Re: Tracking a (potential) abuser?

First things first:

Do you have your students and teachers (i.e. the "rampaging masses") sign an "Acceptable Use Policy" or something similar prior to granting them access to the system? If not, then I suggest you do so post haste. Also, configure the message title and text for users in Group Policy telling them that there is no expectation of privacy, you may be monitored, use of this system for illegal activities...etc. etc. etc.

Personally, I'd say you should get the support of your boss to tighten down security to a ridiculous level then only enable things as they are NEEDED.

By the way, have you considered running your machines as Kiosks with limited desktops/start menus and the like. Store these two folders on a central server and give the proletariat "Read Only" access to it.

Hope this helps!

Jeremy Shelley, CISSP
ISSP, Defense Security Service

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

Chris DeVoney wrote:

> One other suggestion: write a Perl script to look for the time of activities