|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Terminal Services Auditing?
From: alexandre (alexandre
secrel.net.br)
Date: Mon Oct 27 2003 - 14:05:39 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Zebedee - a simple, free, secure TCP and UDP tunnel program
As I read, u install this tool to establish a secure TCP/UDP connection
between the hosts... The way to log in, u mean, is using this tool and log
thru it?
----- Original Message -----
From: "Erik Birkholz" <erikfoundstone.com>
To: <alexandresecrel.net.br>; <focus-mssecurityfocus.com>
Sent: Friday, October 24, 2003 6:13 PM
Subject: Re: Terminal Services Auditing?
It doesn't log the source IP for each connection. Mark Burnett wrote a good
article about supplementing this short-coming using a tool called Zebedee.
You can find the article on SecurityFocus.com
Apparently this is not available functionality in Win2003 TS either. I
haven't tested this yet.
Erik
---------------------------------------
(Msg from BlackBerry Wireless Handheld)
---------------------------------------
Erik Pace Birkholz - CISSP, MCSE
Foundstone, Inc.
Strategic Security
Read Special Ops and mount an assault to eradicate network negligence today.
www.SpecialOpsSeries.com
[Tel] 949.297.5591
[Cel] 323.252.5916
[Fax] 949.297.5575
[pgp] https://www.foundstone.com/pgpkeys/erik-birkholz.asc
-----Original Message-----
From: alexandre <alexandresecrel.net.br>
To: focus-mssecurityfocus.com <focus-mssecurityfocus.com>
Sent: Fri Oct 24 10:05:19 2003
Subject: Terminal Services Auditing?
Hi all,
continuing the TS subject, I think that someone is having access to one of
my servers thru Terminal Services... anyone know how can I audit these TS
logins?? I looked at the events but didn't find any ip logged.
Thanks
---------------------------------------------------------------------------
FREE Whitepaper: Better Management for Network Security
Looking for a better way to manage your IP security?
Learn how Solsoft can help you:
- Ensure robust IP security through policy-based management
- Make firewall, VPN, and NAT rules interoperable across heterogeneous
networks
- Quickly respond to network events from a central console
Download our FREE whitepaper at:
http://www.securityfocus.com/sponsor/Solsoft_focus-ms_031015
---------------------------------------------------------------------------
---------------------------------------------------------------------------
FREE Whitepaper: Better Management for Network Security
Looking for a better way to manage your IP security?
Learn how Solsoft can help you:
- Ensure robust IP security through policy-based management
- Make firewall, VPN, and NAT rules interoperable across heterogeneous
networks
- Quickly respond to network events from a central console
Download our FREE whitepaper at:
http://www.securityfocus.com/sponsor/Solsoft_focus-ms_031015
---------------------------------------------------------------------------
---------------------------------------------------------------------------
Network with over 10,000 of the brightest minds in information security
at the largest, most highly-anticipated industry event of the year.
Don't miss RSA Conference 2004! Choose from over 200 class sessions and
see demos from more than 250 industry vendors. If your job touches
security, you need to be here. Learn more or register at
http://www.securityfocus.com/sponsor/RSA_focus-ms_031027
and use priority code SF4.
---------------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]