http://msmvps.com/blogs/yamaken/archive/tags/Interoperability/default.aspxTags: InteroperabilityenCommunityServer 2008.5 SP2 (Build: 40407.4157)http://msmvps.com/blogs/yamaken/archive/2004/05/16/6546.aspxSun, 16 May 2004 23:36:00 GMTd67277c4-116b-43f1-b688-e9ef184ea916:6546kenji0http://msmvps.com/blogs/yamaken/rsscomments.aspx?PostID=6546http://msmvps.com/blogs/yamaken/archive/2004/05/16/6546.aspx#comments<p>From <a title="seculogger" href="http://www.7th-angel.net/seculog/" target="_blank">seculogger</a>'s <a href="http://www.7th-angel.net/seculog/item/548.html" target="_blank">blog</a>.</p> <p><a href="http://www.activeworx.org/programs/hsc/index.htm">Honeynet Security Console</a></p> <p>It seems very neat. I decided that I should evaluate this, with <a href="http://project.honeynet.org/tools/sebek/" target="_blank">sebek!</a></p><div style="clear:both;"></div><img src="http://msmvps.com/aggbug.aspx?PostID=6546" width="1" height="1">MiscSecurity tipsToolsInteroperabilityWindows managementhttp://msmvps.com/blogs/yamaken/archive/2004/04/14/snmp-and-wmi-on-windows-wmiex-msft-net.aspxWed, 14 Apr 2004 04:00:00 GMTd67277c4-116b-43f1-b688-e9ef184ea916:4943kenji0http://msmvps.com/blogs/yamaken/rsscomments.aspx?PostID=4943http://msmvps.com/blogs/yamaken/archive/2004/04/14/snmp-and-wmi-on-windows-wmiex-msft-net.aspx#comments<p>The famous <a href="http://snmpboy.msft.net/" target="_blank">snmpboy site</a> has evolved dramatically to handle WMI implementation!</p> <p><a href="http://wmiex.msft.net/" target="_blank">http://wmiex.msft.net/</a></p><div style="clear:both;"></div><img src="http://msmvps.com/aggbug.aspx?PostID=4943" width="1" height="1">Network TechnologiesInteroperabilityWindows managementhttp://msmvps.com/blogs/yamaken/archive/2004/01/29/2193.aspxFri, 30 Jan 2004 05:18:00 GMTd67277c4-116b-43f1-b688-e9ef184ea916:2193kenji0http://msmvps.com/blogs/yamaken/rsscomments.aspx?PostID=2193http://msmvps.com/blogs/yamaken/archive/2004/01/29/2193.aspx#comments<p> Do you know <a href="http://www.winsyslog.com/">WinSyslog</a> from <a href="http://www.adiscon.com/">Adiscon</a>? It is so cool a tool for us system operators/administrators.<br /> Check it out at: <a href="http://www.adiscon.com/">http://www.adiscon.com/</a><br /> (For Japanese: <a href="http://adiscon.port139.co.jp/">http://adiscon.port139.co.jp/</a>)<br /> This tool is so cool, as it allows you to consolidate all the standard error/log messages to one server. With MSSQL you can even display the messages via IIS 4/5. Merging Syslog, SNMP, and Windows Event logs are critical for system admins, to whom we can say this tool is the very solution for managing system health in general. <br /> You can merge SNMP with syslog, using either the latest version of WinSyslog, or with Kiwi Syslog Daemon (<a href="http://www.kiwisyslog.com">http://www.kiwisyslog.com</a>).<br /> You can merge Windows event logs with the following tools:<br /> </p><blockquote> <p align="left">1. Event Reporter from Adiscon</p> <p align="left">2. Event logs to syslog utility from Purdue University.</p> <p align="left">3. ntsyslog service tool from SourceForge</p> <p align="left">cf. I found a localised version of ntsyslog in Vector or Mado-no-mori, which uses EUC-JP for Japanese. If you have already deployed Linux- or *NIX-based solution for the consolidation of logs, this client is just-fit, it seems.</p></blockquote> Note: there are other tools in the world to facilitate this function. According to Kawabata-san (<a href="http://www.kawabata.com/">http://www.kawabata.com/</a>), you can even write up the tool that just-fits to your need. ;-)<br /> <p>***System Requirements:</p> A. System: See the URLs above<br /> B. Human:<br /> <blockquote dir="ltr" style="MARGIN-RIGHT: 0px"> <p align="left">B-1. Knowledge of syslog (unix and network devices you use.)</p> <p align="left">B-2. Ability or Experience of manually parsing eventlogs on Windows</p> <p align="left">B-3. Ability to configure network devices to emit logs, if you think you'd like to add the target of monitoring.</p> <p align="left">B-4. Ability to configure SNMP on servers and clients to enable them to emit SNMP messages.</p> <p align="left">B-5. Ability/experience to configure server management tools like Allied Telesyn SwimView, HP OpenView or Dell Server Administrator /IT assistant for PowerEdge Systems.</p> (It is okay to use other administrative tools according to the needs at your managed networks. Tools above are just as examples.)<br /></blockquote> Outputs are just like <a href="http://www.geocities.jp/lg_de_sucre/cisco/softether/">this</a>.(Special thanks to lg_de_sucre, a cool guy working together.)<br /> <br /> <br />Howto: Manage logs (delete unwanted/needless log messages)?<br /> <br />-&gt; Create jobs (using T-SQL) from SQL Server Enterprise Manager.<br /> <br />Howto: merge the route and simplify the system?<br /> <br />-&gt; Use SoftEther or other VPN products.<br /> <br />Howto: merge outputs of Snort?<br /> <br />-&gt; Consult with docs around Snort.<br /> <br /><a href="http://www.winsnort.com/">http://www.winsnort.com/</a> or <a href="http://www.snort.org/">http://www.snort.org/</a> are both good-starts.<br /> <br />Ah, it seems I am gonna miss the last train, so see ya later!<br /> <br /><br /> YamaKen at the office in Tokyo.<br /><div style="clear:both;"></div><img src="http://msmvps.com/aggbug.aspx?PostID=2193" width="1" height="1">Network TechnologiesToolsInteroperabilityWindows managementServer management