HSC
Network Security Consulting Agency Since 1989 - Specialized in Unix, Windows, TCP/IP and Internet
Text mode: access to the page content
Hervé Schauer Consultants
You are here: Home > Resources > Lectures > Logging (how to be ready to incidents)
Go to: HSC Trainings
Search:  
Version française
   Services   
o Skills & Expertise
o Consulting
o ISO 27001 services
o Vulnerabilities monitoring
o Audit & Assessment
o Penetration tests
o Vunerability assessment (TSAR)
o Forensics
o ARJEL
o Training courses
o E-learning
   Conferences   
o Agenda
o Past events
o Tutorials
   Resources   
o Thematic index
o Tips
o Lectures
o Courses
o Articles
o Tools (download)
o Vulnerability watch
   Company   
o Hervé Schauer
o Team
o Job opportunities
o Credentials
o History
o Partnerships
o Associations
   Press and
 communication
 
 
o HSC Newsletter
o Press review
o Press releases
o Publications
   Contacts   
o How to reach us
o Specific inquiries
o Directions to our office
o Hotels near our office
|>|Logging (how to be ready to incidents)  
> Access to the content HTML Beginning of the presentation
PDF PDF version [3830KB]  
> Description Presentation about importance of logging, some solutions to create and administrate logs and some informations to analyse them.  
> Context & Dates Talk made during Solutions Linux 2003, on 6 February 2003.
 
> Author Frédéric Lavécot  
> Type [ French - HTML ]  
> Abstract &
Table of content
Flyleaf
Plan
Pourquoi parler de journalisation (1/3)
Pourquoi parler de journalisation (2/3)
Pourquoi parler de journalisation (3/3)
Quels évènements journaliser ?
En cas d'incident
Limites de la journalisation
Syslog
Limites de syslog
Confiance faite aux journaux
Limites de syslog : Transmission / Collecte (1/2)
Limites de syslog : Transmission / Collecte (2/2)
Tunnel TCP (1/2)
Tunnel TCP (2/2)
Tunnel chiffré
Projets concernant la journalisation
Limites de la journalisation : Analyse (1/3)
Limites de la journalisation : Analyse (2/3)
Limites de la journalisation : Analyse (3/3)
Traces d'exploitations dans les journaux (1/2)
Traces d'exploitations dans les journaux (2/2)
Autres journaux
UDS : URL Detection System
Architecture
Architecture
Honeypots
Enquêtes après piratage
Cas où les journaux ne sont pas indispensables
Conclusion 1/2
Conclusion 2/2
Ressources  
> Related documents
themeLinux-Expo
[Presentation]  Ethereal: an open-source network analyzer and a must-have security tool [2 February 2005 - French]
[Presentation]  SSLTunnel : VPN for roadwarriors [4 February 2004 - French]
[Presentation]  Wi-Fi network and open source [6 February 2003 - French]
[Techno-watch]  Linux Expo Toronto [6 November 2000 - French]
themeLogging
[Presentation]  Logging and incident processing [15 May 2008 - French]
[Presentation]  Workstation Security [29 March 2007 - French]
[Presentation]  Logs and incident processing [29 March 2007 - French]
[Presentation]  Generation of regular expressions from logged events [2 February 2005 - French]
[Presentation]  Generation of rational expressions starting from journalized events [30 August 2004 - French]
[Presentation]  Useful standards for network security [20 October 2003 - French]
[Presentation]  Internet Firewall Management [23 June 2002 - French]
[Tip]  Installing Syslog-NG [29 October 2001 - French]
[Presentation]  XML-Logs: Analyse your logs using XML encoding [10 October 2000 - French]
[Tool]  xml-logs tool [Log management using XML - English]
[Standard]  Universal Format for Logger Messages [May 1999 - English]
> Copyright © 2003, Hervé Schauer Consultants, all rights reserved.

 

Last modified on 13 Mars 2003 at 19:33:51 CET - webmaster@hsc.fr
Information on this server - © 1989-2010 Hervé Schauer Consultants