Security Basics mailing list archives
Re: RE: Detecting File Alteration
From: josh.g.parker () gmail com
Date: 6 Sep 2006 20:39:05 -0000
"Yes. Windows is preferred since we are trying to deploy host integrity monitoring within an Active Directory (AD) environment. GPL Tripwire is available for UNIX. Basically what we are trying to do is if we have a sensitive file "TradeSecrets.pdf" or "Salaries.xls" located either on a shared drive or local/remote drive, we want to monitor if that file gets DELETED, RENAMED, COPIED, or MOVED either within the file system or to an external drive. Systernals' REGMON and FILEMON in combination achieve much of this with some manual parsing and sorting, but I was just wondering if there was a better solution" If your looking for only Deleted, renamed, copied, or moved, windows built in loging capabilities should cover that, along with proper ACL applied. --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- Re: Detecting File Alteration, (continued)
- Re: Detecting File Alteration Daniel Cid (Sep 06)
- Re: Detecting File Alteration Mister Dookie (Sep 06)
- Message not available
- Re: Detecting File Alteration Mister Dookie (Sep 08)
- Re: Detecting File Alteration Fósforo (Sep 06)
- Re: RE: Detecting File Alteration krymson (Sep 05)
- RE: Detecting File Alteration Jordan Jason (Sep 05)
- RE: Detecting File Alteration Beauford, Jason (Sep 05)
- RE: Detecting File Alteration Young, Randy (Sep 05)
- RE: Detecting File Alteration Sorin Petre (Sep 05)
- Re: RE: Detecting File Alteration thomas . jones (Sep 06)
- Re: RE: Detecting File Alteration josh . g . parker (Sep 07)
- RE: Detecting File Alteration Beauford, Jason (Sep 07)