computersecurityhandbook.com
Home  >  Fourth Edition  >  Chapter 38
Chapter 38 –  Monitoring and Control Systems
     Diane E. (Dione) Levine

Chapter Contents:

   38.1    Introduction
   38.2    Terminology
   38.3    Purpose of Monitoring and Control Systems
   38.4    Types of Log File Records
   38.4.1    System Boot
   38.4.2    System Shutdown
   38.4.3    Process Initiation
   38.4.4    Process Termination
   38.4.5    Session Initiation
   38.4.6    Session Termination
   38.4.7    Invalid Logon Attempts
   38.4.8    File Open
   38.4.9    File Close
   38.4.10    Invalid File Access Attempts
   38.4.11    File I/O
   38.4.12    System Console Activity
   38.4.13    Network Activity
   38.4.14    Resource Utilization
   38.4.15    Central Processing Unit
   38.4.16    Disk Space
   38.4.17    Memory Consumption
   38.4.18    System Level versus Job Level
   38.5    Analyzing Log Files
   38.5.1    Volume Considerations
   38.5.2    Archiving Log Files
   38.5.3    Platform-Specific Programs for Log-File Analysis
   38.5.4    Exception Reports
   38.5.5    Artificial Intelligence
   38.5.6    Chargeback Systems
   38.6    Protecting Log Files Against Alteration
   38.6.1    Checksums
   38.6.2    Digital Signatures
   38.6.3    Encryption
   38.6.4    Physically Sequestering Log File Tapes/Cartridges
   38.7    Memory Dumps
   38.7.1    Diagnostic Utilities
   38.7.2    Output to Magnetic Media or Paper
   38.7.3    Navigating the Dump Using Exploratory Utilities
   38.7.4    Understanding System Tables
   38.7.5    Security Considerations for Dump Data
   38.8    Summary
   38.9    References

Please report problems to the webmaster at: webmaster@removethis.rlgsc.com
copyright 2002-2006, Robert Gezelter, All Rights Reserved