RE: windows 2000 security logs

From: Birl (
Date: 09/10/03

  • Next message: Michael Wheeler: "RE: Security for Win XP Home"
    Date: Wed, 10 Sep 2003 16:58:33 -0400 (EDT)

    As it was written on Sep 9, thus typed:

    Dacruz: From:
    Dacruz: You can just set permissions on the log file located at
    Dacruz: C:\winnt\system32\config\
    Dacruz: }-----Original Message-----
    Dacruz: }From: Lubrano di Ciccone, Christophe (DEF) []
    Dacruz: }
    Dacruz: }Not sure.
    Dacruz: }You could create a short batch using dumpel.exe and filter the
    Dacruz: }events. See Q299475 for all the windows 2000 security event
    Dacruz: }description. I recommend to read this interesting document :
    Dacruz: }Account Passwords and Policies (see
    Dacruz: }
    Dacruz: net/prodtechnol/windowsserver2003/maintain/operate/BPACTLCK.asp)
    Dacruz: Christophe
    Dacruz: -----Original Message-----
    Dacruz: From: Trey Stevens []
    Dacruz: Is there a place in group policy in which you can define who can read the
    Dacruz: security logs? In our shop, we have domain controllers at sites in which the
    Dacruz: IT staffs are not domain admins but still need to be able to see the
    Dacruz: security logs to look for account lockouts.
    Dacruz: Thanks in advance,
    Dacruz: T. Stevens

    Remember that DumpEL is a part of the Resource Kit which is a separate CD.
    I believe that, in the past, one had to buy the ResKit separately.

    Assuming that the C:\ drive is not FAT (which I've seen) but NTFS,
    setting the permissions on that directory will not allow a user to
    view the logs via the EventViewer.


     Scott Birl
     Senior Systems Administrator Computer Services Temple University

    KaVaDo provides the first and only integrated Web application scanner and
    firewall security suite that prevent Web applications attacks, the most
    common form of online exploitation. Download a FREE whitepaper on Security Policy Automation for Web Applications.

  • Next message: Michael Wheeler: "RE: Security for Win XP Home"