Mark Hofman is the principal consultant at Shearwater Solutions and has over 20 years' experience in ICT Security. He has worked for both private industry and government and has provided a wide range of information security consulting services to numerous organizations, including the financial sector, private sector, and government organisations. Mark is an incident handler at the Internet Storm Centre and is a certified instructor for the SANS Institute.
There aren't many attacks that will work the first time they are tried. You could get lucky, but generally there will be hints as to what is going on well before the final attack. One place where you will find this information is your logs. They are sending you the message, but the rest is up to you. We will go through some logs and interpret what they are trying to tell us, provide some hints as what to look for and how automation and tools can increase your efficiency and responsiveness.
Copyright © 2012 The University of Queensland, authorised by AusCERT Program Committee, maintained by: email@example.com