Primer on intrusion events that could cause syslog severity emergency, alert and critical
Posted on 2007-07-20
I am looking for a reference / explanation of the types of events that will trigger syslog messages of severity emergency, alert and critical. We are using Kiwi's syslog daemon and a Cisco PIX firewall. We normally get a few critical alerts every day. I am looking for an explanation of the types of exploits, hack attacks, etc... that will trigger this type of message. Anyone know of a good primer on the subject?