Home page logo
/

basics logo Security Basics mailing list archives

Re: Program to monitor employee internet usage
From: "Jared Lyvers" <jared () lewiscommunications com>
Date: Fri, 30 Dec 2005 12:25:41 -0600 (CST)

I too would recommend Squid.  I have been using it for our agency for
about 4 years and it does the job just right.  It is a full proxy so not
only can you monitor employee usage but you can also block access to types
of websites that will cause problems in a windows environment.  I think
most everyone here knows of a few sites like this.  I have also found it
very usefull for those that roam w/ a laptop.  You can setup ACL for users
and use it as a way for those that roam to gain access back into the
internal intranet.

There are several log analyzers that can be used but Sarg is one of the
easiest.  Hell, I have actually used webalizer before to graph out lists
of top site employees are going to.  Kind of fun to post on the intranet
for everyone to see what others are doing on the net.  Good way to keep
everyone on there toes and away from non work related websites.

-- 

// Jared Lyvers
// -----------------------
// Director of Interactive
// Director of IT
// LPI Certified
// -----------------------
// www.lewiscommunications.com


Not selling any product - at our facility we use Surfcontrol - Superscout
product.

Spencer Hall
Sr. Network Analyst/ISO
St. Vincent's
Jacksonville, Fl

Chris Davis <davisfactor () gmail com> 12/28/05 13:53 PM >>>
You might want to look at the Squid proxy and the log analyzer Sarg.

http://www.squid-cache.org/
http://sarg.sourceforge.net/sarg.php
If you look at the sample report on the Sarg site, you might notice
the graph and clock icons between the num and userid fields.  This
will show you a few stats about the user including what times the user
was on the Internet and how much bandwidth was consumed.

There seems to be a ton of log analyzers for Squid so if Sarg doesn't
seem to fit the bill, look at the Logfile Analysis link on the Squid
site.

This will require a Linux box and you'll also want to force everyone
to go through your proxy and deny ports 80 and 443 on your firewall
except to your proxy server.  If you run Active Directory, changing
everyone's Internet Explorer connection settings is very simple.

-chris


On 23 Dec 2005 16:49:48 -0000, invstg8r () hotmail com
<invstg8r () hotmail com> wrote:
A member of management has asked me to research available programs to
log internet usage (web surfing) on our corporate network.

We are running a Windows server with a mix of XP and 2K clients.

What have some of you used to provide this in a report that management
can use to show that a user is spending too much time on the internet?

I don't have a Linux box up and running, but if the right Linux based
app is suggested, I would consider going that route.

Thanks in advance.

- Mark A.

P.S. Please try and keep this on topic, I've seen questions lke this
before degrade into a privacy violation, "big brother" type of debate.

---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management
education and the case study affords you unmatched consulting
experience.
Tailor your education to your own professional goals with degree
customizations including Emergency Management, Business Continuity
Planning,
Computer Emergency Response Teams, and Digital Investigations.

http://www.msia.norwich.edu/secfocus
----------------------------------------------------------------------------



---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Tailor your education to your own professional goals with degree
customizations including Emergency Management, Business Continuity
Planning,
Computer Emergency Response Teams, and Digital Investigations.

http://www.msia.norwich.edu/secfocus
----------------------------------------------------------------------------



-----------------------------------------
NOTICE: This message is confidential, intended for the named
recipient(s) and may contain information that is (i) proprietary to the
sender, and/or, (ii) privileged, confidential and/or otherwise exempt
from disclosure under applicable Florida and federal law, including,
but not limited to, privacy standards imposed pursuant to the Federal
Health Insurance Portability and Accountability Act of 1996 ("HIPAA").
Receipt by anyone other than the named recipients(s) is not a waiver of
any applicable privilege. If you are not the intended recipient, please
contact the sender by reply e-mail and destroy all copies of the
original message. Thank you in advance for your compliance with this
notice.


---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Tailor your education to your own professional goals with degree
customizations including Emergency Management, Business Continuity
Planning,
Computer Emergency Response Teams, and Digital Investigations.

http://www.msia.norwich.edu/secfocus
----------------------------------------------------------------------------




---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Tailor your education to your own professional goals with degree 
customizations including Emergency Management, Business Continuity Planning, 
Computer Emergency Response Teams, and Digital Investigations. 

http://www.msia.norwich.edu/secfocus
----------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault