-
June 21st, 2007, 04:15 PM
#11
Sometimes there just isn't a technical solution to a management problem. Define your policy clearly on what is considered appropriate use of corporate resources (yes computers are corporate resources they are not the employees personal toys) and empower the managers and supervisors with the authority to enforce the policy. Like Nihil said, after the first few are fired for violation of the policy, the rest will quickly fall in line.
Cheers:
-
June 21st, 2007, 05:02 PM
#12
That reminds me of another objection I have to the wholesale deployment of keyloggers. They are basically retroactive, whereas computer security should be proactive.
One would normally want to prevent your systems from getting screwed up rather than find someone to blame after the damage has been done.
That is why we use website filters, firewall rules, user authorities and the like, and lock systems down.
Hence, I regard them as "last ditch" rather than "frontline"
-
June 21st, 2007, 08:32 PM
#13
I defiantly do not agree with what they are doing and I think they are going overboard to say the least. A simple webproxy should suit the needs of almost any company. Anything more should only be in a per-basis circumstance. I figured I would ask if anything is out there though!
-
June 22nd, 2007, 02:18 AM
#14
Originally Posted by oofki
Oh yeah they want a solution for monday lol...
He-heh, that's the line I love. Tell them to get real. What a bunch of control freaks.
Reminds me of a camera job I did a couple of years back. The boss kept having
me reposition the cameras so he could see his employees faces. Lawdy, were
they PO'ed. I was embarrassed.
“Everybody is ignorant, only on different subjects.” — Will Rogers
-
June 22nd, 2007, 02:40 AM
#15
You were just doing your job you shouldn't feel embarrassed :-)
-
June 22nd, 2007, 11:03 AM
#16
Originally Posted by DjM
Like Nihil said, after the first few are fired for violation of the policy, the rest will quickly fall in line.
Not in a school. Gah.
Anyhoo, much as its rude to be a me-tooer, Keyloggers are a really bad idea. I imagine it wouldn't be too hard to create one that will log keys, encrypt it and send it over the net/lan whenever possible its just so pointless. We do constant screenshot tracking on about 10% of our users (good lord, I had no idea it was that many til I just counted) and that catches most stuff. What we don't catch is stuff we don't see because we weren't watching.
Also - big flaw with keyloggers, you can't see what they are clicking on. So, using the keylogger we are trialing (from net support school package) we can see what people are typing. Some people type nothing. All this means is that they are surfing their favourites or playing solitare or messing with paint.
Catching a google search will not tell you what website they actually were playing with (and should be blocked) just the search.
If the world doesn't stop annoying me I will name my kids ";DROP DATABASE;" and get revenge.
-
June 22nd, 2007, 12:25 PM
#17
Originally Posted by oofki
You were just doing your job you shouldn't feel embarrassed :-)
Come to think of it, the same guy had me install keyloggers in 3 or 4 desktops in the
office a few years back. He griped they slowed the machines down, and I had to train
him to read the log files. In the end, it was a lot of work going thru those. It worked in
the sense he created the impression among his employees he could see what they were
doing on the computers. He'd have been better off running an app like Iris and sniffing
the network. The way a lot of security works, both physical and virtual, is creating the
impression you will be seen doing wrong.
“Everybody is ignorant, only on different subjects.” — Will Rogers
-
June 23rd, 2007, 04:09 AM
#18
Junior Member
We use an application called Peal Echo. It monitors http,chat,ftp, and email. Has a really nice front end. but you have to do some customization to get the data that matters. It's a pretty good monitoring solution. If they are offsite, you can either give your server an open port for the client application to report to, or it will just cache it until next time the computer is hooked up to the network.
-
June 23rd, 2007, 04:31 PM
#19
Junior Member
Keyloggers
I would advise you to search on this site www.keylogger.org as it is dedicated to keyloggers and has a lot of info about them. I suppose you will find there what you are looking for
-
July 26th, 2011, 10:37 AM
#20
Junior Member
Originally Posted by oofki
Okay my friends company wants to monitor all the things EVERYONE does and people are not just on the lan there are a lot of onsite people. Does anyone know of a keylogger that can send the data securely via anything secure such as ssl, https, or sftp? Oh yeah they want a solution for monday lol...
A corporate keylogger? Maybe you can have a try on this monitoring program: Amac keylogger for mac. It seems very popular online, hope it can help.
Similar Threads
-
By earthbound4u in forum Network Security Discussions
Replies: 18
Last Post: December 5th, 2006, 10:43 PM
-
By Tiger Shark in forum Microsoft Security Discussions
Replies: 5
Last Post: January 14th, 2005, 08:47 PM
-
By eaz135 in forum AntiOnline's General Chit Chat
Replies: 1
Last Post: April 13th, 2003, 04:04 AM
-
By khakisrule in forum Microsoft Security Discussions
Replies: 15
Last Post: July 26th, 2002, 12:43 AM
-
By GreekGoddess in forum Cosmos
Replies: 11
Last Post: June 23rd, 2002, 04:24 PM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|