Honeypots mailing list archives
Registry and File Monitoring Programs for Windows Honeypots
From: "Hines, Eric" <ehin4 () allstate com>
Date: Fri, 29 Aug 2003 17:47:21 -0500
List: I am building a Windows honeypot and am very interested in to hear what sort of software programs some of you might be using to monitor registry and files changes. Sure, sure, I know their is regmon and filemon, but I use those more for when I'm sitting in front of the machine and purposely executing a worm to see what registry entries and files it creates or changes. Are all of you just using regmon or filemon and logging to a file? Eric Hines ============================================= Eric Hines Senior Intrusion Analyst Allstate Information Security --------------------------------------------- [e] ehin4 () allstate com [c] (847) 830-2883 [a] 1075818 () skytel com --------------------------------------------- 3075 Sanders Road Suite G2E Northbrook, IL 60062 =============================================
Current thread:
- Registry and File Monitoring Programs for Windows Honeypots Hines, Eric (Aug 30)
- Re: Registry and File Monitoring Programs for Windows Honeypots Michael A. Davis (Aug 30)
- RE: Registry and File Monitoring Programs for Windows Honeypots Larry Seltzer (Aug 30)
- RE: Registry and File Monitoring Programs for Windows Honeypots Harry Hoffman (Aug 30)
- RE: Registry and File Monitoring Programs for Windows Honeypots Mark E. Donaldson (Aug 31)
- Re: Registry and File Monitoring Programs for Windows Honeypots Chris Brenton (Aug 31)
- Re: Registry and File Monitoring Programs for Windows Honeypots Randy Welborn (Aug 31)
- RE: Registry and File Monitoring Programs for Windows Honeypots David Maynor (Aug 31)
- Re: Registry and File Monitoring Programs for Windows Honeypots Chris Brenton (Aug 31)
- RE: [inbox] Registry and File Monitoring Programs for Windows Honeypots Curt Purdy (Aug 31)
- <Possible follow-ups>
- Re: Registry and File Monitoring Programs for Windows Honeypots Floydman (Sep 01)