Penetration Testing mailing list archives
Re: [PEN-TEST] Network Attack Trend Analysis
From: H Carvey <keydet89 () YAHOO COM>
Date: Fri, 8 Sep 2000 11:02:24 -0000
It's great that we have the sort of authority
in Mr. Carvey to
explain this all for us, having "taken graduate
courses in
statistics and statistical analysis" --
something I would never
have guessed if he had not volunteered this
information.
Well, on the one hand, my post struck a cord with someone...guess I should have put on my flak jacket at this point... *Content snipped. Interestingly enough, none of it was addressed.
Anyone that knows the definition of histogram
knows that
histograms represent frequency or proportions of
frequency of the
intervals or classes on the x-axis.
Great. It still isn't clear what the "intervals or classes on the x-axis" are...
I'll leave
it to the
graduate students among us to infer fraction
from proportion. Ouch! My comment regarding my educational background was intended only to say, "hey, look, I'm a smart guy, I know how to look things up that I don't know...but I just don't get it." After all, it shouldn't be rocket science...
Mr. Carvey here demonstrates a complete lack of
very basic
statistical concepts and diagnostics.
Really? And here I was thinking that it was just a matter of not being able to determine what the graph is intended to show.
He baffles himself with my use of the word
"simple." I meant
"simple" in the sense of untreated, or
unadjusted by
proportion. The word could be left out, but was
meant to
distinguish the variable from other "Defacement
Per Day" (dpd)
variables, which were sometimes moving averages
of dpd of
differing composition, proportions of dpd, and
so on.
Interesting. Still doesn't address the question of what "simple" refers to. Could you tell me what the difference between "Defacements per day, simple" and "defacements per day" is? Perhaps that would clear things up? What exactly _is_ a "simple defacement"? Untreated? Unadjusted by proportion? For the sake of clarity then, let me rephrase...what is this "defacements per day, simple" variable, and how is it important?
This one:
http://www.attrition.org/mirror/attrition/graphs/b ar_osto
tals.gif is entitled "OS totals by month"...but what do
the
various colors on the bars indicate?It is reading this that leads me to believe
that perhaps our
graduate student is subjecting Attrition to
gratuitous abuse. And herein lies the issue...you feel that my post constitutes gratuitous abuse. At no point do I direct any abuse of any kind at Attrition or even you. In the above question, all I did was quite simply ask what the various colors stand for.
Until a couple of weeks ago, this graph was part
of
http://www.attrition.org/mirror/attrition/os-graph s.html where
the color of the bars were clearly labeled. The
most recent
version of this graph is now on that page, where
it is now named
"bar_ostotals_stacked.gif", where it is likewise
labeled. None
of the graphs are erased month-to-month, but are
typically
renamed. They can be found in the browseable
http://www.attrition.org/mirror/attrition/graphs/, and often you
can find my tar-balls of the graphs there as
well. Yes, gifs,
sans HTML legends or headings. A casual perusal
of our graph
pages would have discovered the labeled HTML
page.
Oh, okay. I see now. The graph is question is not, in fact, labeled...and it is expected that someone visiting the page will do enough browsing to discover the legend for that graph. Interesting approach...not one I would have taken. I'd have a difficult time delivering a report to a customer and telling him that all the legends and labels to all the data in the report was included as part of report done for another part of the company, several weeks ago...and that if he wanders around enough, he should eventually find it. No, my comments were not abuse of any kind. The thread, it seemed, was directed toward finding statistically significant data to justify resources to support security efforts. As there is no link from the above listed graph to it's original location, hence no immediate way to view the legend, it seems to me that the graph itself offers very little.
I guess the point is this...if you have
nothing better to
do and want to waste someone's time...sure,
show
these graphs to your boss. They are
meaningless,
though colorful and probably quite enjoyable
to look at
when printed on a color printer.Mr. Carvey's conclusions are as out of
proportion as his
authoritative observations. And we are meant to
take these
seriously?
So, I get it. Read the post in SF, assume it's some sort of "gratuitous abuse", and then launch your own brand of abuse...is that it?
"Meaningless.... suspect, but hey, to be
fair...." is like
saying, "With all due respect, [insert
gratuitous insult here]".
No, not at all. The intention is rather obvious...to point out, quite specifically, that this post does not constitute "gratuitous abuse". The point is that the CSI/FBI's sample and very method of data collection (ie, a survey) does not provide accurate data...some assumptions are that (a) respondants have a definition of what constitutes an "intrusion", (b) respondants have the ability to detect an "intrusion", and (c) respondants are fully disclosing information. The issue of how the data for the graphs on the Attrition site is collected was not even addressed in Mr. Dickerson's response...he was quite obviously more concerned with this preceived "gratuitous abuse" than anything else. It was never my intention to deliver abuse of any kind. H. Carvey
Current thread:
- Re: [PEN-TEST] Network Attack Trend Analysis, (continued)
- Re: [PEN-TEST] Network Attack Trend Analysis Erik Tayler (Sep 05)
- Re: [PEN-TEST] Network Attack Trend Analysis security curmudgeon (Sep 06)
- Re: [PEN-TEST] Network Attack Trend Analysis Erik Tayler (Sep 06)
- Re: [PEN-TEST] Network Attack Trend Analysis security curmudgeon (Sep 06)
- Re: [PEN-TEST] Network Attack Trend Analysis Jensenne Roculan (Sep 05)
- Re: [PEN-TEST] Network Attack Trend Analysis Yonatan Bokovza (Sep 06)
- Re: [PEN-TEST] Network Attack Trend Analysis H Carvey (Sep 06)
- Re: [PEN-TEST] Network Attack Trend Analysis Max Vision (Sep 06)
- Re: [PEN-TEST] Network Attack Trend Analysis Ryan Permeh (Sep 06)
- Re: [PEN-TEST] Network Attack Trend Analysis Matt Dickerson (Sep 07)
- Re: [PEN-TEST] Network Attack Trend Analysis Neff, Paul (Sep 06)
- Re: [PEN-TEST] Network Attack Trend Analysis H Carvey (Sep 08)
- Re: [PEN-TEST] Network Attack Trend Analysis Erik Tayler (Sep 05)