RE: Recommended configuration settings for logging
From: dave kleiman (dave_at_isecureu.com)
To: <email@example.com> Date: Tue, 13 Sep 2005 13:44:54 -0400
This should get you started for the MSFT area:
The Security Monitoring and Attack Detection Planning Guide
Dave Kleiman, CAS,CIFI,CISM,CISSP,ISSAP,ISSMP,MCSE
Chief Information Security Officer
515 N. Flagler Drive, Suite# 203
West Palm Beach, FL 33401
Confidentiality: The information contained in this e-mail message and
attached files are confidential and intended only for the use of the
individual or entity named above. If the reader of the message is not the
intended recipient, you are hereby notified that any dissemination,
distribution, or copying of this e-mail message is prohibited. If you have
received this e-mail message in error, please immediately notify us by
replying to the sender or by telephone and delete the message and all
Privacy Notice: This e-mail comes from a Monitored E-mail system; users
have no explicit or implicit expectation of privacy. Any or all E-mails and
all files sent through this system may be intercepted, monitored, recorded,
copied, audited, inspected, and disclosed to authorized site, and law
enforcement personnel, as well as authorized officials of other agencies.
By using this e-mail system, the user consents to such interception,
monitoring, recording, copying, auditing, inspection, and disclosure at the
discretion of authorized site personnel.
Employer Liability: Our Company accepts no liability for the information
contained in this e-mail or for the consequences of any action taken based
on the information provided, unless that information is subsequently
confirmed in writing. The information contained herein does not necessarily
express the opinion or position of the Company and cannot be attributed to
or made binding upon the Company.
> -----Original Message-----
> From: firstname.lastname@example.org [mailto:email@example.com]
> Sent: Tuesday, September 13, 2005 04:10
> To: firstname.lastname@example.org
> Subject: Recommended configuration settings for logging
> Hi All,
> Can anyone provide guidelines on 'Recommended configuration
> settings for logging' for Windows, Unix, PIX FW, IDS (Snort),
> Web Servers (Apache, IIS)?
> I have Googled for the same but would appreciate if anyone
> has links or suggestions.
> Thank you.
> Khushbu Jithra