Welcome to MSDN Blogs Sign in | Join | Help

March 2006 - Posts

A good 3rd-party reference to the Windows security event log

Randy Franklin Smith has a site with a very good reference to security event log events. Randy also does training on Windows security log analysis. Read More...
Posted Monday, March 20, 2006 11:31 AM by Eric Fitzgerald | 1 Comments
Filed under: ,

Quick Overview of Object Access Auditing in Windows

A lot of people are unhappy with object access auditing on Windows, because what they want to know is "who touched the object and what did that person do", but what Windows auditing tells you is actually "who touched the object and what did they ask for Read More...
Posted Tuesday, March 07, 2006 2:16 PM by Eric Fitzgerald | 2 Comments
Filed under: , ,

Default ACLs on Windows Event Logs

A question I get asked frequently: what are the default ACLs on Windows event logs? Here's the answer, straight from the source code with only a little formatting help from me, and in more detail than you probably care to know. Windows 2000: Application Read More...
Posted Wednesday, March 01, 2006 10:28 AM by Eric Fitzgerald | 3 Comments
 
Page view tracker