Re: COTS application suggestions for auditing



Adam Sandler
07-09-2005, 11:51 PM
Roger Abell wrote:

> As I have said, I doubt that any third party product is going to
> be able to capture the record trail more efficiently. I may be
> wrong, certainly have been before, and would love to see others
> in the NGs post experiences to the contrary; but it just does not
> make sense that anything using the same hooks could do any
> better or that other software would do much better at hooking
> the same events.

I stumbled across a progam called Winalysis
(http://www.winalysis.com/). Without changing any W2K auditing
settings or GPOs, it tracks all different types of security settings...
DACL changes, GPO changes, registry changes, etc. And since the
Windows configuration isn't changed by the admin, there's no chance of
bogging the log file down and affecting system performance.


Re: COTS application suggestions for auditing