Analysis and Evaluation of the Windows Event Log - Bill Buchanan
Analysis and Evaluation of the Windows Event Log - Bill Buchanan
Analysis and Evaluation of the Windows Event Log - Bill Buchanan
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Barrie Codona, BSc (Hons) Network Computing, 2007<br />
could be monitored for any copying, writing or deleting <strong>the</strong>n it could be said that it<br />
would be possible to highlight a possible attack on <strong>the</strong> integrity <strong>of</strong> its data. Also, being<br />
able to monitor <strong>the</strong> status <strong>of</strong> <strong>the</strong> <strong>Event</strong> <strong>Log</strong>ging Service, using <strong>the</strong> system registry,<br />
would highlight if it had been changed from automatic to disabled. The design <strong>of</strong> <strong>the</strong><br />
system will be based upon <strong>the</strong>se findings. It will disallow any physical access to <strong>the</strong><br />
event logs <strong>and</strong> will also produce a hash signature that will highlight if any changes<br />
have been made.<br />
29