SynJunkie has recently written an excellent security story on his blog. It is written in 3 parts (with an Intro) and includes not just security topics, but actual tools, screenshots, commands, and scripts used as props. I find this sort of an approach amazingly awesome. I really hope he writes more of these, since they are useful on many levels!* Who needs a boring tutorial when you have faux-case studies?
* I’m also bookmarking this for myself as an example on why I strongly believe admins and security analysts need “free time” to pursue issues like this, rather than follow the knee-jerk reaction of lowering security to get the immediate monkeys off our backs.
I’m really glad you enjoyed my blog post. I agree with you comment entirely regarding having time set aside for tasks such as log analysis and research. I know in my experience I am expected to do that sort of thing on my own time or over lunch, which sucks really.
Here’s to a new breed of security manager.
Happy holidays Michael