Everhart, Glenn From: Ivan Arce [iarce@CORE-SDI.COM] Sent: Tuesday, July 07, 1998 4:46 PM To: BUGTRAQ@NETSPACE.ORG Subject: ANNOUNCE: WinAudlog, centralized logfile checking -----BEGIN PGP SIGNED MESSAGE----- DO YOU TRUST YOUR SYSTEM'S LOGS? AudLog For Windows Secure System Log Auditing ** FREE ** AUDLOG for Windows can be used to centralize the auditing of distributed system logs in a network and certify that intruders did not modify these logs. When combined with SECURE SYSLOG, AudLog for Windows makes the perfect package for SECURE LOGGING and AUDITING: + Easy to use graphical interface + AUDLOG downloads the logs generated by SECURE SYSLOG and verifies its integrity + Allows for centralized auditing of an unlimited number of computers in a network + PEO-1 cryptographic protocol for authenticate log-files integrity + 128-bits symmetric cryptography and a challenge-response protocol for mutual authentication and confidentiality. + Iconized Security flags for log-files, hosts and groups of hosts. SECURE SYSLOG (ssyslog) is available for UNIX systems. Designed to replace the syslog daemon, ssyslog implements a cryptographic protocol called PEO-1 that allows the remote auditing of system logs. Auditing remains possible even if an intruder gains superuser privileges in the system, the protocol guarantees that the information logged before and during the intrusion process cannot be modified without the auditor (on a remote, trusted host) noticing. What is AudLog for Windows? ~~~~~~~~~~~~~~~~~~~~~~~~~~ Audlog is a Win95/WinNT program that lets you manipulate logfiles from a centralized point in your network. It works in conjuction with Secure Syslog, a replacement for the UNIX syslogd that provides cryptographic mechanisms to verify the integrity of the log files. Secure Syslog provides a way auditing the log files remotely, from a trusted auditing host using the provided UNIX utility called 'audlog'. WinAudlog is the equivalent program for MS Windows, it features an easy to use interface, the required crypto algorithms for authentication, data transfer and integrity checking. AUDLOG was developed in CORELABS, the research labs of CORE SDI S.A., and is now being distributed freely. AUDLOG and SECURE SYSLOG are FREE. To get the binary for Windows 95/NT go to: - ------------------------------------------- To get the source code and/or more information regarding ssyslog go to: - ----------------------------------------------------------------------- To get more information about CORELABS, SECURE LOGGING or PEO go to: - -------------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: 2.6.3ia Charset: noconv iQCVAwUBNaKG8vnO/LnPTgz1AQEt1AP+LBAKZlvNcPxBlTkYm3RxGzW/zPFAlHdg bMlPfgT5gU17C+xuBsfkrNJ/cQ92QDaUmFu7YM1/g3fgg9I8qzHEUv55asxdD86F JTUzhKSM1E3/iu2ZbksX6kAFwUyG05csw8xCm1sz9Rlauu4wnjmVHvyQ4erZha3Z CKX+PKfxVOc= =Bpl9 -----END PGP SIGNATURE----- -- ==============================[ CORE Seguridad de la Informacion S.A. ]======= Ivan Arce Gerencia de Tecnologia Email : ivan@core-sdi.com Av. Santa Fe 2861 5to C TE : +54-1-821-1030 CP 1425 FAX : +54-1-821-1030 Buenos Aires, Argentina Mensajeria: +54-1-317-4157 ==============================================================================