Need a tool

Does anyone know of a good tool that will go out and audit the NTFS security permissions on files and folders. We used script logics **** ACL but it isn't concise and **** out way too much uneeded crap.

Already tried MS' **** Sec. Anyone know of any others?

Find more posts tagged with

Free for TechExams community: Cybersecurity salary guide

Compare cert salaries and plan your next career move

Button

Comments

Slowhand

Sounds like a job for the scripting-gurus. I read a little about being able to audit NTFS permissions with both Kixtart and PowerShell, but I'm not nearly script-savvy enough to give advice on how to do it.

astorrs

If you want to do this on a single server, AccessEnum from Sysinternals will do it. If you want to do it on multiple machines all I have experience with is Ecora.

And Ecora is too expensive for everyone... except maybe Ecora.

pwjohnston

Netstudent wrote:

Does anyone know of a good tool that will go out and audit the NTFS security permissions on files and folders. We used script logics **** ACL but it isn't concise and **** out way too much uneeded crap.

Already tried MS' **** Sec. Anyone know of any others?

http://www.scriptlogic.com/ might have something for it.

Netstudent

We already tried Script logic's **** ACL and it isn;t very good. Thanks though.

Astors,

They have several products. Did you use Ecora Auditor Pro?

They have a trial version I could use, but it looks like a full blown solution.

I just tried AccessEnum but it **** audits on all the files. I actually just need the folder permissions for home directories.

astorrs

Yeah I wasn't really suggesting Ecora, its 900 times more than you need.

Okay, maybe I'll ask a few questions instead:

What do you plan on doing with this output? What format do you want (e.g., spreadsheet)? Are you going to compare it regularly to look for changes, is this a one time check, etc.

blargoe

astorrs wrote:

If you want to do this on a single server, AccessEnum from Sysinternals will do it.

+1. I tried this for the first time last week to check permissions on our user home folders.

If you have Hyena, you can also generate a report to tell you the security on each folder and subfolder of a share.

Ahriakin

+2 For AccessEnum. I wouldn't worry about the amount of data it gives you, save the scan as a .txt and then load it into Excel and it should auto-sort into columns (if not just use the super useful Text to Columns data option) then just sort and crop away, should take less than 30 seconds to have it in a useful format.