Re: How to monitor Windows user
- From: PCSC Information Services <info@xxxxxxxxxx>
- Date: Sat, 9 Sep 2006 15:10:58 -0400
Francis,
Auditing would provide exactly this functionality, and you might also want to take steps
to ensure that your organization's policies accurately reflect your contention that this is
an impermissible login.
While I understand that this might not be on track with your question, perhaps the most
pro-active approach would be to limit the log on allowable times to those of the
office hours. If you are in a government office, there are no doubt policies which can be
effected in this respect, furthermore, if you (correctly) are auditing log on events, then you
will be able to ascertain for certain which users are attempting to log in and at what times.
I find it reprehensible to administer in such a way as to 'prove' criminality. While it's true that
ignorance of the law is no excuse, it's also not ethical to entrap either. Sound administration
policy is what is needed and it sounds and would be arguable that due diligence wasn't
performed by either party. This potentially would throw any attempts to litigate an incorrect
(or illegal) login attempt invalid, and only damage all parties involved.
When in doubt CYA. Ensure that policy is correct, and that the administration steps taken
for each machine accurately reflect the policy. Furthermore, policy is only effective insofar
as the employee can be adequately informed and consent to be bound by the policy.
info
On 6-Sep-06, at 9:24 AM, FRANCIS PROVENCHER wrote:
Hi all, i have a question for you.
I suspect a user of my office to use PC from others workers outside of the office hour.
Im not very famillar with Windows products and third party.
I just want to know, how i can monitor this station in question.
Some one can help me please?
Francis Provencher
Ministère de la Sécurité publique du Québec
Direction des technologies de l'information
Tél: 1 418 646-3258
Courriel: Francis.provencher@xxxxxxxxxxxxxx
CEH - Certified Ethical Hackers
SSCP - System Security Certified Practionner
Sec+ - Security +
---------------------------------------------------------------------- -----
This list is sponsored by: Norwich University
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence
in Information Security. Our program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Using interactive e-Learning technology, you can earn this esteemed degree,
without disrupting your career or home life.
http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------- -----
---------------------------------------------------------------------------
This list is sponsored by: Norwich University
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence
in Information Security. Our program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Using interactive e-Learning technology, you can earn this esteemed degree,
without disrupting your career or home life.
http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
- References:
- How to monitor Windows user
- From: FRANCIS PROVENCHER
- How to monitor Windows user
- Prev by Date: Re: MITM attack on 3TDES
- Next by Date: ASP Auditor v1.0 BETA released
- Previous by thread: Re: How to monitor Windows user
- Next by thread: Dumb newbie question
- Index(es):
Relevant Pages
|
