Security Basics mailing list archives

RE: User Activity Monitoring

From: "McDonald, Gray" <MCDONALDG () MAIL ECU EDU>
Date: Tue, 31 Aug 2004 08:54:55 -0400

Monitoring won't be protection for file copying.  You give me the
hardware and I'll get the data off if I really want it.  I'll just boot
off a live Linux CD, fire up the file system drivers and copy away.

-----Original Message-----
From: edwin () link net id [mailto:edwin () link net id] 
Sent: Thursday, August 26, 2004 3:41 AM
To: gillettdavid () fhda edu; security-basics () securityfocus com
Subject: Re: User Activity Monitoring

David,

Sorry to confuse you. What I meant was, that basically we would only
like to
monitor what program they use offline and restrict copying files from
their
lap top to another media/ computer. And there are concerns from the IT
manager that if there's a keylogging ability on the program the officers
that would do log/results checking would abuse or misuse the
logs/results.
Therefore the program should be able to monitor what they do but
shouldn't
have any keylogging ability. I know it's a wierd but that's what we're
dealing with now.

Thanks ^__^

Ed
----- Original Message ----- 
From: "David Gillett" <gillettdavid () fhda edu>
To: "'Edwin Rene'" <edwin () link net id>; "'Security-Basics'"
<security-basics () securityfocus com>
Sent: Wednesday, August 25, 2004 10:12 PM
Subject: RE: User Activity Monitoring

  There's a certain security usefulness (which needs to be balanced
against issues of morale and trust...) to letting users think you're
monitoring them more than you can really afford to.
  But when you say

monitoring users activities off the the network

AND

and we don't want them to think with this program we are monitoring
what they doing.


well, that basically sounds like entrapment, or worse.

  Perhaps I (or you?) have misunderstood the purpose of this
exercise?

Dave Gillett

-----Original Message-----
From: Edwin Rene [mailto:edwin () link net id]
Sent: Monday, August 23, 2004 9:56 PM
To: Security-Basics
Subject: User Activity Monitoring


Hullo,

I'm a new security officer of a small company with some
mobile users, I'd
like to know programs out there there could restrict users
from copying
files to another computer or monitoring users activities off
the the network
/ at home that doesn't have a key logger because we can't set
restriction
for users since the need administrative rights to run certain
program and we
don't want them to think with this program we are monitoring what

they

doing.

Thanks in advance

Regards

Ed


--------------------------------------------------------------
-------------
Computer Forensics Training at the InfoSec Institute. All of
our class sizes
are guaranteed to be 12 students or less to facilitate one-on-one
interaction with one of our expert instructors. Gain the
in-demand skills of
a certified computer examiner, learn to recover trace data
left behind by
fraud, theft, and cybercrime perpetrators. Discover the
source of computer
crime and abuse so that it never happens again.

http://www.infosecinstitute.com/courses/computer_forensics_tra

ining.html

------------------------------------------------------------------------
--
--



------------------------------------------------------------------------
---
Computer Forensics Training at the InfoSec Institute. All of our class
sizes
are guaranteed to be 12 students or less to facilitate one-on-one
interaction with one of our expert instructors. Gain the in-demand
skills of
a certified computer examiner, learn to recover trace data left behind
by
fraud, theft, and cybercrime perpetrators. Discover the source of
computer
crime and abuse so that it never happens again.

http://www.infosecinstitute.com/courses/computer_forensics_training.html
------------------------------------------------------------------------
----


------------------------------------------------------------------------
---
Computer Forensics Training at the InfoSec Institute. All of our class
sizes
are guaranteed to be 12 students or less to facilitate one-on-one
interaction with one of our expert instructors. Gain the in-demand
skills of
a certified computer examiner, learn to recover trace data left behind
by
fraud, theft, and cybercrime perpetrators. Discover the source of
computer
crime and abuse so that it never happens again.

http://www.infosecinstitute.com/courses/computer_forensics_training.html
------------------------------------------------------------------------
----




---------------------------------------------------------------------------
Computer Forensics Training at the InfoSec Institute. All of our class sizes
are guaranteed to be 12 students or less to facilitate one-on-one
interaction with one of our expert instructors. Gain the in-demand skills of
a certified computer examiner, learn to recover trace data left behind by
fraud, theft, and cybercrime perpetrators. Discover the source of computer
crime and abuse so that it never happens again.

http://www.infosecinstitute.com/courses/computer_forensics_training.html
----------------------------------------------------------------------------

Current thread:

RE: User Activity Monitoring McDonald, Gray (Aug 31)