From: Anders Thulin (anders.thulin@sentor.se)
Date: Wed Apr 11 2007 - 02:52:58 EDT
Mifa wrote:
> We have a user who takes a company computer home with them (no its not a lap top). We have a good reason
> to need to look at their files. However, we want to do so without that employ knowing. They seem to know
> something about security becasue auto runs is disabled and the workstation is always locked with a third
> party software. INserting a U3 drive will not run a program either. Are there any programs that will boot
> from a floppy then copy a program to the c drive then wite an auto start entry into the registry? This was
> the only way I can think of to get the user to install a program..
>
> Any other ideas how we maight gain access? It has to be fast (bathroom breaks ect). I dont have time to
> load a live cd. Further, robooting would cause the user to loose work.
I don't like the sound of this. You want to install software on a company computer, but are
afraid to tip the user off that you are doing so? And you don't want to reboot the system
in the process, and you only have short periods of time, such as bath-room breaks to your
disposal? And who exactly are 'we'?
Get in touch with a good security consultant -- someone who can get the whole picture,
including the parts you're not discussing here. If there is a legitimate threat, it
need to be considered in toto.
On the assumption that this is above the board: if you don't have time to do the job,
make it. Get the IT department to do a hardware upgrade, say, larger disks, for everyone
in his work group. Or get the user into a full-day meeting on very short notice. Or ask if
he wouldn't actually *prefer* a laptop, seeing how he's moving this computer to and from
work every day (something I find *rather* difficult to believe). Or use some similar
excuse to get sufficient hands-on time for a disk bitcopy to examine at your leisure.
Apart from that, there is (or should be) an employer-employee relationship in place here:
use it. If you are afraid of tipping the user off, make sure you have identified the correct
threat: it may not be files on a disk, but the fact that you need to be tiptoeing around an
employee at all. In that case, it's not a problem to be solved by bootdisks.
-- Anders Thulin anders.thulin@sentor.se 070-757 36 10 ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:42 EDT