File Details |
|
File Size | 0.1 MB |
---|---|
License | Freeware |
Operating System | Windows 2000/Server 2003/XP |
Date Added | July 7, 2005 |
Total Downloads | 1,023 |
Publisher | Odegard.it |
Homepage | DataGuarder |
Publisher's Description
DataGuarder is a small application which will reset access permissions on all defined folders to allow only the users defined in the application to have access to them. It will then monitor the folders for any changes to the security settings on the folders and when a change occurs it will reset the access ACL's to the settings defined and thus block any attempts at changing them to gain access.
Latest Reviews
exitwound reviewed v07.07.2005 Beta on Jul 30, 2005
Remove buttons please!
devoxide reviewed v07.07.2005 Beta on Jul 29, 2005
The application will ofcourse not guarantee to block access to folders under any circumstances. However it is usefull as a perimiter guard. Besides this version is a "Concept Preview" and by no means complete.
Consider this: Working in a large company as a developer f.inst, you have local admin rights on your computer. Domain admins can access all your drives and folders. Now, if you want to block access to any given folder you can remove access rights for this folder for all but yourself. This will hinder access for anyone else. But how do you know if a domain admin (or anyone else with the proper rights to do so) adds himself to the folder access rights to gain access? You don't, unless you frequently check the folder permissions. Now, you could take ownership of the folder, and thus the only way of anyone else to gain access would be to take ownership of it, and then modify the access rights for the folder, right? But you would still not notice unless you check the folder permissions. Enter DataGuard...This application will monitor the folder(s) and whenever the access rights changes (ownership also), it will imediately reset it to the defined user account thus blocking the perpetrator. It will also log the actions and display it in the status field, so you would know what happened. So long as the application is running it will perform this action. A domain admin wil not be likely to access your computer locally, so he will not know the application is running (he would have to check the running processes and know what to look for). Besides he would probably be a bit puzzeled at what just happened. He just took ownership of that folder and changed permissions, right? And still he is unable to browse it......Checking the permissions again, what? They are the same as originally set, well, change them again....so on and so forth...
In the meantime all actions is being logged by DataGuarder.
DataGuarder will also block any maintenance scripts/applications which is meant to scan computers looking for non-approved applications and files.
The next version(s) will have the possibilities to:
- Run as a service
This will enable the application to guard folders independently of who is logged in locally.
- Tray icon for the specified user when running either as an application or service.
Enabling easy access to start/stop guarding and setting options.
- e-mail notification upon permission changes.
- encrypted settings.
- Masquerading service.
Enable the posssibilities to masquerade the service name by defining the service name to a specified name which is not obvious to the perpetrators.
Include counter measure possibilities, meaning that it will be able to (hopefully) do the following when the permissions for a folder has been tried changed a defined number of times.
This is called threshold level actions:
- Secure deletion of guarded data.
you probably has a copy of them at home (?), so deleting them is the only safe action to prevent any evidence left on your computer when the perpetrators realize that the computer should be confiscated for closer examination. No access rights definition will hinder a snoop when he has physical access to a computer as he can simply mount the disk(s) using a boot cd and then examine them and setting access rights if need be.
- Close down network connections on threshold level reached.
This will block any access to the copmputer from the network and implies thet any further actions will have to be taken physically on the computer.
- Force Logout of any other user than the one specified in the application. Block login!
"Kick that s*** out". Hopefully we can get this working as it will hinder login by any other than you, the owner of the computer. Forcing perpetrators to boot the computer in such a way thet the installed OS is not loaded. (Boot cd).
- Total Lockdown
All of the above actions inflicted at once upon threshold level reached.
This will block access to the computer while it is deleting the files.
To sum up. As it is now, the application does not do anything other than setting the permissions on folders, and keeping them as defined whatever anyone else does.
But in the next versions it will be getting more usefull.
Brgds
DevOXide
WhiteZero reviewed v07.07.2005 Beta on Jul 28, 2005
Interesting idea.
