do company servers know where you've been? in Security

do company servers know where you've been? in Security http://www.dslreports.com/forum/r21076961 en Mon, 30 Nov 2009 14:16:48 EDT Mon, 30 Nov 2009 14:16:48 EDT Re: do company servers know where you've been? http://www.dslreports.com/forum/remark,21095264 CKizer : ^ totally useless when the workstations themselves are monitored. ;)

»www.spector360.com/

Oh yeah, tampering with, including removing, disabling, or blocking the monitoring software is grounds for immediate termination. :o
--
Crunching for Help Defeat Cancer and FightAIDS@Home at the World Community Grid.]]> http://www.dslreports.com/forum/remark,21095264 Thu, 11 Sep 2008 17:18:07 EDT Re: do company servers know where you've been? http://www.dslreports.com/forum/remark,21091225 anon : As a rule of thumb all activity on the web is recorded, sometimes more than once. Google keeps its records for 10 years.

If you want to surf without any trace then you have to have a good proxy system. But if you browse with your local browser and a proxy it is the same you still can be traced and logged.
Never use free proxy's as you don't know who is sitting on the exit.

Go to
»www.yourprivacy.tk

They might have a solution. A portable SSH Tunnel system with Firefox.]]> http://www.dslreports.com/forum/remark,21091225 Wed, 10 Sep 2008 22:32:08 EDT Re: do company servers know where you've been? http://www.dslreports.com/forum/remark,21086921 NetFixer :

said by Kiwi

:

I can't see anybody objecting to reasonable use, if it's reasonable why worry?

Of course what is reasonable is determined by the owner of the network. In my work I connect to many corporate and DoD networks, and it might surprise you how many of them block access to broadbandreports.com and dslreports.com.

Of course when a site is actually blocked, you at least get some immediate feedback that you are doing something verboten. If the employer only tracks usage, but does not have a published policy regarding non-work internet usage, an employee can get a nasty surprise come evaluation time (or possibly at the next post-merger or market downturn layoff time).
--
History does not long entrust the care of freedom to the weak or the timid.
-- Dwight D. Eisenhower
Test your firewall.
Smell the flowers.]]> http://www.dslreports.com/forum/remark,21086921 Wed, 10 Sep 2008 09:35:55 EDT Re: do company servers know where you've been? http://www.dslreports.com/forum/remark,21084436 Kiwi :

said by sfogliatelle

said by scelli

:

However, you must admit the comment below (in bold italics) copied directly from your initial posting invokes thoughts of a person more concerned about trying to cover his or her tracks rather than somebody interested in maintaining a lean, mean computer machine:

My question is: short of server sabotage (and abstinence towards my fave links), what can I do to either minimize or mask my browsing?

No you are not, I'm beginning to see the picture, but Admin Rights verse a Network Admin are two different animals. I can't see anybody objecting to reasonable use, if it's reasonable why worry?]]> http://www.dslreports.com/forum/remark,21084436 Tue, 09 Sep 2008 19:35:55 EDT Re: do company servers know where you've been? http://www.dslreports.com/forum/remark,21084365 sfogliatelle :

said by scelli

Yeah, I can understand where a statement like that can be interpreted as someone who's got something they'd rather not have others know about or shine an unnecessary light on to investigate.

While it's certainly no defense, it's a safe bet I'm not the only employee out there who has a few favorite diversionary sites they like to visit from time to time.]]> http://www.dslreports.com/forum/remark,21084365 Tue, 09 Sep 2008 19:25:51 EDT Re: do company servers know where you've been? http://www.dslreports.com/forum/remark,21084308 Maccawolf : I have yet to come across a blocked site at work. (not that I'm trying to find them...)

A friend of mine is blocked from fatwallet.COM, but can get on to fatwallet.NET.....
He's in the military, that should explain a lot...
--

Mom and Crockett...... I miss you both!]]> http://www.dslreports.com/forum/remark,21084308 Tue, 09 Sep 2008 19:15:30 EDT Re: do company servers know where you've been? http://www.dslreports.com/forum/remark,21084290 scelli :

said by sfogliatelle

:

It's not that I'm attempting to cover my tracks. It's just plain maintenance and housekeeping. I've seen many a computer where performance has ground to a virtual halt due to stuff not getting cleaned out (temp files, old restore points, lack of defragging).

The above might very well be true. However, you must admit the comment below (in bold italics) copied directly from your initial posting invokes thoughts of a person more concerned about trying to cover his or her tracks rather than somebody interested in maintaining a lean, mean computer machine:

My question is: short of server sabotage (and abstinence towards my fave links), what can I do to either minimize or mask my browsing?
--
The maximum effective range of an excuse is ZERO meters!]]> http://www.dslreports.com/forum/remark,21084290 Tue, 09 Sep 2008 19:10:55 EDT Re: do company servers know where you've been? http://www.dslreports.com/forum/remark,21083968 Kearnstd : i always imagine that im being tracked, that said at work i come here and goto some game related sites(that arent websensed). oddly enough we dont have Youtube blocked.
--
[65 Arcanist]Filan(High Elf) Zone: Broadband Reports]]> http://www.dslreports.com/forum/remark,21083968 Tue, 09 Sep 2008 18:07:51 EDT Re: True identity http://www.dslreports.com/forum/remark,21083768 sfogliatelle :

said by EGeezer

:

Just don't put up a webcam and clean yourself in front of it.

