I work for a college in SC browse ar15.com forums. ClubXM.com(satellite radio) and other places. including gun manf sites. they don't seem concerned. thou I did catch one student surfing porn via a Remote Control software. Monitored him while my boss when to talk to him. used the radios to ensure he had the right guy and knew what PC it was. PCs are named for Building Room and Position. (1,2,3,etc.) the culprit was given a stern talking to by the VP of counseling services. we not only had intent but proof, I watched the screen via remote, snapped a few screen shots. next time the culprit is expelled.

this is why any company doing this intelligently used windows 2000. which forces a login, if you don't you sit and stare at the login prompt. timestamps are useful even if no login is present. because witnesses can place someone at a machine around a certain time. and if that time coincides with a cookie there is a very good chance it was that person.

That will do it!! In my environment, PCs are identified by ip address. Your method could easily be implemented. Of course the easiest way to keep people from surfing porn is to install Windows2000 and set password option. As far as I know (which isn't much) there is no way to get around the Login screen in that particular software.

I, personally, would hate to have a job that required me to track ppl down and bust them for improper use of company equipment. The stress must be very high!!

neilfj,

I agree. Their equiptment, their rules, their right. I choose not to have their rules extend to my private internet access, therefore, I purchase access with an outside ISP. No harm, no foul. I just have my own conscience to answer to.

Not completely true. If I was actively tracing the activity of someone, I'd just wait until he connected to a prohibited site. Then either walk over to his Office/cubicle and see what's on his screen and who's sitting at his PC. A log in doesn't really prove much since many people log into the system and walk away from their desk. Anyone walking by could use the PC.
But..then again many companies are now including as part of the employment agreement that you are responsible for keeping your PC secure. So, depending on much of an ass*ole they are, they either get you for inappropriate use of company assets, or for leaving your PC unsecured.

My point in this entire discussion is, yes people are stupid..companies can be ass%oles..save your surfing till you get home. Stay away from anything that can be used against you. It is much easier to detect your network activity than most people realize.

(Now, should we discuss Keystroke Recorders that some companies are using).

All networks have some type of addressing scheme that in one way or another gets assigned to a specific PC or piece of equipment.

Win2000 & XP are tighter, security wise, than previous versions. Many companies won't even permit accessing the network or internet until you have logged on to a server. That makes it easier to trace, as rather than using the address to track down a PC, the Sniffer uses the logon information to assign your name to the trace. Rather than seeing 192.168.65.1 talking to ar15.com, it would show up as Dave Smith talking to ar15.com.

As for being stressful, not really. Like I've said before, just a friendly warning to people usually stops the activity, unless they are really stupid. A lot of times I have the sniffer running at my desk and will point it out to someone when they walk by. You'd be amazed how fast word gets around.

let's see, now

All these things were automatically downloaded from that accidental visit and would be in your log ....


From an employee's point of view, the chat is of course different - as it involves conscious input of a type such that the keyer would hardly be able to say they didn't understand what the computer would do as a result.


Well, that's what I would say, too. But I think you underestimate what a manager/supervisor with an agenda will do.   Suppose I had turned the fellow in for taking an entire day off on 4/2 claiming he was on the first day of a conference that actually didn't start until 4/3.

And suppose by process of elimination that he figured that I was the one who got his ass reamed.

How would you feel about supplying him with the sniffer information, and explaining that it appeared to be accidental.  Then having him go through the information and picking out all the items like "tits.jpg", "blowjob.gif", and all those cute little animated gif's and other thumbnail 'motion graphics', and ignoring your explanation that it looks like an accident, but using the juicy parts to fire my ass?

Manager:  "So you say that Joe then clicked his mouse and the computer went to this web site, where someone is having sex with a boy dressed up as a goat?"

Neil:  "Yes, but it appears to be an acci--"

Manager:  "That's all I need to know. Thanks for your time-- I have to take this report to a meeting."

I bet you'd feel pretty shitty.

I have no problem with taking appropriate measures with intentional abusers, and I think it's best corrected at the tech level.

Once it gets out of your hands, though, the use (and misuse) of that information is out of your control.

Maybe to discourage this kind of misuse by the "suits", the computer people should have a policy of only releasing an objective report that states strictly your expert opinion, and leaves out any computer/sniffer data that could be twisted to devious ends....

Yes, but so does clicking on a link. We were discussing making errors while typing and how to determine accidental vs intentional access.
Taken cumulatively, going to a site and clicking on links proves intent in most cases,
(there are always exceptions). Going to a site and having popups, downloads, auto links are not intentional and the difference between the two situations is rather easy to determine from the trace data.



No, not at all.



Not an issue. Most people don't want the raw data, just the results of the analysis. Most people can't decode the traffic, or can't be bothered. It is usually a written report detailing the activity. Accidental links, popups, etc. are not included in my reports for just such a reason as you state. The raw data is kept for evidence, if required.



Nope not at all. On the other hand, anger would be another thing.



Agreed! Unfortunately, some times we don't have the choice or the option to handle it.

Lots of info in your posts...thanks. I think our environments are very different. This conversation could go on forever. Just out
of curiosity....what do you let go. Can an employee check out weather, news, stocks etc.......even over lunch?

a very good chance is not positive proof. [:D]

I understand where you guys are coming from...just pointing out that there are holes!
I also understand that employers can terminate me(in Texas) for any reason...but unless they have video of me surfing porn logged in......


IT WASNT ME!