Solved

Looking for tool to review IIS logs to specifically look for malicious activity.

Posted on 2008-06-10
1
337 Views
Last Modified: 2013-12-07
I am looking for a tool to review IIS logs to specifically look for malicious activity.  We would like to know if any malicious activity is being directed at our web sites and where geographically it originated from.  Would also like to know if the malicious users were able to succesfully access anything during their attempts.

We used to do this manually but do to the amount of webservers and sites we have not it is just not practical any longer.  We have a tool that allows us to analyze where the traffic was from and what they were accessing, but there is no way to specifically look for patterns that might identify mailicious intent.

I have looked at quite a few products but none of them mention the security aspect I am looking for, but they may actually provide it.  So if anyone has any experience with any products that might fit the bill I would greatly appreciate it.

Thanks in advance for any assistance.
0
Comment
Question by:IT_Admin_AK
1 Comment
 
LVL 51

Accepted Solution

by:
Ted Bouskill earned 250 total points
ID: 21797094
Doing it in the IIS logs is inefficient and may not even work.  Many hacks involve buffer overruns or other strategies that won't show in the log.

You are far better off using a hardware appliance that does this with all those features built in.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Read about why website design really matters in today's demanding market.
"In order to have an organized way for empathy mapping, we rely on a psychological model and trying to model it in a simple way, so we will split the board to three section for each persona and a scenario and try to see what those personas would Do,…
This tutorial demonstrates how to identify and create boundary or building outlines in Google Maps. In this example, I outline the boundaries of an enclosed skatepark within a community park.  Login to your Google Account, then  Google for "Google M…
The is a quite short video tutorial. In this video, I'm going to show you how to create self-host WordPress blog with free hosting service.

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question