RE: Deleting logs under win2000

[Oliver Karow <Oliver.Karow () gmx de>]

Hi,


At 11:04 18.09.2001 +0800, Ricci @ ismart wrote:
> Hello All,
>
>         In addition to deleting the entire log, is there any tools that 
> can remove
> particular entries in the NT Event logs?


have a look at http://www.ntsecurity.nu/toolbox/winzapper/



>         How about the IIS Logs? Is there any tools that can remove particular
> entries in IIS Logs?
>
>         If that's the case, then what can be used as the trustable 
> evidence in the
> Windows NT? Is that no logs could be used as digital evidence if the log is
> not kept in the other machines?
>
>         Thanks.

You should always use a remote loghost for logging! Independent from the 
platform or application you are using.




> Ricci
>
> -----Original Message-----
> From: Goki Net [mailto:goki10 () hotmail com]
> Sent: Friday, September 14, 2001 9:21 PM
> To: PEN-TEST () securityfocus com
> Subject: Deleting logs under win2000



----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/