I don't care enough to devote that sort of attention to parsing logs. HOWEVER, I do wish to assist as my interests and abilities permit. What I am best at, is configuring computers to be minimally vulnerable. This is a combination of good habits, software prevention methods (updating, firewalls, IP blocks, host files, others) .. and hardware installs/configuring.
It does overlap with hijack removals, in one sense, as far as those who've done all the 'best practices' I highly recommend are MUCH less vulnerable. It doesn't replace the need to clean up; but will greatly reduce the occurrance of infection.
Now, my ego and realism combined say that it'd be foolish for me to claim expertise I don't have, and as well, unsatisfactory to fail to offer informed advice to those who are interested in avoiding the frustrating need for cleaning malware in future.
This leads to a question. Can there be some sort of recognition given to those who aren't log parsers? How best to recognize a focus on prevention, in various forms, while not claiming *cleaning* expertise not present? I don't know if this forum is the ideal venue for such efforts. I do know it's the one I post in most frequently.
Does anyone else feel a bit over their head trying to rapidly analyze logs and yet feel qualified to offer prevention/configuration/setup advice? These are the folks I'd want to be grouped with, and learn from. Comments?
