Firewall Wizards mailing list archives
Re: artificial ignorance: how-to guide
From: "James W. Abendschan" <jwa () jammed com>
Date: Wed, 24 Sep 1997 09:56:04 -0700 (PDT)
On Tue, 23 Sep 1997, Marcus J. Ranum wrote:
By request, here's a quick how-to on log scanning via artificial ignorance. :) It assumes UNIX and the presence of a good grep - you could use other stuff if you wanted to but this is just an example.
[ ... ] I've written a tool called "checksyslog" which does this, it's available from http://www.jammed.com/~jwa/Security/. As mjr noted, this "artificial ignorance" technique has proved to be unexpectedly useful (locating disk errors, strange DNS messages, wierd "leap-seconds" messages from my Linux kernel, etc.) Comments are appreciated. James -- James W. Abendschan jwa () jammed com http://www.jammed.com/ any significantly advanced technology is indistiguishable from a perl script
Current thread:
- artificial ignorance: how-to guide Marcus J. Ranum (Sep 23)
- Re: artificial ignorance: how-to guide Doug Hughes (Sep 24)
- Re: artificial ignorance: how-to guide James W. Abendschan (Sep 24)
- Re: artificial ignorance: how-to guide Neil Readwin (Sep 24)