Penetration Testing mailing list archives
RE: Deleting logs under win2000
From: Oliver Karow <Oliver.Karow () gmx de>
Date: Wed, 19 Sep 2001 21:27:57 +0000
Hi, At 11:04 18.09.2001 +0800, Ricci @ ismart wrote:
Hello All,In addition to deleting the entire log, is there any tools that can removeparticular entries in the NT Event logs?
have a look at http://www.ntsecurity.nu/toolbox/winzapper/
How about the IIS Logs? Is there any tools that can remove particular entries in IIS Logs?If that's the case, then what can be used as the trustable evidence in theWindows NT? Is that no logs could be used as digital evidence if the log is not kept in the other machines? Thanks.
You should always use a remote loghost for logging! Independent from the platform or application you are using.
Ricci -----Original Message----- From: Goki Net [mailto:goki10 () hotmail com] Sent: Friday, September 14, 2001 9:21 PM To: PEN-TEST () securityfocus com Subject: Deleting logs under win2000
---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- Deleting logs under win2000 Goki Net (Sep 14)
- RE: Deleting logs under win2000 Ricci @ ismart (Sep 18)
- RE: Deleting logs under win2000 Oliver Karow (Sep 19)
- <Possible follow-ups>
- Re: Deleting logs under win2000 Oliver Karow (Sep 17)
- RE: Deleting logs under win2000 Ricci @ ismart (Sep 18)