Auditing Changes in Windows Server 2003 SP1http://blogs.msdn.com/ericfitz/archive/2004/12/20/327478.aspxDISCLAIMER: To the best of my knowledge the information here is correct. However the lawyers make me say, that this information is provided "AS-IS" with no warranty, and confers no rights. In other words, if this stuff isn't in SP1, you can't sue us,en-USCommunityServer 2.1 SP1 (Build: 61025.2)re: Auditing Changes in Windows Server 2003 SP1http://blogs.msdn.com/ericfitz/archive/2004/12/20/327478.aspx#327885Tue, 21 Dec 2004 03:20:00 GMT91d46819-8472-40ad-a661-2c78acb4018c:327885Pavel Lebedinsky&gt; As background, some privileges are not audited when used... <br> <br>What is the reason for this? Performance?re: Auditing Changes in Windows Server 2003 SP1http://blogs.msdn.com/ericfitz/archive/2004/12/20/327478.aspx#328774Tue, 21 Dec 2004 15:14:00 GMT91d46819-8472-40ad-a661-2c78acb4018c:328774DrewSounds useful but its a pity that this could not be set on a group by group basis. Unless I am missing something... (more than likely!)Per-User Selective Audit in Windows Server 2003http://blogs.msdn.com/ericfitz/archive/2004/12/20/327478.aspx#329693Wed, 22 Dec 2004 12:10:00 GMT91d46819-8472-40ad-a661-2c78acb4018c:329693Sergey Simakov blogre: Auditing Changes in Windows Server 2003 SP1http://blogs.msdn.com/ericfitz/archive/2004/12/20/327478.aspx#330023Wed, 22 Dec 2004 17:58:00 GMT91d46819-8472-40ad-a661-2c78acb4018c:330023Eric FitzgeraldThe privileges originally excluded from audit were just too noisy- for example, SeChangeNotifyPrivilege (bypass traverse checking) is used in practically every access to the file &amp; registry. <br> <br>Per-group auditing is under consideration post-Longhorn. It poses significant technical challenges to implement. <br>Windows Security Logging and Other Esotericahttp://blogs.msdn.com/ericfitz/archive/2004/12/20/327478.aspx#330193Thu, 23 Dec 2004 00:53:00 GMT91d46819-8472-40ad-a661-2c78acb4018c:330193strawberryJAMM's Security and User Experience WebLI discovered that one of the colleagues on my team - Eric Fitzgerald, the Windows Security Logging and Other Esotericahttp://blogs.msdn.com/ericfitz/archive/2004/12/20/327478.aspx#331029Thu, 23 Dec 2004 06:55:00 GMT91d46819-8472-40ad-a661-2c78acb4018c:331029strawberryJAMM's Security and User Experience WebLI discovered that one of the colleagues on my team - Eric Fitzgerald, the Per-User Selective Audit in Windows Server 2003http://blogs.msdn.com/ericfitz/archive/2004/12/20/327478.aspx#331651Fri, 24 Dec 2004 10:27:00 GMT91d46819-8472-40ad-a661-2c78acb4018c:331651Sergey Simakov blogKeeping the noise down in your security loghttp://blogs.msdn.com/ericfitz/archive/2004/12/20/327478.aspx#350849Tue, 11 Jan 2005 23:02:00 GMT91d46819-8472-40ad-a661-2c78acb4018c:350849Windows Security Logging and Other EsotericaKeeping the noise down in your security loghttp://blogs.msdn.com/ericfitz/archive/2004/12/20/327478.aspx#351025Wed, 12 Jan 2005 03:18:00 GMT91d46819-8472-40ad-a661-2c78acb4018c:351025Windows Security Logging and Other EsotericaKeeping the noise down in your security loghttp://blogs.msdn.com/ericfitz/archive/2004/12/20/327478.aspx#354239Mon, 17 Jan 2005 09:27:00 GMT91d46819-8472-40ad-a661-2c78acb4018c:354239Windows Security Logging and Other EsotericaWS03 User based auditing http://blogs.msdn.com/ericfitz/archive/2004/12/20/327478.aspx#447146Wed, 03 Aug 2005 17:23:55 GMT91d46819-8472-40ad-a661-2c78acb4018c:447146Learning to Fly - Mika's BlogWS03 User based auditing http://blogs.msdn.com/ericfitz/archive/2004/12/20/327478.aspx#447148Wed, 03 Aug 2005 17:25:25 GMT91d46819-8472-40ad-a661-2c78acb4018c:447148Learning to Fly - Mika's BlogWS03 User based auditing http://blogs.msdn.com/ericfitz/archive/2004/12/20/327478.aspx#447156Wed, 03 Aug 2005 17:50:32 GMT91d46819-8472-40ad-a661-2c78acb4018c:447156Learning to Fly - Mika's BlogWindows Security Blogs &raquo; Blog Archive &raquo; Auditing Changes in Windows Server 2003 SP1http://blogs.msdn.com/ericfitz/archive/2004/12/20/327478.aspx#1876350Wed, 14 Mar 2007 02:18:52 GMT91d46819-8472-40ad-a661-2c78acb4018c:1876350Windows Security Blogs » Blog Archive » Auditing Changes in Windows Server 2003 SP1<p>PingBack from <a rel="nofollow" target="_new" href="http://winblogs.security-feed.com/2004/12/20/auditing-changes-in-windows-server-2003-sp1/">http://winblogs.security-feed.com/2004/12/20/auditing-changes-in-windows-server-2003-sp1/</a></p> Parolele Windows şi recomandări în rapoarte de audit. Dileme din practicăhttp://blogs.msdn.com/ericfitz/archive/2004/12/20/327478.aspx#2163412Tue, 17 Apr 2007 17:02:11 GMT91d46819-8472-40ad-a661-2c78acb4018c:2163412Adrian Munteanu - Jurnal de optimist<p>Deşi subiectul este destul de sensibil, risc. Mă frăm&#238;ntă de vreo c&#238;teva zile unele lucruri descoperite</p> Windows Security Logging and Other Esoterica Auditing Changes in | debt consolidatorhttp://blogs.msdn.com/ericfitz/archive/2004/12/20/327478.aspx#9789150Fri, 19 Jun 2009 18:24:49 GMT91d46819-8472-40ad-a661-2c78acb4018c:9789150 Windows Security Logging and Other Esoterica Auditing Changes in | debt consolidator<p>PingBack from <a rel="nofollow" target="_new" href="http://mydebtconsolidator.info/story.php?id=19320">http://mydebtconsolidator.info/story.php?id=19320</a></p>