First page Back Continue Last page Summary Graphics
Personal Awareness
Of these four layers, awareness is the most important. It is the glue that holds it all together. All of the tools in the world can't replace being aware. Awareness allows you to note changes, and helps you to find the evidence of intruders before too much damage is done. This includes watching your logs, updating your Tripwire databases, noticing changes (e.g. the ethernet interface suddenly going into promiscuous mode) and just being familiar with the system or network. This is crucial to seeing changes that could indicate malicious activity. Awareness also involves staying informed on security issues (e.g. vulnerabilities, etc.)
Notes: