Blog Archives

Links for November 12, 2008

MS08-068 and SMBRelay – Christopher Budd provides background on this update and why it took some seven years to release the security update. Couple good references from the latest MPUG mailing: MS Project, Early and Often and 10 Signs You

Posted in Blog, Log Management, logging, logs, Microsoft Project, Microsoft Project 2007, Project Management, syslog, Wi-Fi, Wireless, WPA, WPA2

Links for October 29, 2008

Account auditing for group membership changes Six minute video by Dana Epps will show you how to quickly configure account auditing using the domain security policy and then use free Microsoft tools like EventCombMT to quickly query across all your

Posted in Active Directory, Altiris, Auditing, Blog, Information Security, IT Security, logging, logs, Microsoft, Security, Symantec, syslog, Technology, Windows

Links for October 27, 2008

Windows Syslog Agents Plus Splunk Richard Bejtlich (TaoSecurity) has been mulling strategies for putting Windows Event Logs into Splunk. From SecuiTeam: Microsoft Windows RPC Vulnerability MS08-067 (CVE-2008-4250) FAQ From Microsoft Security Vulnerability Research & Defense: Most common questions that we’ve

Posted in Blog, Information Security, IT Security, Java, JavaScript, Log Management, logging, logs, Microsoft, Secunia, Security, syslog, Windows

Top 11 Reasons to Look at, Collect, and Preserve Your Logs

Anton Chuvakin has followed up his Top 11 Reasons to Collect and Preserve Computer Logs with the Top 11 Reasons to Look at Your Logs.

Posted in IT Security, Log Management, logging, logs, Security, syslog

Windows Logging Tools

Back in July Anton Chuvakin posted a List of Utilized Windows Logging Tools which contains a link to a list of Windows logging tools on the Security Catalyst Community Forums. OSSEC was mentioned; one I haven’t yet looked into.

Posted in Log Management, logging, logs, Security, syslog, Windows

Domain User Logon and Logoff Events

I had the need a few weeks ago to determine the logon and logoff times of users of our system. Fortunately we have the Windows server event logs captured. They are sent to a syslog server using NTsyslog and we created a basic

Posted in Active Directory, Information Security, IT Security, Log Management, logging, Microsoft, Security, syslog, Windows

LogLogic Open Source Windows Log Collection Tool

Eric Fitzgerald posted information that LogLogic has made available an open-source log collection tool called Lasso for Windows logs. According to the LogLogic web site: Responding to customer feedback, LogLogic architected and implemented Project Lasso to provide centralized log management,

Posted in Blog, logging, logs, syslog, Windows
Categories
December 2017
M T W T F S S
« Apr    
 123
45678910
11121314151617
18192021222324
25262728293031