Folder and File Permission

[nvanparidon at gmail.com (Neil van Paridon)]

d'oh sorry!  I didn't read your whole original post!

On Wed, Jun 3, 2009 at 11:45 AM, Neil van Paridon <nvanparidon at gmail.com>wrote:

> you may also want to check out
>
> accesschk
> accessenum
> shareenum
>
> from sysinternals
> http://technet.microsoft.com/en-us/sysinternals/bb664922.aspx
>
>
> On Wed, Jun 3, 2009 at 11:12 AM, ben smith <paradoxxxx at gmail.com> wrote:
>
> > I've used ScriptLogic's ESR as well, and it does produce some excellent
> > reports.
> > Bindview was a great tool, but I think it's a bit overpriced these days.
> >
> > On Wed, Jun 3, 2009 at 12:38 PM, Michael Dickey <lonervamp at gmail.com>wrote:
> >
> > > Several years ago I used a trial version of ScriptLogic's Enterprise
> > > Security Reporter. It did a rather excellent job of running permissions
> > > scans and group membership enumeration. I believe they still have the tool
> > > and you could run a trial if you're just looking for a one-time report.
> > >
> > > I do also second scripting it with PowerShell, but only because I do
> > > that. It might be a bit out of scope to learn scripting enough to be
> > > workable that way.
> > >
> > >
> > >
> > >
> > >
> > > On Wed, Jun 3, 2009 at 5:51 AM, <infolookup at gmail.com> wrote:
> > >
> > > > Thank you all for the running start I will test the various tools that
> > > > was mentioned and report back which one I think did the job best!
> > > >
> > > > Sent from my Verizon Wireless BlackBerry
> > > >
> > > > ------------------------------
> > > > *From*: Tim Mugherini
> > > > *Date*: Tue, 2 Jun 2009 21:21:05 -0400
> > > > *To*: PaulDotCom Security Weekly Mailing List<
> > > > pauldotcom at mail.pauldotcom.com>
> > > > *Subject*: Re: [Pauldotcom] Folder and File Permission
> > > >
> > > > Dumpsec is your friend! Been around since NT 4 days and still useful.
> > > > May I suggest tweaking the settings to only show files and subfolders that
> > > > differ from parent and dumpt ACL perms and not share perms (since that is
> > > > what it sounds like what your after). Can be exported out.
> > > >
> > > > *http://www.systemtools.com/download/dumpacl.zip.
> > > >
> > > > *
> > > > On Tue, Jun 2, 2009 at 7:55 PM, Jody & Jennifer McCluggage <
> > > > j2mccluggage at adelphia.net> wrote:
> > > >
> > > > > Hello,
> > > > >
> > > > > You may want to check out PowerShell.  It is very flexible and has a
> > > > > "get-acl" commandlet that will return the permission on a list of
> > > > > folders
> > > > > and files.  Here is a quick rough example:
> > > > >
> > > > > get-childitem C:\example -recurse | get-acl  | select-object
> > > > > path,owner,group,accesstostring | sort-object owner | export-csv
> > > > > c:\FileACL.csv
> > > > >
> > > > > This command will pipe out to a csv file the Owner, Group, Path, and
> > > > > Permission string (sorted by owner) for each folder and file for the
> > > > > given
> > > > > parent directory.  If you are looking just for specific permissions,
> > > > > you can
> > > > > probably pipe it out to a where-object command.  Of course, depending
> > > > > upon
> > > > > the size of the directory you are scanning, this may take awhile to
> > > > > run.
> > > > >
> > > > >
> > > > > Jody
> > > > >
> > > > > -----Original Message-----
> > > > > From: pauldotcom-bounces at mail.pauldotcom.com
> > > > > [mailto:pauldotcom-bounces at mail.pauldotcom.com] On Behalf Of
> > > > > infolookup at gmail.com
> > > > > Sent: Tuesday, June 02, 2009 6:13 PM
> > > > > To: PaulDotCom Security Weekly Mailing List
> > > > > Subject: [Pauldotcom] Folder and File Permission
> > > > >
> > > > > Hello All:
> > > > >
> > > > > I am looking for a way to scan all the files and folder on a set of
> > > > > Windows
> > > > > share to see who has read/write/deny permission. I tried using
> > > > > accessenum
> > > > > but since its so much individual files its kind of messy to go through.
> > > > >
> > > > > What are others using when the are giving a network and have to record
> > > > > who
> > > > > has what access?
> > > > > Sent from my Verizon Wireless BlackBerry
> > > > > _______________________________________________
> > > > > Pauldotcom mailing list
> > > > > Pauldotcom at mail.pauldotcom.com
> > > > > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> > > > > Main Web Site: http://pauldotcom.com
> > > > > No virus found in this incoming message.
> > > > > Checked by AVG - www.avg.com
> > > > > Version: 8.5.339 / Virus Database: 270.12.51/2151 - Release Date:
> > > > > 06/02/09
> > > > > 17:53:00
> > > > >
> > > > > _______________________________________________
> > > > > Pauldotcom mailing list
> > > > > Pauldotcom at mail.pauldotcom.com
> > > > > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> > > > > Main Web Site: http://pauldotcom.com
> > > >
> > > >
> > > > _______________________________________________
> > > > Pauldotcom mailing list
> > > > Pauldotcom at mail.pauldotcom.com
> > > > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> > > > Main Web Site: http://pauldotcom.com
> > >
> > > _______________________________________________
> > > Pauldotcom mailing list
> > > Pauldotcom at mail.pauldotcom.com
> > > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> > > Main Web Site: http://pauldotcom.com
> >
> >
> > _______________________________________________
> > Pauldotcom mailing list
> > Pauldotcom at mail.pauldotcom.com
> > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> > Main Web Site: http://pauldotcom.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20090603/3403291c/attachment.htm