Although in order to change permissions you'd nee the proper access rights, which would only be granted by the admin, who is the only person who would be using this application anyway. So really, as long as you don't grant access to change share permissions, then you don't really need this program anyway. Unless your admin account is compromised, then they could just shut down Dataguarder anyway.
In other words, don't just give out access to permission changes to everyone and you won't need this application. Simple.
exitwound reviewed v07.07.2005 Beta on Jul 30, 2005
Remove buttons please!
devoxide reviewed v07.07.2005 Beta on Jul 29, 2005
The application will ofcourse not guarantee to block access to folders under any circumstances. However it is usefull as a perimiter guard. Besides this version is a "Concept Preview" and by no means complete.
Consider this: Working in a large company as a developer f.inst, you have local admin rights on your computer. Domain admins can access all your drives and folders. Now, if you want to block access to any given folder you can remove access rights for this folder for all but yourself. This will hinder access for anyone else. But how do you know if a domain admin (or anyone else with the proper rights to do so) adds himself to the folder access rights to gain access? You don't, unless you frequently check the folder permissions. Now, you could take ownership of the folder, and thus the only way of anyone else to gain access would be to take ownership of it, and then modify the access rights for the folder, right? But you would still not notice unless you check the folder permissions. Enter DataGuard...This application will monitor the folder(s) and whenever the access rights changes (ownership also), it will imediately reset it to the defined user account thus blocking the perpetrator. It will also log the actions and display it in the status field, so you would know what happened. So long as the application is running it will perform this action. A domain admin wil not be likely to access your computer locally, so he will not know the application is running (he would have to check the running processes and know what to look for). Besides he would probably be a bit puzzeled at what just happened. He just took ownership of that folder and changed permissions, right? And still he is unable to browse it......Checking the permissions again, what? They are the same as originally set, well, change them again....so on and so forth...
In the meantime all actions is being logged by DataGuarder.
DataGuarder will also block any maintenance scripts/applications which is meant to scan computers looking for non-approved applications and files.
The next version(s) will have the possibilities to:
- Run as a service
This will enable the application to guard folders independently of who is logged in locally.
- Tray icon for the specified user when running either as an application or service.
Enabling easy access to start/stop guarding and setting options.
- e-mail notification upon permission changes.
- encrypted settings.
- Masquerading service.
Enable the posssibilities to masquerade the service name by defining the service name to a specified name which is not obvious to the perpetrators.
Include counter measure possibilities, meaning that it will be able to (hopefully) do the following when the permissions for a folder has been tried changed a defined number of times.
This is called threshold level actions:
- Secure deletion of guarded data.
you probably has a copy of them at home (?), so deleting them is the only safe action to prevent any evidence left on your computer when the perpetrators realize that the computer should be confiscated for closer examination. No access rights definition will hinder a snoop when he has physical access to a computer as he can simply mount the disk(s) using a boot cd and then examine them and setting access rights if need be.
- Close down network connections on threshold level reached.
This will block any access to the copmputer from the network and implies thet any further actions will have to be taken physically on the computer.
- Force Logout of any other user than the one specified in the application. Block login!
"Kick that s*** out". Hopefully we can get this working as it will hinder login by any other than you, the owner of the computer. Forcing perpetrators to boot the computer in such a way thet the installed OS is not loaded. (Boot cd).
- Total Lockdown
All of the above actions inflicted at once upon threshold level reached.
This will block access to the computer while it is deleting the files.
To sum up. As it is now, the application does not do anything other than setting the permissions on folders, and keeping them as defined whatever anyone else does.
But in the next versions it will be getting more usefull.
Brgds
DevOXide
WhiteZero reviewed v07.07.2005 Beta on Jul 28, 2005
Interesting idea.
Although in order to change permissions you'd nee the proper access rights, which would only be granted by the admin, who is the only person who would be using this application anyway. So really, as long as you don't grant access to change share permissions, then you don't really need this program anyway. Unless your admin account is compromised, then they could just shut down Dataguarder anyway.
In other words, don't just give out access to permission changes to everyone and you won't need this application. Simple.