Top security events to monitor

Bailey · Aug 2, 2007

For months now I have been trying to determine what the most important
security events are. It would be greatly appreciated if you could help me by
giving me at least 10 of the most popular events to monitor. Currently we
are monitoring several events and we want to shorten the list with the most
important events.
Any help is greatly appreciated.
Thanks,
--
Bailey

siljaline · Aug 2, 2007

"Bailey" wrote:
> For months now I have been trying to determine what the most important
> security events are. It would be greatly appreciated if you could help me by
> giving me at least 10 of the most popular events to monitor. Currently we
> are monitoring several events and we want to shorten the list with the most
> important events.
> Any help is greatly appreciated.

See: <http://www.dts-l.org/goodpost.htm>

Silj

--
siljaline

MS - MVP Windows (IE/OE) & Windows Security, AH-VSOP

Security Tools Updates:
http://aumha.net/viewforum.php?f=31

Please reply to group, as return address is invalid that, we may all benefit.

Roger Abell [MVP] · Aug 3, 2007

I for one cannot answer your post since what is important to
monitor totally depends on your environment, the role of the
monitored machine, the risk assessment of the machine in its
role and environment, and what you see as your protection
objectives and priorities.

Roger

"Bailey" <baileyaug@yahoo.com> wrote in message
news:BA6AB068-7701-4E71-BDDE-8A3B482A40CD@microsoft.com...
> For months now I have been trying to determine what the most important
> security events are. It would be greatly appreciated if you could help me
> by
> giving me at least 10 of the most popular events to monitor. Currently we
> are monitoring several events and we want to shorten the list with the
> most
> important events.
> Any help is greatly appreciated.
> Thanks,
> --
> Bailey

Jon Holvoet · Aug 3, 2007

Hello,

I used the "Security Monitoring and Attack Detection Planning Guide" from
technet to implement and better understand this. A lot of reading, but a
real aid in determining what to monitor and what not.
The URL is :
http://www.microsoft.com/technet/se...andmonitoring/securitymonitoring/default.mspx

And as an external source I can also advice
http://www.ultimatewindowssecurity.com/
They have the Windows Server 2003 Security log revealed, which is a great
work for a deeper understanding, and even offer multimedia training.
Bad part is, they aren't free, but the good part is, they are not expensive
at all.

First source should definitely get you started, and the second can be a
handy add-on if you want to dig deeper.

Greets,

--
Jon Holvoet
MCSA / MCSE Security
Comptia Security+
CISSP

"Bailey" <baileyaug@yahoo.com> wrote in message
news:BA6AB068-7701-4E71-BDDE-8A3B482A40CD@microsoft.com...
> For months now I have been trying to determine what the most important
> security events are. It would be greatly appreciated if you could help me
> by
> giving me at least 10 of the most popular events to monitor. Currently we
> are monitoring several events and we want to shorten the list with the
> most
> important events.
> Any help is greatly appreciated.
> Thanks,
> --
> Bailey

James Matthews · Aug 3, 2007

There are too many here are some general

1.)Failed Logins.

--

http://www.goldwatches.com/
"Bailey" <baileyaug@yahoo.com> wrote in message
news:BA6AB068-7701-4E71-BDDE-8A3B482A40CD@microsoft.com...
> For months now I have been trying to determine what the most important
> security events are. It would be greatly appreciated if you could help me
> by
> giving me at least 10 of the most popular events to monitor. Currently we
> are monitoring several events and we want to shorten the list with the
> most
> important events.
> Any help is greatly appreciated.
> Thanks,
> --
> Bailey

Top security events to monitor

Bailey

Guest

siljaline

Guest

Roger Abell [MVP]

Guest

Jon Holvoet

Guest

James Matthews

Guest

Similar threads