Solved

Looking for tool to review IIS logs to specifically look for malicious activity.

Posted on 2008-06-10
1
336 Views
Last Modified: 2013-12-07
I am looking for a tool to review IIS logs to specifically look for malicious activity.  We would like to know if any malicious activity is being directed at our web sites and where geographically it originated from.  Would also like to know if the malicious users were able to succesfully access anything during their attempts.

We used to do this manually but do to the amount of webservers and sites we have not it is just not practical any longer.  We have a tool that allows us to analyze where the traffic was from and what they were accessing, but there is no way to specifically look for patterns that might identify mailicious intent.

I have looked at quite a few products but none of them mention the security aspect I am looking for, but they may actually provide it.  So if anyone has any experience with any products that might fit the bill I would greatly appreciate it.

Thanks in advance for any assistance.
0
Comment
Question by:IT_Admin_AK
1 Comment
 
LVL 51

Accepted Solution

by:
Ted Bouskill earned 250 total points
ID: 21797094
Doing it in the IIS logs is inefficient and may not even work.  Many hacks involve buffer overruns or other strategies that won't show in the log.

You are far better off using a hardware appliance that does this with all those features built in.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are a web developer, you would be aware of the <iframe> tag in HTML. The <iframe> stands for inline frame and is used to embed another document within the current HTML document. The embedded document could be even another website.
Get to know the ins and outs of building a web-based ERP system for your enterprise. Development timeline, technology, and costs outlined.
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…
The viewer will get a basic understanding of what section 508 compliance can entail, learn about skip navigation links, alt text, transcripts, and font size controls.

914 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now