And get off my leg!!!! :D

Admit it; you're just jealous 'cause I can lick my privates and you can't!]]> http://www.dslreports.com/forum/remark,21083768 Tue, 09 Sep 2008 17:30:46 EDT Re: True identity http://www.dslreports.com/forum/remark,21083385 EGeezer : Just don't put up a webcam and clean yourself in front of it.

And get off my leg!!!! :D ]]> http://www.dslreports.com/forum/remark,21083385 Tue, 09 Sep 2008 16:20:18 EDT Re: do company servers know where you've been? http://www.dslreports.com/forum/remark,21081892 sfogliatelle : You know, it's kinda too late for an alibi now

Yeah. Well, at least here my true identity is preserved.

brak bark woof woof anonymity

]]> http://www.dslreports.com/forum/remark,21081892 Tue, 09 Sep 2008 12:20:03 EDT Re: do company servers know where you've been? http://www.dslreports.com/forum/remark,21081823 MeanPeepsSuk :

said by sfogliatelle

You know, it's kinda too late for an alibi now.

j/k]]> http://www.dslreports.com/forum/remark,21081823 Tue, 09 Sep 2008 12:08:58 EDT Re: do company servers know where you've been? http://www.dslreports.com/forum/remark,21081807 dave : At this point, I'd like to take a moment to say 'Hi' to all the people watching in our corporate IT department.

----

Hi, guys. How's it going?

Did I ever tell you I think you're all swell fellows?]]> http://www.dslreports.com/forum/remark,21081807 Tue, 09 Sep 2008 12:07:20 EDT Re: do company servers know where you've been? http://www.dslreports.com/forum/remark,21081437 sfogliatelle : It's not that I'm attempting to cover my tracks. It's just plain maintenance and housekeeping. I've seen many a computer where performance has ground to a virtual halt due to stuff not getting cleaned out (temp files, old restore points, lack of defragging).

Sorry, [JohnInSJ], I still haven't gotten the hang of the new 'qreply' feature here.]]> http://www.dslreports.com/forum/remark,21081437 Tue, 09 Sep 2008 11:09:07 EDT Re: do company servers know where you've been? http://www.dslreports.com/forum/remark,21081408 sfogliatelle :

said by JohnInSJ

:

Yes, the company knows where you've been - as others have pointed out, that information isn't on your PC, it's on the gateway, the proxy, etc.

Don't waste your time covering your tracks. Either just surf as desired and damn the torpedoes, use a coworker's computer (:p) or don't do it. But you probably waste more time covering your tracks the the odd peek now and then at a non-work-related site.

]]> http://www.dslreports.com/forum/remark,21081408 Tue, 09 Sep 2008 11:05:24 EDT Re: do company servers know where you've been? http://www.dslreports.com/forum/remark,21081074 JohnInSJ : Yes, the company knows where you've been - as others have pointed out, that information isn't on your PC, it's on the gateway, the proxy, etc.

I know where my kid's been on the internets. Its not rocket science. And no, there's no way for the kid to bypass the proxy/gateway with its logs (and filters) short of not using the internet connection @ the house. It took me all of 5 minutes to set it up, it takes no time at all to read the daily email list of top sites visited ranked by time/bytes transferred/number of visits.

Don't waste your time covering your tracks. Either just surf as desired and damn the torpedoes, use a coworker's computer (:p) or don't do it. But you probably waste more time covering your tracks the the odd peek now and then at a non-work-related site.
--
My place : »www.schettino.us]]> http://www.dslreports.com/forum/remark,21081074 Tue, 09 Sep 2008 10:03:07 EDT Re: do company servers know where you've been? http://www.dslreports.com/forum/remark,21080936 CKizer :

said by MeanPeepsSuk

:

Don't let the fact that nothing seems blocked, and no one has said anything lull you into a false sense of security. Everything going out of that wire on their network is being logged.

Some management take the approach of allowing a small amount of transgressions (provided it's not network impacting). Kind of like the line between too many personal calls at work. Many do actively monitor and are aware, but won't say anything unless you get out of hand. Some just do spot checks. Even the ones that don't actively monitor, can and will review your history should you be put on the radar.

I've seen varied ways management views and ways to handle this. While you'd hope they would say something if they had issue (and many do), I've seen others who treat it all as a way of giving their employees enough rope to hang themselves.

Then there is the other class I've seen.... The ones who stores it all up, fully aware and says nothing.. but keeps it on file if they ever need it for a legal excuse for an action not in your favor (up to termination). I've seen some who will pull out stuff from years ago for this very purpose.

