Penetration Testing mailing list archives
Re: Auditing / Logging
From: Travis Schack <Travis () Vitalisec com>
Date: 13 Jan 2004 05:43:21 -0000
In-Reply-To: <Law9-OE46wLCVYl4maE00003f52 () hotmail com>
What software do you recommend for auditing / logging while performing pen-test assessment. I am interested in both network and application level.logging. Thanks -N --------------------------------------------------------------------------- ----------------------------------------------------------------------------
When I am testing, I capture all network traffic using TCPdump (in binary) and I use the script command to capture all terminal activity. I also keep a separate record of all commands (using a spreadsheet, fairly high tech =) with time stamps and system IP address (if I am testing from multiple systems). This allows myself or my client to search for specific activity in the binary TCPdump file. I also keep all output files from all tools (if the tool allows it). Travis Schack Travis () Vitalisec com Vitalisec, Inc. www.Vitalisec.com (720) 297-3300 --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- Auditing / Logging n30 (Jan 12)
- Re: Auditing / Logging Peter Hsu (Jan 12)
- <Possible follow-ups>
- Re: Auditing / Logging Don Parker (Jan 12)
- Re: Auditing / Logging R. DuFresne (Jan 12)
- Re: Auditing / Logging Don Parker (Jan 12)
- Re: Auditing / Logging Frank Knobbe (Jan 13)
- RE: Auditing / Logging Rob Shein (Jan 18)
- RE: Auditing / Logging Steve Armstrong (Jan 20)
- RE: Auditing / Logging Rob Shein (Jan 20)
- Re: Auditing / Logging Travis Schack (Jan 12)
- Re: Auditing / Logging Steve Shah (Jan 13)
- Re: Auditing / Logging cdowns (Jan 13)
- Re: Auditing / Logging Steve Shah (Jan 13)
- Re: Auditing / Logging Don Parker (Jan 13)
- Re: Auditing / Logging Steve Shah (Jan 13)
- Re: Auditing / Logging Don Parker (Jan 13)
- Re: Auditing / Logging Steve Shah (Jan 14)