>Is there an ftp client that can replace the one that
>comes from SCO for SCO ODT 1.1/2.0 that will log
>the file transfers that people do?
The one on gatekeeper.dec.com in pub/DEC does so, I believe. It
logs the GET/PUT commands users issue.
>The aim obviously is to keep tracking of files that
>are brought into the local network from the outside.
>This is in addition to manually screening code and
>virus checking binaries.
The problem is that if I can FTP from the net, I can FTP the
sources for a client FTP and use my own, which does no logging.
This problem you're dealing with is why I designed the FTP
applications gateway DEC (and its SEAL customers) use - the only way
to *really* know that you're getting an accurate picture of what is
going in or out via FTP is to interpose a block and have an application
gateway that logs traffic. The DEC FTP gateway also lets the firewall
manager select what to log, and gives the ability to block certain
commands directionally, depending on who is talking to whom.
Virii are a whole 'nother, very, very tricky issue. With all
the zillions of ASCII encodings of binaries and with the ability to
Email stuff, it's almost impossible to prevent people from bringing
in virii, other than through educating them.
mjr.
|
|
