RE: monitoring acess to servers:AUTO RESPONSE

["Murda" <murdamcloud () bigpond com>]

============================
This is an automated attendant.
Do not reply as your message will be deleted
============================
Adam L. Simms wrote
> > Has everyone gotten so lazy that they must Automate everything?
Yes. <burp>



-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On
Behalf Of security () bayitconsultants com
Sent: Wednesday, September 15, 2010 8:35 AM
To: Juan B; listbounce () securityfocus com; security-basics () securityfocus com
Subject: Re: monitoring acess to servers

Has everyone gotten so lazy that they must Automate everything? All one
needs to do to resolve this issue is write a filter to look through the logs
daily for access to the specific folders. I would hope that it is already
part of your daily tasks to review the logs. If you must automate you could
use MOM.

Adam L. Simms 
Founder 
Bay IT Consultants
Sent from my Verizon Wireless BlackBerry

-----Original Message-----
From: Juan B <juanbabi () yahoo com>
Sender: listbounce () securityfocus com
Date: Tue, 14 Sep 2010 09:46:01 
To: <security-basics () securityfocus com>
Subject: monitoring acess to servers

Hi Great list members !! 
 
I was hired to by an owner of a company, he gave me a task, he wants to
monitor access to few folders on few file servers (windows) he has there
some confidential information, the things gets a bite complicated couse he
wants to monitor also and be alerted if the sys admins access the folders so
Im looking for a solution (product/software??) that will read the logs of a
server and export it say to a remote server where the admins dont have
access to and also will send a mail to the owner of the company if someone
access a specific folder in that server. the process should work so that the
sys admins cant modify those logs, I know its problematic but I must find a
solution, and also I can come with a solution that cost 1 million dollar
couse the owner wont implement a thing. also any insights about that kind of
a project are most welcomed ( gaps, how long it takes to implement, etc). 
 
also I talked to the sys admins in the site, there are not against this kind
of project, they want to be monitored so if a problem happens they say that
the logs will tell that they didnt were the guys that coused the problem. 
 
thanks for your help!! 

Juan


      


------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL
certificate.  We look at how SSL works, how it benefits your company and how
your customers can tell if a site is secure. You will find out how to test,
purchase, install and use a thawte Digital Certificate on your Apache web
server. Throughout, best practices for set-up are highlighted to help you
ensure efficient ongoing management of your encryption keys and digital
certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727
d1
------------------------------------------------------------------------



------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------