Sharing With the Security Community
Since 1999 Richard Bejtlich has been writing articles and books to advance the state of digital security practices. The following represent some of that work.
- Snort Report issues 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14
- Computer Incident Detection, Response, and Forensics in CSO Online
- Tuning Snort, in the August 2006 Sys Admin magazine
- Network Security Monitoring: Beyond Intrusion Detection, in Volume 8, No. 4 of the IA Newsletter
- Keeping FreeBSD Up to Date, in the February 2006 Sys Admin magazine
- Engineering Disasters in the December 2005 issue of Information Security Magazine.
- Using Attack Responses to Improve Intrusion Detection
- Structured Traffic Analysis in the October 2005 (IN)SECURE magazine (.pdf)
- More Tools for Network Security Monitoring, in the February 2005 Sys Admin magazine
- Keeping FreeBSD Applications Up-To-Date, also published in the December 2004 and January 2005 issues of Daemon News.
- Keeping FreeBSD Up-To-Date, also published in the November 2004 issue of Daemon News.
- Sguil Installation Script
- Considering Convergence? .pdf, published as an Addison-Wesley-sponsored supplement to the November 2004 issue of Dr. Dobb's Journal
- Integrating the Network Security Model (.pdf, .ps), in the April 2004 Sys Admin magazine
- Simplicity and Awareness: Keys to Network Security for the World Markets Research Centre's Global InfoSecurity 2002 report. (The article is a bit formal, and features a small amount of creative editing by the WMRC staff. Mr. Bejtlich certainly didn't intend for "UNIX" to be defined as a "Uniplexed Information and Computer System!")
- Network Intrusion Detection of Third Party Effects, published 05 September 2000
- Interpreting Network Traffic: A Network Intrusion Detector's Look at Suspicious Events, originally published 28 October 1999