|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Holger Reichert (holger.reichert_at_holysword.de)
Date: Wed Jul 31 2002 - 03:03:07 CDT
Hello Rob
try the tools xcacls and perms from the NT/W2000-Ressource Kits.
You can generate a snapshot of your ACL's based on the directory or based on
users.
After a suspicious event you may take another snapshot and compare the
results with the command fc.
But first you should know who is authorized to change ACL's on your machines
and you should know it, when they are doing it.
Keyword:
Change Management
Last tip:
Search for unknown users
Best wishes
Holger Reichert
Holysword GbR
www.holysword.de
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]