Auditing Software

J

jadams

2[H]4U
Joined
Mar 14, 2010
Messages
4,086
So I have it with stupid customers. I need to know when they do stupid shit to our servers. Again today I get a call that our software isnt running. Upon remoting into the system I see that our services are being run under a different user.

Well no flippin wonder the services wont start..... it was changed to a domain account. An account we dont have the password to. So it had to be THEM. Though they claim it wasnt of course.

But of course whenever our software isnt working properly its always OUR fault. :mad:

So I need some decent auditing software. What you guys suggest?
 
Have you thought of making it a requirement in the documentation that the user account be a local account or working with the clients to create a domain service account like these clients may want?

This doesn't seem to be a technology issue as much as it is a process and documentation issue.

Change the documentation to where they need to create and write down the service account information, along with instructions on checking the box to not allow the password to change. There are some other security things I would do to the account as well. No remote logins, etc.

I am pretty sure there are some best practices out there for how to create domain service accounts for applications.
 
ianshot said:
Have you thought of making it a requirement in the documentation that the user account be a local account or working with the clients to create a domain service account like these clients may want?

This doesn't seem to be a technology issue as much as it is a process and documentation issue.

Change the documentation to where they need to create and write down the service account information, along with instructions on checking the box to not allow the password to change. There are some other security things I would do to the account as well. No remote logins, etc.

I am pretty sure there are some best practices out there for how to create domain service accounts for applications.
Click to expand...

Yes trust me thats already been done.
 
We just bought netwrix for our auditing stuff to stop things like this (devs doing things they shouldnt). It will monitor any changes made to servers for us but its pretty expensive :/
 
You must log in or register to reply here.
Back
Top