Windows Security Logging and Other Esoterica
thoughts from the Windows auditing team
March 2006 - Posts
A good 3rd-party reference to the Windows security event log
20 March 06 11:31 AM
|
Eric Fitzgerald
|
1 Comments
Randy Franklin Smith has a site with a very good reference to security event log events. Randy also does training on Windows security log analysis.
Read More...
Quick Overview of Object Access Auditing in Windows
07 March 06 02:16 PM
|
Eric Fitzgerald
|
1 Comments
A lot of people are unhappy with object access auditing on Windows, because what they want to know is "who touched the object and what did that person do", but what Windows auditing tells you is actually "who touched the object and what did they ask for
Read More...
Default ACLs on Windows Event Logs
01 March 06 10:28 AM
|
Eric Fitzgerald
|
4 Comments
A question I get asked frequently: what are the default ACLs on Windows event logs? Here's the answer, straight from the source code with only a little formatting help from me, and in more detail than you probably care to know. Windows 2000: Application
Read More...
Search
Go
This Blog
Home
Email
Tags
ACS
Descriptions
HowTo
Laws
News
Previews
Privacy
Rants
SEM
Tips
Tools
Archives
April 2008 (2)
March 2008 (1)
February 2008 (3)
January 2008 (1)
November 2007 (1)
October 2007 (2)
August 2007 (5)
July 2007 (3)
June 2007 (2)
May 2007 (3)
April 2007 (1)
February 2007 (3)
October 2006 (1)
September 2006 (2)
August 2006 (2)
June 2006 (1)
May 2006 (2)
March 2006 (3)
December 2005 (6)
November 2005 (2)
September 2005 (3)
August 2005 (11)
January 2005 (1)
December 2004 (2)
October 2004 (1)
Syndication
RSS 2.0
Atom 1.0