Re: Help can It spy on me during work

From: Michael Heiming (michael+USENET_at_www.heiming.de)
Date: 07/22/05


Date: Fri, 22 Jul 2005 23:00:09 +0200

In comp.os.linux.security Moe Trin <ibuprofin@painkiller.example.tld>:
> In the Usenet newsgroup comp.os.linux.security, in article
> <1427486.99Dx8uPLGf@robinton.llondel.org>, Dave {Reply Address in.sig} wrote:

[..]

>>It's surprising just how many companies don't bother with monitoring, I
>>know if I was IT manager I'd be logging everything that went through the
>>firewall.

> In a way, I have to agree with you - we've had an Internet connection
> for ~20 years. The web browser is fifteen years old (cit. RFC1945),
> and I'm sure the popular press has made people aware of the abuse
> possibilities - yet some companies are quite unaware of what their
> network connection might be being used for. Some are apparently
> brain dead, others don't think there could be a problem. Still others
> hope that the problem doesn't exist, and think by ignoring it, it
> will go away.

> "If you trust your employees", used to be a good enough excuse to not
> have monitoring - but that was years ago. Now, you should be monitoring
> just to detect non-normal situations that might indicate a problem. Those
> networks with a windoze complement should be monitoring to see that the
> malware de heure hasn't infected those windoze boxes.

Depends on the company, usually size is what matters, large
networks have much more "secret" things in place to control
suspicious activity. In opposite to small ones with mostly quite
relaxed policy, at least it does cost money. In addition they
don't have the stuff implementing/maintaining all those goodies.

They can actually prevent with shortening reaction time one or
another disaster. There was some doze malware sometime ago which
just tried out all public + private LANs to infect even more
doze boxes, kept people quite busy especially those with large
official IP ranges, the crap...

-- 
Michael Heiming (X-PGP-Sig > GPG-Key ID: EDD27B94)
mail: echo zvpunry@urvzvat.qr | perl -pe 'y/a-z/n-za-m/'
#bofh excuse 321: Scheduled global CPU outage