这篇来自SANS的文章可以给我们很多值得借鉴的内容。
1) Attempts to Gain Access through Existing Accounts
2) Failed File or Resource Access Attempts
3) Unauthorized Changes to Users,Groups and Services
4) Systems Most Vulnerable to Attack
5) Suspicious or Unauthorized Network Traffic Patterns
本文还暂无回复