Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Detecting File Alteration

From: "Mister Dookie" <misterdookie () gmail com>
Date: Wed, 30 Aug 2006 14:05:43 -0400
Hello list,

Is there any Windows tool out there that allows me to hook into the Master
File Table (MFT) and view all entries being updated, as they are being
updated? In other words, every time the Modified, Access, Created (MAC) time
of any file gets changed I would like to see it dumped out in chronological
order, similar to how Systernals Regmon tracks registry changes. Any ability
to filter or sort by process and so on would just be a bonus.

Is there a more appropriate list for me to post this question to other than
Security Basics?

Thanks for your help,
Scott

---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. 

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: