LogAnalysis Mode:
(Page 11 of 91)  < Prev  6 7 8 9 10 11 12 13 14 15 16  Next >
[logs] OSSEC v1.4 Released 2007-10-30
Daniel Cid (dcid ossec net)
Hi List,

I am pleased to announce the general availability of OSSEC version 1.4.

For those new here, OSSEC is an Open Source Host-based Intrusion
Detection System. It performs log analysis, integrity checking,
Windows registry monitoring, rootkit detection, real-time alerting and
active response.

[ more ]  [ reply ]
[logs] "Missing" Microsoft Event Log events 2007-10-30
Tina Bird (tbird precision-guesswork com)

Hi all --

In my latest bout of centralizing information about events relevant to
administration and compliance management, I am reviewing my documentation on
Microsoft audit policies and the events they control. This work uses this
document

http://www.splunkbase.com/howtos/Operating_Systems/Windo

[ more ]  [ reply ]
[logs] Logging oddity from FreeBSD 2007-10-26
Tina Bird (tbird precision-guesswork com) (1 replies)

Hi all -- I've discovered a bit of syslog data that I can't explain.

Jun 13 00:57:57 <hostname> kernel: Jun 13 00:57:57 <hostname>
named[45636]: transfer of 'example.com/IN' from xyz.xyz.xyz.xyz#53: failed
to
connect: timed out

For those of us with mail clients that automatically line wrap, that'

[ more ]  [ reply ]
Re: [logs] Logging oddity from FreeBSD 2007-10-26
Mordechai T. Abzug (morty frakir org) (1 replies)
RE: [logs] Logging oddity from FreeBSD 2007-10-26
Tina Bird (tbird precision-guesswork com) (1 replies)
[logs] Feedback Needed: Large Scale Syslog Management 2007-10-29
Clayton Dukes (cdukes) (cdukes cisco com)
[logs] PacSec 2007 Agenda (Tokyo 11-29/30) 2007-10-22
Dragos Ruiu (dr kyx net)
Talk selections for PacSec 2007 - November 29 and 30 - Aoyama Diamond Hall

-------
- Programmed I/O accesses: a threat to virtual machine monitors? - Loic
Duflot,

- Developing Fuzzers with Peach - Michael Eddington, Leviathan Security

- Cyber Attacks Against Japan - Hiroshi Kawaguchi, LAC

- Win

[ more ]  [ reply ]
[logs] How to send an email using pipe method ? 2007-09-30
Florent Gilain (florent gilain direct-energie com) (2 replies)
Hello all,

I have a little problem to setup my config file ; here are informations i
can give you about my setup, I try to monitor failed PROFTPD login attempts
:

/etc/logsurrfer/logsurfer.conf :

'^([a-zA-Z]{3} [0-9]{2}) ([0-9]{2}:[0-9]{2}:[0-9]{2}) (.*)
proftpd\[([0-9]+)\]: (.*) \(([0-9

[ more ]  [ reply ]
Re: [logs] How to send an email using pipe method ? 2007-10-01
Kerry Thompson (kerry crypt gen nz)
Re: [logs] How to send an email using pipe method ? 2007-10-01
Daniel Cid (dcid ossec net)
[logs] Database Logging (some info) 2007-09-30
Daniel Cid (dcid ossec net)
Hi list,

We had some great discussions in the past about database logging, and
we all know the importance of it, but it seems to be a gap regarding
this topic (hard to find documents about it, very few people actually
do it, etc).

Is there any public information about it? Anyone has real numbers (

[ more ]  [ reply ]
[logs] Error message with init script for redhat : ": line 126: [:too many arguments" 2007-09-29
Florent Gilain (florent gilain direct-energie com) (1 replies)
Hello all,

I?m a new user of logsurfer, I?m running it onto a RHEL3ES linux server.

Here is the output of the redhat init script with a ?set ?x? added into it :

[root@supervision root]# /etc/init.d/logsurfer start | more

+ '[' -f /etc/sysconfig/logsurfer ']'

+ LOGSURFER_HOME=/etc/logsu

[ more ]  [ reply ]
[logs] Hello, new subscriber here 2007-09-27
Greg Vickers (g vickers qut edu au)
Hi all,

I've been told about this list, and as we are implementing a SEM
solution, I thought I'd subscribe. I'm looking forward to hearing tips
and tricks from the list members.

Cheers,
--
Greg Vickers
IT Security Engineer & Project Manager
IT Security, Network Services,
Information Technology

[ more ]  [ reply ]
[logs] a bit more on log mining 2007-09-27
Anton Chuvakin (anton chuvakin org)
All,

I mentioned this preso on log mining on the list in the past, but
never released a copy (only privately). I think time for it has come:
http://chuvakin.blogspot.com/2007/09/another-presentation-final-full-log
.html

Best,
--
Anton Chuvakin, Ph.D., GCIA, GCIH, GCFA
http://www.chuvakin.o

[ more ]  [ reply ]
[logs] A note about acronyms 2007-09-27
Tina Bird (tbird precision-guesswork com)

We've used a lot of acronyms in the current thread about firewall logs.
Old-timers, please try to remember that there are a lot of list subscribers
who probably don't know what a particular acronym means in the context of
logs and firewalls. Newbies, please feel free to ask questions, or, if
you've

[ more ]  [ reply ]
[logs] SIM Analysis of Firewall Logs 2007-09-27
saudi sans (saudisans gmail com) (5 replies)
Hi

we have 6 firewalls - 2 of them facing Internet , 4 internal

We are analysing their log using a leading SIM solution

Looking for help in identifying meaningful/actionable reports that we
can get from Firewall log analysis

-- From DENY traffic

-- Currently we take daily reports on - Top 10 a

[ more ]  [ reply ]
Re: [logs] SIM Analysis of Firewall Logs 2007-09-28
Ajay Kumar (ajaykumar adventnet com)
Re: [logs] SIM Analysis of Firewall Logs 2007-09-27
Adrian Grigorof (adi grigorof com)
Re: [logs] SIM Analysis of Firewall Logs 2007-09-27
Ron Gula (rgula tenablesecurity com) (1 replies)
Re: [logs] SIM Analysis of Firewall Logs 2007-09-27
Michael Kinsley (michael kinsley sensage com) (1 replies)
Re: [logs] SIM Analysis of Firewall Logs 2007-09-27
Michael Kinsley (michael kinsley sensage com)
Re: [logs] SIM Analysis of Firewall Logs 2007-09-27
Anton Chuvakin (anton chuvakin org) (1 replies)
Re: [logs] SIM Analysis of Firewall Logs 2007-09-27
David Corlette (dcorlette novell com)
Re: [logs] SIM Analysis of Firewall Logs 2007-09-27
Daniel Cid (dcid ossec net)
(Page 11 of 91)  < Prev  6 7 8 9 10 11 12 13 14 15 16  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus