Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Windows 2003 Logging/Log Analysis Tool

From: MadHat <madhat () unspecific com>
Date: Thu, 17 Nov 2005 15:19:24 -0600
On Nov 17, 2005, at 1:25 PM, Castigliola, Angelo wrote:

As MadHat already suggested: for free tools I found that Snare
(http://www.intersectalliance.com/projects/index.html) was the best
however it lacks good notification features such as email or desktop
alerts that inform you there is a problem . You basically need to
monitor Snare's output.
I was meaning to suggest using snare on a windows box to report to a syslog server, then use something like SEC to actually monitor events. Though the SNARE server is ok, and has some nice features, it is not flexible enough (last I checked anyway) for what I have needed in the past. It's all free and works fairly well in my experience. 


--
MadHat (at) Unspecific.com, CĀ²ISSP
E786 7B30 7534 DCC2 94D5  91DE E922 0B21 9DDC 3E98
gpg --keyserver wwwkeys.us.pgp.net --recv-keys 9DDC3E98

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: