[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re[2]: [Full-disclosure] Windows 2003 Logging/Log Analysis Tool
- To: MadHat <madhat@xxxxxxxxxxxxxx>
- Subject: Re[2]: [Full-disclosure] Windows 2003 Logging/Log Analysis Tool
- From: Mathieu CHATEAU <gollum123@xxxxxxx>
- Date: Fri, 18 Nov 2005 20:28:41 +0100
Thursday, November 17, 2005, 10:19:24 PM, you wrote:
M> On Nov 17, 2005, at 1:25 PM, Castigliola, Angelo wrote:
>> As MadHat already suggested: for free tools I found that Snare
>> (http://www.intersectalliance.com/projects/index.html) was the best
>> however it lacks good notification features such as email or desktop
>> alerts that inform you there is a problem . You basically need to
>> monitor Snare's output.
M> I was meaning to suggest using snare on a windows box to report to a
M> syslog server, then use something like SEC to actually monitor
M> events. Though the SNARE server is ok, and has some nice features,
M> it is not flexible enough (last I checked anyway) for what I have
M> needed in the past. It's all free and works fairly well in my
M> experience.
M> --
M> MadHat (at) Unspecific.com, CĀ²ISSP
M> E786 7B30 7534 DCC2 94D5 91DE E922 0B21 9DDC 3E98
M> gpg --keyserver wwwkeys.us.pgp.net --recv-keys 9DDC3E98
M> _______________________________________________
M> Full-Disclosure - We believe in it.
M> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
M> Hosted and sponsored by Secunia - http://secunia.com/
Would you be smart enough to give an url about the SEC product you are
speaking about ?
Cheers,
Mathieu CHATEAU
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/