Security Basics mailing list archives
RE: monitoring acess to servers
From: "Kavesh Moodley" <Kavesh.Moodley () hss health nsw gov au>
Date: Wed, 15 Sep 2010 09:04:37 +1000
You could also look at File System Auditor from the company called Script Logic. -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Sherwyn Sent: Wednesday, 15 September 2010 7:02 AM To: Juan B; listbounce () securityfocus com; security-basics () securityfocus com Subject: Re: monitoring acess to servers Take a look at NetIQ file integrity monitoring I recently did a demo with them and that feature is possible. Also note that you can also whitelist users from being logged. With that said you need a server and solution that denies access to all domain admins since the have the ability to manipulate any installed products. Regards, Infolookup http://infolookup.securegossip.com www.twitter.com/infolookup -----Original Message----- From: Juan B <juanbabi () yahoo com> Sender: listbounce () securityfocus com Date: Tue, 14 Sep 2010 09:46:01 To: <security-basics () securityfocus com> Subject: monitoring acess to servers Hi Great list members !! I was hired to by an owner of a company, he gave me a task, he wants to monitor access to few folders on few file servers (windows) he has there some confidential information, the things gets a bite complicated couse he wants to monitor also and be alerted if the sys admins access the folders so Im looking for a solution (product/software??) that will read the logs of a server and export it say to a remote server where the admins dont have access to and also will send a mail to the owner of the company if someone access a specific folder in that server. the process should work so that the sys admins cant modify those logs, I know its problematic but I must find a solution, and also I can come with a solution that cost 1 million dollar couse the owner wont implement a thing. also any insights about that kind of a project are most welcomed ( gaps, how long it takes to implement, etc). also I talked to the sys admins in the site, there are not against this kind of project, they want to be monitored so if a problem happens they say that the logs will tell that they didnt were the guys that coused the problem. thanks for your help!! Juan ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442 f727d1 ------------------------------------------------------------------------ This message is intended for the addressee named and may contain confidential information. If you are not the intended recipient, please delete it and notify the sender. Views expressed in this message are those of the individual sender, and are not necessarily the views of NSW Health or any of its entities. ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- monitoring acess to servers Juan B (Sep 14)
- Re: monitoring acess to servers Sherwyn (Sep 14)
- Message not available
- Message not available
- RE: monitoring acess to servers Kavesh Moodley (Sep 15)
- Message not available
- Re: monitoring acess to servers security (Sep 15)
- RE: monitoring acess to servers:AUTO RESPONSE Murda (Sep 16)
- <Possible follow-ups>
- Re: Re: monitoring acess to servers krymson (Sep 17)