Re: Keep files secure from Administrators
From: Karl Levinson [x y], mvp (levinson_k@despammed.com)
Date: 04/23/03
- Next message: Sterling Tate: "Seeing Temporary internet files on remote machines"
- Previous message: Karl Levinson [x y], mvp: "Re: Slammer/Sapphire Worm"
- In reply to: Don: "Keep files secure from Administrators"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Karl Levinson [x y], mvp" <levinson_k@despammed.com> Date: Wed, 23 Apr 2003 14:35:07 -0400
Enabling file access auditing on files could help you detect when a file has
been accessed.
http://securityadmin.info/faq.htm#auditing
Event log monitoring software such as www.ipsentry.com, DUMPEL from the
Microsoft Windows Resource Kit, the free PSTools event log dump utility from
www.sysinternals.com, NTSYSLOG and/or www.kiwisyslog.com might help you
monitor these logs and notify you when a file had been accessed.
File integrity monitoring software such as the free SIM from www.gfi.com or
tripwire etc. could help you monitor certain files to notify when they had
been changed [though you'd still need auditing to tell who changed them].
However, the most secure thing is to avoid making someone an administrator
unless absolutely necessary.
"Don" <newsgroups@newsgroups.com> wrote in message
news:Xns9364771B4591Bnewsgroupsnewsgroups@216.166.71.239...
> Is there any way to secure directories/files from domain administrators?
- Next message: Sterling Tate: "Seeing Temporary internet files on remote machines"
- Previous message: Karl Levinson [x y], mvp: "Re: Slammer/Sapphire Worm"
- In reply to: Don: "Keep files secure from Administrators"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
