RE: ISS Logging Question

["Depp, Dennis M." <deppdm () ornl gov>]

Leon,

This information is included in your IIS logs. Look for entries with 404
errors.

Dennis 

-----Original Message-----
From: Leon [mailto:roastin () yahoo com] 
Sent: Friday, February 11, 2005 12:05 AM
To: security-basics () securityfocus com
Subject: ISS Logging Question

Hi everyone,

I have logging set up on my webserver and this is
working fine.  When a user goes to a virtual directory
that requires authentication the log shows me the
username they authenticated with.  What I was
wondering is if there was a way to see what usernames
people are trying when they try to get into a virtual
directory and fail.  So lets say I have one called
http://www.example.com/secrets

If a user trys to brute force his way in I would like
to see what usernames (and possibly passwords) he is
trying.

Can this be done with ISS and if not can someone
suggest a robust logging tool that has this feature
included?

Thanks


                
__________________________________ 
Do you Yahoo!? 
Take Yahoo! Mail with you! Get it on your mobile phone. 
http://mobile.yahoo.com/maildemo