Windows Intrusion Log Cleanup

Enterprise 2023-05-17 05:02:50 views: null

Preliminary knowledge

The role of logs in system security is obvious. Both network administrators and hackers attach great importance to logs. An experienced administrator can quickly understand the security performance of the system through logs, and a smart hacker will often intrude. After success, quickly clear the logs that are not good for you. The log files of Windows 7 usually include application logs, security logs, system logs, DNS server logs, FTP logs, WWW logs, etc. Log files are usually maintained by a certain service in the background, except for system logs, security logs, application logs, etc., their services are key processes of Windows 7, and they are together with registry files. When Windows 7 starts, the service is started to maintain These documents

Purpose

Clear Windows 7 usage trace logs

experimental tool

ClearLogs.exe software tool

lab environment

One client computer (operating system is Windows 7)

Experimental procedure

The default location of application logs, security logs, system logs, and DNS logs: %sys temroot%\system32\config, the default file size is 512KB, and administrators will change this default size. Security log file: %systemroot%\system32\config\SecEvent.EVT; System log file: %systemroot%\system32\config\SysEvent.EVT; Application log file: %systemroot%\system32\config\AppEvent.EVT; Internet Default location of information service FTP logs: %systemroot%\system32\logfiles\msftpsvc1\, one log per day by default; default location of Internet Information Service WWW logs: %systemroot%\system32\logfiles\w3svc1\, one log per day by default; Scheduler service log Default location: %sys temroot%\schedlgu.txt

———————————————————————————————————————

Open the Window7-SP1 console and select the Administrator account

  1. The system log of Windows 7 is difficult to clear by hand. It is recommended to use the ClearLogs.exe software tool to clear it. The program is in the "Desktop-Tools" directory
  2. Open the start menu, enter cmd in the search bar, left-click the search result, and execute: cd C:\Users\Administrator\Desktop
  3. clearlogs -app This is to clear the application log of the remote computer.
  4. clearlogs -sec This is to clear the security log of the remote computer.
  5. clearlogs -sys This is to clear the system log of the remote computer.
  6. Experiment completed

Guess you like

Origin blog.csdn.net/weixin_62757215/article/details/129562369
Recommended
The United States plans to restrict the export of large AI models to China and Russia
Apple to reach agreement with OpenAI to bring ChatGPT to iPhone
Ranking
whisper-webui installation tutorial is silky and easy to use
[Base] Laravel concepts laravel basis, the custom service provider: Contracts, ServiceContainer, ServiceProvider, Facades relations
Import torchvision error problem solving DLL: module not found
observer & watch & notify = pub & sub
A small turntable program [HTML + CSS + JS]
CorelDRAW 2018 shortcuts Daquan
Supervise el botón de menú para lograr un gatillo de presión prolongada
JS将时间秒转换成天小时分钟秒的字符串
RIP basic configuration
[Deleted] solution to a problem a few questions (Noip1994)
Daily
More
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)

Code World

© 2018 codetd.com