RE: centrally monitored "keylogger"
From: Andrew Shore (andrew.shore_at_holistecs.com)
Date: 10/14/04
- Previous message: Pablo Hauser: "Re: Re: Windows 2000 server ports, services to close."
- Maybe in reply to: tito.basa: "centrally monitored "keylogger""
- Next in thread: Jason Coombs: "Re: centrally monitored "keylogger""
- Reply: Jason Coombs: "Re: centrally monitored "keylogger""
- Reply: tito.basa: "Re: centrally monitored "keylogger""
- Reply: xyberpix: "RE: centrally monitored "keylogger""
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 14 Oct 2004 17:03:14 +0100 To: "Jantz, EJ" <EJantz@bswintl.com>, <security-basics@securityfocus.com>
I agree that as a sys admin ensuring that systems are secure should be a high priority.
However, I feel that monitoring every key stoke goes beyond the pale.
Just because we can, morally and ethically, should we. If staff were followed to the rest room or escorted out to the car park every night there would be a justified outcry. Yet when every action they perform during their normal daily job on a computer is scrutinised users don't appear to care, or is it that they don't know.
Don't get me wrong, I'm not bleeding heart liberal but ask your MD one question; are you going to monitor him? Or the other directors? I'll bet my house, car and cat on the answer.
When there is reasonable grounds to monitor some one then fine do it but not until. I've seen this type of monitoring turn to abuse. I'm not for 1 second suggestion that is your intent but I've been in this game 25 years and seen a lot abuse of power.
Try tapping someone phone line, see where that get you.
Anti virus and web content filters are one thing and should be encouraged.
Let me put one last question to you. Who monitors the monitors? What's to stop you logging my password to bank then transferring money form my account? At that point what is the company's liability? (Legally and morally)
It's a can of worms I wouldn't want to open.
Just My 2cents and hey what do I know :) I'm just stirring the pot.
-----Original Message-----
From: Jantz, EJ [mailto:EJantz@bswintl.com]
Sent: 14 October 2004 15:59
To: Andrew Shore
Subject: RE: centrally monitored "keylogger"
Andy, while I am sensitive to the privacy concerns, I am in a position, as a sysadmin, of being somewhat responsible to make sure that our employees don't steal the company blind. While I don't 'own' any of the company, I do get to share when it losses business or has it stolen out from under it.
We try very hard to trust our employees, they are mostly on the honor system. Occasionally, HR will get a request from a manager or VP and trigger some intense scrutiny of a users' activity. Some times it's just the workstation that's monitored, sometimes it's the activity across the domain.
It would be nice to have a handful of tools that do the job correctly and efficiently. Currently it takes resources we need for routine production offline, and leaves the rest of us to take up the slack until the chore is done. (I just love that when we are having a virus storm.)
Email--The Privacy of a Postcard,
The Half Life of Styrofoam.
'EJ' Jantz, IST Dept.
BSW International
One West Third St, Suite 800
Tulsa, OK 74103-3520
918-582-8771
ejantz@bswintl.com
918.295.4166
918.587.3594 FAX
-----Original Message-----
From: Andrew Shore [mailto:andrew.shore@holistecs.com]
Sent: Wednesday, October 13, 2004 3:22 AM
To: tito.basa; security-basics@securityfocus.com
Subject: RE: centrally monitored "keylogger"
You know, some time we go too far.
Just my 2 cents. 1984?
Andy
-----Original Message-----
From: tito.basa [mailto:mochafrap@mix.ph]
Sent: 11 October 2004 08:30
To: security-basics@securityfocus.com
Subject: centrally monitored "keylogger"
guys,
I'm looking for a monitoring tool sort of a keylogger
installed on every PC (but logs not just keystrokes
but screenshots as in some advanced "keyloggers")
deploying keyloggers on every PC is easy but
monitoring them is not due to the volume of records
we have to parse and keep. This is in conjunction with
strong authentication we'll also implement.
anybody here with experience in Verint Systems
ULTRA solutions for contact centers?
http://www.verintsystems.com/contact_center/
this seems to be something I need although their
agent still has to contact me for details.
other similar suggestions/recommendtions are welcome
thanks
tito
--- CONFIDENTIALITY NOTICE ---
The information in this email may be privileged, confidential,
proprietary and exempt from disclosure. This email is intended to be
reviewed by only the individual or organization named above. If you are
not the intended recipient or an authorized representative of the
intended recipient, you are hereby notified that any review,
dissemination or copying of this email and its attachments, if any, or
the information contained herein is prohibited. If you have received
this email in error, please immediately notify the sender by return
email and delete this email from your system.
--- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.776 / Virus Database: 523 - Release Date: 10/12/2004 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.776 / Virus Database: 523 - Release Date: 10/12/2004
- Previous message: Pablo Hauser: "Re: Re: Windows 2000 server ports, services to close."
- Maybe in reply to: tito.basa: "centrally monitored "keylogger""
- Next in thread: Jason Coombs: "Re: centrally monitored "keylogger""
- Reply: Jason Coombs: "Re: centrally monitored "keylogger""
- Reply: tito.basa: "Re: centrally monitored "keylogger""
- Reply: xyberpix: "RE: centrally monitored "keylogger""
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
