Audit & log CDROM Access

  • Thread starter Thread starter Amihai Bareket
  • Start date Start date
A

Amihai Bareket

In my network there are no CDROM and Floppy drives on any of the users
computers due to network security reasons.
We keep the CD and Floppy drives on the servers, but need to monitor access
to them.
The network infrastructure is Windows Server 2003 Active Directory.
Is it possible to audit CD & Floppy access?
Will one of the audit policies in the GPO write an event to the event viewer
when a CD is put in the drive?

If not, is there another way of doing this? SNMP traps? Third-Party tools?
 
Amihai Bareket said:
In my network there are no CDROM and Floppy drives on any of the users
computers due to network security reasons.
Click to expand...

What about file attachments in Email that they can sendout to someone or
those USB memory stick "drives" that they can carry in and out in the shirt
pocket?
We keep the CD and Floppy drives on the servers, but need to monitor access
to them.
The network infrastructure is Windows Server 2003 Active Directory.
Is it possible to audit CD & Floppy access?
Will one of the audit policies in the GPO write an event to the event viewer
when a CD is put in the drive?
Click to expand...

I have never heard of such a thing.

The proper way to do this is to have the machines in a secure room. If a
"bad guy" has physical access to the Server, then it isn't your server
anymore.
 
Hi

Sanctuary from SecureWave can audit all writable devices: both the "who" as
well as (optionally) the content written.

Marco
 
Back
Top