high expectation."
Jack Kinder
-Original Message-
From: Birl [mailto:[EMAIL PROTECTED]
Sent: Tuesday, June 17, 2003 11:47
To: [EMAIL PROTECTED]
Subject: Re: Windows 2000 Registry
nbrussell: Date: Tue, 17 Jun 2003 15:15:23 +1000
nbrussell: From: Nicholas Russell <[EMAIL PROTECTE
Another thing you should do is to make sure you have tightened your registry
permissions. There are several guides that you can google that tell you how
to do this, including the guides at www.nsa.gov.
If you don't tighten registry security, there are a number of ways software
can still access it
Hi,
You can use the Group policies in Windows 2k to limit the way users
can access the registry. Another way would be to set the permissions within
regedt32, but be careful not to screw everyrthing up by denying legit
access.
My 0.02$
M.Bruyere
>
> Hello!
>
> I'm a newbie to this list
Welcome to the group
Group Policy editing for user and machine accounts is by far the best.
Removing access to regedit and regedt32 is the best way to stop access. Blocking
access to the cmd.exe will prevent access to the command prompt, which is good in
itself, but doesn't block access to the
nbrussell: Date: Tue, 17 Jun 2003 15:15:23 +1000
nbrussell: From: Nicholas Russell <[EMAIL PROTECTED]>
nbrussell: To: [EMAIL PROTECTED]
nbrussell: Subject: Windows 2000 Registry
nbrussell:
nbrussell: Hello!
nbrussell:
nbrussell: Im a newbie to this list, and Im honoured to be part of a g
H C wrote:
> There is an API for monitoring the Registry, though I
> don't know of any tools that do.
>
> Win2K does have the capability to monitor the
> Registry...enable auditing for File and Object Access,
> and then set the SACLs for the Registry through regedt32.exe.
RegMon by SysIntern
in control can be found at
http://downloads-zdnet.com.com/3000-2096-10059071.html
this program does what you want and more. although it must be run prior to
installing a piece of software.
Sean N MacLeod
MCSE, MCP, Network+, A+
http://security.homeunix.org
- Original Message -
From: "
I've been using a product called RegRun Watchdog which alerts to
additions, deletions and modifications.
It seems to work well and does is fairly intelligent about what it
reports on.
Chris Norris
-Original Message-
From: H C [mailto:[EMAIL PROTECTED]]
Sent: 11 July 2002 14:47
To: [EMA
Hi Chris,
Auditing can be enabled on registry keys. Execute regedt32 and from the
security menu, select permission. Click the advance button and you then
select the Audit tab. Add users or groups that you wish to audit.
The logging for the audit trail will appear in the event log under the
secur
Regmomn from SysInternals will do this for you.
www.sysinternals.com/ntw2k/utilities
Jon.
-Original Message-
From: Chris [mailto:[EMAIL PROTECTED]]
Sent: 10 July 2002 05:15
To: [EMAIL PROTECTED]
Subject: Windows 2000 Registry Monitoring
I was wondering if anyone knows of a program fr
Hi Chris,
Regmon is a free utility that shows you what processes are accessing the
registry in real time and what these processes are doing e.g reading,
writing from/to the registry.
You can also save the listview contents to an ASCII file.
Here's the link :
http://www.sysinternals.com/ntw2k/s
Try regmon (ntregmon.zip). Get it from www.sysinternals.com.
--
Dan Irwin - Systems Administrator
Jackie's Wholesale Nurseries Pty Ltd
Email: [EMAIL PROTECTED]
Phone: 07 3888 2481
Fax: 07 3888 2530
Postal: 10 Gleeson Road Burpengary Queensland 4505
Email: [EMAIL PROTECTED]
Web: http://www.jac
Regmon from Sysinternals does exactly this, and in real-time. Best of all, it's free.
Chris
-Original Message-
From: Chris
To: [EMAIL PROTECTED]
Sent: 7/9/02 11:15 PM
Subject: Windows 2000 Registry Monitoring
I was wondering if anyone knows of a program free or pay for Win2k
Pro/Srv/Ad
13 matches
Mail list logo