This project is read-only.

Protect Log Files From Unauthorized Access

- J.D. Meier, Carlos Farre, Jason Taylor, Prashant Bansode, Steve Gregersen, Madhu Sundararajan, Rob Boucher

Restrict access to log files and SQL records in order to make it more difficult for attackers to tamper with log files and cover their tracks.
Minimize the number of individuals who can manipulate the log files. Authorize access only to highly trusted accounts such as administrators.
Restrict access to audit and log files using Windows ACLs. If you log events to SQL Server or to some custom event sink, use appropriate access controls to limit access to the event data. For example, grant write access to the account or accounts used by your application, grant full control to administrators, and read-only access to operators.

Last edited Jun 12, 2008 at 8:46 PM by prashantbansode, version 1


No comments yet.