Changeset 428
- Timestamp:
- 05/30/07 18:54:40 (1 year ago)
Excluding just the main directory c
windows\system32, since legitimate processes touch the directory and update its modification time.
- Files:
-
- honeyclient/trunk/etc/honeyclient.xml (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
honeyclient/trunk/etc/honeyclient.xml
r426 r428 157 157 <regex>C:/WINDOWS/SoftwareDistribution/ReportingEvents.log</regex> 158 158 <regex>C:/WINDOWS/SoftwareDistribution/WuRedir.*</regex> 159 <regex>C:/WINDOWS/SYSTEM32</regex> 159 160 <regex>C:/WINDOWS/SYSTEM32/config/SecEvent.evt</regex> 160 161 <regex>C:/WINDOWS/SYSTEM32/config/SysEvent.evt</regex>
