Firewall Wizards mailing list archives

Re: artificial ignorance: how-to guide

From: "James W. Abendschan" <jwa () jammed com>
Date: Wed, 24 Sep 1997 09:56:04 -0700 (PDT)

On Tue, 23 Sep 1997, Marcus J. Ranum wrote:

By request, here's a quick how-to on log scanning via
artificial ignorance. :) It assumes UNIX and the presence
of a good grep - you could use other stuff if you wanted to
but this is just an example.


[ ... ]

I've written a tool called "checksyslog" which does
this, it's available from http://www.jammed.com/~jwa/Security/.

As mjr noted, this "artificial ignorance" technique has proved to
be unexpectedly useful (locating disk errors, strange DNS messages, wierd
"leap-seconds" messages from my Linux kernel, etc.)

Comments are appreciated.

James

--
James W. Abendschan           jwa () jammed com          http://www.jammed.com/
any significantly advanced technology is indistiguishable from a perl script

Current thread:

artificial ignorance: how-to guide Marcus J. Ranum (Sep 23)
- Re: artificial ignorance: how-to guide Doug Hughes (Sep 24)
- Re: artificial ignorance: how-to guide James W. Abendschan (Sep 24)
- Re: artificial ignorance: how-to guide Neil Readwin (Sep 24)