[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 161
  • Last Modified:

wipe clues from server

Hi experts, I need your help!!

I have recently switched on my win98 workstation, logged into the w2k server domain and then accessed and copied password protected data that I wasn't supossed to access.

Could w2k server had loged this operations (without 3rd party software)? If the answer is yes, where does it places the log files so I can clean them?




0
nasheerz
Asked:
nasheerz
1 Solution
 
DmitriyCommented:
You can't.  And yes, the access is logged.  The auditing trail will show who logged on and did what with files.

P.S.  This sounds like hacking.  This site strictly forbids any topics with relevance to illegal activities.
0
 
TooKoolKrisCommented:
I suggest you own up to your mistakes before they find you. If it's a critical thing it's going to be much better if you go to them instead of them coming to you. W2K definitely can't track all file access within it's logs and unless you're a Server Operator or a Domain Admin you aren't going to be able to clear the logs even if you do find out where they are. Smile your busted!

TooKoolKris
MCSE+I, CCNA, A+


0
 
TooKoolKrisCommented:
I meant to say that W2K definitely CAN track, sorry for the typo.

TooKoolKris
MCSE+I, CCNA, A+
0
Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

 
nasheerzAuthor Commented:
I have administrator access to the server, so this has nothing of ilegal. Where are that logs located???
0
 
TooKoolKrisCommented:
Ask your network administrator then.
0
 
nasheerzAuthor Commented:
Sorry ToolKoolKris but this site is for questions and answers, if you don't know the answer or if you don't want to help me with this trouble, just don't put more impertinent comments to me.

Thanks.



 
0
 
TooKoolKrisCommented:
This site is for questions and answers that's correct. However it's not for helping you cover your tracks when you accessed files you shouldn't have. Nobody on this site is going to help you in your quest to erase logs so that no one will know that you accessed files you shouldn't have. This question will also be notified to the site operators to see that it is properly deleted as well. Have a good day.

TooKoolKris
MCSE+I, CCNA, A+
0
 
jmiller47Commented:
You stated that you accessed files you weren't supposed to. Therefore, you were doing something against company policy. It is against the morals of this board to answer any questions regarding covering up tracks, doing something you are not supposed to, or hacking. I don't think you'll get any answers here...
0
 
NetminderCommented:
nasheerz,

The answers you've been given are the ones you're going to get; I've force-accepted accordingly.

I've been in Net Admin for a company which does a lot of work with banks and governments. One of my colleagues did exactly what you've done, and had he not gone to our boss and told him (he looked at the CEO's email) he'd have lost his job, even though he has full admin privileges.

The logs exist specifically to see who's doing what. You've done it. I think your course of action is clear. Further, I've alerted EE Admin to this question, and made a notation in your EE profile.

Dmitriy: points for you at http://www.experts-exchange.com/jsp/qShow.jsp?ta=win2k&qid=20303703
jmiller47: points for you at http://www.experts-exchange.com/jsp/qShow.jsp?ta=win2k&qid=20297679

Netminder
CS Moderator
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now