My friend Russ McRee just published a paper called Expanding Response: Deeper Analysis for Incident Handlers with SANS for his GCIH Gold cert that includes details on Argus, HeX, NSM-console, and NetworkMiner using content from the original ISSA articles as well as current updates.
You can find his paper here -
http://www.sans.org/reading_room/whitepapers/incident/32904.php
Nice work Russ!
Cheers ;]
1 comment:
GCIH gold? Kewl.. And nice paper..Need to come out some nice topic
Post a Comment