Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > Perl > Perl Misc > a windows registry monitor

Reply
Thread Tools

a windows registry monitor

 
 
justme
Guest
Posts: n/a
 
      06-04-2004
hi

i am trying to code a small perl program to monitor the windows
registry. The idea is to create a baseline on some keys like
LOCAL_MACHINE or USERS, ( the whole registry would be too big ), where
the RUN and RUNONCE keys are located.
Then i would poll these registry locations and see if there are
suspicious keys added by comparing it against the baseline. The script
will be scheduled to check every once in a while. I have checked CPAN
for Win32::Registry. I wonder if it is the right tool to help me in
this purpose...?
thanks
 
Reply With Quote
 
 
 
 
Malcolm Dew-Jones
Guest
Posts: n/a
 
      06-05-2004
justme ((E-Mail Removed)) wrote:
: hi

: i am trying to code a small perl program to monitor the windows
: registry. The idea is to create a baseline on some keys like
: LOCAL_MACHINE or USERS, ( the whole registry would be too big ), where
: the RUN and RUNONCE keys are located.
: Then i would poll these registry locations and see if there are
: suspicious keys added by comparing it against the baseline. The script
: will be scheduled to check every once in a while. I have checked CPAN
: for Win32::Registry. I wonder if it is the right tool to help me in
: this purpose...?
: thanks

Actually, regedit can provide a text dump, .ini file style, of the
registry, and possibly portions of it. You might try just diff'ing one
dump with a previous. The output would be easy to archive, is self
documenting, and is in the required format to restore the original
settings.

(Of course that doesn't use perl except to glue the parts together.)
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
How to read a registry key from Windows registry ? Leny Java 3 02-01-2005 07:54 AM
Interpretation of registry log of tweakui produced registry alteration vincemoon@rcn.com ASP .Net 0 01-10-2005 02:53 AM
Reading registry key throws "Requested registry access is not allowed." HK ASP .Net 1 04-01-2004 04:44 PM



Advertisments