re: Auditing in WinXP

[Harlan Carvey <keydet89 () yahoo com>]

> But I don't no were to view any of the Audited logs
that
> would show any failed login attempts and so on.

You'd view these in the same place you see the other
events...in the Event Viewer.  In the case of failed
logon attempts, they would appear in the Security
Event Log.

> I gain little information about what that process
was, 
> and so I can't judge whether the event was a
security 
> risk or just a system process.

If you're referring to having Process Tracking
enabled, then you should be able to judge by the
security context that the process is initiated in as
to whether or not it's a "security risk".  

HTH,

Harlan

__________________________________
Do you Yahoo!?
SBC Yahoo! DSL - Now only $29.95 per month!
http://sbc.yahoo.com

---------------------------------------------------------------------------
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant,
while InStat has confirmed Neoteris as the leader in marketshare.
     
Find out why, and see how you can get plug-n-play secure remote access in
about an hour, with no client, server changes, or ongoing maintenance.
          
Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
----------------------------------------------------------------------------