Security Basics mailing list archives
Remote OS Monitoring
From: "Jason T. Hallahan" <jthallah () gmail com>
Date: Tue, 23 May 2006 13:00:38 -0400
Hello and good day, Say you have a Windows environment where all clients reside on the same workgroup, connect through a Domain Controller, and are administered by Active Directory. Are there any tools or techniques out there that allow for remote monitoring (somewhat if not totally transparent) at any finer level of granularity? Specifically, being able to tell things like: *User of a box has implemented EFS (Encrypted File System) possible to hide information. *User of a box has hidden a directory or file using either Windows functions or 3rd party software. *User is unmasking and/or viewing hidden/protected system files. *User is removing Read-Only protection on a directory or file. *User is manipulating SYSTEM.DAT, NTUSER.DAT, INDEX.DAT or any other registry entries or registry hives. Does anyone know of such capabilities? Thanks, Jason
Current thread:
- Remote OS Monitoring Jason T. Hallahan (May 23)
- <Possible follow-ups>
- RE: Remote OS Monitoring Ramsdell, Scott (May 24)