Free Windows Certification
HOME OVER VIEW TUTORIALS TESTS BOOKS CONTACT USLinks  
   
Google
 
Windows Tips
ACTIVE DIRECTORY
TCP / IP
SECURITY
RECOVERY
SYSTEM CONFIGURATIONS
PRINTING
NETWORK
RAID
RAS
SERVICE PACKS


 
Windows XP : Windows 2003 : Windows 2000
 

Security

How can I check my machine's Security event logs?

GFI Software has launched a free service on the Web, EventLogScan, that uses an ActiveX control to scan your security event logs online, group them by severity, and warn of any problems. Full instructions as well as details about which audit settings you need to enable are available at http://www.gfi.com/eventlogscan . Because the tool uses ActiveX, Microsoft Internet Explorer (IE) will ask you to execute a GFI ActiveX component. Details about the scan service from GFI's press release are as follows:

"EventLogScan is an immediate online service that analyzes all the events in the user's security event log and produces an HTML report listing all the critical, high and medium security events found on the user's machine, with a brief explanation of each. This way, users can automatically see how secure their system is without having to manually sort through the many security events generated by their machine each day - an activity that users usually do not have enough time for or do not know how to perform, due to the event log's cryptic/non-existent security event explanations and because of "noise" events that make up a large ratio of all security events."

How can I collect all security event logs into one database?

Windows 2000 and Windows NT don't provide a way to collect security event logs from individual machines into a central repository. However, several third-party products do. GFI's LANguard Security Event Log Monitor and TNT Software's ELM Log Manager 3.0 are two such products.

How can I enable advanced file-system and sharing security for a Windows XP machine in a workgroup?

When an XP machine belongs to a domain with shared resources, a Security tab appears on the Properties dialog box for the file, folder, or share. You can use this tab to assign advanced sharing permissions. However, this tab is missing for XP machines that belong to a workgroup.

A new feature in XP effectively logs all remote logons in a workgroup as Guest, regardless of the account and password credentials that the remote computer passes. (This approach avoids the need for different machines in a workgroup to replicate local accounts, which is the method Windows 2000 uses to enable transparent sharing.) XP locks down the Everyone group (of which Guest belongs) permissions, which cuts down on the security problems that existed in Win2K as a result of enabling the Guest account. Because all machines in a workgroup are effectively Guest connections, the advanced security features aren't very useful, which is why Microsoft disabled them in XP.

If you want to enable advanced file-system and sharing security, you must disable the ForceGuest registry setting by performing the following steps:

  1. Start a registry editor (e.g., regedit.exe).
  2. Navigate to the HKEY_LOCAL_MACHINE\SYSTEM\
    CurrentControlSet\Control\Lsa registry subkey.
  3. Double-click forceguest, set it to 0, then click OK.
  4. Restart the computer for the change to take effect.

If you disable the Guest account but enable the ForceGuest setting, remote connections will fail, regardless of what username and password the user passes in--even if these credentials are valid.

 1    2    3    4    5    6    7    [>>]

 

   

Contact Us | Bookmark This Page | Make Your Home Page

© Copyrights 2007 Windows Highway ® All rights reserved