Re: Win2K NTFS Change Journal; Re:

From: Harlan Carvey (keydet89at_private)
Date: Tue Mar 18 2003 - 03:35:42 PST

Next message: Klayton Monroe: "FTimes 3.2.1 Release (Includes Dig, HashDig, and Map Tools)"

Previous message: Mark E. Donaldson: "RE: Win2K NTFS Change Journal"
In reply to: Mark E. Donaldson: "RE: Win2K NTFS Change Journal"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Mark,

Is there any chance that you could paste the script
into an email so I could see it?  I found the site,
but I have no way of telling which module or script
allows me to read the change journal on Win2K.

Thanks,

Harlan


--- "Mark E. Donaldson" <markeeat_private>
wrote:
> Microsoft has a free WMI Utility called
> "Scriptomatic".  I believe it has a
> module which will do this.  I have a copy but do not
> have the exact URL I
> got it at.  Search Microsoft for "Scriptomatic" and
> hopefully it will point
> you to it.
> 
> -----Original Message-----
> From: Harlan Carvey [mailto:keydet89at_private]
> Sent: Friday, March 14, 2003 11:09 AM
> To: forensicsat_private
> Subject: Win2K NTFS Change Journal
> 
> 
> I'm looking for an app that allows the user to
> enumerate the NTFS change journal on a live Win2K
> system.
> 
> Does anyone know of anything?
> 
> 
> 
> 
> =====
>
------------------------------------------------------------------------
> Harlan Carvey
> Computer Security Administrator
> AIM: carvdawg
> Yahoo: keydet89
>
------------------------------------------------------------------------
> 
> __________________________________________________
> Do you Yahoo!?
> Yahoo! Web Hosting - establish your business online
> http://webhosting.yahoo.com
> 
>
-----------------------------------------------------------------
> This list is provided by the SecurityFocus ARIS
> analyzer service.
> For more information on this free incident handling,
> management
> and tracking system please see:
> http://aris.securityfocus.com
> 
> 
> 
>
-----------------------------------------------------------------
> This list is provided by the SecurityFocus ARIS
> analyzer service.
> For more information on this free incident handling,
> management 
> and tracking system please see:
http://aris.securityfocus.com


__________________________________________________
Do you Yahoo!?
Yahoo! Platinum - Watch CBS' NCAA March Madness, live on your desktop!
http://platinum.yahoo.com

-----------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Next message: Klayton Monroe: "FTimes 3.2.1 Release (Includes Dig, HashDig, and Map Tools)"
Previous message: Mark E. Donaldson: "RE: Win2K NTFS Change Journal"
In reply to: Mark E. Donaldson: "RE: Win2K NTFS Change Journal"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Mar 18 2003 - 05:17:06 PST