RE: Event Log Monitor

From: Ross, George (george.ross_at_atlahq.org)
Date: 08/20/04

  • Next message: Michael Shirk: "RE: AIDE warnings following kernel upgrade"
    Date: Fri, 20 Aug 2004 10:16:11 -0400
    To: "Dinis Cruz" <dinis@ddplus.net>
    
    

    Do you have information on how your doing the forensics work, some
    examples or explaination. I'm not a SQL person so I may need some help
    in this area, I do have people who are SQL people and can go to them if
    I have a little understanding and examples of how you are accomplishing
    this. Any help at all would be great!

    -----Original Message-----
    From: Dinis Cruz [mailto:dinis@ddplus.net]
    Sent: Friday, August 20, 2004 3:46 AM
    To: Ross, George
    Cc: security-basics@securityfocus.com
    Subject: RE: Event Log Monitor

    I would also recommend this product (GFI S.E.L.M). I have used it
    several times in the past and even created some advanced SQL queries
    (using Pivot tables and Data Cubes) which allow me to do security
    forensics (and trace, for example, individual user's actions).

    Best regards

    Dinis Cruz
    .Net Security Consultant
    DDPlus

    > -----Original Message-----
    > From: Ross, George [mailto:george.ross@atlahq.org]
    > Sent: 18 August 2004 13:24
    > To: chammett@dpsolutions.com; security-basics@securityfocus.com
    > Subject: RE: Event Log Monitor
    >
    > Look at GFI they have a product that is well priced. www.gfi.com
    > LANGUARD PRODUCTS - Security Log Monitor, it does more than security
    > logs.
    >
    > -----Original Message-----
    > From: Charles J. Hammett Jr. [mailto:chammett@dpsolutions.com]
    > Sent: Monday, August 16, 2004 3:57 PM
    > To: security-basics@securityfocus.com
    > Subject: Event Log Monitor
    >
    >
    > Can someone point me in a direction on software that will monitor the
    > Event logs within a Windows enviroment. The servers will be in
    > different domains within our NOC and i want to monitor all event logs
    > for any critical events. SMS, Email and Paging would be and added
    > feature.
    >
    > thanks in advance
    > --
    > Charles J. Hammett Jr.
    > A+ Net+ INet+ Security+ Server+ MCSA MCSE CCEA
    > chammett@dpsolutions.com
    > Data Processing Solutions Inc.
    > Your Total Solution Provider
    > http://www.dpsinet.com
    > P. 410.720.3300 X 123
    >
    >
    > ----------------------------------------------------------------------
    > --
    > ---
    > Ethical Hacking at the InfoSec Institute. Mention this ad and get $545
    > off
    > any course! All of our class sizes are guaranteed to be 10 students or
    > less
    > to facilitate one-on-one interaction with one of our expert
    instructors.
    >
    > Attend a course taught by an expert instructor with years of
    > in-the-field pen testing experience in our state of the art hacking
    > lab. Master the skills
    > of an Ethical Hacker to better assess the security of your
    organization.
    >
    > Visit us at:
    > http://www.infosecinstitute.com/courses/ethical_hacking_training.html
    > ----------------------------------------------------------------------
    > --
    > ----
    >
    >
    > ----------------------------------------------------------------------
    > ----
    > -
    > Computer Forensics Training at the InfoSec Institute. All of our class
    > sizes
    > are guaranteed to be 12 students or less to facilitate one-on-one
    > interaction with one of our expert instructors. Gain the in-demand
    skills
    > of
    > a certified computer examiner, learn to recover trace data left behind
    by
    > fraud, theft, and cybercrime perpetrators. Discover the source of
    computer
    > crime and abuse so that it never happens again.
    >
    > http://www.securityfocus.com/sponsor/InfoSecInstitute_security-
    > basics_040817
    > ----------------------------------------------------------------------
    > ----
    > --
    >

    ---------------------------------------------------------------------------
    Computer Forensics Training at the InfoSec Institute. All of our class sizes
    are guaranteed to be 12 students or less to facilitate one-on-one
    interaction with one of our expert instructors. Gain the in-demand skills of
    a certified computer examiner, learn to recover trace data left behind by
    fraud, theft, and cybercrime perpetrators. Discover the source of computer
    crime and abuse so that it never happens again.

    http://www.securityfocus.com/sponsor/InfoSecInstitute_security-basics_040817
    ----------------------------------------------------------------------------


  • Next message: Michael Shirk: "RE: AIDE warnings following kernel upgrade"