LogAnalysis
[logs] A note about acronyms Sep 27 2007 08:23PM
Tina Bird (tbird precision-guesswork com)

We've used a lot of acronyms in the current thread about firewall logs.
Old-timers, please try to remember that there are a lot of list subscribers
who probably don't know what a particular acronym means in the context of
logs and firewalls. Newbies, please feel free to ask questions, or, if
you've Googled things to figure them out, post that.

Off the top of my head:

NBS = Never Before Seen (ie., log messages which have never appeared before
are often worth investigating)

FTS = First Time Seen (ditto)

NBAD = Network-based Anomaly Detection (sudden changes in the amount or type
of network traffic is often worth investigating, especially on outbound
connections, since they may reveal a compromised internal host)

thanks -- tbird
_______________________________________________
LogAnalysis mailing list
LogAnalysis (at) loganalysis (dot) org [email concealed]
http://www.loganalysis.org/mailman/listinfo/loganalysis

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus