This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to prevent bad act by server admins?(key logging or clipboard grabbing and ...

Hi.

I have not known in which sub-forum must posted this topic.


I have web hosting service. I am my own admin.
If i employ a second linux and server admin ,mybe he change the linux os with his own compiled and he change core or other linux files for spying and hack!
If he insert keyloger or clipboard graber or spying file as default manner of core or a linux file, then antivirus can not find any problem.
How we can prevent this?

Please note:
I had Linux Debian OS in my computer i installed an application that was a legal keylogger and clipboard grabber.
I saw it detect root password and save it and save clipboards contents in a text file!!!
when i used several anti-viruses they could not find any problem and all said system is OK!!!!!!!!!!!!!!!!!!

That was only an application if a person compile or insert a Linux OS file that has ability of keylogging or clipboard grabbing generic anti-viruses can not find that.

We must give root access to our system admins, for example in a large company is thousands Linux web servers we want detect clipboard and keylogging acts even if defied as legal linux core files act.

Is there any solution?

Please help.
Thanks



This thread was automatically locked due to age.
Parents
  • Hi ,

    May we know if you’re using Sophos endpoint enterprise or a trial version? The only way that we would be able to block the keylogger application is if it's malicious in nature or actually contains malware. If the application is legitimate, however, you may want a type of application control on the Debian server. At the moment we don't have this feature implemented but you can submit a feature request here [Feature Requests (sophos.com)] if this is something that you would like to see in the future.

    Glenn ArchieSeñas (GlennSen)
    Global Community Support Engineer

    The New Home of Sophos Support Videos!  Visit Sophos Techvids
Reply
  • Hi ,

    May we know if you’re using Sophos endpoint enterprise or a trial version? The only way that we would be able to block the keylogger application is if it's malicious in nature or actually contains malware. If the application is legitimate, however, you may want a type of application control on the Debian server. At the moment we don't have this feature implemented but you can submit a feature request here [Feature Requests (sophos.com)] if this is something that you would like to see in the future.

    Glenn ArchieSeñas (GlennSen)
    Global Community Support Engineer

    The New Home of Sophos Support Videos!  Visit Sophos Techvids
Children
No Data