Protect Your Security Logs

by Mitch Tulloch [Published on 26 July 2005 / Last Updated on 26 July 2005]

Tip on how to protect your Security logs.

What's the best way to protect your servers against a rogue admin using a tool like Winzapper to cover their tracks? Regularly archive the Security logs on all your servers to a secure location that only you have access to. You might try robocopy.exe and schtasks.exe as a simple solution for this, or you can use one of the integrated log monitors available from third-party vendors, or you can wait for Microsoft's Audit Collection Services (ACS) to be released soon.

The Author — Mitch Tulloch

Mitch Tulloch is a well-known expert on Windows Server administration and cloud computing technologies. He has published over a thousand articles on information technology topics and has written, contributed to or been series editor for over 50 books.

Latest Contributions

Featured Links