RE: web monitoring tool

• Previous message: Chris Santerre: "RE: Internet E-mail monitoring/approval"
• Maybe in reply to: Michael Parker: "RE: web monitoring tool"
• Next in thread: Imran Khan: "RE: web monitoring tool"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: Chris Santerre <csanterre@MerchantsOverseas.com>
To: "'ikhan@eudoramail.com'" <ikhan@eudoramail.com>, security@nscs.uk.com, security-basics@securityfocus.com
Date: Thu, 10 Apr 2003 17:25:05 -0400

Dialup may cause you more headaches. The may get malware into your network
thru there. I would have the exec's bosses literally signoff on a piece of
paper saying they understand that you can't be held accountable to network
security if they put a big hole in your configuration.

I tell my bosses the same. If you don't give me the control, you can't blame
me when something happens thru a weak link.

I've also seen execs fired due to surfing habits.

The ONLY person in a company that can surf without fear is.......Sysadmin ;)

> -----Original Message-----
> From: Imran Khan [mailto:ikhan@eudoramail.com]
> Sent: Wednesday, April 09, 2003 8:00 PM
> To: security@nscs.uk.com; security-basics@securityfocus.com
> Subject: Re: web monitoring tool
>
>
>
> I do agree with you Byrne and many others who sent responses
> to my query. I cannot agree enough that this is strange
> one... It is also a deviation from an overall corporate
> security policy. But executives are executives after all!!!
>
> I did relay my concern earlier today and made a
> recommendation that these executives use a dialup connection
> if they need to keep their privacy and sanity of others...
>
> I have yet to find out the real objective behind this requirement!
>
>
> Thanks every one who responded.
>
> Cheers,
> Imran
>
>
>
> --
>
> On Wed, 9 Apr 2003 17:46:49
> Byrne Ghavalas wrote:
> >Hi Imran,
> >
> >The goal certainly is a strange one...
> >
> >Assuming that all the traffic goes through a firewall, I would assume
> >that you could assign static IP addresses (or reserved DHCP
> addresses)
> >to these manager's machines. Then, you could create a rule on the
> >firewall to allow the traffic through, but without logging.
> >
> >If the firewall does not support the option of no logging,
> then I would
> >say that the only other option I can think of is providing
> the group of
> >managers with their own Internet connection.
> >
> >Also, if the managers use different workstations, this option won't
> >really
> >be effective.
> >
> >As the traffic has to end up going through the firewall one way or
> >another,
> >I can't see any desktop solution solving your problem.
> >
> >I must admit that it is rather bizarre that your boss would want to
> >disable logging for these users. I can understand the your boss is
> >probably thinking of the privacy for those managers, but
> logging is not
> >really supposed to be used to spy on users activities, but rather to
> >spot anomalies and hopefully help with troubleshooting and forensic
> >investigations... Hopefully any staff that have access to this log
> >information are trusted staff members with well-written contracts ;-)
> >
> >I would try and convince your boss otherwise, but either
> way, good luck
> >in resolving your problem.
> >
> >Kind regards
> >
> >Byrne Ghavalas
> >
> >
> >----- Original Message -----
> >From: "Imran Khan" <ikhan@eudoramail.com>
> >To: <security-basics@securityfocus.com>
> >Sent: Wednesday, April 09, 2003 1:11 PM
> >Subject: Re: web monitoring tool
> >
> >
> >> couldn't find any matter on this one on the security focus
> website...
> >>
> >> I am looking for an application to block net utilization at the
> >desktop level.
> >>
> >> My boss wants to keep a select group's (mostly senior managers)
> >internet use confidential. She wants this to be done locally (desktop
> >application), so no logs are generated on the network admin end.
> >>
> >> Is this doable?
> >>
> >> Thanks for all the responses...
> >>
> >> Imran
> >>
> >>
> >> Need a new email address that people can remember
> >> Check out the new EudoraMail at
> >> http://www.eudoramail.com
> >>
> >> -------------------------------------------------------------------
> >> Is SPAM over-loading your e-mail server, disk space or bandwidth?
> >> SurfControl E-Mail Filter is flexible, intelligent and
> policy-driven
> >> protection.
> >> http://www.securityfocus.com/SurfControl-security-basics2
> >> Download your free fully functional trial, complete with 30-days of
> >free technical support.
> >> Stop SPAM before it stops you.
> >> -------------------------------------------------------------------
> >>
> >>
> >
> >
> >
>
>
> Need a new email address that people can remember
> Check out the new EudoraMail at
> http://www.eudoramail.com
>
> -------------------------------------------------------------------
> Is SPAM over-loading your e-mail server, disk space or bandwidth?
> SurfControl E-Mail Filter is flexible, intelligent and policy-driven
> protection.
> http://www.securityfocus.com/SurfControl-security-basics2
> Download your free fully functional trial, complete with
> 30-days of free technical support.
> Stop SPAM before it stops you.
> -------------------------------------------------------------------
>

-------------------------------------------------------------------
Is SPAM over-loading your e-mail server, disk space or bandwidth?
SurfControl E-Mail Filter is flexible, intelligent and policy-driven
protection.
http://www.securityfocus.com/SurfControl-security-basics2
Download your free fully functional trial, complete with 30-days of free technical support.
Stop SPAM before it stops you.
-------------------------------------------------------------------

• Previous message: Chris Santerre: "RE: Internet E-mail monitoring/approval"
• Maybe in reply to: Michael Parker: "RE: web monitoring tool"
• Next in thread: Imran Khan: "RE: web monitoring tool"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]