Can administrator watch my activity on Web? - Page 4
Page 4 of 5 FirstFirst ... 2345 LastLast
Results 31 to 40 of 41

Thread: Can administrator watch my activity on Web?

  1. #31
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,191
    Hah!

    You may have noticed that I have not been posting?..............bin watchin johnny rotten.............living in a ditch...........pi$$ing and sh1ting on myself, just for the one shot?



    Johnny, I use mercury, and am an exceptionally bad international player.................
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  2. #32
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    oh let me guess he can because he is the boss
    1. I don't "peddle my wares" to people like that.... I run it right.... they don't like it, I move on....

    2. My ultimate boss is a gal and believe me, she doesn't surf the net, let alone porn.

    3. Ms. M is right, I hear stories all the time about the owner having policies that they outright ignore themselves..... Wait till they fire someone for breach of policy that has a few packet dumps of the bosses infractions..... Let's just hand over the keys....

    The world is full of idiot bosses...... If they are so stupid and obnoxious you can always find another.....
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  3. #33
    Super Moderator
    Know-it-All Master Beaver

    Join Date
    Jan 2003
    Posts
    3,914
    Hey Hey,

    I'll stick my nose in here and add my two cents (which at todays rates is a whooping 20mL of gas).

    Anyways, changing your MAC Address isn't going to affect anything. As soon as you physically plug in, you're busted. At my college, there is intensive monitoring done, however the purposes will vary. Currently most of the monitoring is for packets matching known virus definitions (netsky, mydoom, sobig)... anything that's going to send massive amounts of data out of the network. However I know in the past an employee was caught downloading simply because the bandwidth monitor went off and said there was excessive usage in a certain area. As soon as you see a single packet of data, you'll have the persons MAC Address. You'll also have an IP and depending on your DHCP Scheme (does every room have it's own range? Does every switch have it's own range, is the entire network one giant range) you'll be able to have a general ID of where that PC is located. Then it's just a matter of connecting to the proper switch (you may have to search if you have a bad network layout) and seeing which port that MAC Address is plugged into. Consult your documentation (everyone can tell you how important documentation is) and walk over to the room. You've caught the person violating your AUP. Probation, Suspension, Dismissal, Execution... who knows what punishment will follow.

    The bottom line is.... it's not worth it. Do our students sit and download all day? Most definately... however we're, thankfully, in Canada.

    Now MsM posed two questions, while they make you think, the answers are blatently obvious.

    Q. Should an employee be allowed to circumvent the security policy because it's inconvenient... etc?

    A. No. It's a cut and dry answer to a straight forward question. The problem is that ethics and reality are so far apart it's scary. People do it all the time. We've disabled students for virus infections and found them plugging into common ports. We've had students open up sniffers in classrooms to see what they can grab. Sniffing on the college network, outside of IT employees doing job functions and students performing "supervised" education experiments, is supposed to result in dismissal from your program, or at least probation. However this never happens, and people get away with it. Downloading and gaming are supposed to be restricted, however in class half the students will play network games. We've had MITM attacks using rogue DHCP servers and still nothing happens. They are violating the AUP for various reasons, it is wrong (ethically), however in reality it's accepted as acceptable.

    Q. Should the administrator be allowed to monitor where employees go?

    A. Most definately. I've recently introduced our helpdesk to slarty's gencontrol and they absoluately love it, they plan on putting it to use for monitoring and tech support. Network services monitors bandwidth and also does port monitoring. Should it be any different else where? No. Hell I monitor my network. I sniff it, I monitor it with snort and I use Webspy and websnurf to monitor browsing. It may be a home network, but I don't always trust my roommates. I don't want them causing me to lose my connection, or bringing problems into this network. I think the real question is, should employees be told that they're being monitored? This question isn't so straight forward. I think that in certain cases, just knowing that they may be watched is enough to keep employees on the straight and narrow. However in certain situtations where employees are going to have issues with being monitored, I think it shoudl be kept from them until they violate the AUP or anything else that's in place.

    Anyways, there's my two cents.

    Peace,
    HT
    IT Blog: .:Computer Defense:.
    PnCHd (Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".

  4. #34
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324
    Q. Should the administrator be allowed to monitor where employees go?

    A. Most definately.
    Hehe.. Those questions were rhetorical but there is a "But" to the second one, especially in Canada in certain provinces, Ontario being one. We have a new privacy law, PIPEDA, that has to be followed and we also have other privacy laws that have to be followed. This means NOTIFYING users at the beginning that their actions may be monitored. Once you remove that expectation of privacy then if you do have to go to court (and at some point you may need to), they cannot cry violation of privacy against the employer.
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  5. #35
    Senior Member Cemetric's Avatar
    Join Date
    Oct 2002
    Posts
    491
    Unfortunately, in my experience bosses and CEOs often view themselves as kings above the law. This probably explains the lack of interest in security and the view that it costs more than it saves (I don't have hard figures -- if anyone finds them, please post -- but I have a strong suspicion that companies save a lot more when security is applied, encouraged and supported due to the fact that less is spent on OT, data recovery and wasted user time).
    Exactly ..I could'nt have said it any better .

    The figures is all they are interested in...

