Analysis and Evaluation of the Windows Event Log - Bill Buchanan

More documents

Recommendations

Info

CO42019 – Project 4 How the event log stores the time Project – Week 5.doc Page 1 of 9
CO42019 – Project 4 As previously discovered the event time is contained within the above noted 32bits immediately followed by a repetition of the value. By resetting the hex value to 0000 0000 it was noted that the time and date counted up from 00:00:00 01/01/1970. Note: Research has shown that storing a date in format will prove to be problematic in the year 2038. People are referring to this as the Y2K38 Bug. Project – Week 5.doc Page 2 of 9
Page 1 and 2:
Analysis and Evaluation of the Wind
Page 3 and 4:
Barrie Codona, BSc (Hons) Network C
Page 5 and 6:
Page 7 and 8:
Page 9 and 10:
Page 11 and 12:
Page 13 and 14:
Page 15 and 16:
Page 17 and 18:
Page 19 and 20:
Page 21 and 22:
Page 23 and 24:
Page 25 and 26:
Page 27 and 28:
Page 29 and 30:
Page 31 and 32:
Page 33 and 34:
Page 35 and 36:
Page 37 and 38:
Page 39 and 40:
Page 41 and 42:
Page 43 and 44:
Page 45 and 46:
Page 47 and 48:
Page 49 and 50:
Page 51 and 52:
Page 53 and 54:
Page 55 and 56:
Page 57 and 58:
Page 59 and 60:
Page 61 and 62:
Page 63 and 64:
Page 65 and 66:
Page 67 and 68:
Page 69 and 70:
Page 71 and 72:
Page 73 and 74:
Page 75 and 76:
Appendix A: Diary Sheets
Page 77 and 78:
NAPIER UNIVERSITY SCHOOL OF COMPUTI
Page 79 and 80:
Page 81 and 82:
Page 83 and 84:
Page 85 and 86: Appendix B: Preliminary Gantt Chart
Page 87 and 88: Nov '07 Dec '07 Jan '08 Feb '08 Mar
Page 89 and 90: C:\Documents and Settings\Barrie\My
Page 95 and 96: Appendix D: Server Application Code
Page 99 and 100: Appendix E: Event Viewer Code
Page 105 and 106: Appendix G: Processor Monitor Code
Page 107 and 108: Appendix H: HMAC Brute Force Cracke
Page 113 and 114: Appendix I: Windows Event Log Tests
Page 115 and 116: Copy Security Log C:\windows\system
Page 117 and 118: Another look at the Security Log re
Page 119 and 120: The Event Service is then restarted
Page 121 and 122: Another look at the ‘c:\windows\s
Page 123 and 124: CO42019 - Project 4 Computer Name P
Page 125 and 126: CO42019 - Project 4 Turned off the
Page 127 and 128: CO42019 - Project 4 And then restar
Page 129 and 130: CO42019 - Project 4 Modify the ‘l
Page 131 and 132: CO42019 - Project 4 Project - Week
Page 133 and 134: CO42019 - Project 4 Project - Week
Page 135: CO42019 - Project 4 Project - Week
Page 139 and 140: CO42019 - Project 4 The screenshot
Page 141 and 142: CO42019 - Project 4 Displaying the
Page 143 and 144: CO42019 - Project 4 Modifying the r
Page 145 and 146: CO42019 - Project 4 Master File Tab
Page 147 and 148: CO42019 - Project 4 Modify the sect
Page 149 and 150: CO42019 - Project 4 Sectors 3748520
Page 151 and 152: CO42019 - Project 4 This now shows
show all

Analysis and Evaluation of the Windows Event Log - Bill Buchanan

Create successful ePaper yourself

Delete template?

Save as template?