Results 1 to 6 of 6

Thread: Monitoring IM Usage

  1. #1
    AO Decepticon CXGJarrod's Avatar
    Join Date
    Jul 2002
    Posts
    2,038

    Monitoring IM Usage

    We have recently found that users in our network have been abusing IM programs and chatting with friends and family for a good portion of the workday. Can anyone suggest a way or a program that will monitor how much a person is using a IM program? We dont care about what the employee is chatting about, but we do want to find out how much time they are spending chatting.

  2. #2
    There are plenty of programs which can monitor IM usage - but alot of them will also log the conversations!
    I don't know if there is one that will only tell you off time spent - but it is good that you respect their privacy enough not to want to read their convos & i can understand though that you would want to know how much of the company time they are wasting....
    Perhaps getting one of the IM logging progs and just checking the time staps without reading the convos?
    try searching google for IM watchdog progs or such like

    v_Ln

  3. #3
    Senior Member
    Join Date
    Jul 2002
    Posts
    339

    Re: Monitoring IM Usage

    We have recently found that users in our network have been abusing IM programs and chatting with friends and family for a good portion of the workday.
    So, you admit that they have been abusing your network... Now, if you know how much time they spend for chatting then what? Well, this might not be a direct answer to your question, but I think it's a more efficient way dealing with this.

    You can (install and) configure a Firewall to block outgoing traffic from your network to some specific IM ports. If you want to give them some time to do chatting, you can always configure the time-of-day setting of that Firewall rule. There are many people here who can help you on the details of how to do this, or go to google.

    Peace always,
    <jdenny>
    Always listen to experts. They\'ll tell you what can\'t be done and why. Then go and do it. -- Robert Heinlein
    I\'m basically a very lazy person who likes to get credit for things other people actually do. -- Linus Torvalds


  4. #4
    AO Decepticon CXGJarrod's Avatar
    Join Date
    Jul 2002
    Posts
    2,038
    jdenny: We dont want to block the ports because some users do have a legitimate business need to use IM. It is a easy way to contact our programmers in real time over the net. We really want to see how much time a person is spending chatting and then sit down and talk to that person. We would like to be able to show them how much time they are spending chatting. I dont think that many people think about how much time they spend talking to one friend or another and just get caught up in things. We would like to resolve issues with our employees and banning IM chat would be a last resort.

  5. #5
    Senior Member
    Join Date
    Sep 2001
    Posts
    144
    If you happen to be using a linux firewall system on your network, you can in theory use the string matching table to match the conversation init packets. Looking for the packets that come from the server stating that there is a message to follow. The icq packets i've seen usually have the source UID and the dest UID, and of course the time and date.

    Now this won't let you know how long the conversation is taking, or make it possible for you to see how long your employees contemplate their responses, but you will be able to see how many messages they are sending and two and from whom.

    Now, with the correct rules you could use this to only allow messages that you are able to determine that the source and dest UID's are indeed employee's.

    perhaps i'm over simplifying this, but it seems to make sense as i type this.. however I took 2 benedryl and 2 sleeping pills about 70 minutes ago, but it still seems a solid idea.

  6. #6
    Senior Member
    Join Date
    Aug 2002
    Posts
    651
    Are you using an IDS on your internal network? If so, you may be able to monitor IM login/logoff using it. The reason I bring this up is because I know that you can do this with ISS Real Secure. Maybe it's an option in your IDS if you are using one. Hope this helped.
    Opinions are like holes - everybody\'s got\'em.

    Smile

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •