[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ossec-list] OSSEC Presentations at AusCERT/Confidence

To: ossec-list@xxxxxxxxxxxxxxxx, ossec-dev@xxxxxxxxx
Subject: [ossec-list] OSSEC Presentations at AusCERT/Confidence
From: "Daniel Cid" <daniel.cid@xxxxxxxxx>
Date: Sat, 2 Jun 2007 21:49:19 -0300
Dkim-signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=GDEJiSOYC3yhTJL8/9nQS5qylR5mzpmY4DUjRQ72x0iYvIADprxmeHCS6MnO5uTA51qgx40IU4H7AT//c9keuDQg4g+O/UvXv/L4dVYp0sTS6+S8gjmEhUzEHLCOceX8B6k8A/Ri1tEaWDl2WEUXIPENLdFw80vzPOLdxPI1eEg=

Hi list,

During the month of May I went to AusCERT and Confidence to talk about
OSSEC (i.e. Log analysis using OSSEC). On both presentations I mentioned
LIDS (Log-Based intrusion detection), and provided an overview of the ossec
architecture and how to write decoders and rules. If you want to learn
a bit more
about ossec, take a look at them.

**Note that both presentations are very similar, but the AusCERT one
is a bit more
organized, so recommended to be read first.

Auscert:
http://www.ossec.net/ossec-docs/auscert-2007-dcid.pdf

Confidence:
http://www.ossec.net/ossec-docs/conf2007-dcid.pdf

Hope you enjoy!


Taken from the ossec blog:
http://www.ossec.net/dcid/?p=83


Thanks,

--
Daniel B. Cid, dcid at ossec.net
http://www.ossec.net

Prev by Date: [ossec-list] Re: how to block lame server resolving requests
Next by Date: [ossec-list] regex question
Previous by thread: [ossec-list] Re: how to block lame server resolving requests
Next by thread: [ossec-list] Re: OSSEC Presentations at AusCERT/Confidence
Index(es):
- Date
- Thread

OSSEC home | Main Index | Thread Index

OSSEC project: www.ossec.net.
Mailling list information: http://www.ossec.net/en/mailing_lists.html.