Security Basics mailing list archives
RE: User Activity Monitoring
From: "McDonald, Gray" <MCDONALDG () MAIL ECU EDU>
Date: Tue, 31 Aug 2004 08:54:55 -0400
Monitoring won't be protection for file copying. You give me the hardware and I'll get the data off if I really want it. I'll just boot off a live Linux CD, fire up the file system drivers and copy away. -----Original Message----- From: edwin () link net id [mailto:edwin () link net id] Sent: Thursday, August 26, 2004 3:41 AM To: gillettdavid () fhda edu; security-basics () securityfocus com Subject: Re: User Activity Monitoring David, Sorry to confuse you. What I meant was, that basically we would only like to monitor what program they use offline and restrict copying files from their lap top to another media/ computer. And there are concerns from the IT manager that if there's a keylogging ability on the program the officers that would do log/results checking would abuse or misuse the logs/results. Therefore the program should be able to monitor what they do but shouldn't have any keylogging ability. I know it's a wierd but that's what we're dealing with now. Thanks ^__^ Ed ----- Original Message ----- From: "David Gillett" <gillettdavid () fhda edu> To: "'Edwin Rene'" <edwin () link net id>; "'Security-Basics'" <security-basics () securityfocus com> Sent: Wednesday, August 25, 2004 10:12 PM Subject: RE: User Activity Monitoring
There's a certain security usefulness (which needs to be balanced against issues of morale and trust...) to letting users think you're monitoring them more than you can really afford to. But when you saymonitoring users activities off the the networkANDand we don't want them to think with this program we are monitoring what they doing.well, that basically sounds like entrapment, or worse. Perhaps I (or you?) have misunderstood the purpose of this exercise? Dave Gillett-----Original Message----- From: Edwin Rene [mailto:edwin () link net id] Sent: Monday, August 23, 2004 9:56 PM To: Security-Basics Subject: User Activity Monitoring Hullo, I'm a new security officer of a small company with some mobile users, I'd like to know programs out there there could restrict users from copying files to another computer or monitoring users activities off the the network / at home that doesn't have a key logger because we can't set restriction for users since the need administrative rights to run certain program and we don't want them to think with this program we are monitoring what
they
doing. Thanks in advance Regards Ed -------------------------------------------------------------- ------------- Computer Forensics Training at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse so that it never happens again. http://www.infosecinstitute.com/courses/computer_forensics_training.html
------------------------------------------------------------------------ -- --
------------------------------------------------------------------------ --- Computer Forensics Training at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse so that it never happens again. http://www.infosecinstitute.com/courses/computer_forensics_training.html ------------------------------------------------------------------------ ---- ------------------------------------------------------------------------ --- Computer Forensics Training at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse so that it never happens again. http://www.infosecinstitute.com/courses/computer_forensics_training.html ------------------------------------------------------------------------ ---- --------------------------------------------------------------------------- Computer Forensics Training at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse so that it never happens again. http://www.infosecinstitute.com/courses/computer_forensics_training.html ----------------------------------------------------------------------------
Current thread:
- RE: User Activity Monitoring McDonald, Gray (Aug 31)