Protect Your Security Logs

by Mitch Tulloch [Published on 26 July 2005 / Last Updated on 26 July 2005]

Tip on how to protect your Security logs.

What's the best way to protect your servers against a rogue admin using a tool like Winzapper to cover their tracks? Regularly archive the Security logs on all your servers to a secure location that only you have access to. You might try robocopy.exe and schtasks.exe as a simple solution for this, or you can use one of the integrated log monitors available from third-party vendors, or you can wait for Microsoft's Audit Collection Services (ACS) to be released soon.

The Author — Mitch Tulloch

Mitch Tulloch is a widely recognized expert on Windows administration, networking, and security. He has been repeatedly awarded Most Valuable Professional (MVP) status by Microsoft for his outstanding contributions in supporting users who deploy and use Microsoft platforms, products and solutions. Mitch has published over two hundred articles on different IT websites and magazines, and he has written or contributed to almost two dozen books and is lead author for the Windows 7 Resource Kit from Microsoft Press. For more information, see www.mtit.com .

Latest Contributions

Featured Links