Re: Auditing / Logging

From: Peter Hsu (phsu@pacbell.net)
Date: Mon Jan 12 2004 - 14:32:47 EST


n30 wrote:

>Folks,
>
>What software do you recommend for auditing / logging while performing
>pen-test assessment.
>
>I am interested in both network and application level.logging.
>
>Thanks
>-N
>
>---------------------------------------------------------------------------
>----------------------------------------------------------------------------
>
>
>

Pursecure (www.puresecure.com) is a pretty nice tool for real-time
monitoring of an attack. It's and IDS and gives you a nice idea of what
someone who is running and IDS might see. It also (sort of) logs
activity. It's a commercial front end to snort (available for free to
personal users), so some of you may prefer to use use ACID, which may
come with a license more to your liking. Of course, your can always use
tcpdump (or your GUI equivalent) to capture the raw data.

P H

---------------------------------------------------------------------------
----------------------------------------------------------------------------



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:45 EDT