Honeypots
RE: How to monitor events in Windows? Nov 02 2007 02:23PM
Francisco Rodrigo Cortinas Maseda (francisco cortinas jazztel com)
Try evntwin.exe

It is an integrated solution on Microsotf Windows Servers to translate events (all types) and alarms to snmp traps. Obviusly, you will need also an snmp collector to view this traps on other server.

There is also a console app, EVNTCMD.EXE.

Try google this apps to know more about them. Im using them to monitor W2K servers.

Regards.

-----Mensaje original-----
De: listbounce (at) securityfocus (dot) com [email concealed] [mailto:listbounce (at) securityfocus (dot) com [email concealed]] En nombre de Jan Heisterkamp
Enviado el: miércoles 31 de octubre de 2007 14:16
Para: mybayern1974 (at) sjtu.edu (dot) cn [email concealed]
CC: honeypots (at) securityfocus (dot) com [email concealed]
Asunto: Re: How to monitor events in Windows?

Try Nagios [1] or GroundWork Monitor Open Source 5.0.5 [2] [1]http://www.nagios.org/ [2]http://richard.trezza.us/vmach/index.html

Regards,
Jan
mybayern1974 (at) sjtu.edu (dot) cn [email concealed] schrieb:
> I want to know everything happend in my Windows box, including both
> local events and network events. Is there such a tool? I know sebek is
> a good choise, but unfortunately the sebek client is unable to work in
> windows box located in Virtual Machine like VMware. (It will cause
> "blue screen" when rebooting after finishing configuration.)
> Furthermore, I know another choice named "spector", but it's a
> commercial one.
>
> So, is there any free one I can get?
>
> Thanks in advance!
>
>
>
>

--
Grupo Ampersand S.A.
IT-Security Consultants & Auditors
Apdo. 924 Escazu 1250
Costa Rica C.A.
Phone: (506)588-0432
ceo_at_ampersanded.com [corp.]
janheisterkamp_at_web.de [priv.]

Antes de imprimir este e-mail piense bien si es necesario hacerlo.

Antes de imprimir este e-mail piense bien si es necesario hacerlo.

*********
Este mensaje es privado y CONFIDENCIAL y se dirige exclusivamente a su destinatario. Si usted ha recibido este mensaje por error, no debe revelar, copiar, distribuir o usarlo en ningún sentido. Le rogamos lo comunique al remitente y borre dicho mensaje y cualquier documento adjunto que pudiera contener. El correo electrónico via Internet no permite asegurar la confidencialidad de los mensajes que se transmiten ni su integridad o correcta recepción. JAZZTEL no asume responsabilidad por estas circunstancias. Si el destinatario de este mensaje no consintiera la utilización del correo electrónico via Internet y la grabación de los mensajes, rogamos lo ponga en nuestro conocimiento de forma inmediata.Cualquier opinión expresada en este mensaje pertenece únicamente al autor remitente, y no representa necesariamente la opinión de JAZZTEL, a no ser que expresamente se diga y el remitente esté autorizado para hacerlo.
*********
This message is private and CONFIDENTIAL and it is intended exclusively for its addressee. If you receive this message in error, you should not disclose, copy, distribute this e-mail or use it in any other way. Please inform the sender and delete the message and attachments from your system.Internet e-mail neither guarantees the confidentiality nor the integrity or proper receipt of the messages sent. JAZZTEL does not assume any liability for those circumstances. If the addressee of this message does not consent to the use of Internet e-mail and message recording, please notify us immediately.Any views or opinions contained in this message are solely those of the author, and do not necessarily represent those of JAZZTEL, unless otherwise specifically stated and the sender is authorised to do so.
*********

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus