Bensec
November 23rd, 2008, 10:03 PM
Hello,
I am very interested in the integrated version of ESI.
its features like log comparing, rootkit revealing, all sound so good to me.
I installed ess4 and tried the log comparing feature. Its very nice but still has some rough edges.
eg , some of the search results can not be sorted properly.
204264
2008 - next to 1980 ???
and after clicking the result item, nothing happened, which is supposed to take user to correspondent entry in the tree view.
204263
the icon legend in the lower left corner indicates that "+" means added item
but what has been added in this view?
IMO if the "+" represents something here, it maybe used like this:
..............: + 10Mb (to 223M) or - 10Mb(to 223M)
Local Time: + 6 mins (to xxxx-xx-xx xx:xx:xx)
this is not the only less meaningful item.
204262
if this entry has nothing to show why mark it red?
would anyone kindly tell me how ESI decide which file is safe.
204265
in this case, i suppose sxs.dll is more system related than a .net lib but it's been marked as unknown. :doubt:
(is it because my system is the chinese version of xp? )
finally,
204266
i think a [Go to File] function is 1000% welcomed.
there are always files that someone's not so familiar.
even if the log is not generated on his computer he can use the presence of that file on his machine as reference to its validity.
any idea?
I am very interested in the integrated version of ESI.
its features like log comparing, rootkit revealing, all sound so good to me.
I installed ess4 and tried the log comparing feature. Its very nice but still has some rough edges.
eg , some of the search results can not be sorted properly.
204264
2008 - next to 1980 ???
and after clicking the result item, nothing happened, which is supposed to take user to correspondent entry in the tree view.
204263
the icon legend in the lower left corner indicates that "+" means added item
but what has been added in this view?
IMO if the "+" represents something here, it maybe used like this:
..............: + 10Mb (to 223M) or - 10Mb(to 223M)
Local Time: + 6 mins (to xxxx-xx-xx xx:xx:xx)
this is not the only less meaningful item.
204262
if this entry has nothing to show why mark it red?
would anyone kindly tell me how ESI decide which file is safe.
204265
in this case, i suppose sxs.dll is more system related than a .net lib but it's been marked as unknown. :doubt:
(is it because my system is the chinese version of xp? )
finally,
204266
i think a [Go to File] function is 1000% welcomed.
there are always files that someone's not so familiar.
even if the log is not generated on his computer he can use the presence of that file on his machine as reference to its validity.
any idea?