O'Reilly logo

Mastering Windows Network Forensics and Investigation, 2nd Edition by Scott Pearson, Ryan Johnson, Steve Bunting, Steven Anson

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Parsing Windows Firewall Logs

In Chapter 9, “Registry Evidence,” we covered the Windows Firewall configuration settings in depth. In Windows 7 and Windows Server 2008, logging for the Windows Firewall is disabled by default. Enabling firewall logging requires one to venture deep into the Windows Firewall with the Advanced Security console and even farther above the head and frustration level of most home users. For this reason, and many more like it, logging in general is not usually present on home-based systems.

In the corporate or office environment, however, the chances are much greater that a security-minded system administrator will have enabled logging, either by individual system configuration or through group policy, which pushes the ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required