Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: File Permission Audit Tool - Windows

from [Martyn Smith] Network Security [Permanent Link]
Subject: RE: File Permission Audit Tool - Windows
Date: Wed, 26 Sep 2007 16:34:19 +0100 
You can also use SetACL to do an ACL backup recursively which you can then 
compare against your desired policy. 

Martyn Smith
IT Network Coordinator
The College of West Anglia


-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com] On 
Behalf Of Big Joe Jenkins
Sent: 26 September 2007 14:49
Cc: security-basics@securityfocus.com; 
security-basics-return-45887@securityfocus.com
Subject: Re: File Permission Audit Tool - Windows

Microsoft Baseline Security Analyzer does a nice job of summarizing 
permissions set on our shared folders on whatever system you run it 
against.

This won't help with non-shared folders, but it may be a good start.


On Tue, 25 Sep 2007, krymson@gmail.com wrote:


I wish I could give you an easy open source/free tool, but I can't. Hopefully 
someone else can so I can also use it. :)

In case you do talk to some vendors, the biggest problem with reporting 
permissions is dealing with duplicates. Tools like xcacls will report every 
single object or folder, whether it is inherited or different from its 
parent. You really want to eliminate all that garbage and only report 
explicit permissions, with the assumption that inheritance is otherwise 
present downstream. Almost an exception report.


1) Free, but nearly useless
You could use cacls/xcacls, but the output you get will be next to useless.

2) Free, but a little effort
Windows PowerShell allows for some excellent scripting of permissions audits 
and other such stuff. If you know PS, you should use this as it affords you a 
lot of customizable power.

3) Commercial, but very cool
I really enjoyed my trials of ScriptLogic's Enterprise Security Reporter [1] 
a year ago. You can get some nice reports on permissions

[1] http://www.scriptlogic.com/products/enterprisesecurityreporter/

<- snip ->
I am looking for audit tool that will give me a report on all the file 
permission on a windows 2000/2003 servers. I will prefer open source but 
would be willing to look at commercial software if it is superior.



**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error you must take no action 
based on them - nor must you copy or show them to anyone.  Please notify the 
College of West Anglia on 44 - (0) 1553 815325.

This email contains the views of the sender and may not be respresentative of 
the views of The College of West Anglia.

This footnote also confirms that this email message has been swept for the 
presence of computer viruses.
**********************************************************************
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Anonymizing Packets yet ensuring 0 % packet loss, Rohin Koul
Next by Date:  Re: Anonymizing Packets yet ensuring 0 % packet loss, Vivek P
Previous by Thread:  Re: File Permission Audit Tool - Windows, Big Joe Jenkins
Next by Thread:  Re: File Permission Audit Tool - Windows, jfvanmeter
Indexes:  [Date] [Thread] [Top] [All Lists]