Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Spying in a corporate environment

From: p1g <killfactory () gmail com>
Date: Fri, 23 Nov 2007 18:07:04 -0500
SpectorCNE will give the flexibility you need.

On Nov 20, 2007 6:49 AM, Col <colweb () gmail com> wrote:

Hi everyone,

In my job we have to investigate people on our network for various reasons.

Increasingly I am finding I need some sort of tool to help me out.
Preferably something that I can run on a server, point at a client or
a user account and have it monitor that user/machine activity over a
period of time.

The best tool would have these sorts of features:-

Audit log - everything the user does (shared drives, applications, web
sites visited)
Data copy - copy data from the machine, including from pen drives
(automatically would be nice)
Offline logging - ability to log what the user does with the machine
when its off the network
Alerting system - alert me when the user does something defined in a rule

Has anyone come across a tool that does any of these things?

I guess the best solution would be to write something in house, as it
would almost never get picked up by Anti Virus scanners, but obviously
that's a lot of effort.

Any pointers appreciated, thanks in advance.

Regards,

Colin.





-- 
-p1g
SnortCP
  ,,__
o"     )~  oink oink
   ' ' ' '

If you spend more on coffee than on IT security, you will be hacked.
What's more, you deserve to be hacked.
-- former White House cybersecurity czar Richard Clarke
Previous By Date Next
Previous By Thread Next

Current thread: