Reporting firewall logs
We got a couple of users forwarding firewall logs to the handlers\at/sans.org e-mail address. While we appreciate logs, malware and other reports like it, please don't send automated log reports to handlers\at/sans.org. If you send logs, include some detail why you consider them unusual.
Please use DShield for automated log reporting (see http://www.dshield.org/howto.html ). Our handlers have access to the DShield database and regularly check it for unusual activity.
Thanks!
Keywords:
0 comment(s)
My next class:
Network Monitoring and Threat Detection In-Depth | Singapore | Nov 18th - Nov 23rd 2024 |
×
Diary Archives
Comments