Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: [PEN-TEST] Audit package
From: Peter Rietveld <priet () CENTENNIUM NL>
Date: Wed, 27 Sep 2000 19:26:26 +0200

Several exist, low end like LogCaster, high end March Security Manager,
pricey but nice since it combines UNIX and NT support. Of course there is a
load of settings and queries to build. have built LogCaster to MS SQL, but
analyzing the logs is the difficult part. My best succes was the number of
times accounts show up in the NT logs, and relate that over a longer period.
You know, filtering out users that 'click on anything' on the screen, they
usually do that all the time. If admins know, say MS Access, using a MS SQL
is the easiest way to go.

Good luck
Priet

----- Original Message -----
From: "Michael Graham" <graham_michael () HOTMAIL COM>
To: <PEN-TEST () SECURITYFOCUS COM>
Sent: Wednesday, September 27, 2000 1:04 PM
Subject: [PEN-TEST] Audit package


I hope this is the right sort of question.

Does anyone know of a package/application that uses the info created in
the
Audit log of say NT or UNIX and enables administrators to drill down and
get
info about users' movements like if someone is accessing loads of
sensitive
files/directories on a given day etc.

The reason I ask is this, the Audit log doles out loads of info however I
want to be able to interrogate it and apply particular search routines to
it, to get that salient info only.

cheers

Mike


_________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.

Share information about yourself, create your own public profile at
http://profiles.msn.com.



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]