Data capture on Windows and Solaris Boxes

["Brennen Reynolds" <brennen-ml () off-pisteconsulting com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Good Day All,

        I have been tasked with building and maintaining a Gen II style Honeynet
for a client. The client is very adamant that the individual Honeypots
resemble their current network. Therefore all of the boxes will either be
Windows NT 4.0, Windows 2000 or Solaris 8. I have been trying to locate
utilities to help in the data capture at the end host and have only had
limited success. For the Windows machines I have found ComLog and the
Eventlog to Syslog utility, but have come up empty for Solaris. I was hoping
some of you would have some pointers to other utilities. My feeling is in a
worst case scenario I will attempt to port some of the utilities written for
Linux and *BSD to Solaris. Any pointers would be greatly appreciated.
Thanks.

Brennen Reynolds

- --
Brennen Reynolds - Chief Consultant/Owner - Off-Piste Consulting, LLC

Email: brennen at off-pisteconsulting dot com  Voice:  (209) 258-4584
WWW:   http://www.off-pisteconsulting.com      Fax:    (209) 258-4584

PGP Fingerprint:
E868 8B0D 175D 7394 E7AE  9E71 38CC 2B63 A1EB 9D9F

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0

iQA/AwUBPnDEhDjMK2Oh652fEQL4BgCbBDAQC7cEuWXWo5eKrBNGhbCkyM0AoJ0i
joRbecIGODlLzHJR2W0NHKed
=ncwH
-----END PGP SIGNATURE-----