Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: Ryan Permeh (ryanEEYE.COM)
Date: Wed Apr 18 2001 - 15:07:13 CDT
perhaps not the best solution for informing you, but one to protect your
data from being compromised in this way is to use the EFS on the data. a
copy would be encrypted and non really useful once copied. however, it
could be cut and pasted from a file with encryption (say a word document
that is opened) to a file without encryption(say a word document on a
diskette), effectively bypassing the restrictions. it would stop poeple
from using the data without the keys though.
Another thing that you can do is simply remove the floppies(zip disks, etc)
from all the machines.
eEye Digital Security Team
http://www.eEye.com/Retina -Network Security Scanner
http://www.eEye.com/Iris -Network Traffic Analyzer
----- Original Message -----
From: "chris kout" <chriskgrHOTMAIL.COM>
Sent: Wednesday, April 18, 2001 1:53 AM
Subject: file auditing on NT
> I would like to know how to audit files (by whom,
> when..)and know if there are copied on a diskette or
> other removable media, without the use of a special
> software. I have turned on NT auditing but the
> information the event log gives me isn't enough.
> The objective is to be able to know when files are
> taken out of the network.
> Thanks in advance
> Athens Greece