Security Basics mailing list archives
Re: Spying in a corporate environment
From: Tremaine Lea <tremaine () gmail com>
Date: Tue, 27 Nov 2007 15:14:32 -0700
Niksun is an excellent appliance, although Narus is also worth a look. Narus is what was deployed by the NSA at AT&T that caused all that fuss ;)
--- Tremaine Lea Network Security Consultant Intrepid ACL "Paranoia for hire" On 27-Nov-07, at 2:52 PM, Chris Barber wrote:
Have you looked at NetVCR by Niksun. It is a network appliance that captures all network traffic. from a span port on a switch. You can rebuild E-Mails, webpages, etc. If the traffic crosses the wire this box captures it. Depending on the drive space you can capture days worth of traffic. Chris. On 11/20/07, Col <colweb () gmail com> wrote:Hi everyone,In my job we have to investigate people on our network for various reasons.Increasingly I am finding I need some sort of tool to help me out. Preferably something that I can run on a server, point at a client or a user account and have it monitor that user/machine activity over a period of time. The best tool would have these sorts of features:-Audit log - everything the user does (shared drives, applications, websites visited) Data copy - copy data from the machine, including from pen drives (automatically would be nice) Offline logging - ability to log what the user does with the machine when its off the networkAlerting system - alert me when the user does something defined in a ruleHas anyone come across a tool that does any of these things? I guess the best solution would be to write something in house, as itwould almost never get picked up by Anti Virus scanners, but obviouslythat's a lot of effort. Any pointers appreciated, thanks in advance. Regards, Colin.
Current thread:
- Re: Spying in a corporate environment, (continued)
- Re: Spying in a corporate environment Ansgar -59cobalt- Wiechers (Nov 22)
- Re: Spying in a corporate environment Big Joe Jenkins (Nov 23)
- Re: Spying in a corporate environment Ansgar -59cobalt- Wiechers (Nov 23)
- Re: Spying in a corporate environment Big Joe Jenkins (Nov 23)
- Re: Spying in a corporate environment Col (Nov 23)
- RE: Spying in a corporate environment Craig Wright (Nov 23)
- Re: Spying in a corporate environment Col (Nov 21)
- Re: Spying in a corporate environment Tremaine Lea (Nov 27)