    And all the rules the make up ...have the time they don't follow them themselfs.
    Same with standards ...everyone has to have the same configuration (which is fine) except them offcourse.

    It's allways the same ... I think I'm gonna brush up my resume
    Back when I was a boy, we carved our own IC's out of wood.

  6. #36
    Senior Member RoadClosed's Avatar
    Join Date
    Jun 2003
    Posts
    3,834
    I am one of those generalized crappy IT bosses.

    I limit internet shopping to lunch hours, while placing no limits on myself. Of course I shop computer books once a month or so. None of my URLs get blocked, wouldn't do much good while trying to track down a site when one gets "Cannot Access this URL because of Corporate Policy." Makes it hard to track down a nice ebay marketing scam a few people fell into, instead of doing their jobs they gat paid for. Similar to TigerShark's real estate agent.

    I block pornography because women don't like to see male employees with big **** on their computer screens. Customers generally don't like it either. No brainer.

    I block hacking sites so curious users don't download packet sniffers and nice sploit tools loaded with trojans. Tired of cleaning that **** off, of course my double standard enables me to view hacker sites, so I can find out just what that new virus/trojan does and adjust things as necessary. Horrible boss <--- me

    I block gaming sites, because Bejeweled and Yahoo poker eat about 20 hours a week for a small group who is always complaining that they have too much work and need more bodies. It pisses off the big boss who signs there paychecks.

    I monitor every packet off one PC because every time you walk by the office you see a bunch of screens minimizing really quick like the person is actually fooling anyone. He's not doing anything bad, just goofing off with school work and ****. But he's under the bright light in my book. Bad boss.

    The big daddy boss in the sky is one of the most heavy web users on this network. He has all sorts of B2B connections over Http and he gets the occasional hit on news sites, or a ticket master site or Amazon.com or even "gasp" booking a vacation. He's not on the limiting list, even though he doesn't care if he's on it or not, I took him off because he owns the damn thing.

    One thing to remember about consulting or working for someone: they hired you to do a job. Your word isn't gospel and they may not agree with you, no matter how RIGHT you are and stupid they are. If you went to a restaurant and the waiter got pissed because you didn’t order his “recommendation’ you would apply some boss like logic to the situation.

    Once in a while you do run into people who have no standard and are just bad leaders or the employee hasn't a clue of the big picture and only sees a small part of the operating environment. Or you get a boss who spends too much time on AO and sucking up all the bandwidth every time he posts a 65kb article.
    West of House
    You are standing in an open field west of a white house, with a boarded front door.
    There is a small mailbox here.

  7. #37
    Member
    Join Date
    May 2002
    Posts
    46
    Ain't it the truth, every sys admin I know ( more than 1 or 2 ) has the same rights as god, or the BAFH. but with the legal ramifications for some of the "harmless" stuff employees do can get a company in deep stuff real quick.

    I helped do a licencesd software scan for a campus and found all sorts of stuff the RIAA and the feds would have liked to see. within two weeks the lan and all attached hardware was clean and legal! now the school hase a very strong policy about software and requires a group policy change with all the work that that includes. so no new software period.

    These changes would not have happened but for the work of one man "Snake" he scared the snot out of the deen by letting a few students under controled conditions hack the lan and all the servers, even a few that were not local, someone had hidden a few tools in one of the servers and had given themselfs a admin user name. he had to do a lot of BS work to impliment the new policies including work the help desk explaining why kazaa and winmx "won't work now"

    this is going to be one of the biggest part of sys admins jobs now....

    just my two cents,
    tired of being called an ass

  8. #38
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    this is going to be one of the biggest part of sys admins jobs now....
    I dunno..... It's been a part of my job for a while now.....

    To paraphrase my previous post..... It's my train set..... I'll play with it however I like... I, and my employer, like to protect the integrity of the company we work for.....
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  9. #39
    Member
    Join Date
    May 2002
    Posts
    46
    I dunno..... It's been a part of my job for a while now.....

    I know I'm only a tech with a bs in comp sci and I only have eleven commercial contracts, but the businesses I'm contracted too can't afford a full time sys admin. so I patch em up then make sugestions on how to prevent it (what ever "it" is) from happening again

    the problem is some body else installed and set up the systems and then charges the business several hundred dollars an hour making sure no one else can fix their systems. even if the contract hase been cancled or has expired, so I have had to learn social eng. and more than a few -ahem- ways to open up a system so that i can repair it.

    after I pound my head against the wall for a few hours, I get to go back to the store and clean internet trash and viri out of customer boxes, but I better not kill any programs (weather bug, gator, kazaa, kazaa lite,winmx, ect.) or change the homepage [you know how nice it is to have anal perversions.com or sum such open up in the store all of the benches can be seen by the customers and there are eigth stations.

    so maybe I overstepped my self by saying that software control and running checks for legal or otherwise might have been on the rise and may (it already is) the biggest job a sys admin has SORRY
    tired of being called an ass

  10. #40
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,786
    RoadClosed i cant say i share your feeling about the big daddy boss. the owner of the company i work for is a doctor of education. he took a course on access databases a year or two ago....it took days to get it all working right again. hes now one of the most limited users on the network although he's not aware of that. yes he owns the joint and fully expects me to do everything i can to insure it works as it should. i do
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides