(security log) , , .
Windows XP Professional , . , . , .
(Event Viewer) , . , (Filter). , (Find).
, (Event Viewer), (View) (Filter) (Find). .
4.5 (Filter), , (Find), .
, , Windows XP Professional. . , . Windows XP Professional .
.
4.5
(Event Types) | |
(Event Source) | , |
(Category) | , , |
(Event ID) | . |
(User) | |
(Computer) | |
ѻ (From and To) | , [ (Filter)] |
(Restore Defaults) | |
(Description) | ( (Find) |
(Search Direction) | , ( ; (Find) |
(Find Next) | , |
. , (Event Viewer), (Action) (Properties). (Properties) :
, 64 4194240 (4 ). 512 ;
Windows XP Professional . , , 4.6.
|
|
, . , .
, , (Event Viewer) , 4.7.
.
4.6
(Overwrite Events As Needed) | , , . |
, , V (Overwrite Events Older Than X Days) | , , . , V . ( 7) |
He (Do Not Overwrite Events) | , . Windows XP Professional , |
, .
4.7
(Save Log File As), | |
(Clear All Events). Windows XP Professional , | |
(New Log View); |
.
?
, ?
, , .
.
, .
.
, - .
, , .
.
Active Directory.
, .
|
|
1. , (Administrators).
2. (Start), (Run), (Open) mmc .
3. 1 (Console 1), (File), (Add/Remove Snap-In).
4. (Add/Remove Snap-In) (Add),
5. (Add Standalone Snap-In) (Group Policy) (Add).
6. , (Group Policy Object) (Select Group Policy Object) (Local Computer), (Finish).
7. (Add Standalone Snap-In) (Close).
, / (Add/Remove Snap-In) (Local Computer Policy) , (Group Policy). , (Group Policy) , (Local Computer Policy).
8. / (Add/Remove Snap-In) (Close).
9. (Local Computer Policy).
10. (Computer Configuration), Windows (Windows Settings).
11. (Security Settings), (Local Policies).
12. (Audit Policy). (Local Computer Policy) . 4.1.
13. , (Audit Logon Events) (Action) (Properties), : (Audit Account Logon Events Properties), . 4.2. (Audit Successful Attempts) (Audit Failed Attempts) .
X | ||
X | ||
X | X | |
X | ||
X | ||
X | X | |
14. .
15. , .
. 4.1. , Windows XP Professional
. 4.2. :
|
|
: gpupdate , Active Directory, . , , gpupdate Enter. gpupdate (Start) (Help And Support) gpupdate.
4.2.
Windows XP Professional
1. , (Administrators).
2. (Windows Explorer) Audit (, C:\Audit).
3. Audit AUDIT (, C:\Audit\Audit).
4. AUDIT (Properties).
5. (Properties) (Security) (Advanced).
: (Properties) (Security), , , NTFS? , (Simple File Sharing)? (Start), (My Computer), (Explore). (Tools) (Folder Options). (View) () [Simple File Sharing (Recommended)] .
6. AUDIT (Auditing).
7. (Add).
8. : (Select User Or Group), (Name), (Everyone) .
9. Audit.txt (Audit Entry For Audit.txt) (Successful) (Failed) (. 4.4.):
/ (Create Files/Write Data);
(Delete);
(Change Permissions);
(Take Ownership).
. 4.4. ,
10. . Windows XP Professional (Everyone) audit.txt (Advanced Security Settings For).
11. .
1. (Start), (Control Panel), (Printers And Other Hardware) (Printers And Faxes).
2. (Printers) HPColorLaserJet 4500 PS, (Properties).
3. (Security) (Advanced).
4. HPColorLaserJet 4500 PS, (Auditing), .
5. : (Select User Or Group), (Name), (Everyone) .
6. HPColorLaserJet 4500 PS (Auditing Entry For HP Color LaserJet 4500 PS) (Successful) (.4.5.).
|
|
. 4.5. ,
7. . Windows XP Professional (Everyone) HPColorLaserJet 4500 PS (Access Control Settings For HP Color LaserJet 4500 PS).
8. .
9. HPColorLaserJet 4500 PS (HP Color LaserJet 4500 PS Properties), .
10. (Printers And Faxes).
AUDIT
1. (Start), (Control Panel), (User Accounts).
2. , User2 (Limited).
3. User2 User2.
4. .
5. User2, .
6. (Windows Explorer), C:\Audit\Audit. (Notepad) AUDIT.
7. : User2.
8. . ? ?
9. , , .
4.3.