WebApp Sec mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Win2k3 logging the IP address of failed FTP attempts

From: "Bob Auger" <bauger () spidynamics com>
Date: Wed, 14 Jun 2006 09:08:57 -0400
IIS logging is performed independently of the operating system.



http://www.microsoft.com/windows2000/en/server/iis/default.asp?url=/WIND
OWS2000/en/server/iis/htm/core

/iiabtlg.htm



There are several tools you could use to parse the IIS logs and dump

them into event viewer entries. I once used some flakey web agents from
Pentasafe, >> unsure if NetIQ has maintained these.


If tracking IIS logs is important to you, I wrote an article that many
of you would be interested in.

Preventing Log Evasion in IIS
http://www.webappsec.org/projects/articles/082905.shtml



Regards,

Robert Auger
SPI Labs
rauger () spidynamics com
Start Secure. Stay Secure.
Security Assurance Throughout the Application Lifecycle

-------------------------------------------------------------------------
Sponsored by: Watchfire

Today's hackers exploit web applications to expose, embarrass and even
steal. Firewalls and SSL may be commonplace but recent studies indicate
3 out of 4 websites remain vulnerable to attack. Watchfire's "Addressing
Challenges in Application Security" whitepaper, explains what to do and
provides a guideline to improving your own application security.
Download this whitepaper today!

https://www.watchfire.com/securearea/whitepapers.aspx?id=701300000007t9m
--------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: