... positives and false negatives, which are ever present factors in the life of an intrusion analyst We will then discuss the notion of Events of Interest (EOI), and their relevance to the event ... that the attacker seemed to know what systems he was targeting because of the direct hit to the sunrpc port On the other hand, these are not servers, so let us assign a neutral value of to criticality ... discussion of basic approaches to intrusion detection We started this section with the discussion of Events of Interest (EOI) – a notion that personnel and computing resources are limited, and often...