Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: monitoring acess to servers

From: danuxx () gmail com
Date: Wed, 13 Oct 2010 18:34:16 +0000
You might want to check a DLP (data leak prevention) solution offered by AVs companies.
Sent via BlackBerry from Danux Network

-----Original Message-----
From: Alexander Klimov <alserkli () inbox ru>
Sender: listbounce () securityfocus com
Date: Mon, 11 Oct 2010 15:54:01 
To: <security-basics () securityfocus com>
Subject: Re: monitoring acess to servers

On Tue, 14 Sep 2010, Juan B wrote:

I was hired to by an owner of a company, he gave me a task, he wants
to monitor access to few folders on few file servers (windows) he
has there some confidential information, the things gets a bite
complicated couse he wants to monitor also and be alerted if the sys
admins access the folders so Im looking for a solution
(product/software??) that will read the logs of a server and export
it say to a remote server where the admins dont have access to and
also will send a mail to the owner of the company if someone access
a specific folder in that server. the process should work so that
the sys admins cant modify those logs, I know its problematic but I
must find a solution, and also I can come with a solution that cost
1 million dollar couse the owner wont implement a thing. also any
insights about that kind of a project are most welcomed ( gaps, how
long it takes to implement, etc).


Access monitoring can be bypassed because the data which is so
important is likely to be regularly backed up (by admins, I guess).
Once it is backed up to external media, it can be accessed without
triggering the alerts.

Why not simply encrypt the data and distribute keys only to people who
needs access (no to admins)?

-- 
Regards,
ASK

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: