Quote:
Originally Posted by Jordan
If you still have log files, check them! You'll spend hours pouring through them unless you know the exact time of the hack though.
|
Exactly what Jordan said,
LOGS LOGS LOGS. Keep LOGS! Thats where your information will be. If you watch the logs and look through them closely, you'll see exactly what you need to see.
There are software applications out there that will analyze logs for you and keep a nice graph, etc., I can't remember what they are at the moment, since I just look at the logs themselves. Now I'm not just talking about software that analyzes bandwidth, I'm talking about software that analyzes for security. I worked with some students who were grads in computer science and I help them set up a security system for one of their projects that analyzed the network and logs for security breaches, etc. I can't think of the name of that particular bit of software for the life of me ....
But LOGS are the key. Keep them. :-)