-
December 3rd, 2003, 01:43 AM
#11
and what if there is no firewall? what happen next?
It could still be traced. Via the Router. There is always a record somewhere but that depends on the full network design and what components are on there.
-
December 3rd, 2003, 03:56 PM
#12
Originally posted here by Penguin
what u meant a little harder? if i can see the IP, i will sure be able to see the computer name.. and since company will give the computer a name when they bought the PCs then i guess it would not be a problem. Of course unless the firewall did not config to log the PC name.. Am I correct?
And you just described the "little harder" part. If you log on, I have your userid, it's pretty much a no-brainier at that point, I know what your doing and who you are. If you don't log on, I have to grab the IP address, match that back to a mac address & computer name (in our shop, computer names are pretty generic, but they do mean something). With this information, I then have to see who that computer was assigned to, often I will have to go to the office to verify, as computers seem to move around a lot without support being notified. Now that just a lot of hassle to give you **** for surfing porn on company time.
Cheers:
-
December 3rd, 2003, 04:17 PM
#13
Senior Member
Originally posted here by nihil
Hi Penguin, I am probably not understanding you?
You say you can log into the Novell Network...OK if you then surf the internet you can, and probably are being traced.
If you log into the local NT Workstation and connect to the internet you may well be using a local modem? If it is a dial-up modem connecting direct to the ISP, then it is probably not being traced (other than by the keylogger and wiretap that I installed last Thursday ...sorry, only joking)
I recall this kind of setup from a few years ago. We had a network that was high speed, but somewhat unreliable, so some people also had a dial-up modem to use if the network crashed. It was much slower, but more reliable
If you are using a local modem, you should hear some distinctive noises when you connect via the NT workstation. I would expext the Novell connection to be silent.
Is this the situation that you have?
Cheers
there is no modem in this senerio.. the PCs is always connected to the LAN.. so now the issue is.. Tracing user internet usage.. where he go, etc.. and 2 situations.. a person who login to Novell Network and a person who ONLY login to local NT Workstation user acc.. as simple as that..
-
December 3rd, 2003, 04:29 PM
#14
Originally posted here by Penguin
there is no modem in this senerio.. the PCs is always connected to the LAN.. so now the issue is.. Tracing user internet usage.. where he go, etc.. and 2 situations.. a person who login to Novell Network and a person who ONLY login to local NT Workstation user acc.. as simple as that..
Well I don't know if this would work for you, but in our shop, everyone that wants to access the internet (logged on or not) must authenticate to the firewall, (userids & passwords are checked against the novell nds). Once authenticated, they are allowed to surf and I can track everywhere they go via their userid & my firewall log reporting tool.
Cheers:
-
December 4th, 2003, 12:25 PM
#15
Senior Member
Originally posted here by DjM
Well I don't know if this would work for you, but in our shop, everyone that wants to access the internet (logged on or not) must authenticate to the firewall, (userids & passwords are checked against the novell nds). Once authenticated, they are allowed to surf and I can track everywhere they go via their userid & my firewall log reporting tool.
Cheers:
how do u config ur firewall? and what brand and type of firewall using? CheckPoint?
-
December 4th, 2003, 04:36 PM
#16
Originally posted here by Penguin
how do u config ur firewall? and what brand and type of firewall using? CheckPoint?
Yea, it is Checkpoint NG. I can't go into much detail about my firewall config for a couple of reasons, but in short. We have authentication turned on for outbound HTTP, HTTPS & FTP (couple of others I can't remember). When a user goes to hit a web site the are challenged for a userid & password, which is their Novell userid & password, now there is a checkpoint plugin that is hooked into the Novell NDS and validates the userid and password and then allows the user out. Now everything the user does on the net is logged against his/her userid in the checkpoint firewall logs. I also use a product call Firewall Suite from webtrends which I can use to create meaningful reports from the firewall logs (much better than showing management the raw firewall log).
If your a checkpoint shop and want a little more info, PM me and I'll see what I can do, or give your checkpoint rep. a call and tell him/her what you want to do and get his/her help.
Cheers:
-
December 5th, 2003, 12:21 AM
#17
Senior Member
Originally posted here by DjM
Yea, it is Checkpoint NG. I can't go into much detail about my firewall config for a couple of reasons, but in short. We have authentication turned on for outbound HTTP, HTTPS & FTP (couple of others I can't remember). When a user goes to hit a web site the are challenged for a userid & password, which is their Novell userid & password, now there is a checkpoint plugin that is hooked into the Novell NDS and validates the userid and password and then allows the user out. Now everything the user does on the net is logged against his/her userid in the checkpoint firewall logs. I also use a product call Firewall Suite from webtrends which I can use to create meaningful reports from the firewall logs (much better than showing management the raw firewall log).
If your a checkpoint shop and want a little more info, PM me and I'll see what I can do, or give your checkpoint rep. a call and tell him/her what you want to do and get his/her help.
Cheers:
i think the authentication way is a good way to warn user in some way.. telling them "hey, u have keyed in your userid and password, so i know who r u and where u went".. so user will not go to those 'un-authoried' web-site..
anyway thanks DjM, i appreciate ur help for answering my question patiently..
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|