Tag: Snare

Will the Real S-1-7-23-3394466182-97151736-2635146241-1084 Please Stand?

Sometimes security measures can be completely correct and at the same time, completely useless. Such is the case when viewing the logs of a user added to the local Administrators group on a Windows 2003 server. Here is what an

Posted in Intrusion Detection, Log Analysis, Secure Design Tagged with: , ,

Using OSSEC for Encrypted Log Transport

Here’s a little secret that the sales guys of the million-dollar SIEMs are probably going to gloss over. Most of them do not offer a way to encrypt logs in transit end-to-end. Worse, many of them use downright silly methods

Posted in Encryption, Intrusion Detection, Log Analysis, Secure Design Tagged with: , , ,