You do everything you can to stop it but if someone or something makes it past all those preventive measures you need to know and in this Security Log Secrets webinar I’ll show you at least 11 good indicators that the worst has happened.
In the movies it looks so easy doesn’t it? The system monitor starts flashing “Intrusion” in bold red letters and the protagonist with thick glasses brings up a diagram that allows him to track the intruder through the network. If it were that easy to detect and track the system would just prevent it in the first place. Therefore there’s not event ID for “system intrusion detected”. We have to be a little more subtle than that.
I’ll show you how to interpret certain events and make inferences from the techie details to determine if you are dealing with an intrusion or not. Some of the techniques I show you depend you following certain best practices in how you run and maintain your systems. I’ll also show you some methods for laying traps ahead of time – again for the purpose of help you or your log management solution detect irregular activity that indicates a system compromise.
Areas I’ll cover include:
- Log tampering
- Backdoors
- Physical access attacks
- Privilege account changes
- Strange software
- Firewall changes
This is indeed real training for free (TM) – don’t miss it.