« January 2010 | Main | April 2010 »

February 2010

February 14, 2010

Artificial Ignorance - Elementary my dear Watson

Marcus Ranum applied the term artificial ignorance to the process of monitoring log files.  You build a filter of events to ignore, and then look at everything else.  All the items that you consider normal get filtered out.  This reminds me of the Sherlock Holmes quote “Once you eliminate the impossible, whatever remains, no matter how improbable, must be the truth.”  - Arthur Conan Doyle.  It’s impossible to identify all the potential attacks that might be launched against a web site.  New attacks surface every day.  While part of the strategy should be to look for specific types of attacks, an equally important strategy is to look for the unusual.

Continue reading "Artificial Ignorance - Elementary my dear Watson" »

Posted by on February 14, 2010 at 10:19 AM in Apache, Security Architecture, Web/Tech | | Comments (0) | TrackBack (0)

| | | | |

Categories

Archives

More...

Trusted Service Provider

Trusted Resources

  • Alexander Kornbrust
    Founder, Red-Database-Security GmbH
  • David Knox
    Author of "Effective Oracle Database 10g Security by Design"
  • David Litchfield
    Co-Author of "Database Hacker's Handbook" and Author of "Oracle Hacker's Handbook"
  • Pete Finnigan
    Founder of PeteFinnigin.com Limited and author of "Oracle Security Step by Step".
  • Randy Giefer
    Founder of Solution Beacon, LLC, Co-Author of "Installing, Upgrading and Maintaining Oracle E-Business Suite Applications Release 11.5.10+"
  • Stephen Kost
    Founder and Chief Technology Officer at Integrigy Corporation
Subscribe to this blog's feed
About - Kevin Sheehan
About - Brian J. Mulreany

Join My Network on LinkedIn

Blog powered by Typepad
Member since 10/2007