mailing list archives
Re: Re: Deny access to copy files
From: "Breno BF" <breno () lagosnet com br>
Date: Tue, 3 Jun 2008 14:10:38 -0300
I recommend webalizer. IMHO that's a good log file analysis
tool. Available for IIS, Apache, et cetera.
----- Original Message -----
From: <cgmicro () gmail com>
To: <security-basics () securityfocus com>
Sent: Monday, June 02, 2008 4:38 PM
Subject: Re: Re: Deny access to copy files
| These are definitely legitimate concerns, and every problem does
have a solution.
| First, my goal wouldn't be to cover 100% of all bases on this,
whether it's possible or not, it's just not feasible. I'd go with
best effort on this one and try to cover as much as possible. IT
folks are always going to try to circumvent policy, but if they go to
extraordinary lengths to do so, it's a whole lot easier to prosecute.
| You could use group policy to limit external storage, but that's a
little restrictive and not very flexible. There are some packages out
there that will limit what types of external storage are permitted.
So, if you issue external USB drives, USB sticks, etc, you can exempt
them. I can't recall any of the manufacturers off the top of my head,
but they're out there. They can get as granular as a 256Mb USB drive
in a particular model, block iPods, allow digital cameras, etc.
| On the webmail issue, just about every content filtering solution
will allow you to block major webmail hosts via a central database
that's updated routinely. Depends on your budget, but well worth it
in my opinion. Websense, Sentian, Surf Control, to name a few. If
you're low on budget, look at iPrism from St. Bernard software, a
pretty cool little inexpensive solution in comparison. The drawback
to these is that they're only as good as the database of sites.
They'll block the hotmails and yahoos of the world, but they won't
block the mail server in my basement.
| Greg Gammino
| CISSP, CCNA, CCDA, MCSE, CHA
Re: Re: Deny access to copy files cgmicro (Jun 02)
Deny access to copy files Craig Wright (Jun 03)
RE: Deny access to copy files Craig Wright (Jun 04)
Re: Deny access to copy files glunadelaguila (Jun 19)
- Re: Re: Deny access to copy files Breno BF (Jun 03)