Re: tool to log file access
From: H Carvey (keydet89_at_yahoo.com)
Date: 02/28/05
- Previous message: amandeep Singh: "Preventing Copy/ Paste"
- Maybe in reply to: Diego Teijeiro Ruiz: "tool to log file access"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 28 Feb 2005 11:21:43 -0000 To: security-basics@securityfocus.com('binary' encoding is not supported, stored as-is) In-Reply-To: <91FD9E3DC7F754489F7F83AC886B67AD0CE7DF8A@ESMADEXCH02.azertia.com>
>Is there any tool to log all files accesses that creates a report more =
>useful than the event log?
Use WMI to create a listener, waiting for file events...have it start watching at the root of the drive. If this is written in C# or in Perl (and then compiled via Perl2Exe), you could easily have it as a service.
H. Carvey
"Windows Forensics and Incident Recovery"
http://www.windows-ir.com
http://windowsir.blogspot.com
- Previous message: amandeep Singh: "Preventing Copy/ Paste"
- Maybe in reply to: Diego Teijeiro Ruiz: "tool to log file access"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
