Re: II6

From: Ken Schaefer (kenREMOVE_at_THISadOpenStatic.com)
Date: 03/13/04


Date: Sat, 13 Mar 2004 19:56:20 +1100


"Con" <lname@hotmail.com> wrote in message
news:Oxk36$%23BEHA.2404@TK2MSFTNGP11.phx.gbl...
: I am unsure if this is a new problem or just how IIS6.0 functions; I setup
a
: SSL site on our server and tested user logons, if a login is successful or
: not it is reported in the evenviewer security view as a golden key
: (Successful). We need to be able to monitor our site and be able to
: determine if people are trying to hack our web site, how do I get event
: viewer (read some method) of showing failed logins as red ? If there is
: another way please suggest.
:

On an IIS6 system failed logons should show up as a padlock in the Security
Event Log. There is no way, using Event Viewer, to show these as "red".
Instead, you can filter the event log to show only failed logons (eg Event
529)

If you need to view these logs elsewhere, then you either need to write some
code (eg if you want to view them on a webpage) -or- you need a 3rd party
product that can alert you when things happen.

None of this has to do with IIS though.

Cheers
Ken