:本资料属于百安信息系统安全俱乐部所有,仅限于个人学习之用,请勿用于其它商业目的!欢迎访问百安信息系统安全专业论坛—百安论坛:�http://bbs./.----付发明讲师介绍联系电话:EMAIL:******@QQ:4534455MSN:******@: ; ; ;: :%systemroot%\system32\config\ :%systemroot%\system32\config\ :%systemroot%\system32\config\:、大小、及自行覆盖。 (EventMessageFile,MaxSize): HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog (WindowsManagementInstrumentation)管理脚本。。,并允许日志自行覆盖14天前的日志:puter="."�SetobjWMIService=GetObject("winmgmts:"_� &"{impersonationLevel=impersonate,(Security)}!\\"&_� puter&"\root\cimv2") '获得VMI对象�SetcolLogFiles= � ("Select*fromWin32_NTEventLogFile")�ForeachobjLogfileincolLogFiles� strLogFileName=� SetwmiSWbemObject=GetObject_� ("winmgmts:{impersonationLevel=Impersonate}!\\.\root\cimv2:"_� &"='"&strLogFileName&"'")� =2500000000� =14� �:��puter="."�SetobjWMIService=GetObject("winmgmts:"_� &"{impersonationLevel=impersonate,(Backup)}!\\"&_� puter&"\root\cimv2") SetcolLogFiles=� ("Select*fromWin32_NTEventLogFilewhereLogFileName='Application'") ForEachobjLogfileincolLogFiles� errBackupLog=("f:\") IferrBackupLog<>0Then � "TheApplicationeventlogcouldnotbebackedup."� "essbackuplog"� EndIf�:puter="."�SetobjWMIService=GetObject("winmgmts:"_� &"{impersonationLevel=impersonate,(Backup)}!\\"&_� puter&"\root\cimv2")�dimmylogs(3)�mylogs(1)="application"�mylogs(2)="system"�mylogs(3)="security"�forEachlogsinmylogs�SetcolLogFiles=�
网络攻防之8 安全防护对策 来自淘豆网m.daumloan.com转载请标明出处.
