RE: tool to log file access

From: Reece, Terry (terry.reece_at_nmci-isf.com)
Date: 02/25/05

Next message: Joel Merrick: "Re: Free Webmail w/ SSL?"

Previous message: Ranjan Sengupta: "Re: CISSP without experience"
Maybe in reply to: Diego Teijeiro Ruiz: "tool to log file access"
Next in thread: H Carvey: "Re: tool to log file access"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Fri, 25 Feb 2005 02:54:39 -0500
To: "Diego Teijeiro Ruiz" <dteijeiro@azertia.com>, <security-basics@securityfocus.com>

What OS? I've used regular auditing on the OS level (Windows 2000) couple with a host based IDS product to watch for specific file accesses. That has worked great in the past, as the product we used (Symantec ITA) uses the event logs pulls its info.
Not sure about the *nix side of the house.

-----Original Message-----
From: Diego Teijeiro Ruiz [mailto:dteijeiro@azertia.com]
Sent: Tuesday, February 22, 2005 4:05
To: security-basics@securityfocus.com
Subject: tool to log file access

Hi,

Is there any tool to log all files accesses that creates a report more useful
than the event log?

Thx in advance

Diego Teijeiro Ruiz
Continuidad de Negocio y Seguridad
Azertia Consulting
Azertia Tecnologías de la Información, S.A.
Tfn.: +34 91 594 87 00 (ext. 8864)
Móvil: 667 390 700
José Abascal 4
28003 Madrid (España)

dteijeiro@azertia.com

----------------------------------------------------------------------- Este mensaje y los documentos, que en su caso, lleve anexos, pueden contener informacion confidencial y atañe exclusivamente a las personas a las que va dirigido. Cualquier opinion en el contenida, es exclusiva de su autor y no representa necesariamente la opinion de AZERTIA. Si usted no es el destinatario de este mensaje, considerese advertido de que lo ha recibido por error y que cualquier uso, difusion o copia estan prohibidos legalmente. Si ha recibido este mensaje por error, le rogamos que nos lo comunique por la misma via o al telefono 93 207 55 11 y proceda a destruirlo inmediatamente.

This email is confidential and intended solely for the use of the individual to whom it is addressed. Any views or opinions presented are solely those of the author and do not necessarily represent those of AZERTIA. If you are not the intended recipient, be advised that you have received this email in error and that any use, dissemination, forwarding, printing, or copying of this email is strictly prohibited. If you have received this email in error please notify it to AZERTIA by telephone on number +34 93 207 55 11. -----------------------------------------------------------------------

Next message: Joel Merrick: "Re: Free Webmail w/ SSL?"

Previous message: Ranjan Sengupta: "Re: CISSP without experience"
Maybe in reply to: Diego Teijeiro Ruiz: "tool to log file access"
Next in thread: H Carvey: "Re: tool to log file access"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]