Re: CRIME Ideas?

From: Seth Arnold (sarnold@private)
Date: Sun Dec 08 2002 - 20:38:08 PST

  • Next message: Shaun Savage: "Re: CRIME Ideas?"

    On Sun, Dec 08, 2002 at 11:39:22AM -0800, Vince Alexander wrote:
    > Situation: multiple user stand alone PC with Internet access with Zone Alarm
    > 		Operating system: W2k
    > 
    > Looking for solutions:
    > 
    > 1. software to audit URLs visited (with user ID, datetime - if possible) and 
    > capability to access audit log remotely (email out from stand alone?)
    
    The best way to do something like this is to firewall the machine so
    that it cannot initiate network traffic except to a web proxy, and have
    the web proxy save all URLs visited. 
    
    IE and netscape both have history files, but they are pretty easy to
    tamper with, so it is at best an "honour policy".
    
    > 2. How to prevent user saving application files to C:\ drive ( forcing save to floppy)?
    
    Use NTFS ACLs to prevent filesystem writes to C:. (Right click on C in
    an explorer window, hit Properties, and poke around. It ought to be in
    there somewhere.)
    
    You may or may not want to make exceptions to this policy for the
    browser caches of whichever browsers your users will use.
    
    (You might be surprised to find out just how much software will try to
    write to the drive; depending on your applications, this might not be
    possible to do. Which would be too bad.)
    
    > Please answer off list.
    
    And prevent the other list members from seeing answers they might also
    be interested in? :)
    
    -- 
    "Soldiers quartered in a populous town will always occasion two mobs
    where they prevent one. They are wretched conservators of the peace."
    -- John Adams
    
    
    



    This archive was generated by hypermail 2b30 : Sun Dec 08 2002 - 21:29:21 PST