Wednesday, August 17, 2005

Windows Security Adviser: Effectively tune your event log auditing criteria

SearchWindowsSecurity.com: Windows Security Adviser
August 17, 2005
___________________________________
ISSUE SPONSORED BY: Responding to Virus Threats on Zero-Day

___________________________________
IN THIS ISSUE:

- Effectively tune your event log auditing criteria
- Worms attacking Windows Plug and Play go global
- Using NTFS rights to deny the Delete permission
- Webcast: Intelligent patching strategies
- Blocking Internet access using GPO

HEADLINES:
---------------------------------------------------------------------
EFFECTIVELY TUNE YOUR EVENT LOG AUDITING CRITERIA |
SearchWindowsSecurity.com

Auditing events is a necessary task to keep your systems secure, no
matter how boring and tedious it may be. The key is to carefully
select which events to monitor and record in your various logs. This
article from contributor Jonathan Hassell examines your auditing
options and how to configure your event logs.

Click here for the tip:
http://searchwindowssecurity.techtarget.com/tip/1,289483,sid45_gci1116378,00.html?track=NL-122&ad=525761

MORE INFO:
Learn how to properly configure audit policy in this checklist
http://searchwindowssecurity.techtarget.com/tip/1,289483,sid45_gci1033853,00.html?track=NL-122&ad=525761

Site expert Kevin Beaver explains how to configure Group Policy to
prevent attacks
http://searchwindowssecurity.techtarget.com/tip/1,289483,sid45_gci1108549,00.html?track=NL-122&ad=525761

---------------------------------------------------------------------

::::::::::::::::::::::::::::: SPONSOR :::::::::::::::::::::::::::::::

Responding to Virus Threats on Zero-Day

New, rapidly deploying viruses provide you with zero days to
understand them and deploy a new virus signature to detect them. How
can you respond adequately to such speed to avoid serious
consequences for your business? Download the latest CipherTrust white
paper to better understand the immediate steps needed to prevent
Zero-Day attacks from causing serious disruption.
Click here:
http://ad.doubleclick.net/adi/swsc/em;pos=2;gci=525761;sz=1x1;ord=968928024?tt=1

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

---------------------------------------------------------------------
WORMS ATTACKING WINDOWS PLUG AND PLAY GO GLOBAL | SearchSecurity.com

Organizations around the word are being hit hard by multiple worms.
Corporate networks are most at risk.

Click here for the article:
http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1116452,00.html?track=NL-122&ad=525761

---------------------------------------------------------------------
ALSO ON SEARCHWINDOWSSECURITY.COM:

---------------------------------------------------------------------
USING NTFS RIGHTS TO DENY THE DELETE PERMISSION | Ask the Experts

To prevent a specific user or group from deleting files or folders,
use NTFS rights on the Security tab. Site expert Jonathan Hassell
walks you through the process and explains why you shouldn't use the
Sharing->Permissions tab to control these rights.
http://searchwindowssecurity.techtarget.com/ateQuestionNResponse/0,289625,sid45_gci1116512_tax301650,00.html?track=NL-122&ad=525761

---------------------------------------------------------------------
WEBCAST: INTELLIGENT PATCHING STRATEGIES | Topics

Learn what intelligent patching is, what to look for in a system and
how it can provide the necessary audit trails you need to lower
downtime and create a self-documenting environment for your business.
http://searchwindowssecurity.techtarget.com/webcasts/0,295024,sid45,00.html?track=NL-122&ad=525761

---------------------------------------------------------------------
BLOCKING INTERNET ACCESS USING GPO | Discussion

Do you need to set permissions so that only certain users in the
network can access the Internet? Read you peers' solutions in this
ITKnowledge Exchange discussion.
http://searchwindowssecurity.techtarget.com/ITKnowledgeExchange/questionArchiveView/0,294934,sid45_gci1111091,00.html?track=NL-122&ad=525761

Click here to start your own discussion:
http://searchwindowssecurity.techtarget.com/ITKnowledgeExchange/0,294907,sid45,00.html?track=NL-122&ad=525761

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
CONTACT US:

Sales
For sales inquiries, please contact us at:
mailto:mkelly@techtarget.com

Editorial
For feedback about any of our articles or to send us your article
ideas, please contact us at:
mailto:bvigil@techtarget.com

---------------------- FREE E-NEWSLETTERS! --------------------------

SearchWindowsSecurity: Patch Management Tip
SearchWindowsSecurity: Updates on new site content

Click here to subscribe:
http://searchWindowsSecurity.techtarget.com/tieredRegPage?track=NL-122&ad=525761&val=0&newsletters=998852&newsletters=998855&email=pet.computter@gmail.com

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
ABOUT THIS E-NEWSLETTER:

This e-newsletter is published by SearchWindowsSecurity.com, a
targeted Web site from TechTarget, the most targeted IT media and
events company.
TechTarget offers magazines, Web sites, e-newsletters, Webcasts and
conferences for enterprise IT professionals.
Copyright 2005 TechTarget. All rights reserved.

_____________________________________________________________________

To unsubscribe from "Windows Security Adviser":

Go to unsubscribe: http://SearchWindowsSecurity.com/u?em=pet.computter%40gmail.com&uid=3058509&cid=525761&track=NL-122

Please note, unsubscribe requests may take up to 24 hours to process;
you may receive additional mailings during that time. A confirmation
e-mail will be sent when your request has been successfully
processed.

Contact us:
SearchWindowsSecurity
Member Services
117 Kendrick Street, Suite 800
Needham, MA 02494