Government Security
Network Security Resources

Jump to content

Photo

Scan Your Security Event Log Online

- - - - - security windows audit auditing
  • Please log in to reply
9 replies to this topic

#1 Kenny

Kenny

    Former Commander In Chief

  • Retired Admin
  • 6,747 posts

Posted 17 August 2003 - 05:00 PM

Scan your security event log online

Check for high security events happening on your machine, such as users logging on to your machine, accesses to important files on your machine, failed logon attempts, security policy changes to your machine, and more! Use EventLogScan to check that your system is truly secure!

How it works

EventLogScan will install an ActiveX control on your machine and analyse all the events in your security event log. After the analysis, it will present you with an HTML report (sample) with all the critical, high and medium security events found and a brief explanation of each. To perform the scan, you must download the ActiveX control to your machine. You will be prompted to download the EventLogScan Service ActiveX Control. Select "Yes" to download and start the test.

Requirements for the test

Windows NT, 2000 or XP as operating system.

**Not** Windows 9X or ME! How to check your OS version ?

type at the run command :winver

Auditing must be switched on. How to check if auditing is switched on & how to switch it on

You must have rights and privileges to access the security log on your machine. How to check whether you can access the security log

Internet Explorer 4 or later

with the Internet security settings set to Medium. How to check/set your IE settings


Legal information

The information found in this test is not retained or sold in any way by WindowSecurity.com. Warning: By clicking the "Scan my event logs!" button, you agree to let EventLogScan scan your security event logs and you also agree to hold WindowSecurity.com blameless and free of any liability for anything that happens as a result of the event log scan.


WindowSecurity

C
Kenny aka ComSec

Please read the Forum Rules !!!

______________________

#2 dw-chow

dw-chow

    Specialist

  • Members
  • 127 posts

Posted 29 September 2004 - 09:49 AM

that seems useful to administrators on the go, but how would one do it indepdently without the need to use a 3rd party server [other than to setup their owns ids or something in that nature]

#3 Guest_Bedosman_*

Guest_Bedosman_*
  • Guests

Posted 29 September 2004 - 11:38 AM

Thx ComSec for this Tool , I think it will help me to track some strange event that are running on my Pc this last week , eg my tftp.exe run itself .... Maybe I was hacked :angry: but with this I could analyse what my computer is doing ... ;:)

Thx :)

#4 dlproof

dlproof

    Private

  • Members
  • 13 posts

Posted 27 June 2005 - 06:50 PM

To scan ur event logs without 3rd party programs (XP only). Goto control panel, then administrative tools, then event viewer. Click on the security tab and then it will show u ur security logs.

#5 go0x

go0x

    Private

  • Members
  • 9 posts

Posted 28 June 2005 - 04:14 AM

nice site.

...if you are realy paranoid you could implement syslog protocol in m$ windows or instal snort. :)

#6 myth

myth

    Staff Sergeant

  • Members
  • 408 posts

Posted 28 June 2005 - 04:57 AM

On the topic of Even Viewer,

www.eventid.net

Use that site when you have an error in your event log that you dont know what it is, what caused it, etc, just get the Event ID and type it into the inputbox at eventid.net's front page.

#7 tanveer

tanveer

    Private

  • Members
  • 2 posts

Posted 06 January 2006 - 02:21 AM

Kenny L! It would be very helpfull for me. can you tell me from where i can download active x control to perform event scan.

#8 packet

packet

    Specialist

  • Sergeant Major
  • 649 posts

Posted 06 January 2006 - 06:39 AM

Tanveer, look very closely at his message and try to pick out the underlined link to the product, its near the bottom.

--P>G>>
Abusus non tolit usum
The gopher is back!

#9 darksystem

darksystem

    Private

  • Members
  • 3 posts

Posted 02 February 2008 - 02:29 AM

thanks man good method to see your events logs!!





-----------------------
http://www.ahcrew.info --->Albanian Hackerz Crew!!!

#10 goodswitch

goodswitch

    Private

  • Members
  • 7 posts

Posted 02 December 2011 - 07:34 PM

nice site.

...if you are realy paranoid you could implement syslog protocol in m$ windows or instal snort. /forum/public/style_emoticons/default/smile.gif

check it
cisco router





Also tagged with one or more of these keywords: security, windows, audit, auditing