| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20040830102601.5452.qmail@web51505.mail.yahoo.com> From: keydet89 at yahoo.com (Harlan Carvey) Subject: write events log to CD? Ali, > Sending logs to a printer makes the most sense to > me. Absolutely > unhijackable, and a good use for that old 9-pin > dotmatrix and 2000 > sheets of traction feed paper you have in the > cupboard. > > No idea whether it's possible on windows, though. Why wouldn't this work? Windows is able to print...so your idea should work. However, I'm not sure I see a great deal of efficiency in doing so. Perhaps a better idea would be to get the Event Log entries off of the system as they are generated, using a mechanism such as syslog. Along those lines, if you go to http://patriot.net/~carvdawg/perl.html, you'll find a Perl script named wmievt.pl...this script uses WMI to watch the Event Log for new events. When a new event is generated, the script "wakes up". This is just a barebones, proof-of-concept script. I will be fleshing it out a bit and releasing on the web site for my book (book: "Windows Forensics and Incident Recovery", web site: http://www.windows-ir.com). Hope that helps, Harlan
Powered by blists - more mailing lists