Hello,
If this is a corporate approved solution then why are you concerned
about antivirus?
Nick Vaernhoej
"Quidquid latine dictum sit, altum sonatur."
-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com]
On Behalf Of Col
Sent: Tuesday, November 20, 2007 5:49 AM
To: security-basics@securityfocus.com
Subject: Spying in a corporate environment
Hi everyone,
In my job we have to investigate people on our network for various
reasons.
Increasingly I am finding I need some sort of tool to help me out.
Preferably something that I can run on a server, point at a client or
a user account and have it monitor that user/machine activity over a
period of time.
The best tool would have these sorts of features:-
Audit log - everything the user does (shared drives, applications, web
sites visited)
Data copy - copy data from the machine, including from pen drives
(automatically would be nice)
Offline logging - ability to log what the user does with the machine
when its off the network
Alerting system - alert me when the user does something defined in a
rule
Has anyone come across a tool that does any of these things?
I guess the best solution would be to write something in house, as it
would almost never get picked up by Anti Virus scanners, but obviously
that's a lot of effort.
Any pointers appreciated, thanks in advance.
Regards,
Colin.
This electronic transmission is intended for the addressee (s) named above. It
contains information that is privileged, confidential, or otherwise protected
from use and disclosure. If you are not the intended recipient you are hereby
notified that any review, disclosure, copy, or dissemination of this
transmission or the taking of any action in reliance on its contents, or other
use is strictly prohibited. If you have received this transmission in error,
please notify the sender that this message was received in error and then
delete this message.
Thank you.
