[wpkg-users] Security auditing...

Marco Gaiarin gaio at sv.lnf.it
Thu Oct 20 12:58:44 CEST 2011


> Some hit take me to 'auditpol.exe', that seems a more suited tools, and
> i've to get it from some resource toolkit.

Seems well suited. I'm using now the 1.1b version from w2k resource kit,
looking for the 2.X version, but works.

A question. I want to (at least try) to build a check condition. The
output of auditpol.exe are:

 C:\WINDOWS\system32>\\file\wpkg\tools\Auditpol.exe
 Running ...
 
 (X) Audit Enabled
 
 AuditCategorySystem            = No
 AuditCategoryLogon             = Success and Failure
 AuditCategoryObjectAccess      = No
 AuditCategoryPrivilegeUse      = No
 AuditCategoryDetailedTracking  = No
 AuditCategoryPolicyChange      = Success and Failure
 AuditCategoryAccountManagement = Success and Failure
 Unknown                        = No
 Unknown                        = Success and Failure

in linux probably i will do:

	e=$(<cmd> | grep "Audit Enabled"); if [ -z "$e" ]; then exit 1; fi

there's an equivalent on CMD?! ;-)

Seems i've to use 'find' and 'set', but i'm not understand how... ;(((

Tnx.

-- 
dott. Marco Gaiarin				    GNUPG Key ID: 240A3D66
  Associazione ``La Nostra Famiglia''                http://www.sv.lnf.it/
  Polo FVG  -  Via della Bontà, 7 - 33078  -  San Vito al Tagliamento (PN)
  marco.gaiarin(at)sv.lnf.it	  tel +39-0434-842711  fax +39-0434-842797

		Dona il 5 PER MILLE a LA NOSTRA FAMIGLIA!
	   http://www.lanostrafamiglia.it/chi_siamo/5xmille.php
	(cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA)



More information about the wpkg-users mailing list