Can we temporary change the DefenseWall logging granularity when testing a new program in a way to better decipher its behavior?
For exemple, I installed a new radio player (RadioSure, portable release), and when perusing in the log file I see those lines:
04.06.2009 04:35:37, module C:\Program Files\RadioSure\RadioSure.exe, Attempt to create service (Service)
04.06.2009 04:35:37, module C:\Program Files\RadioSure\RadioSure.exe, 1:Attempt to change service (Service)
04.06.2009 04:35:36, module C:\Program Files\RadioSure\RadioSure.exe, Attempt to delete service (Service)
Is there a way to know more about the service(s) in question with the help of DefenseWall logging abilities, without needing to use another HIPS or monitoring tool?
Click to view attachment
Full Version: DefenseWall LOG tweaking
Well, theoretically, it's possible, but practically it will bring a need to - Read our board rules - more undocumented Windows structures with effect most of the users don't need.
Thanks for your answer, Ilya, and fair anough. I can understand your statement and could only agree with you if this implementation would seriously imply to be adding a kind of bloat to DefenseWall. I will simply continue to use my other tools when needs happend.
By the way, I am not sure of what you are refering to when you said "Read our board rules", in the context of this thread!
By the way, I am not sure of what you are refering to when you said "Read our board rules", in the context of this thread!
QUOTE (Ruinebob-Inn @ Apr 6 2009, 09:34 AM) 
By the way, I am not sure of what you are refering to when you said "Read our board rules", in the context of this thread!
Cr@ck.
QUOTE (Ilya Rabinovich @ Apr 6 2009, 11:08 AM)
QUOTE (Ruinebob-Inn @ Apr 6 2009, 09:34 AM)
By the way, I am not sure of what you are refering to when you said "Read our board rules", in the context of this thread!
Cr@ck.
Ok, understand now!
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.