[logs] Re: Syslog and Windows
Bill Scherr IV
bschnzl at cotse.net
Fri Jun 22 03:23:16 PDT 2007
That would amount to reading the FAQ of the list! Talk about a "duh". I have had LOTS of folks ask me about
this very subject. Especially when I tell them their logs are exposed to hacking. Windows may not a decent
logging platform, (*cough* - 'scuse me) but it is pervasive. Folks are having a lot of mischeivious fun, and no
one has a clue. Put these logs on a central server, and at least they will have something they can trust!
B.
On 22 Jun 2007, a message purporting to be from Chris Brenton appeared:
Subject: Re: Syslog and Windows
From: Chris Brenton <cbrenton at chrisbrenton.org>
To: bschnzl at cotse.net
Copies to: loganalysis <loganalysis at loganalysis.org>
Date sent: Fri, 22 Jun 2007 01:11:40 -0400
> http://www.loganalysis.org/sections/syslog/windows-to-syslog/index.html
>
> Scroll half way down. Kiwi seems to be the most popular but IMHO Windows
> does not make the best logging platform and should be avoided unless you
> are homogeneous.
>
> HTH,
> C
Bill Scherr IV, GSEC, GCIA
Principal Security Engineer
EWA Information and Infrastructure Technologies
bscherr at iit-tek.com
bscherr at ewa.com
703-478-7608
More information about the LogAnalysis
mailing list