Re: Intrusion Detection
From: Wajih-ur-Rehman (wrehman_at_imperialsoft.com.pk)
Date: 06/17/03
- Next message: Andy: "Administrator Password Changed"
- Previous message: Russell: "A question on DFS & Junction points"
- In reply to: Nick O'Connor: "Re: Intrusion Detection"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 17 Jun 2003 16:56:30 +0500
You can take a look at the following web site which contains products for
collecting the data to a central repository (both syslog and windows event
log and file data as well) and then you can use the analysis tools (also
present on the web site) to analyze the data that you have collected. The
latest product (will be released in 2 weeks) contains many reports for the
analysis of the collected data including the one that you want.
http://www.monitorware.com/en/
Please be warned that these are our products. There are also a lot of other
available. You should select the ones that best suit your needs :)
Regards
Wajih-ur-Rehman
Adiscon
"Nick O'Connor" <nick.oconnor@sphs.com> wrote in message
news:027b01c33429$c30bf4b0$a101280a@phx.gbl...
> Then you will need a 3rd party utility to get any good
> data out of your event logs and to a centralized place to
> review. (If you have more than one DC)
>
> GFI S.E.L.M. is a good product.
>
> You should also look at third party utilities like
> Undelete and Quota Server, both include functionality that
> MS seemed to think not important.
>
>
> >-----Original Message-----
> >> Is there a built-in tool in Win2K Server that would
> >> provide a way to find out who logged in when on our Win
> XP
> >> Pro clients?
> >
> >Enable auditing of logon events, and the information will
> be sent to the
> >event log.
> >
> >
> >.
> >
- Next message: Andy: "Administrator Password Changed"
- Previous message: Russell: "A question on DFS & Junction points"
- In reply to: Nick O'Connor: "Re: Intrusion Detection"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
