<div>
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
</div>


This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.

<div>
<div class="content wysiwyg-content">
Hi,<br />
<br />
We are facing a worm that is copying files to shared folders.<br />
But to find the source that is spreading the files I want to log the source who is creating these files.<br />
<br />
I've tried using process monitor from sysinternals but this tool only seems to log files that are created localy and not from a remote source.<br />
<br />
What other possibilities are there to log a remote source trying to create/copy files?<br />
<br />
regards
</div>
</div>


Hi,

We are facing a worm that is copying files to shared folders.
But to find the source that is spreading the files I want to log the source who is creating these files.

I've tried using process monitor from sysinternals but this tool only seems to log files that are created localy and not from a remote source.

What other possibilities are there to log a remote source trying to create/copy files?

regards

audit remotely created files

Security is the protection of information systems from theft or damage to the hardware, the software, and the information on them, as well as from disruption or misdirection of the services they provide. The main goal of security is protecting assets, and an asset is anything of value and worthy of protection.  Information Security is a discipline of protecting information assets from threats through safeguards to achieve the objectives of confidentiality, integrity, and availability or CIA for short. On the other hand, disclosure, alteration, and disruption (DAD) compromise the security objectives.