Re: Suggestion wanted

Post removed (X-No-Archive: yes)

Suggestion wanted

Hi all,
I am running xppro/sp2 thru a router and am happy with my firewall
situation. Now that I am on Hughes net, I want to know who, what
where. I used to use Atguard, but of course it doesn't log in XP.

I am looking for a simple program that logs all connections.

Any thoughts are welcome.
Regards,
Terry

Re: Suggestion wanted

Terry wrote:


> I just downloaded it, it works fine, but, since I use a limited
> account while on the internet, it won't let me access the log.
> Thanks anyway

The possibility to change file permissions exists.

Wolfgang

Re: Suggestion wanted

On Thu, 29 Mar 2007 22:28:14 +0200, Sebastian Gottschalk
wrote:

>Terry wrote:
>
>> Hi all,
>> I am running xppro/sp2 thru a router and am happy with my firewall
>> situation. Now that I am on Hughes net, I want to know who, what
>> where. I used to use Atguard,
>
>And you were happy with that? Oh my...
I like you even though your mother didn't teach you better manners
>
>> but of course it doesn't log in XP.
>>
>> I am looking for a simple program that logs all connections.
>
>PortReporter
I just downloaded it, it works fine, but, since I use a limited
account while on the internet, it won't let me access the log.
Thanks anyway
Terry

Re: Suggestion wanted

On Thu, 29 Mar 2007 23:29:02 +0200, Wolfgang Kueter
wrote:

>Terry wrote:
>
>
>> I just downloaded it, it works fine, but, since I use a limited
>> account while on the internet, it won't let me access the log.
>> Thanks anyway
>
>The possibility to change file permissions exists.
>
>Wolfgang
Thank you, but it is a system folder and won't allow me to change the
permissions.

Terry

Re: Suggestion wanted

Terry wrote:
> On Thu, 29 Mar 2007 23:29:02 +0200, Wolfgang Kueter wrote:
>> Terry wrote:
>>> I just downloaded it, it works fine, but, since I use a limited
>>> account while on the internet, it won't let me access the log.
>>
>> The possibility to change file permissions exists.
>
> Thank you, but it is a system folder and won't allow me to change the
> permissions.

Of course you need admin privileges to be able to grant access there.
Log in as an administrator and grant read access to your user. Better:
add a new group "logwatch", add your user to this group, and grant read
access on the logs to that group.

cu
59cobalt
--
"If a software developer ever believes a rootkit is a necessary part of
their architecture they should go back and re-architect their solution."
--Mark Russinovich

Re: Suggestion wanted

On 30 Mar 2007 01:05:10 GMT, Ansgar -59cobalt- Wiechers
wrote:

>Terry wrote:
>> On Thu, 29 Mar 2007 23:29:02 +0200, Wolfgang Kueter wrote:
>>> Terry wrote:
>>>> I just downloaded it, it works fine, but, since I use a limited
>>>> account while on the internet, it won't let me access the log.
>>>
>>> The possibility to change file permissions exists.
>>
>> Thank you, but it is a system folder and won't allow me to change the
>> permissions.
>
>Of course you need admin privileges to be able to grant access there.
>Log in as an administrator and grant read access to your user. Better:
>add a new group "logwatch", add your user to this group, and grant read
>access on the logs to that group.
>
>cu
>59cobalt
I was logged on as admin, but still wasn't allowed to grant access.
Is there another way besides going thru sharing security?

Terry

Re: Suggestion wanted

Post removed (X-No-Archive: yes)

Re: Suggestion wanted

Terry wrote:
> On 30 Mar 2007 01:05:10 GMT, Ansgar -59cobalt- Wiechers wrote:
>> Of course you need admin privileges to be able to grant access there.
>> Log in as an administrator and grant read access to your user.
>> Better: add a new group "logwatch", add your user to this group, and
>> grant read access on the logs to that group.
>
> I was logged on as admin, but still wasn't allowed to grant access. Is
> there another way besides going thru sharing security?

