Symantec 11281411 Administration Guide - Page 52

52 Managing Symantec AntiVirus Enhancing server group security 2 Open the HKEY_LOCAL_MACHINE\SOFTWARE\INTEL\LANDesk\ VirusProtect6\CurrentVersion\AccessList key. 3 Type LogAccessDenied as a new DWord. 4 Type 1 as the binary data associated with the LogAccessDenied DWord value to enable logging. 5 Close the registry editor. To set the frequency for logging unauthorized configuration change attempts 1 Start a registry editor, such as Regedt32. 2 Open the HKEY_LOCAL_MACHINE\SOFTWARE\INTEL\LANDesk\ VirusProtect6\CurrentVersion\AccessList key. 3 Type LogAccessDeniedWindowMinutes as a new DWord. 4 Do one of the following: ■ To record every incident, type 0 as the binary data associated with the LogAccessDeniedWindowMinutes DWord value. The following message will appear when an unauthorized event occurs: Access denied to network communication from unauthorized address: where is the IP or IPX address of the computer that was denied access and is the port number that the computer attempted to use. ■ To record incidents based on a frequency in minutes, type a number (in minutes) as the binary data associated with the LogAccessDeniedWindowMinutes DWord value. The following message will appear when an unauthorized event occurs: Access denied to network communication from unauthorized addresses time(s) in the last minute(s). Most recent address: where is the frequency and the number of minutes, is the IP or IPX address of the computer that was denied access, and is the port number that the computer attempted to use. 5 Close the registry editor.