First page Back Continue Last page Summary Graphic
Personal Awareness
Of these four layers, awareness is the most important of all. Awareness of the system goes beyond mere security auditing. Awareness allows you to note changes, and helps you to find the evidence of intruders before too much damage is done. This includes watching your logs, updating your Tripwire databases, noticing changes (e.g. the ethernet interface suddenly going into promiscuous mode) and just being familiar with the system or network. This is crucial to seeing changes that could indicate malicious activity. Awareness also involves staying informed on security issues (e.g. vulnerabilities, etc.)
Notes: