Solved

Auditing %SystemRoot%\system32 or c:\windows\system32 Files

Posted on 2009-07-06
3
761 Views
Last Modified: 2012-05-07
I have two questions for this subject:

1.  What is the difference between the SystemRoot location and the "windows" location?

2.  If I need to set auditing for specific files within the \system32 directory, does it matter if I set it through SystemRoot or in the \system32 directory?
0
Comment
Question by:myoutback
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 10

Accepted Solution

by:
PlusIT earned 125 total points
ID: 24784982
1.  the difference is that the SystemRoot is a variable poointing to your windows installation.  Not everyone installs c:\windows by using for example %systemroot%\system32 you are sure you can browse to the system32 folder even if your windows is not installed in C.
Try this by opening a cmd shell and echo the variable with the command: echo %SYSTEMROOT%

2.  try to use variables as much as you can.
0
 

Author Comment

by:myoutback
ID: 24793821
Thanks for the explanation.

If I wanted to set auditing to %SystemRoot%\system32\activeds.dll from the cmd shell, what would it look like?
0
 
LVL 10

Assisted Solution

by:PlusIT
PlusIT earned 125 total points
ID: 24801766
i'm not sure tbh never done it myself this maybe can help you:
http://technet.microsoft.com/en-ca/magazine/2008.08.scom.aspx
0

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many people tend to confuse the function of a virus with the one of adware, this misunderstanding of the basic of what each software is and how it operates causes users and organizations to take the wrong security measures that would protect them ag…
Today, still in the boom of Apple, PC's and products, nearly 50% of the computer users use Windows as graphical operating systems. If you are among those users who love windows, but are grappling to keep the system's hard drive optimized, then you s…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
If you’ve ever visited a web page and noticed a cool font that you really liked the look of, but couldn’t figure out which font it was so that you could use it for your own work, then this video is for you! In this Micro Tutorial, you'll learn yo…
Suggested Courses

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question