Security audit tool for Windows NT.
NTLast is specifically targeted for serious security and IIS administration. Scheduled review of your NT event logs is critical for your network. A server breach can be uncovered by regular system auditing. Identifying and tracking who has gained access to your system, then documenting the details is now made easier with NTLast. This tool is able to quickly report on the status of IIS users, as well as filter out web server logons from console logons.
Some Screen Shots
Shot of failed logons by user
Shot of the last ten logon failures by username in condensed mode - SOMEONE GUESSING A PASSWORD
Shot of IIS Activity