Page 2 of 2 FirstFirst 12
Results 11 to 17 of 17

Thread: secure server

  1. #11
    Some Assembly Required ShagDevil's Avatar
    Join Date
    Nov 2002
    Location
    SC
    Posts
    718
    i don't mind to pay for a good software
    check out Vontu
    The object of war is not to die for your country but to make the other bastard die for his - George Patton

  2. #12
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    I would suggest that the first thing you need to do is sit down and define your security model.

    What users need to be able to do to perform their jobs and what they do not.

    Then lock them down as best you can, and log the rest. The problem with logging IMHO is that it is after the event and too late?

  3. #13
    Senior Member
    Join Date
    Apr 2005
    Posts
    123
    i use arcserv tape backup, so even if someone deletes, and if im noticed by the system, i can always confirm if the data is supost to be deleted, and if not, i can restore the information

  4. #14
    AOs Resident Troll
    Join Date
    Nov 2003
    Posts
    3,152
    You can use Group Policy to lock down the users systems...and what they can and cant do...

    Auditing to track the users actions.

    I would also define your security model as suggested and an AUP

    MLF
    How people treat you is their karma- how you react is yours-Wayne Dyer

  5. #15
    Senior Member
    Join Date
    Apr 2005
    Posts
    123
    I have configured GPO, increased security. But the users need access to the information and the still can send by email. I tried to download Vontu End Point Data Monitoring & Prevention, and Vontu Network Data & Prevention but there is no option that allows me to download, and i even registered.
    I tried to contact vontu personnel, but my email returned saying that the email wasn't delivered.
    Where can i get some vontu demo? And where can i buy it?

  6. #16
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,325
    If you setup a syslog server, you can use snare to forward the Windows event logs. I've been looking into ossim as a way to collect all the data I want and then setup alerts based on the events logged.

    I have a Cisco MARS box for logging important network events, but the number of systems I have to log surpasses the ability of my MARS. I could always implement more MARS, but it's expensive.

    My initial testing with ossim has been great. However, I've only had about a week or so of testing before I had to drop everything for this huge project I've been working on of 3 weeks now.
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  7. #17
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    Quote Originally Posted by yuris
    i use arcserv tape backup, so even if someone deletes, and if im noticed by the system, i can always confirm if the data is supost to be deleted, and if not, i can restore the information
    Doesn't work all the time.. Most use nightly backups, so if a user creates a document in the morning and it gets deleted in the afternoon there won't be any backup to restore.

    One thing to note about File and Object auditing, it has a tendency to generate a HUGE amount of logging data.
    Oliver's Law:
    Experience is something you don't get until just after you need it.

Similar Threads

  1. Port List
    By ThePreacher in forum Miscellaneous Security Discussions
    Replies: 17
    Last Post: December 14th, 2006, 09:37 PM
  2. Covert Channels
    By hatebreed2000 in forum The Security Tutorials Forum
    Replies: 1
    Last Post: March 22nd, 2005, 09:31 AM
  3. Replies: 0
    Last Post: August 3rd, 2004, 05:32 PM
  4. Central Secure Logging in a Win2k Environment
    By Tiger Shark in forum The Security Tutorials Forum
    Replies: 5
    Last Post: March 4th, 2004, 05:00 PM
  5. Security Basics by Sharepro
    By Zato in forum Newbie Security Questions
    Replies: 3
    Last Post: December 24th, 2003, 08:25 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •