Security Basics mailing list archives
Re: Integrating logs from PIX, IIS and WAS
From: phunked up! <phunkodelic () gmail com>
Date: Fri, 28 Oct 2005 11:06:07 -0400
Not a bad book either. I own it. 8-) On 10/28/05, Andrew Williams <Andrew () syngress com> wrote:
If you want more info on Log Parser, we published a book on it: http://www.amazon.com/exec/obidos/tg/detail/-/1932266526/qid=1130505795/ sr=2-1/ref=pd_bbs_b_2_1/104-2058717-7732767?v=glance&s=books -Andrew -----Original Message----- From: phunked up! [mailto:phunkodelic () gmail com] Sent: Thursday, October 27, 2005 8:35 AM To: Luis Angel Fernandez Cc: security-basics () securityfocus com Subject: Re: Integrating logs from PIX, IIS and WAS Go to www.logparser.com. Use that with a back end database such as MySQL or micorosft Sql (express is free) which will allow you to do analysis of the logs. I am also doing the same sort of thing and am using the above mentioned tools. On 10/26/05, Luis Angel Fernandez <lafernandez () matchmind es> wrote:-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello, I am investigating about tools for integrate (store and analysis) logs from different souces (Cisco PIX, IIS, WAS app server, syslog).Thegoal is be able of follow up a the behavior of a possible intruder throught a scenario based on that products. Which is your method for doing a forensic task like this? Which tools could help for this task? Regards. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iQCVAwUBQ1+eO3h5cEbo8TeiAQLOqAP8DctPlYwp31gbPVYeiKJoNOLVzmfXlE2T xrH6fheN54odc8WY0VmyYWBTDwe2PDKJoq4ePcmshBjv5Nz5H/fkD746eajMxhwB RYVnbNL4JoxE6nAMv8IR17yMEudFCE1bHE0dKAQFRl+veNUoxkZfR/LBkg2+/W9j vXjxgrV8Aps= =MRJ9 -----END PGP SIGNATURE-----
Current thread:
- Integrating logs from PIX, IIS and WAS Luis Angel Fernandez (Oct 26)
- Re: Integrating logs from PIX, IIS and WAS phunked up! (Oct 27)
- Re: Integrating logs from PIX, IIS and WAS Luis Fernandez (Oct 27)
- RE: Integrating logs from PIX, IIS and WAS Brian Loe (Oct 28)
- Re: Integrating logs from PIX, IIS and WAS Ivan . (Oct 27)
- <Possible follow-ups>
- RE: Integrating logs from PIX, IIS and WAS Andrew Williams (Oct 28)
- Re: Integrating logs from PIX, IIS and WAS phunked up! (Oct 28)
- Re: Integrating logs from PIX, IIS and WAS phunked up! (Oct 27)