I have been unable to find a program that will automatically encrypt
and decrypt files on a network file server. Apparently Symantec's "Your
Eyes Only" will do this for hard disks but does not work on network
files. What I would like is a program that runs on the user PC,
transparent to the user, that recognizes that "all files in directory
H:\PAYROLL" are encrypted and should be automatically decrypted upon
access, i.e. through an add-in file system driver or some such. The
files need to be on the file server so that they can be backed up and
restored via the standard network processes, but I would like them to
exist on the file server only in encrypted form. They can exist on the
file server either as individual files or as an encrypted "block" that
the add-in filesystem driver knows how to decipher. Is anyone aware of
such a utility?
Second, Netware's built-in auditing would be sufficient for auditing
our semi-sensitive data. The problem is that we would like to set up
auditing for every user's sensitive data, which encompasses quite a few
files and directories. Reporting is not a problem because we can make
programs to filter the report output to indicate only unauthorized
access. But from what we can tell the only way to enable auditing on
all those files and directories is to go through and manually "enable"
auditing on every file/directory individually. Is there another way to
do this, or a third-party product that can assist us?
I would really appreciate any advice you have to offer. Thanks in
advance.
Aaron Buhr
amb...@southeast.net
I do not know if it is still available, but there *was* a product that was
actually better than this. It was called NetSqueeze and was developped by
BindView development. It offered file compression and encryption via an NLM
(so there was no user intereaction) for NetWare 3.x or 4.x. They decided to
get out of that market and sold the product to another company. Sadly, I've
long ago tossed the card telling me what the new company name was. It's not
much of a lead, but maybe it'll get you started.
+-------------------------------------------------------------------------+
| |
|David Gersic dgersic_@_niu.edu |
|Systems Programmer Northern Illinois University |
| |
| Is a female lawyer without her briefs a soliciter? |
| |
|I'm tired of receiving crap in my mailbox, so the E-mail address has been|
|munged to foil the junkmail bots. Humans will figure it out on their own.|
+-------------------------------------------------------------------------+
> I have been unable to find a program that will automatically encrypt
>and decrypt files on a network file server. Apparently Symantec's "Your
>Eyes Only" will do this for hard disks but does not work on network
>files. What I would like is a program that runs on the user PC,
>transparent to the user, that recognizes that "all files in directory
>H:\PAYROLL" are encrypted and should be automatically decrypted upon
>access, i.e. through an add-in file system driver or some such. The
>files need to be on the file server so that they can be backed up and
>restored via the standard network processes, but I would like them to
>exist on the file server only in encrypted form. They can exist on the
>file server either as individual files or as an encrypted "block" that
>the add-in filesystem driver knows how to decipher. Is anyone aware of
>such a utility?
It depends on the environment the client software has to run in. I know of
one or two products which encrypt and decrypt on the client machine and run
over a network, so the server only sees a big chunk of white noise. The one
which immediately springs to mind is called TorDisk (a WWW search should
locate it). There may be others on
http://www.cs.auckland.ac.nz/~pgut001/links.html.
Peter.
>I would greatly appreciate some advice for a problem I am facing. We
>have a Netware 4.10 file server that has sensitive data that even the
>sysadmins should not be looking at. We would like to both audit
>unauthorized access in semi-sensitive areas as well as encrypt the
>really sensitive files. I have two issues I would appreciate help with.
If you're really serious about keeping the information safe,
then you should know that implementing a secure environment like this
is not easy. If you simply pick a product off the shelf and expect it
to do everything for you, chances are, your system will remain
insecure. You'll prevent casual observers from obtaining the
information (it's better than nothing), but it most likely won't stand
up to an attack by someone who knows what their doing.
My advice would be to hire a professional consulting firm to
come in and evaluate your topology, and determine your specific needs.
I Refuse to Have a Battle of Wits With an Unarmed Person.
Greg Miller: Senior Consultant
greg....@usa.net http://members.iglou.com/gmiller/