Valhalla Legends Forums Archive | General Discussion | Improving Secruity using the Registry

AuthorMessageTime
MrRaza
Maybe we can 'Sticky' this, When I find helpful hints and tweaks, I will post them here, anyone else can add information as well.

The event log contains sensitive data about applications, security and system events. You don't want anyone other than administrators to have access to the logs.

System Key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentContorlSet\Services\EventLog

Value Name: RestrictGuestAccess

Data Type: REG_WORD (DWORD Value)

Value: (0 = guest access, 1 - restricted access)
December 15, 2005, 6:23 PM
Grok
Isnt that only useful to restrict access for the event viewer application, not the logs themselves?  Someone can still read the log files using another viewer or copy them to another PC?
December 15, 2005, 6:38 PM
MrRaza
[quote author=Grok link=topic=13531.msg137821#msg137821 date=1134671928]
Isnt that only useful to restrict access for the event viewer application, not the logs themselves?  Someone can still read the log files using another viewer or copy them to another PC?
[/quote]

Well, an event log viewer would infact let you view the log regardless of this. Copying them to another computer would let them view it if no restrictions were enabled for them too on that computer. I just put this here to further restrict a guest from viewing files that he or she wasn't suppose too without them going out of there way. I'm not sure as of now where the event logs are even curently stored on the computer, I'll have to look into that sometime. Maybe it's possible to put a password on the folder that these log files are in or put restrictions on it so only an administrator user would be able to view the contents.
December 15, 2005, 6:51 PM

Search