Академический Документы
Профессиональный Документы
Культура Документы
EC Council
EC-Council
Module XXXV
Log Management
Penetration Testing
Information
Vulnerability
External
Gathering
Analysis
Penetration Testing
Firewall
i
ll
Penetration Testing
Router and
Switches
Internal
Network
Penetration Testing
Penetration Testing
Wireless
Network
Denial of
Service
Penetration Testing
Penetration Testing
IDS
Penetration Testing
Contd
Application
Penetration Testing
EC-Council
Social
Engineering
Password
Cracking
Penetration Testing
Penetration Testing
Copyright by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Physical
S
Security
i
Database
P
Penetration
i testing
i
VoIP
P
Penetration
i T
Testing
i
War Dialing
VPN
Penetration Testing
Penetration Testing
Virus and
Vi
d
Trojan
Detection
Log
Management
Penetration Testing
File Integrity
Checking
End Here
Data Leakage
Penetration Testing
EC-Council
Security
Patches
Penetration Testing
Email Security
Penetration Testingg
Telecommunication
And Broadband
Communication
Penetration Testing
Copyright by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Introduction
Log files maintain record of all the events occurring in an organizations
systems and networks.
networks
Log management systems are used to manage log files across a network.
Since threats against the systems and networks has increased, security of
the log management systems also need to be increased.
Logs are classified into:
Security software logs: These logs record all instances of detected
vulnerabilities to software.
Operating system logs: These logs record all instances of detected
vulnerabilities to the operating system.
EC-Council
Copyright by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
EC-Council
EC-Council
Copyright by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
EC-Council
Copyright by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
EC-Council
Copyright by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
EC-Council
Copyright by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
EC-Council
Copyright by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
EC-Council
Copyright by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
EC-Council
Copyright by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
EC-Council
Copyright by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
EC-Council
Copyright by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
EC-Council
Copyright by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Copyright by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
EC-Council
Copyright by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Summary
Log files are the files that maintain record of all the events
occurring in an organizations systems and networks.
Logs are used to perform auditing and forensic analysis in
investigation of malicious activities.
Most syslog
y g implementations
p
use the connectionless unreliable
UDP to transfer logs between hosts.
Use updated version of software for logging mechanisms.
mechanisms
Ch k th
Check
the iinternal
t
l clock
l k off th
the system.
t
EC-Council
Copyright by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
EC-Council
Copyright by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited