[Dshield] Forensic Analysis Practical

Pete Cap peteoutside at yahoo.com
Fri Mar 25 13:28:17 GMT 2005

I'm not aware of any peer review in our community outside of the SANS reading room.  In the pages of the few publications that concern themselves with network security, all I see are articles on "best security practices" and explaining security issues and requirements to upper management.  So, inasmuch as network defense (especially the analytic portions of it--intrusion analysis, log review, forensics) is in many ways an empirical science, our community is WAY behind every other scientific and engineering community out there.  I think this is a great reason why IT security generates a lot of energy and noise and very little seems to be changing in recent days.
Personally, I would like to see a publication along the lines of a scientific journal, complete with serious peer review.  People could write articles on analytical technique, reviews of tools, case studies, and so forth.  I believe that there would be less pressure in this forum than you might find in a GIAC practical assignment.

Kenton Smith <kenton at mail2techie.com> wrote:

>I will miss having my work published having been validated by the 
>industry. I will miss the chore that forces me to apply the entire 
>process and gain experience not able to be taught in the classroom. I 
>will miss Reading Room, where solutions can often be found having been 
>proven and vetted by other IT professionals (often with much better 
>instructions than vendor docs).

I don't think there is anything stopping you from submitting to the
Reading Room. It isn't just practicals. Maybe the reading room will be
turned into something else?


Get the FREE email that has everyone talking at http://www.mail2world.com

250MB & 2GB Email Accounts – POP3 – Calendar – SMS – Translator - Much More!

-------------- Sponsor Message ------------------------------------
Join us at SANSFIRE 2005 in Atlanta!
The Internet Storm Center Conference.
Details: http://www.sans.org/sansfire2005

send all posts to list at lists.dshield.org
To change your subscription options (or unsubscribe), see: http://www.dshield.org/mailman/listinfo/list

Do you Yahoo!?
 Yahoo! Small Business - Try our new resources site! 

More information about the list mailing list