HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 34 guests and 1 member online
 
Advertisement

You are here: Home arrow Resourcesarrow Toolsarrow Tools for auditing folder/file permissions
EH-Net
May 23, 2013, 03:30:32 PM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Go back to The Ethical Hacker Network Online Magazine Home Page
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: Tools for auditing folder/file permissions  (Read 12317 times)
0 Members and 1 Guest are viewing this topic.
CadillacGolfer
Newbie
*
Offline Offline

Posts: 36


View Profile
« on: February 29, 2008, 09:44:44 AM »
Anyone have a suggestion for a good tool for auditing folder/file permissions on a Windows file server?  (open source or commercial). 
cacls and xcacls is pretty lame when you have lots of groups and tons of subfolders.  I'd like to be able to send the owner of the folder an easy to read report (remembering the folder owners are mostly non technical and BUILTIN\Administrators    Full Control [ALL] doesn't mean too much to them), so they can determine if the access is appropriate.  Obviously, over time as peole change job responsibilities and what not people end up with many more permissions then they require.

I have seen a demo from a vendor called Varonis and the tools looked pretty good.  Wondering what other people out there are doing or have experienced. Especially any open source tools out there  Smiley
Logged
zr0crsh
Newbie
*
Offline Offline

Posts: 14


View Profile
« Reply #1 on: February 29, 2008, 10:21:33 AM »
I had pretty good results with DumpSec (formerly DumpACL), and its FREE

Quote
SomarSoft's DumpSec is a security auditing program for Microsoft Windows® NT/XP/200x. It dumps the permissions (DACLs) and audit settings (SACLs) for the file system, registry, printers and shares in a concise, readable format, so that holes in system security are readily apparent. DumpSec also dumps user, group and replication information.

http://www.somarsoft.com/
Logged
BillV
Hero Member
*****
Offline Offline

Posts: 1892


View Profile WWW
« Reply #2 on: February 29, 2008, 10:32:19 AM »
Yes, I also use DumpSec pretty regularly for file permissions and also to audit user accounts.
Logged
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.059 seconds with 22 queries.
 
Exclusive Deal

sansfire13_245x90_cw90.jpg
SANSFIRE 2013
June 15 - 22

5% Off w/ Code: EHN_5

SANS Deals 4 EH-Netters
5% OFF Any SANS Course in Any Format!
Coupon Code: EHN_5 Including SANS Rocky Mountain 2013 & SANS Boston 2013
Polls
Compared to this year, 2013 will be:
 
Recent Forum Topics
EH-Net News Feeds
Latest Additions
 
         
Advertisement

© 2013 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.