Mark Minasi's Tech Forum
Sign up Calendar Latest Topics
 
 
 


Reply
  Author   Comment  
pct

Avatar / Picture

New Friend (or an Old Friend who Built a New Account)
Registered:
Posts: 31
Reply with quote  #1 
Hi,
A friend of mine has the very stong suspicion that an employee is copying data from the company's internal network. They have a 2008 RDS/TS server where all business applications are hosted.

Now I remeber that there was a post about monitoring software that can be recommended, but unfortunately I cannot remember the name of that software.
I have never used such software and do not know much about it, what can you guys recommend? Any suggestions or ideas?

Someone recommended refog, anybody has experiences with it?

TIA

Patrick
Refog
Refog

__________________
"All parts must go together without forcing...by all means do not use a hammer." - IBM maintenance manual, the very early years
0
donoli

Senior Member
Registered:
Posts: 598
Reply with quote  #2 
Refrog is a key logger of which there are many.  What seems strange is that it's a "friend" who has the suspicion. Does the friend work for the same company?  What does he think is being done with the data? Have there been any monetary losses due to the 'copied' data?  There are too many missing pieces, to the story.
1
wobble_wobble

Avatar / Picture

Associate Troublemaker Apprentice
Registered:
Posts: 913
Reply with quote  #3 
Spector 360 was mentioned a few times by myself.
May not be the cheapest, not sure it works on and RDS Server, but probably does as it does everything else.
http://www.spector360.com/

__________________
Have you tried turning it off and walking away? The next person can fix it!

New to the forum? Read this
0
pct

Avatar / Picture

New Friend (or an Old Friend who Built a New Account)
Registered:
Posts: 31
Reply with quote  #4 
Quote:
Originally Posted by wobble_wobble
Spector 360 


Thanks a lot! I think that was the software I tried to remeber. I will request a quote and have my friend sort out the legal problems it may cause according to German or EU laws :-)

__________________
"All parts must go together without forcing...by all means do not use a hammer." - IBM maintenance manual, the very early years
0
pct

Avatar / Picture

New Friend (or an Old Friend who Built a New Account)
Registered:
Posts: 31
Reply with quote  #5 
Had another conversation with my friend about the exact nature of his suspicion. I could convince him to try to find another way of dealing with his suspicion than using methods that are against the law in most countries.
Now what could make sense in order to technically investigate this further is maybe to do some analysis/forensics to see if large amounts of data were accessed last Sunday or is this a futile endeavor?

__________________
"All parts must go together without forcing...by all means do not use a hammer." - IBM maintenance manual, the very early years
0
wobble_wobble

Avatar / Picture

Associate Troublemaker Apprentice
Registered:
Posts: 913
Reply with quote  #6 
Patrick

The laws in Ireland, not sure how they apply in Germany are as follows:
If the IT/ HR/ Job contract contains some language around the IT provided, given, used and all data on it belongs to the company and all activity can and will be monitored, then your free to almost do whatever you want.

Trying to investigate following the fact, if logging was not enabled/ configured won't give you a lot of info.

__________________
Have you tried turning it off and walking away? The next person can fix it!

New to the forum? Read this
0
Previous Topic | Next Topic
Print
Reply

Quick Navigation:

Easily create a Forum Website with Website Toolbox.