HostedDB - Dedicated UNIX Servers

Q. How can I restrict guest access to Event logs?

Q. How can I restrict guest access to Event logs?

A. By default guests and anonymous can view the event log, this may give away important information and so anonymous/guest access can be disabled as follows:

  1. Start the registry editor (regedit.exe)
  2. Move to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog
  3. Move to the subkey Application
  4. From the Edit menu select New - DWORD value. Enter a name of RestrictGuestAccess. click OK
  5. Double click the new value and set to 1
  6. Repeat steps 4 and 5 for the Security and System sub-keys also.

In fact this is also governed by the registry rights on the corresponding eventlog paramters (HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog - application and system). You can even remove Administrators rights to read the files by using the registry rights. Use REGEDT32.EXE to change these rights.


This FAQ is copyright © 1999 John Savill (SavillTech Ltd). No part of this document should be reproduced, distributed or altered without my written permission. Contact Information.