Security Basics mailing list archives
RE: Spying in a corporate environment
From: "Nick Vaernhoej" <nick.vaernhoej () capitalcardservices com>
Date: Tue, 20 Nov 2007 10:58:21 -0600
Hello, If this is a corporate approved solution then why are you concerned about antivirus? Nick Vaernhoej "Quidquid latine dictum sit, altum sonatur." -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Col Sent: Tuesday, November 20, 2007 5:49 AM To: security-basics () securityfocus com Subject: Spying in a corporate environment Hi everyone, In my job we have to investigate people on our network for various reasons. Increasingly I am finding I need some sort of tool to help me out. Preferably something that I can run on a server, point at a client or a user account and have it monitor that user/machine activity over a period of time. The best tool would have these sorts of features:- Audit log - everything the user does (shared drives, applications, web sites visited) Data copy - copy data from the machine, including from pen drives (automatically would be nice) Offline logging - ability to log what the user does with the machine when its off the network Alerting system - alert me when the user does something defined in a rule Has anyone come across a tool that does any of these things? I guess the best solution would be to write something in house, as it would almost never get picked up by Anti Virus scanners, but obviously that's a lot of effort. Any pointers appreciated, thanks in advance. Regards, Colin. This electronic transmission is intended for the addressee (s) named above. It contains information that is privileged, confidential, or otherwise protected from use and disclosure. If you are not the intended recipient you are hereby notified that any review, disclosure, copy, or dissemination of this transmission or the taking of any action in reliance on its contents, or other use is strictly prohibited. If you have received this transmission in error, please notify the sender that this message was received in error and then delete this message. Thank you.
Current thread:
- Spying in a corporate environment Col (Nov 20)
- RE: Spying in a corporate environment Nick Vaernhoej (Nov 20)
- RE: Spying in a corporate environment Jayson Agagnier (Nov 20)
- RE: Spying in a corporate environment Карпинский Артем (Nov 20)
- RE: Spying in a corporate environment Murda Mcloud (Nov 21)
- Re: Spying in a corporate environment Col (Nov 21)
- Re: Spying in a corporate environment Ansgar -59cobalt- Wiechers (Nov 21)
- RE: Spying in a corporate environment Mario DeBono (Nov 22)
- Re: Spying in a corporate environment Ansgar -59cobalt- Wiechers (Nov 22)
- Re: Spying in a corporate environment Tremaine Lea (Nov 22)
- RE: Spying in a corporate environment Mario DeBono (Nov 22)
- Re: Spying in a corporate environment Ansgar -59cobalt- Wiechers (Nov 22)
- Re: Spying in a corporate environment Col (Nov 21)
- RE: Spying in a corporate environment Nick Vaernhoej (Nov 20)