Help me catch em

AstroTurf said:
Why not just remove DVD drives and plug all the USB ports with USB locks (remember keyboard and mouse USB ports may be a problem as they can probably use either a mouse or Keyboard instead of both or bring a USB hub from home so if they are USB you will have to (my personal suggestion anyway) remove the front USB ports and put them inside the case, plug the keyboard and mouse into these after feeding them through an opening in the back the lock the case with intrusion detection).
Click to expand...

Yip, looked at disabling the USB ports, but cant as the licensing for the software runs from a USB device that enables a specified amount of licenses (Per Camera)... And as you said, they could still unplug mouse or keyboard and put a hub in... Bottom line is that they know the rules, and are disobeying them as they know i cant pin point who did what... If i could on the other hand, the guys wont mess around because they'll know that i can see it was them, and they will be dismissed immidiately for interefering with security information, amongst other hearings for plugging personal devices into a machine that has VERY sensitive information on it... We busy testing the software, and it's running very well (Despite the security glitch). Our guards are also not ur average run of the mill okes... They are intelligent educated guys, so if they know that i can see what they've done, they won't attempt to mess around...
 
Hi

I wrote software which does exactly that.

Just go to http://www.scapecom.com where you can read up on MIMIC, the software that Record and Replay every action performed by users on your key business infrastructure. Record various protocols such as DameWare, VMware, Remote Desktop and more including local console logins.

You can also download the limited free version or full trial version from our website.
 
Mr.Diederik said:
Hi

I wrote software which does exactly that.

Just go to http://www.scapecom.com where you can read up on MIMIC, the software that Record and Replay every action performed by users on your key business infrastructure. Record various protocols such as DameWare, VMware, Remote Desktop and more including local console logins.

You can also download the limited free version or full trial version from our website.
Click to expand...

Interesting! Thanks i will definitely go take a look at that.

@plbarti: Will also take a look at this... Thanks!
 
carstensdj said:
Lol, thanks ;)

When i saw your original post i was just thinking.. "If you only knew china.. IF you ONLY knew..."
Click to expand...

Use the front USB ports but remove them from the front panel and stick them inside the case. Close off all the other USB ports with USB locks (or software, bit difficult to disable them via drivers without killing all of them), plug the dongle, keyboard and mouse in inside the case and lock the case with intrusion detection.
 
Got a guy who can build me steel bracket that can be mounted in the corner of the desk against the wall... The PC will slide into this bracket, and the hinge that locks the front of it covers the front USB's... Only USB access is via the back, which in order to put anything in, one would need to slide the chassis out of the bracket by unlocking the front hinge.

USB is not the only issue tho... The guys wont have a clue what something does, but they will open it and click around regardless! GRINDS the sht outta me! Hence, why i need a log so that the guys cannot do this without consequences... Trust me, once the 1st one gets caught, dismissed and then taken to court for hampering with sensitive security information, the others will think twice!
 
AstroTurf said:
Basically you need to get your employees to sign something saying that all activity on the machines will be monitored (without duress).
Click to expand...

Trust me, I worked in a similar 24/7 emergency communications environment where the computers were critical tools of the job and not "toys" for personal entertainment.

No matter how much educating regarding Virus's, Trojans, Malware (blink blink...), pleading, threatening and document signing, the users simply saw that as a "suggestion" and carried on regardless.

So physical disconnecting, securing of ports and highly restrictive GPO's (Server 2003 environment), along with a good Antivirus/Internet security package, had to be implemented, making me very unpopular.

Some workstations had a customized "shell", with no normal Windows desktop and others used a heavily locked down desktop interface using a common server based "profile" that always restored the desktop to a "default" state after a reboot, if the users somehow managed to make changes.

But, my responsibility, was to keep the platform stable and ultimately the communications system running.

Seeing as you are in the camera monitoring business, why not mount cameras looking at the area of the servers, to see who "fiddled" while you were not around? May also serve as a deterrent. (or bring the "right to privacy" brigade calling)
 
carstensdj said:
When i saw your original post i was just thinking.. "If you only knew china.. IF you ONLY knew..."
Click to expand...
Lol, yeah, i was just wondering. Just wouldn't like someone to do that with me, but I'm a developer, so its different. Our PC's are our babies :p
 
carstensdj said:
Yea i hear you.. I have tried this, but the Off-Site monitoring software that we use is an interactive one that requires full user rights to access certain things. Bit of a glitch, but it's a new software and we are currently the only company using it, so for now Logs is about all i've got to keep these okes from plugging phones n crap into the servers and putting endless viruses on the servers...
Click to expand...

Laying out policy wont cost you anything... if these are servers then you need to protect them.
 
Nerfherder said:
Laying out policy wont cost you anything... if these are servers then you need to protect them.
Click to expand...

I agree, but i also need my software to run... and it won't be effective if the guys have limited user rights. (Will change and developers are working on a patch, but it's a big one to change the way the software works).

So need logging of what users are doing until i can get hold of this patch.
 
I have a similar situation in our environment.

What you should do is either run the app that they use as admin or use scripting to execute admin functionality.
 
carstensdj said:
Very different story for us.. We are a Tactical Security company dealing with sensitive information and high priority security... So when the guys interfere with that, i NEED to know!
Click to expand...

So let me get this straight, you run sensitive information on unsecured systems and your worried about the staff plugging in their phones to charge them most likely? My suggestion would be to rather sort out your systems then running around trying to control your staff.
 
Heh, carstendj, I think I know the system you are working on, as we have what sounds like the same system in place, wrt to cameras. You need the USB dongle (or sometimes code), to view more than a certain amount of sites. Have been busy setting this system up, as we recently upgrading the hardware and software running it, then they went and lost the dongle... luckily not my problem, but still. We have cameras watching the people watching the cameras, which they are all aware of, on a separate system that cannot be interfered with, so if they did mess around with the first system, footage can be viewed to see who did what when. As this is a dedicated system, they shouldn't be plugging anything into it without authorisation, in any case, it would be easy to detect unauthorised activity, and who did it.

To get back on-topic, have no idea what s/w to recommend, as we monitor in the way I said above, without any monitoring software.

B
 
Yes, I agree with Bismuth, I also was in a similar situation and his idea needs to be first on the list.
 
I still don't see why people want to monitor and check up on users. If you don't want someone to do something, just block it. Why leave everything open and then waste your time monitoring it???
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X