Detecting File Alteration
- From: "Mister Dookie" <misterdookie@xxxxxxxxx>
- Date: Wed, 30 Aug 2006 14:05:43 -0400
Hello list,
Is there any Windows tool out there that allows me to hook into the Master
File Table (MFT) and view all entries being updated, as they are being
updated? In other words, every time the Modified, Access, Created (MAC) time
of any file gets changed I would like to see it dumped out in chronological
order, similar to how Systernals Regmon tracks registry changes. Any ability
to filter or sort by process and so on would just be a bonus.
Is there a more appropriate list for me to post this question to other than
Security Basics?
Thanks for your help,
Scott
---------------------------------------------------------------------------
This list is sponsored by: Norwich University
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.
http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
- Follow-Ups:
- Re: Detecting File Alteration
- From: Saqib Ali
- Re: Detecting File Alteration
- Prev by Date: Re: Mac Anti-Virus
- Next by Date: RE: ASP/PHP SQL Injection
- Previous by thread: enumerating virtual hosts and websites for a particular IP address
- Next by thread: Re: Detecting File Alteration
- Index(es):
Relevant Pages
|
|
