the most common to the most complex log analysis tasks
650		7	\|a COMPUTERS / Internet / Security \|2 bisacsh
650		7	\|a COMPUTERS / Networking / Security \|2 bisacsh
650		7	\|a COMPUTERS / Security / General \|2 bisacsh
650		7	\|a Computer networks / Security measures \|2 fast
650		4	\|a Computer networks \|x Security measures
856	4	0	\|u http://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&db=nlabk&AN=149571 \|x Aggregator \|3 Volltext
912			\|a ZDB-4-EBA
999			\|a oai:aleph.bib-bvb.de:BVB01-028590179
966	e		\|u http://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&db=nlabk&AN=149571 \|l FAW01 \|p ZDB-4-EBA \|q FAW_PDA_EBA \|x Aggregator \|3 Volltext
966	e		\|u http://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&db=nlabk&AN=149571 \|l FAW02 \|p ZDB-4-EBA \|q FAW_PDA_EBA \|x Aggregator \|3 Volltext

Datensatz im Suchindex

_version_	1804175641109594112
any_adam_object
author	Babbin, Jacob
author_facet	Babbin, Jacob
author_role	aut
author_sort	Babbin, Jacob
author_variant	j b jb
building	Verbundindex
bvnumber	BV043165989
collection	ZDB-4-EBA
ctrlnum	(OCoLC)64274794 (DE-599)BVBBV043165989
dewey-full	005.8
dewey-hundreds	000 - Computer science, information, general works
dewey-ones	005 - Computer programming, programs, data, security
dewey-raw	005.8
dewey-search	005.8
dewey-sort	15.8
dewey-tens	000 - Computer science, information, general works
discipline	Informatik
format	Electronic eBook
fullrecord	<?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>04118nmm a2200469zc 4500</leader><controlfield tag="001">BV043165989</controlfield><controlfield tag="003">DE-604</controlfield><controlfield tag="005">00000000000000.0</controlfield><controlfield tag="007">cr\|uuu---uuuuu</controlfield><controlfield tag="008">151126s2006 \|\|\|\| o\|\|u\| \|\|\|\|\|\|eng d</controlfield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">0080489702</subfield><subfield code="9">0-08-048970-2</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">1423754174</subfield><subfield code="9">1-4237-5417-4</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">1597490423</subfield><subfield code="9">1-59749-042-3</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9780080489704</subfield><subfield code="9">978-0-08-048970-4</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9781423754176</subfield><subfield code="9">978-1-4237-5417-6</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9781597490429</subfield><subfield code="9">978-1-59749-042-9</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(OCoLC)64274794</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-599)BVBBV043165989</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-604</subfield><subfield code="b">ger</subfield><subfield code="e">aacr</subfield></datafield><datafield tag="041" ind1="0" ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">DE-1046</subfield><subfield code="a">DE-1047</subfield></datafield><datafield tag="082" ind1="0" ind2=" "><subfield code="a">005.8</subfield><subfield code="2">22</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">Babbin, Jacob</subfield><subfield code="e">Verfasser</subfield><subfield code="4">aut</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Security log management</subfield><subfield code="b">identifying patterns in the chaos</subfield><subfield code="c">Jacob Babbin [and others]</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="a">Rockland, MA</subfield><subfield code="b">Syngress</subfield><subfield code="c">©2006</subfield></datafield><datafield tag="300" ind1=" " ind2=" "><subfield code="a">1 Online-Ressource (xviii, 333 pages)</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="b">c</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="b">cr</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="500" ind1=" " ind2=" "><subfield code="a">Includes index</subfield></datafield><datafield tag="500" ind1=" " ind2=" "><subfield code="a">Log analysis : overall issues -- IDS reporting -- Firewall reporting -- Systems and network device reporting -- Creating a reporting infrastructure -- Scalable enterprise Solutions (ESM deployments) -- Managing log files with Microsoft Log Parser -- Investigating intrusions with Microsoft Log Parser -- Managing Snort alerts with Microsoft Log Parser</subfield></datafield><datafield tag="500" ind1=" " ind2=" "><subfield code="a">This book teaches IT professionals how to analyze, manage, and automate their security log files to generate useful, repeatable information that can be use to make their networks more efficient and secure using primarily open source tools. The book begins by discussing the Top 10 security logs that every IT professional should be regularly analyzing. These 10 logs cover everything from the top workstations sending/receiving data through a firewall to the top targets of IDS alerts. The book then goes on to discuss the relevancy of all of this information. Next, the book describes how to script open source reporting tools like Tcpdstats to automatically correlate log files from the various network devices to the Top 10 list. By doing so, the IT professional is instantly made aware of any critical vulnerabilities or serious degradation of network performance. All of the scripts presented within the book will be available for download from the Syngress Solutions Web site. Almost every operating system, firewall, router, switch, intrusion detection system, mail server, Web server, and database produces some type of log file. This is true of both open source tools and commercial software and hardware from every IT manufacturer. Each of these logs is reviewed and analyzed by a system administrator or security professional responsible for that particular piece of hardware or software. As a result, almost everyone involved in the IT industry works with log files in some capacity. * Provides turn-key, inexpensive, open source solutions for system administrators to analyze and evaluate the overall performance and security of their network * Dozens of working scripts and tools presented throughout the book are available for download from Syngress Solutions Web site. * Will save system administrators countless hours by scripting and automating the most common to the most complex log analysis tasks</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">COMPUTERS / Internet / Security</subfield><subfield code="2">bisacsh</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">COMPUTERS / Networking / Security</subfield><subfield