Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: File Permission Audit Tool - Windows

from [jfvanmeter] Network Security [Permanent Link]
Subject: Re: File Permission Audit Tool - Windows
Date: Wed, 26 Sep 2007 08:45:52 +0000 
you could run cacls and dump it to a file for review later.

http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/cacls.mspx?mfr=true

Take Care and Have Fun --John
 -------------- Original message ----------------------
From: krymson@gmail.com

I wish I could give you an easy open source/free tool, but I can't. Hopefully 
someone else can so I can also use it. :)


In case you do talk to some vendors, the biggest problem with reporting 
permissions is dealing with duplicates. Tools like xcacls will report every 
single object or folder, whether it is inherited or different from its 
parent. 
You really want to eliminate all that garbage and only report explicit 
permissions, with the assumption that inheritance is otherwise present 
downstream. Almost an exception report.



1) Free, but nearly useless

You could use cacls/xcacls, but the output you get will be next to useless.


2) Free, but a little effort

Windows PowerShell allows for some excellent scripting of permissions audits 
and 
other such stuff. If you know PS, you should use this as it affords you a lot 
of 
customizable power.


3) Commercial, but very cool

I really enjoyed my trials of ScriptLogic's Enterprise Security Reporter [1] 
a 
year ago. You can get some nice reports on permissions


[1] http://www.scriptlogic.com/products/enterprisesecurityreporter/


<- snip ->

I am looking for audit tool that will give me a report on all the file 
permission on a windows 2000/2003 servers. I will prefer open source but 
would 
be willing to look at commercial software if it is superior.
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: File Permission Audit Tool - Windows, Nikhil Wagholikar
Next by Date:  RE: traffic creation, Clement Dupuis
Previous by Thread:  RE: File Permission Audit Tool - Windows, Martyn Smith
Next by Thread:  RE: File Permission Audit Tool - Windows, Herb Martin
Indexes:  [Date] [Thread] [Top] [All Lists]