HSC
Network Security Consulting Agency Since 1989 - Specialized in Unix, Windows, TCP/IP and Internet
Text mode: access to the page content
Hervé Schauer Consultants
You are here: Home > Resources > Lectures > Generation of regular expressions from logged events
Go to: HSC Trainings
Search:  
Version française
   Services   
o Skills & Expertise
o Consulting
o ISO 27001 services
o Vulnerabilities monitoring
o Audit & Assessment
o Penetration tests
o Vunerability assessment (TSAR)
o Forensics
o ARJEL
o Training courses
o E-learning
   Conferences   
o Agenda
o Past events
o Tutorials
   Resources   
o Thematic index
o Tips
o Lectures
o Courses
o Articles
o Tools (download)
o Vulnerability watch
   Company   
o Hervé Schauer
o Team
o Job opportunities
o Credentials
o History
o Partnerships
o Associations
   Press and
 communication
 
 
o HSC Newsletter
o Press review
o Press releases
o Publications
   Contacts   
o How to reach us
o Specific inquiries
o Directions to our office
o Hotels near our office
|>|Generation of regular expressions from logged events  
> Access to the content HTML Beginning of the presentation
PDF PDF version [176 KB]  
> Description A method to generate regular expressions from logged events  
> Context & Dates Talk presented during Solutions Linux 2005, on 2 February 2005.
 
> Author Denis Ducamp  
> Type [ French - HTML ]  
> Abstract &
Table of content
Flyleaf
Plan
Plan (1/6) : la journalisation
La journalisation
La journalisation : l'analyse de journaux
Plan (2/6) : la détection d'intrusion
La détection d'intrusion
La détection d'intrusion
Plan (3/6) : les expressions rationnelles
Les expressions rationnelles
Plan (4/6) : slct
slct : fonctionnement
slct : exemples (1/3)
slct : exemples (2/3)
slct : exemples (3/3)
Plan (5/6) : des utilisations de ces expressions
Des utilisations de ces expressions : scripts maison
Des utilisations... pour l'affichage temps réel
Des utilisations... en mode statique : swatch
Des utilisations... en mode statique : logcheck
Des utilisations... en mode dynamique : logsurfer
Des utilisations... en mode dynamique : sec
Plan (6/6) : d'autres possibilités
D'autres possibilités
Conclusion
Questions...  
> Related documents
themeLogging
[Presentation]  Logging and incident processing [15 May 2008 - French]
[Presentation]  Workstation Security [29 March 2007 - French]
[Presentation]  Logs and incident processing [29 March 2007 - French]
[Presentation]  Generation of rational expressions starting from journalized events [30 August 2004 - French]
[Presentation]  Useful standards for network security [20 October 2003 - French]
[Presentation]  Logging (how to be ready to incidents) [6 February 2003 - French]
[Presentation]  Internet Firewall Management [23 June 2002 - French]
[Tip]  Installing Syslog-NG [29 October 2001 - French]
[Presentation]  XML-Logs: Analyse your logs using XML encoding [10 October 2000 - French]
[Tool]  xml-logs tool [Log management using XML - English]
[Standard]  Universal Format for Logger Messages [May 1999 - English]
themeIntrusion Detection
[Tip]  Argus [19 February 2002 - French/English]
[Course]  Advanced Intrusion Detection
[Presentation]  Encrypting hostile Web content over HTTP [31 May 2007 - French]
[Presentation]  Intrusion Prevention : New reinforcement tools for perimetric defense [16 June 2005 - French]
[Presentation]  Intrusion detection and network forensic [6 May 2004 - French]
[Presentation]  Intrusion Detection [25 September 2002 - French]
[Tip]  Advanced Intrusion Detection Environment (AIDE) [9 January 2002 - French]
[Tip]  Follow-up on discovering the libnids [6 September 2001 - French]
[Tip]  Introduction to the libnids [13 April 2001 - French]
[Tool]  rkscan tool [Rootkit scanner for loadable kernel-module rootkits - English]
[Tip]  RKSCAN: Scanner for loadable kernel-module rootkits [25 October 2000 - English]
[Tip]  Presentation and detection of the ADORE rootkit [16 October 2000 - French]
[Tool]  IDSwakeup tool [Test of intrusion detection systems - English]
[Presentation]  Round table on intrusion detection [8 June 2000 - French]
[Presentation]  Technical method to evade intrusion detection system. [27 March 2000 - French]
[Presentation]  Help to detect attack, intrusion and anomaly. [27 March 2000 - French]
[Presentation]  Introduction to intrusion detection [26 January 2000 - French]
[Presentation]  Presentation of some free software for intrusion detection [26 January 2000 - French]
[Presentation]  Intrusion detection with Shadow [6 July 1999 - French]
> Copyright © 2005, Hervé Schauer Consultants, all rights reserved.

 

Last modified on 9 February 2005 at 09:58:19 CET - webmaster@hsc.fr
Information on this server - © 1989-2010 Hervé Schauer Consultants