Snare for Windows 2.6.4
Snare for Windows is a Windows NT, Windows 2, Windows XP, and Windows 2003 compatible service designed to interact with the underlying Windows Eventlog subsystem to facilitate remote, real-time transfer of event log information.
|
Snare for Windows is a Windows NT, Windows 2, Windows XP, and Windows 2003 compatible service designed to interact with the underlying Windows Eventlog subsystem to facilitate remote, real-time transfer of event log information.
Snare is a program that facilitates the central collection and processing of
Windows NT/2/XP/2003 Event Log information. All three primary event logs(Application, System and Security) are monitored, and the secondary logs (DNS, Active Directory, and File Replication) are monitored if available. Event information is converted to tab delimited text format, then delivered over UDP to a remote server.
Snare is currently configured to deliver audit information to a SYSLOG server
running on a remote (or local) machine. A configuration utility allows you to set the appropriate syslog target and priority, as well as the target DNS or IP address of the server that should receive the event information. It should be noted that many syslog servers are not designed to cope with the sorts of volume of data that multiple snare agents can potentially generate.
The Snare service will automatically start after you have completed the initial
configuration process. It is recommended that you configure each of your event logs to 'overwrite as required', as opposed to 'overwrite > 7 days', which is the default on Windows 2 machines.
We also recommend that you configure appropriate access controls on the Snare registry entries using regedt32.exe - perhaps restricting the permission to read or modify the keys and values to Local or Domain Administrators only.
Snare stores it's registry settings in: HKEY_LOCAL_MACHINESOFTWAREInterSect AllianceAuditService
Please remember that event monitoring is a complex area in most modern operating systems, and is not often very granular. Turning on significant event monitoring for a system can often produce unpredictable results, and could seriously detract from the resources available to the rest of your system or network.
We recommend that you have a good understanding of exactly what event information is going to be used for, proir to enabling event monitoring on your servers.
tags event monitoring that you event information you configure recommend that event log log information you have are monitored with the the snare event logs
Download Snare for Windows 2.6.4
Download Snare for Windows 2.6.4
Authors software
Snare for Windows 2.6.4
InterSect Alliance
Snare for Windows is a Windows NT, Windows 2, Windows XP, and Windows 2003 compatible service designed to interact with the underlying Windows Eventlog subsystem to facilitate remote, real-time transfer of event log information.
Snare BackLogr 1.2
InterSect Alliance
The Snare BackLog application is a program that provides a central collection facility for a variety of log sources, including Snare Agents for Windows, Solaris, AIX, Irix, ISA Server, IIS Server, Lotus Notes (and others), plus any device capable of sending data to a syslog server.
Similar software
Snare for Windows 2.6.4
InterSect Alliance
Snare for Windows is a Windows NT, Windows 2, Windows XP, and Windows 2003 compatible service designed to interact with the underlying Windows Eventlog subsystem to facilitate remote, real-time transfer of event log information.
Snare BackLogr 1.2
InterSect Alliance
The Snare BackLog application is a program that provides a central collection facility for a variety of log sources, including Snare Agents for Windows, Solaris, AIX, Irix, ISA Server, IIS Server, Lotus Notes (and others), plus any device capable of sending data to a syslog server.
Event Catcher 1.0.0.24
Eric Fetty
Event Catcher is a task-tray utility that will monitor local or remote windows boxes for new entries in their event log.
Event Engineer 1.0
Cyntrigal
Event Engineer lets you to quickly gather and organize your event logs from all of your connected servers.
Ascella Log Monitor 1.0
AAR Software Ltd.
Ascella Log Monitor monitors the Windows event logs at real-time for any activity that matches the specified rules.
LanSpy 2.0.0.155
Lantricks.com
LanSpy gives you a network security scanner, that allows getting different information about the system: Domain and NetBios names, MAC address, Server information, Domain and Domain controller information, Remote control, Time, Discs, Transports, Users, Global and local users groups, Policy settings, Shared resources, Sessions, Open files, Services, Registry and Event log information.
PsLogList 2.62
Mark Russinovich
The Resource Kit comes with a program, elogdump, which allows you to dump the contents of an Event Log on the local or a remote computer.
Microsoft User Profile Hive Cleanup Service 1.6d
Microsoft
On Windows 2000 the service deals with application event log event 1000 from source Userenv where the message indicates that the profile is not unloading and the error is "Access is denied".
Event 'Minder 1.1
Chris Stromberger
Event 'Minder is a small reminder program that will help you remember birthdays, anniversaries, etc.
ServerMonitor Free 3.3.2.8
Power Admin LLC
Server Monitor Free is for anyone who wants a simple monitoring and doesn't want to spend a lot fot it.
Other software in this category
VisualICE Report Utility 4.7
Visualize Software
VisualICE Report Utility - so what do you do if you would like to know more about what the hacker tried to do, who he is, where he`s from or how to report him to the proper authorities?
That`s where VisualICE Report Utility comes in.
Gopher Smoker .06
PivX Sollutions, LLC
PivX Solutions, LLC released a program appropriately named `Gopher Smoker`.
Bouncer for Windows 1.0 RC6
Chris Mason
Bouncer is a network tool which allows you to bypass proxy restrictions and obtain outside connections from an internal LAN.
Slap 1.2.2.0
Security Software
If your like me you run firewall software that tells you when someone tries to access your system.
VisualZone Report Utility 5.7
Visualize Software
VisualZone Report Utility is a report utility and an intrusion analyser for ZoneAlarm and ZoneAlarm Pro.