>Dear security-basic members >Since now, i have to be responsable of the log review on windows >machines, i am a complete newbie at this , can someone help me with your >experience >in this process?, Does somebody know about a tool or a "Best Practice >Guide" that let me know the most important points i must take care of.
Hi Victor, We use a product called LANguard Security Event-log Monitor by GFI (see http://www.gfi.com/lanselm/index.html) for the Windows systems we monitor. It's fully customizable with email notification etc for specified events. It should be noted that whilst automated log-viewers/managers are excellent tools, you should never rely upon them entirely. Microsoft has got some good "how-to" guides on their technet web-site, see: http://www.microsoft.com/technet/treeview/default.asp?url=/technet/secur ity/default.asp Regards, Darren McKeown Senior Internetworking Engineer Relative Networks Pty Ltd When encryption is outlawed, only outlaws will have encryption! Relative Networks - "It's the way of the future!" NOTICE - This e-mail and any files transmitted with it are confidential and are only for the use of the person to whom they are addressed. If you are not the intended recipient you have received this e-mail in error and if so please reply immediately. Any use, printing, dissemination, forwarding, copying or dealing in any way whatsoever with this e-mail is strictly prohibited. Relative Networks Pty Ltd do not accept any responsibility for changes made to this message after it was sent. It is the addressee/recipients duty to virus scan, and test the information provided before loading onto any computer system or applying to a production server. Relative Networks Pty Ltd does not warrant that the information is free of a virus, defect or other kind of error. Any views expressed in this message are those of the individual sender, except where the sender specifically states them to be the views of Relative Networks Pty Ltd and has the relevant authority to do so.
