Re: Keep files secure from Administrators

From: Karl Levinson [x y], mvp (levinson_k@despammed.com)
Date: 04/23/03


From: "Karl Levinson [x y], mvp" <levinson_k@despammed.com>
Date: Wed, 23 Apr 2003 14:35:07 -0400


Enabling file access auditing on files could help you detect when a file has
been accessed.

http://securityadmin.info/faq.htm#auditing

Event log monitoring software such as www.ipsentry.com, DUMPEL from the
Microsoft Windows Resource Kit, the free PSTools event log dump utility from
www.sysinternals.com, NTSYSLOG and/or www.kiwisyslog.com might help you
monitor these logs and notify you when a file had been accessed.

File integrity monitoring software such as the free SIM from www.gfi.com or
tripwire etc. could help you monitor certain files to notify when they had
been changed [though you'd still need auditing to tell who changed them].

However, the most secure thing is to avoid making someone an administrator
unless absolutely necessary.

"Don" <newsgroups@newsgroups.com> wrote in message
news:Xns9364771B4591Bnewsgroupsnewsgroups@216.166.71.239...
> Is there any way to secure directories/files from domain administrators?