Please elaborate. How exactly are you "not allowed to grant access"? If
you have a vanilla XP Pro some stuff is hidden by default, but that can
be changed through the Explorer options.

cu
59cobalt
--
"If a software developer ever believes a rootkit is a necessary part of
their architecture they should go back and re-architect their solution."
--Mark Russinovich

Re: Suggestion wanted

Post removed (X-No-Archive: yes)

Re: Suggestion wanted

On 30 Mar 2007 13:10:13 GMT, Ansgar -59cobalt- Wiechers
wrote:

>Terry wrote:
>> On 30 Mar 2007 01:05:10 GMT, Ansgar -59cobalt- Wiechers wrote:
>>> Of course you need admin privileges to be able to grant access there.
>>> Log in as an administrator and grant read access to your user.
>>> Better: add a new group "logwatch", add your user to this group, and
>>> grant read access on the logs to that group.
>>
>> I was logged on as admin, but still wasn't allowed to grant access. Is
>> there another way besides going thru sharing security?
>
>Please elaborate. How exactly are you "not allowed to grant access"? If
>you have a vanilla XP Pro some stuff is hidden by default, but that can
>be changed through the Explorer options.
>
>cu
>59cobalt
Thank you Sebastian and Ansgar.

I log into the admin account, go to the logfile folder in sys32 and
open the sharing menu. The lower options are grayed out saying it
can't be shared because it is a operating system folder.

Terry

Re: Suggestion wanted

Terry wrote:
> On 30 Mar 2007 13:10:13 GMT, Ansgar -59cobalt- Wiechers wrote:
>> Terry wrote:
>>> On 30 Mar 2007 01:05:10 GMT, Ansgar -59cobalt- Wiechers wrote:
>>>> Of course you need admin privileges to be able to grant access there.
>>>> Log in as an administrator and grant read access to your user.
>>>> Better: add a new group "logwatch", add your user to this group, and
>>>> grant read access on the logs to that group.
>>>
>>> I was logged on as admin, but still wasn't allowed to grant access. Is
>>> there another way besides going thru sharing security?
>>
>> Please elaborate. How exactly are you "not allowed to grant access"? If
>> you have a vanilla XP Pro some stuff is hidden by default, but that can
>> be changed through the Explorer options.
>
> I log into the admin account, go to the logfile folder in sys32 and
> open the sharing menu. The lower options are grayed out saying it
> can't be shared because it is a operating system folder.

The "Sharing" tab is for granting remote access. That's not what you
want. You need the "Security" tab, which is probably hidden (that's for
some obscure reason the default).

I don't have an english version of Windows at hand here, so I may get
the labels wrong, but what you need to do is this: go to the Explorer
options, select the "View" tab, and disable everything that says
"simple", "easy" or "hide". After you click "OK" you should get an
additional tab "Security" in the properties dialog of files and folders.
There you can grant access to users and groups.

cu
59cobalt
--
"If a software developer ever believes a rootkit is a necessary part of
their architecture they should go back and re-architect their solution."
--Mark Russinovich

Re: Suggestion wanted

Terry wrote:
> I had disabled simple sharing long ago. You started me in the right
> direction. According to Microsoft, the security tab for these types
> of folders is disabled and can't be turned on when part of a
> workgroup.

Ummm... no. you misread that. The security tab is by default *hidden*
when the computer is member of a workgroup (as opposed to being member
of a domain). You unhide it by disabling simple sharing.

> Perhaps it is time to think of another way or program.

No. The tab is supposed to be there when simple sharing is disabled.
Could it be you're using FAT32 as your filesystem? FAT doesn't support
ACLs, in which case the security tab isn't shown. If that's the case I
*strongly* recommend to switch to NTFS (by using the command "convert"
on the command-line). However, if you really are using FAT32, access to
the files in the system directory should not be denied.

> Perhaps it is a part of some firewall that I am not familiar with.

