Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

ISS Logging Question

From: Leon <roastin () yahoo com>
Date: Thu, 10 Feb 2005 21:04:41 -0800 (PST)
Hi everyone,

I have logging set up on my webserver and this is
working fine.  When a user goes to a virtual directory
that requires authentication the log shows me the
username they authenticated with.  What I was
wondering is if there was a way to see what usernames
people are trying when they try to get into a virtual
directory and fail.  So lets say I have one called
http://www.example.com/secrets

If a user trys to brute force his way in I would like
to see what usernames (and possibly passwords) he is
trying.

Can this be done with ISS and if not can someone
suggest a robust logging tool that has this feature
included?

Thanks


                
__________________________________ 
Do you Yahoo!? 
Take Yahoo! Mail with you! Get it on your mobile phone. 
http://mobile.yahoo.com/maildemo
Previous By Date Next
Previous By Thread Next

Current thread: