Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


DaveK - Minutes of 1st June 2016 meeting.

What about IDS? Do we mean host-based or network-based? Best practice would be to implement at least something in this area.
Eli: Can also be done after the event by analysing log files.
Questions like "can you detect brute-force SSH attacks?  Do you have centralised logging? Can you correlate these logs?
We can put details in the guidance document. It doesn't all have to be done - the main document needs to stay light-weight.