Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

trusted download

Status
Not open for further replies.
warmongr

warmongr

MIS
Mar 17, 1999
214
US
Are there utilities under linux/UNIX for scanning magnetic media for classified information, headers, markings etc.&nbsp;&nbsp;The idea is that if my company downloads an unclassified CVS tree to JaZ disk on a classified system how do they ensure that the tree contains no classified data and can then be transferred to an UNCLASS repository.<br><br>war...
 
Sort by date Sort by votes
I'm almost positive that this isn't what you want to hear. If you want security you need to say &quot;NO&quot;.<br><br>Don't allow access to content that can't pass pre-existing security checks. Make sure that secure content is stored in an area that won't be copied to the JaZ disk. Pass the secure data by other means.<br><br>Too simple? Consider your alternatives. Software can't determine what content is sensitive (&quot;unclassified&quot; header means little when the content is sensitive). Automation gets in the way and intoduces errors.<br><br>This is an area that requires human intervention. <p> <br><a href=mailto: > </a><br><a href= temporary Vorpalcom home page</a><br>Send me suggestions or comments on my current software project.
 
Upvote 0 Downvote
Thanks,<br><br>And I know that you are right however that doesn't change the requirement.&nbsp;&nbsp;I work in a software development environment and this kind of stuff happens rather people admit it or not.&nbsp;&nbsp;The information that is downloaded to the disk is unclassified, I know that.&nbsp;&nbsp;But what I don't know is is there a secure copy like command that will only copy the source data and leave any slack space behind such as xcopy of securecopy under DOS/windows etc.&nbsp;&nbsp;I am from a very regimented security environment and am faced with alot of new challenges now that I am in a new position.&nbsp;&nbsp;I cannot be in the room with these folks constantly and I know that this type of stuff goes on everywhere, not just here.&nbsp;&nbsp;What I need to do is find of way to help me sleep at night and help my company be productive at the same time.<br><br>war...
 
Upvote 0 Downvote
War, you might want to take a look at Tripwire.&nbsp;&nbsp;(<A HREF=" TARGET="_new"> is now a commercial product, but the original version 1.x releases are available as Open Source.<br><br>In a nutshell, you configure Tripwire to scan a directory tree (usually the whole system) and look for changes to files.&nbsp;&nbsp;It uses MD5 to generate a hash for each file being checked, and reports on any differences.<br><br>Use the output from Tripwire to highlight new files, changes, etc.&nbsp;&nbsp;You can then feed this into a shell script that uses, for example, standard Unix &quot;grep&quot; to look for the patterns you require.<br><br>Hope this helps.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

ChrisFairley
  • Locked
  • Question
Downloads failing through ASA 5520
Replies
1
Views
84
iggsterman
iggsterman
ChrisOfOz
  • Locked
  • Question
Zone Alarm extreme told me to download free spy removers to do the job
Replies
0
Views
39
ChrisOfOz
ChrisOfOz
jmkelly
  • Locked
  • Question
Downloads from Microsoft licensing site fail on ASA5510
Replies
4
Views
83
baddos
baddos
plastiiq
  • Locked
  • Question
ASA 5510 trouble with 2 trusted networks 1
Replies
2
Views
36
plastiiq
plastiiq
ShackDaddy
  • Locked
  • Question
Outbound client-originated VPN from trusted network
Replies
6
Views
35
Supergrrover
Supergrrover

Part and Inventory Search

Sponsor

Back
Top