Security Basics mailing list archives
re: Auditing in WinXP
From: Harlan Carvey <keydet89 () yahoo com>
Date: Fri, 27 Jun 2003 05:34:58 -0700 (PDT)
But I don't no were to view any of the Audited logs
that
would show any failed login attempts and so on.
You'd view these in the same place you see the other events...in the Event Viewer. In the case of failed logon attempts, they would appear in the Security Event Log.
I gain little information about what that process
was,
and so I can't judge whether the event was a
security
risk or just a system process.
If you're referring to having Process Tracking enabled, then you should be able to judge by the security context that the process is initiated in as to whether or not it's a "security risk". HTH, Harlan __________________________________ Do you Yahoo!? SBC Yahoo! DSL - Now only $29.95 per month! http://sbc.yahoo.com --------------------------------------------------------------------------- Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! The Gartner Group just put Neoteris in the top of its Magic Quadrant, while InStat has confirmed Neoteris as the leader in marketshare. Find out why, and see how you can get plug-n-play secure remote access in about an hour, with no client, server changes, or ongoing maintenance. Visit us at: http://www.neoteris.com/promos/sf-6-9.htm ----------------------------------------------------------------------------
Current thread:
- Auditing in WinXP Hyperion (Jun 26)
- <Possible follow-ups>
- re: Auditing in WinXP Harlan Carvey (Jun 27)