Wednesday, July 9, 2008
Master dissertation test
I'm trying to finish my Master dissertation on the next months. In order to do that I need to test the log analysis methodology I'm proposing. The methodology is targeted to detect insider attacks, so I need to collect logs from internal resources, which include AD domain controllers, internal e-mail systems, file and folder access audit logs, firewalls and other network devices, http servers, applications, and everything else that can produce logs and indicate internal users behavior. I would need to collect one week of logs for the tunning phase and after that one week of logs that will include some "simulated attacks". If there is anybody out there that can help me by providing those logs (everything will be anonymized, of course), please drop me an e-mail at augusto (at) securitybalance.com.Thanks!