/dev/random

The best things in life are free,
but the expensive ones are still worth a look.

SANS Reading Room: EVTX and Windows Event Logging

A new document available in the SANS Reading Room:

“This paper will explore Microsoft’s EVTX log format and Windows Event Logging framework. The EVTX data stream and structure will be defined as a basis for the Windows Event Logging framework and log subscription components that can be used to collect and correlate logs in a complex Windows-based environment.”

This is a must read if you have to work with Windows environments (collecting and correlating logs). The document is available here.

Diving into the OpenSSH code... 3 hrs ago
Just discovered that #OpenSSH allows multiple "Port" or "ListenAddress" entries in sshd_config. Useful! 8 hrs ago
Dear v€ndor$, if you send an invitation for a webcast, please avoid 404 ;-) #communication #fail #again 13 hrs ago
Received today a notification from Twitter about the new "OAuth" mechanism will be in place on 31/08! #communication #fail 14 hrs ago
Next #OWASP Belgium Chapter meeting announced: 21th Sep http://tinyurl.com/2bkl2hd 14 hrs ago
Back to work... First, 0xCOFFEE! 15 hrs ago
Switched from Tweetie to Twitter (official app). I hate being forced to use alternative apps. #freedom 1 day ago
Level completed! Kids successfully dropped at school! Next level now... 1 day ago
Cleaning my garage and found back some dinosaurs! :-) http://yfrog.com/n4lm6mj 2 days ago
Simply explained: CTRL-V, CTRL-X, CTRL-Z http://tinyurl.com/23ptfvt 2 days ago
More updates...

/dev/random

SANS Reading Room: EVTX and Windows Event Logging

Leave a Reply

Recent Posts

Recent Tweets

Archives

Categories

Meta

Security Focus