May be, but without knowing what software you have installed there's no
way to tell.

cu
59cobalt
--
"If a software developer ever believes a rootkit is a necessary part of
their architecture they should go back and re-architect their solution."
--Mark Russinovich

Re: Suggestion wanted

On 30 Mar 2007 17:00:06 GMT, Ansgar -59cobalt- Wiechers
wrote:

>Terry wrote:
>> On 30 Mar 2007 13:10:13 GMT, Ansgar -59cobalt- Wiechers wrote:
>>> Terry wrote:
>>>> On 30 Mar 2007 01:05:10 GMT, Ansgar -59cobalt- Wiechers wrote:
>>>>> Of course you need admin privileges to be able to grant access there.
>>>>> Log in as an administrator and grant read access to your user.
>>>>> Better: add a new group "logwatch", add your user to this group, and
>>>>> grant read access on the logs to that group.
>>>>
>>>> I was logged on as admin, but still wasn't allowed to grant access. Is
>>>> there another way besides going thru sharing security?
>>>
>>> Please elaborate. How exactly are you "not allowed to grant access"? If
>>> you have a vanilla XP Pro some stuff is hidden by default, but that can
>>> be changed through the Explorer options.
>>
>> I log into the admin account, go to the logfile folder in sys32 and
>> open the sharing menu. The lower options are grayed out saying it
>> can't be shared because it is a operating system folder.
>
>The "Sharing" tab is for granting remote access. That's not what you
>want. You need the "Security" tab, which is probably hidden (that's for
>some obscure reason the default).
>
>I don't have an english version of Windows at hand here, so I may get
>the labels wrong, but what you need to do is this: go to the Explorer
>options, select the "View" tab, and disable everything that says
>"simple", "easy" or "hide". After you click "OK" you should get an
>additional tab "Security" in the properties dialog of files and folders.
>There you can grant access to users and groups.
>
>cu
>59cobalt
Thanks for being so professional. As for Sebastian, I have high hopes
for him. If he would just slow down, think, and understand that if I
knew it I wouldn't be here asking questions.

I had disabled simple sharing long ago. You started me in the right
direction. According to Microsoft, the security tab for these types
of folders is disabled and can't be turned on when part of a
workgroup. Perhaps it is time to think of another way or program.
Perhaps it is a part of some firewall that I am not familiar with.
The windows firewall logs but with very limited information.

Re: Suggestion wanted

On 30 Mar 2007 20:58:20 GMT, Ansgar -59cobalt- Wiechers
wrote:

>Terry wrote:
>> I had disabled simple sharing long ago. You started me in the right
>> direction. According to Microsoft, the security tab for these types
>> of folders is disabled and can't be turned on when part of a
>> workgroup.
>
>Ummm... no. you misread that. The security tab is by default *hidden*
>when the computer is member of a workgroup (as opposed to being member
>of a domain). You unhide it by disabling simple sharing.
>
>> Perhaps it is time to think of another way or program.
>
>No. The tab is supposed to be there when simple sharing is disabled.
>Could it be you're using FAT32 as your filesystem? FAT doesn't support
>ACLs, in which case the security tab isn't shown. If that's the case I
>*strongly* recommend to switch to NTFS (by using the command "convert"
>on the command-line). However, if you really are using FAT32, access to
>the files in the system directory should not be denied.
>
>> Perhaps it is a part of some firewall that I am not familiar with.
>
>May be, but without knowing what software you have installed there's no
>way to tell.
>
>cu
>59cobalt
Problem solved. I installed PortReporter on my other puters and the
tab was there. I uninstalled it and re-installed it on my internet
puter and the tab was there like magic in properties in the
PortReporter folder. Gremlins during the first install I guess. I am
running NTFS
I discovered that it creates a new log file each time the computer is
turned on as well as a new one at midnight. In just 2 days I have 6
files, lots to be sorting out to view.

I would like a third party logger with just one file which I can
cleanout once in awhile like the Atguard one. I am using the Windows
firewall and a D-link router. What else should I be telling you about
my software? I have googled it and found some programs that seemed
too Mickey Mouse to me.

Any thoughts?

I appreaciate your help

Terry

Are you by any chance located in Prussia?