[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: PROPOSAL: Cluster 19 - NTCONFIG (13 candidates)



-----Original Message-----
From: Adam Shostack [mailto:adam@netect.com]
Sent: Tuesday, July 27, 1999 2:19 PM
To: Craig Ozancin; cve-editorial-board-list@lists.mitre.org
Subject: Re: PROPOSAL: Cluster 19 - NTCONFIG (13 candidates)


| Candidate: CAN-1999-0575
| Announced: 19990721
| Assigned: 19990607
| Category: CF
|
| A Windows NT system's user audit policy does not log an event success
| or failure, e.g. for Logon and Logoff, File and Object Access, Use of
| User Rights, User and Group Management, Security Policy Changes,
| Restart, Shutdown, and System, and Process Tracking.
|
| VOTE: Recast
|
| It is far less interesting what a user does successfully that what they
| attempt and fail at.

I don't agree.  Its very interesting, for example, if someone from
bindview.com logs into Axent.com.  In fact, it may be more interesting
than someone failing.

Adam

I agree with what you say :) I meant for this to be for CAN-1999-0577.

Craig

 
Page Last Updated: May 22, 2007