Randy Franklin Smith
   


Randy Franklin Smith is a contributing editor for Windows IT Pro, an information security consultant, and CEO of Monterey Technology Group. He teaches Monterey Technology Group's Ultimate Windows Security course series and is an SSCP, a CISA, and a Security MVP.
Email address: rsmith@ultimatewindowssecurity.com
Web site: http://www.ultimatewindowssecurity.com

59 results found for Randy Franklin Smith, displaying items 1 - 20
July 26, 2007

Composing SDDL for Defining Custom Event Log Permissions This article is only available to VIP subscribers. Sign up now and get instant access!

Do you need read access to the Security event log, but you can't have administrator authority? Learn how to grant an account read access using SDDL in Windows Server 2003.

Windows IT Pro

July 26, 2007

Access Denied This article is only available to VIP subscribers. Sign up now and get instant access!

Answers to your Windows security questions.

Windows IT Pro

May 24, 2007

Logging Remote Desktop Connections This article is only available to VIP subscribers. Sign up now and get instant access!

Here's a cautionary tale that illustrates the importance of enabling auditing on workstations and member servers as well as DCs.

Windows IT Pro

December 2006

Access Levels for Security Administrators This article is only available to registered users. Sign up now and get instant access!

Ideally, security-monitoring and administrative responsibilities should be assigned to different people. Here's a framework for the access levels security administrators should have and some recommended tools to help them do their job.

Windows IT Security

December 2006

Access Denied This article is only available to registered users. Sign up now and get instant access!

Windows IT Security

November 2006

Disabling Logging of Anonymous Logon Events This article is only available to registered users. Sign up now and get instant access!

Do you log anonymous logon events on your servers? Find out how dangerous these events are and whether you can disable or block them from your security logs.

Windows IT Security

November 2006

Access Denied This article is only available to registered users. Sign up now and get instant access!

Windows IT Security

October 2006

Access Denied, October 2006 This article is only available to registered users. Sign up now and get instant access!

Windows IT Security

October 2006

Kerberos Ticket Expirations This article is only available to registered users. Sign up now and get instant access!

Find out whether it's normal to log a high number of expired tickets in a short period of time.

Windows IT Security

May 2006

Auditing User Account Name Changes This article is only available to registered users. Sign up now and get instant access!

You can discover who made a change if the Audit account management events audit policy was enabled on your DCs at the time of the change.

Windows IT Security

April 2006

Locating the User Causing Failures on a Folder

Examining event ID 560 and associated event IDs 528, 540, and 592 will give you the answers you need.

Windows IT Security

April 2006

Determining Who Enabled an Account

The answer might lie in the Security event log of your Windows DC.

Windows IT Security

April 2006

Distinguishing User Account Reenablements from Creations

User account creations create a telltale pattern in the Security log of event ID 624, followed by several instances of event ID 642 interspersed with event IDs 626 and 628.

Windows IT Security

April 2006

Access Denied, April 2006

Get answers to your Windows security questions.

Windows IT Security

March 2006

A Cool Log Parser Output Format

The neuroview format makes viewing your Security log output fun.

Windows IT Security

January 2006

Finding the Logged-on User's Groups

Use the Whoami command with the /groups option to get a report of which groups the currently logged-on user belongs to.

Windows IT Pro

January 2006

Configuring Intranet Access Without Giving Internet Access

You can use security policies to allow intranet access while preventing Internet access.

Windows IT Pro

January 2006

Access Denied This article is only available to registered users. Sign up now and get instant access!

Every month, Randy Franklin Smith answers your questions about security. Click the links above to see individual Q&As from this month's column.

Windows IT Security

January 2006

Logging Domain Policy Changes This article is only available to registered users. Sign up now and get instant access!

In Windows 2000 SP3 and later, event ID 643 once again logs domain policy changes, as it did in Windows NT.

Windows IT Security

December 2005

Essential Network Monitoring, Part 2: The Tools This article is only available to subscribers. Sign up now and get instant access!

In this second part of a two-part series, we show you how to build a barebones monitoring solution by using free or inexpensive tools that are Windows event log–centric

Windows IT Security

Add these Headlines to your Website





     [1]  2  3   next page