1. Scan system logs for security incidents and report them to ARIS The Attack Registry and Intelligence Service (ARIS) is a free, user-integrated attack-trending system hosted by SecurityFocus that allows administrators and operators of Intrusion Detection Systems (IDSs) to track, evaluate and respond to security alerts and attacks in a proactive manner. As an integral piece of the ARIS Analzyer service, SecurityFocus's open-source ARIS Extractor utility distills data provided by IDS attack-list logs to build client portfolios that provide meaningful, graphical analysis of potentially malicious network incidents. By filtering out insignificant or benign data and converting it to a common format (xml), ARIS Extractor streamlines incident reporting for both security professionals and home users in a way that allows IDS operators to focus only on relevant attacks and incidents. Additionally, ARIS Extractor ensures client confidentiality through secure file-transfer protocols and optional IP address suppression. From Debian 3.0r0 APT