Home | Windows 2003 | Windows XP | Windows 2000 | Books | Tests | Link Exchange
Google
 
 
SolutionsCompanyCatalogNews
Microsoft Windows Server 2003 Microsoft Windows 2000 Microsoft Windows XP

Active Directory
Backup
Certificate Service
Compatibilities
Desktop Environment
DFS
DHCP
DNS
Domains
Exchange Outlook
File Systems
Group Policy
IIS
Installations
Internet Explorer
ISA
Mobile Wireless
Multimedia
Netware
Network
Printing
RAID
RAS
Recovery
Security
Service Packs
System Configurations
TCP / IP
Terminal Services
Utilities
Windows Server 2000
Windows XP
Link Exchange  
  Security

  
How can I check my machine's Security event logs?

GFI Software has launched a free service on the Web, EventLogScan, that uses an ActiveX control to scan your security event logs online, group them by severity, and warn of any problems. Full instructions as well as details about which audit settings you need to enable are available at http://www.gfi.com/eventlogscan . Because the tool uses ActiveX, Microsoft Internet Explorer (IE) will ask you to execute a GFI ActiveX component. Details about the scan service from GFI's press release are as follows:

"EventLogScan is an immediate online service that analyzes all the events in the user's security event log and produces an HTML report listing all the critical, high and medium security events found on the user's machine, with a brief explanation of each. This way, users can automatically see how secure their system is without having to manually sort through the many security events generated by their machine each day - an activity that users usually do not have enough time for or do not know how to perform, due to the event log's cryptic/non-existent security event explanations and because of "noise" events that make up a large ratio of all security events."

How can I collect all security event logs into one database?

Windows 2000 and Windows NT don't provide a way to collect security event logs from individual machines into a central repository. However, several third-party products do. GFI's LANguard Security Event Log Monitor and TNT Software's ELM Log Manager 3.0 are two such products.

How can I enable advanced file-system and sharing security for a Windows XP machine in a workgroup?

When an XP machine belongs to a domain with shared resources, a Security tab appears on the Properties dialog box for the file, folder, or share. You can use this tab to assign advanced sharing permissions. However, this tab is missing for XP machines that belong to a workgroup.

A new feature in XP effectively logs all remote logons in a workgroup as Guest, regardless of the account and password credentials that the remote computer passes. (This approach avoids the need for different machines in a workgroup to replicate local accounts, which is the method Windows 2000 uses to enable transparent sharing.) XP locks down the Everyone group (of which Guest belongs) permissions, which cuts down on the security problems that existed in Win2K as a result of enabling the Guest account. Because all machines in a workgroup are effectively Guest connections, the advanced security features aren't very useful, which is why Microsoft disabled them in XP.

If you want to enable advanced file-system and sharing security, you must disable the ForceGuest registry setting by performing the following steps:

  1. Start a registry editor (e.g., regedit.exe).
  2. Navigate to the HKEY_LOCAL_MACHINE\SYSTEM\
    CurrentControlSet\Control\Lsa registry subkey.
  3. Double-click forceguest, set it to 0, then click OK.
  4. Restart the computer for the change to take effect.

If you disable the Guest account but enable the ForceGuest setting, remote connections will fail, regardless of what username and password the user passes in--even if these credentials are valid.

Next >>
  Home / Privacy Policy / Contact Us
© Copyrights 2009 Windows Certification by Windows Highway® All rights reserved