Analysis
Secedit can be used to compare an existing policy running on a Windows 2000 system with an appropriate policy for the system. To do this, enter the following command from a command prompt:
secedit /analyze [/DB filename] [/CFG filename] [/log filename] [/verbose] [/quiet]
The following parameters may be provided:
- /DB filename This specifies the path to the database file that contains the
stored configuration for the analysis. If the filename specifies a new file, the
/CFG parameter must also be used.
- /CFG filename This specifies the path to the security template to be imported
into the database. If the parameter is not used, the configuration stored in the database is used.
- /log filename This specifies the path to the log file that will be created by the
command. The log file includes all the information found during the analysis.
- /verbose This tells secedit to provide details while running.
- /quiet This tells secedit not to provide output to the screen while running.
Once the run is completed, the log file can be analyzed to determine if the system is in compliance with the organization's policy.
In this tutorial:
- Windows 2000 Security Issues
- Setting up the System
- Local Security Policy Settings
- Logon Message
- LAN Manager Authentication Level
- System Configuration
- File Systems
- Network
- Account Settings
- USER MANAGEMENT
- Setting File Permissions
- System Management
- Analysis
- Configuration
- Validation
- Export
- Auditing a System
- Log Files
- Looking for Suspicious Signs
- Missing Log Files or Gaps in the Log Files
- Unknown Processes