?
Solved

Windows Server 2003 - Log file monitoring and response - Efficient blocking of malicious IP's

Posted on 2008-09-29
4
Medium Priority
?
933 Views
Last Modified: 2008-11-01
I need to setup a log file monitoring solution. I can spend 5-15 hours programming one or I can use an existing one (preferred).

I need a response to occur when a malicious IP address is hitting my server.

The response would hopefully install an IP filter to block the IP or at least send me an email alerting me to what is occurring.

Any thoughts?



0
Comment
Question by:hamlin11
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
4 Comments
 
LVL 6

Expert Comment

by:dathho
ID: 22600253
Why not use standard blacklists.
What e-mail software and version?
0
 

Author Comment

by:hamlin11
ID: 22682348
hmailserver - latest version
0
 

Author Comment

by:hamlin11
ID: 22760249
any thoughts?
0
 

Accepted Solution

by:
hamlin11 earned 0 total points
ID: 22817945
Well, hamlin11 - you should write a program that sends you an email when an anomaly is detected. The log files are text-based so you may as well monitor them yourself.
0

Featured Post

Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Remote Apps is a feature in server 2008 which allows users to run applications off Remote Desktop Servers without having to log into them to run the applications.  The user can either have a desktop shortcut installed or go through the web portal to…
A quick step-by-step overview of installing and configuring Carbonite Server Backup.
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question