Page 1 of 3 123 LastLast
Results 1 to 10 of 21

Thread: Sniff Employee Offenders

  1. #1
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,325

    Sniff Employee Offenders

    This sounds cool. At least for the admins... sucks to be the employee...

    Tech Sniffs Employee Offenders By Michelle Delio
    Story location
    02:00 AM Dec. 13, 2002 PT

    NEW YORK -- There are no bodies, bones or blood to analyze. No pondering over a piece of decaying evidence that was once part of a human being.

    But the forensics software on display at this year's Infosecurity 2002 tradeshow is enough to spook corporate employees everywhere.

    Computer forensics applications are typically used to investigate computer crimes and to preserve digital evidence so it's usable in court. But these applications aren't just for law enforcement officials anymore. Computer forensics software is helping stop corporate crime before it happens.
    What do the members of AO think about employers monitoring their employees?

    Personally, if it was me, I'd feel violated. Only becuase if they hired me, they should trust me. I think I should only be monitored if they have "reasonable doubt". My company uses software to monitor the usage of the internet and to "watch for malicious activities".
    Since I'm too damn busy at work to abuse the privledge of having the internet and the "toys" that I have, I don't have anything to worry about.
    But what about the employee who has too much free time at work and has access to the internet? I don't think that because the company can't keep them busy enough is a good reason to find out what recipie they are going to follow for tonights dinner...
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  2. #2
    Banned
    Join Date
    Jul 2002
    Posts
    877
    Honestly I'd never even use public PCs such as the ones in offices and libraries.

    Can't you drag your files under like a pile of directories or overwrite the file a few times and it makes the file harder to dig up? Of course I'd never risk my job but it might be fun when nosey librarians are around.

    I haven't used a library PC in years.... I had to use one when my comp broke.... It didn't take me long to fix my PC but gezz its so annoying to have librarians walk around you and pretend they aren't snooping and stuff. And then when you get off the librarian sits down at the PC and checks temp. internet files and a bunch of other stuff that nosey peaple would love to look at.

  3. #3
    Senior Member
    Join Date
    Jan 2002
    Posts
    458
    well it says " Computer forensics software is helping stop corporate crime before it happens. "
    i think this is good,
    but, phishphreek80 have a good point of view, ( if they hired me, they should trust me ) lol, well this would be an employee point of view, but as an CEO or business owner specially for enterprise and large companies i believe they have to double check everything before they risk thier business.

    as for my company, they only track internet trafic, but our CEO give us some free borders to surf specially for senior employees , like i can get to any site with no coments from the manegment
    When the power of Love overcomes the Love of power, the world will know peace... Jimi Hendrix
    -------------------------------------------------------------
    I dream of giving birth to a child who will ask...... what was war?

  4. #4
    AO Decepticon CXGJarrod's Avatar
    Join Date
    Jul 2002
    Posts
    2,038
    Our company only monitors Internet traffic. Once we see that internet traffic is going to non-work related sites (porn or whatever) we start monitoring that persons computer.
    N00b> STFU i r teh 1337 (english: You must be mistaken, good sir or madam. I believe myself to be quite a good player. On an unrelated matter, I also apparently enjoy math.)

  5. #5
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    We monitor anything we please..... Period!!!!

    Our employees are warned at their orientation that nothing, I repeat _nothing_ you do on our company's network is private. I make the point that I can sniff every piece of traffic they send and receive across the network including their passwords. They are informed that every webmail server I can find, every AIM, IRC etc. is blocked at the firewall and that I am warned immediately connection attempts are made.

    Am I a bit harsh in the policies I enforce? I don't think so for 2 reasons:

    1. I work for a non-profit - I can't throw money at problems so I minimize my risk by removing the high risk items.

    2. Folks, this is work...... You are being paid for it - not to go galivanting around the web or BSing with your friends.....

    Lastly, someone mentioned "trust"...... Number one rule of IT security: Trust noone and trust nothing!!!!!
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  6. #6
    Senior Member
    Join Date
    Aug 2001
    Posts
    233
    well I hate to say this, but your employees are the LAST people you should trust. Several studies have been done in recent years that show upwards of 85% of all hack attempts are from INSIDE your own network. I'll have to dig the reports up, but I know several folks like CERT and SANS have done these same types of studies.

    I lock down as much as I can, but a lot of what I can and cannot do is controlled by the policy (which I'm rewriting) and to some extent by the directors of this company.



    El Diablo

  7. #7
    Leftie Linux Lover the_JinX's Avatar
    Join Date
    Nov 2001
    Location
    Beverwijk Netherlands
    Posts
    2,534
    Indeed:

    The bigest security risk in the office resides between the keyboard and the chair..

    But is sniffing any good, you can't (where I live) do that kind of thing without first clearing it with your personell ( although one sticker with "You are Being watched" is sufficient by law )

    And this pre-emptive (however that is spelled) sniffing doesn't "feel" good by my standards..

    Although I would agree with tiger-shark on some issues...

    Luckily I'm the one in controll of the servers / firewall where I work..

    you may adress me as the BOFH
    ASCII stupid question, get a stupid ANSI.
    When in Russia, pet a PETSCII.

    Get your ass over to SLAYRadio the best station for C64 Remixes !

  8. #8
    Antionline's Security Dude instronics's Avatar
    Join Date
    Dec 2002
    Posts
    901
    I agree 100% with Tiger Sharks remarks.....

    At the company i work in (admin) i enforce the same policies.
    Ofcourse the users are told these things before they have access to the machines they use, but its not only trust. What if they are the victims of malicous code and the "illegal" actions are automated? All our machines have banners saying that all activity will be monitored if suspicous use is suspected. This way we still control the situation if its done purposely or by user error.

    The important thing though is to make the users aware that there is no such thing as privacy on the company machines.
    Ubuntu-: Means in African : "Im too dumb to use Slackware"

  9. #9
    Senior Member
    Join Date
    Nov 2002
    Posts
    174
    Originally posted here by Tiger Shark
    We monitor anything we please..... Period!!!!

    Our employees are warned at their orientation that nothing, I repeat _nothing_ you do on our company's network is private. I make the point that I can sniff every piece of traffic they send and receive across the network including their passwords. They are informed that every webmail server I can find, every AIM, IRC etc. is blocked at the firewall and that I am warned immediately connection attempts are made.

    Am I a bit harsh in the policies I enforce? I don't think so for 2 reasons:

    1. I work for a non-profit - I can't throw money at problems so I minimize my risk by removing the high risk items.

    2. Folks, this is work...... You are being paid for it - not to go galivanting around the web or BSing with your friends.....

    Lastly, someone mentioned "trust"...... Number one rule of IT security: Trust noone and trust nothing!!!!!
    Couldn't have said it better. It's amazing how much non-productive traffic there is. I think HR should include a disclaimer to new employees AND contractors that all network activity is monitored. With that done, sniff away! If somebody feels strongly enough that they "should be trusted" by the employer, then they don't need to take the job.
    Mike Reilly
    bluebeard96@yahoo.com

  10. #10
    Senior Member
    Join Date
    Jul 2002
    Posts
    225
    And this has what to do with forensics software? Packet sniffing and utilizing forensic tools are two totally seperate things. I don't think ANYONE has a moral or legal issue with people using forensics tools to investigate after a break-in. The other issue, logging employee network traffic, is much more controversial. I tend tho agree with the idea that as long as employees are informed of what's happening, it's OK. Doing it without informing them is scummy, and probably illegal.
    \"Now it\'s time to erase the story of our bogus fate. Our history as it\'s portrayed is just a recipe for hate!\"
    -Bad Religion

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •