Home | README.md | Portfolio | ← | →

Reading Log Tampering 101

Explain some specifics of why a hacker might want to clear log files to a family member. Do not use the example from the article.

They want to cover their tracks. Including where they might be located, or anyone that may bring the one looking for the hacker warmer to find them.

What are three methods by which you can clear logs in a Windows system?

You can use:

1.Clearlogs.exe 2.Meterpreter 3.clear logs in Windows Event Viewer

What are the four steps in the process of covering your tracks.

Disable auditing Clearing logs Modifying logs Erasing command history

Bookmark and Review

NIST SP800-154 Guide to Data-Centric Threat Modeling