code="2">bisacsh</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">COMPUTERS / Security / General</subfield><subfield code="2">bisacsh</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">Computer networks / Security measures</subfield><subfield code="2">fast</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Computer networks</subfield><subfield code="x">Security measures</subfield></datafield><datafield tag="856" ind1="4" ind2="0"><subfield code="u">http://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&db=nlabk&AN=149571</subfield><subfield code="x">Aggregator</subfield><subfield code="3">Volltext</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">ZDB-4-EBA</subfield></datafield><datafield tag="999" ind1=" " ind2=" "><subfield code="a">oai:aleph.bib-bvb.de:BVB01-028590179</subfield></datafield><datafield tag="966" ind1="e" ind2=" "><subfield code="u">http://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&db=nlabk&AN=149571</subfield><subfield code="l">FAW01</subfield><subfield code="p">ZDB-4-EBA</subfield><subfield code="q">FAW_PDA_EBA</subfield><subfield code="x">Aggregator</subfield><subfield code="3">Volltext</subfield></datafield><datafield tag="966" ind1="e" ind2=" "><subfield code="u">http://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&db=nlabk&AN=149571</subfield><subfield code="l">FAW02</subfield><subfield code="p">ZDB-4-EBA</subfield><subfield code="q">FAW_PDA_EBA</subfield><subfield code="x">Aggregator</subfield><subfield code="3">Volltext</subfield></datafield></record></collection>
id	DE-604.BV043165989
illustrated	Not Illustrated
indexdate	2024-07-10T07:19:31Z
institution	BVB
isbn	0080489702 1423754174 1597490423 9780080489704 9781423754176 9781597490429
language	English
oai_aleph_id	oai:aleph.bib-bvb.de:BVB01-028590179
oclc_num	64274794
open_access_boolean
owner	DE-1046 DE-1047
owner_facet	DE-1046 DE-1047
physical	1 Online-Ressource (xviii, 333 pages)
psigel	ZDB-4-EBA ZDB-4-EBA FAW_PDA_EBA
publishDate	2006
publishDateSearch	2006
publishDateSort	2006
publisher	Syngress
record_format	marc
spelling	Babbin, Jacob Verfasser aut Security log management identifying patterns in the chaos Jacob Babbin [and others] Rockland, MA Syngress ©2006 1 Online-Ressource (xviii, 333 pages) txt rdacontent c rdamedia cr rdacarrier Includes index Log analysis : overall issues -- IDS reporting -- Firewall reporting -- Systems and network device reporting -- Creating a reporting infrastructure -- Scalable enterprise Solutions (ESM deployments) -- Managing log files with Microsoft Log Parser -- Investigating intrusions with Microsoft Log Parser -- Managing Snort alerts with Microsoft Log Parser This book teaches IT professionals how to analyze, manage, and automate their security log files to generate useful, repeatable information that can be use to make their networks more efficient and secure using primarily open source tools. The book begins by discussing the Top 10 security logs that every IT professional should be regularly analyzing. These 10 logs cover everything from the top workstations sending/receiving data through a firewall to the top targets of IDS alerts. The book then goes on to discuss the relevancy of all of this information. Next, the book describes how to script open source reporting tools like Tcpdstats to automatically correlate log files from the various network devices to the Top 10 list. By doing so, the IT professional is instantly made aware of any critical vulnerabilities or serious degradation of network performance. All of the scripts presented within the book will be available for download from the Syngress Solutions Web site. Almost every operating system, firewall, router, switch, intrusion detection system, mail server, Web server, and database produces some type of log file. This is true of both open source tools and commercial software and hardware from every IT manufacturer. Each of these logs is reviewed and analyzed by a system administrator or security professional responsible for that particular piece of hardware or software. As a result, almost everyone involved in the IT industry works with log files in some capacity. * Provides turn-key, inexpensive, open source solutions for system administrators to analyze and evaluate the overall performance and security of their network * Dozens of working scripts and tools presented throughout the book are available for download from Syngress Solutions Web site. * Will save system administrators countless hours by scripting and automating the most common to the most complex log analysis tasks COMPUTERS / Internet / Security bisacsh COMPUTERS / Networking / Security bisacsh COMPUTERS / Security / General bisacsh Computer networks / Security measures fast Computer networks Security measures http://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&db=nlabk&AN=149571 Aggregator Volltext
spellingShingle	Babbin, Jacob Security log management identifying patterns in the chaos COMPUTERS / Internet / Security bisacsh COMPUTERS / Networking / Security bisacsh COMPUTERS / Security / General bisacsh Computer networks / Security measures fast Computer networks Security measures
title	Security log management identifying patterns in the chaos
title_auth	Security log management identifying patterns in the chaos
title_exact_search	Security log management identifying patterns in the chaos
title_full	Security log management identifying patterns in the chaos Jacob Babbin [and others]
title_fullStr	Security log management identifying patterns in the chaos Jacob Babbin [and others]
title_full_unstemmed	Security log management identifying patterns in the chaos Jacob Babbin [and others]
title_short	Security log management
title_sort	security log management identifying patterns in the chaos
title_sub	identifying patterns in the chaos
topic	COMPUTERS / Internet / Security bisacsh COMPUTERS / Networking / Security bisacsh COMPUTERS / Security / General bisacsh Computer networks / Security measures fast Computer networks Security measures
topic_facet	COMPUTERS / Internet / Security COMPUTERS / Networking / Security COMPUTERS / Security / General Computer networks / Security measures Computer networks Security measures
url	http://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&db=nlabk&AN=149571
work_keys_str_mv	AT babbinjacob securitylogmanagementidentifyingpatternsinthechaos

Verfügbarkeit

Es ist kein Print-Exemplar vorhanden.

Fernleihe Bestellen Achtung: Nicht im THWS-Bestand! Volltext öffnen

MARC

Datensatz im Suchindex

Es ist kein Print-Exemplar vorhanden.

Ähnliche Einträge