[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
RE: PROPOSAL: Cluster 19 - NTCONFIG (13 candidates)
-----Original Message-----
From: Adam Shostack [mailto:adam@netect.com]
Sent: Tuesday, July 27, 1999 2:19 PM
To: Craig Ozancin; cve-editorial-board-list@lists.mitre.org
Subject: Re: PROPOSAL: Cluster 19 - NTCONFIG (13 candidates)
| Candidate: CAN-1999-0575
| Announced: 19990721
| Assigned: 19990607
| Category: CF
|
| A Windows NT system's user audit policy does not log an event success
| or failure, e.g. for Logon and Logoff, File and Object Access, Use of
| User Rights, User and Group Management, Security Policy Changes,
| Restart, Shutdown, and System, and Process Tracking.
|
| VOTE: Recast
|
| It is far less interesting what a user does successfully that what they
| attempt and fail at.
I don't agree. Its very interesting, for example, if someone from
bindview.com logs into Axent.com. In fact, it may be more interesting
than someone failing.
Adam
I agree with what you say :) I meant for this to be for CAN-1999-0577.
Craig