This is EXACTLY how it is done!
--
Crunching for Help Defeat Cancer and FightAIDS@Home at the World Community Grid.]]> http://www.dslreports.com/forum/remark,21080936 Tue, 09 Sep 2008 09:32:15 EDT Re: do company servers know where you've been? http://www.dslreports.com/forum/remark,21080834 MeanPeepsSuk :

said by sfogliatelle

:

So far, there's not been a single mention made of the non-work related sites I go to. Heck, for all I know, the boss doesn't have the tech savvy to read the server log files.

Don't let the fact that nothing seems blocked, and no one has said anything lull you into a false sense of security. Everything going out of that wire on their network is being logged.

Some management take the approach of allowing a small amount of transgressions (provided it's not network impacting). Kind of like the line between too many personal calls at work. Many do actively monitor and are aware, but won't say anything unless you get out of hand. Some just do spot checks. Even the ones that don't actively monitor, can and will review your history should you be put on the radar.

I've seen varied ways management views and ways to handle this. While you'd hope they would say something if they had issue (and many do), I've seen others who treat it all as a way of giving their employees enough rope to hang themselves.

Then there is the other class I've seen.... The ones who stores it all up, fully aware and says nothing.. but keeps it on file if they ever need it for a legal excuse for an action not in your favor (up to termination). I've seen some who will pull out stuff from years ago for this very purpose.

Your particular employer might not be watching or care. Just be aware that this goes on.

edit: fixed missing word]]> http://www.dslreports.com/forum/remark,21080834 Tue, 09 Sep 2008 09:06:32 EDT Re: do company servers know where you've been? http://www.dslreports.com/forum/remark,21080822 sfogliatelle : Well, it looks like I've been exposed for the subversive I am. You're right. I'm the reason why this country is in the sad shape it's in.

Take a chill pill, dude. Way too much coffee for you!]]> http://www.dslreports.com/forum/remark,21080822 Tue, 09 Sep 2008 09:03:45 EDT Re: do company servers know where you've been? http://www.dslreports.com/forum/remark,21080777 caffeinator : Why is this a topic?

He's doing stuff he knows he should not be doing on COMPANY time. He just wants an out.

Welcome to why the rest of the G8 world is kicking our corporate asses, if not buying it outright from under us.

We have no work ethic anymore.

End of story.

And, OP, if you think you are smarter than the sysAd's..try doing their job for a day.

G'Day and GL, keep that resume polished.

-CaFF
--

My 9/11 Tribute..online since 9/14/01
Need an Avatar? Check out Wafen's Avatar Pages]]> http://www.dslreports.com/forum/remark,21080777 Tue, 09 Sep 2008 08:53:03 EDT Re: do company servers know where you've been? http://www.dslreports.com/forum/remark,21080588 Matt :

said by Maccawolf

:

Let's take this one step further. I'll start by saying that I go NOWHERE that impacts my job, or hinders my performance at work, I don't do anything illegal, I just don't need others snooping.
I use a flash drive and FF rather than IE which my company provides. They can still monitor that, right?

Just as easily. And if Firefox isn't an approved application, you just gave the sysadmin a VERY easy way to filter the logs. I'm sure your sysadmin will smile when he realizes that. :)
--
Linux Haters Unite!]]> http://www.dslreports.com/forum/remark,21080588 Tue, 09 Sep 2008 07:38:50 EDT Re: do company servers know where you've been? http://www.dslreports.com/forum/remark,21080587 Matt :

said by sfogliatelle

:

So far, there's not been a single mention made of the non-work related sites I go to.

They probably don't have a reason to check the logs for your traffic yet, but if it's government related, I can almost guarantee they have requirements to keep records for 3+ years. I was involved with state government many years ago and even then, we had requirements. We had to bust a guy for child porn (from a work computer no less, what a brainiac) and we had a record of everything he did. We reconstructed what NNTP groups he visited, the subject of most of his email/NNTP postings, as well as what web sites he visited. It was labor intensive, but this was also 1999. There are tool that AUTOMATE all this now ... for free. (Wireshark anyone?)

It doesn't matter what you do on the client computer to cover your tracks. They know that IP Address zzz.zzz.zzz.zzz was assigned to computer ABCD on date 1/1/2008 and on date 1/1/2008 computer ABCD visited sites XYZ.

The worst part is, even if you visit www.funnystuff.com and they advertise for www.pornsite.com, it could look like you visited www.pornsite.com if advertisements are served from the www.pornsite.com webserver.

Bottom line, if you're not prepared to justify the sites you visit (you're not going to get fired for visiting cnn.com, but you may for www.funnyjokes.com) or are not prepared to lose your job for visiting such sites, don't.
--
Linux Haters Unite!]]> http://www.dslreports.com/forum/remark,21080587 Tue, 09 Sep 2008 07:37:18 EDT Re: do company servers know where you've been? http://www.dslreports.com/forum/remark,21080563 MacGyver : Yes.]]> http://www.dslreports.com/forum/remark,21080563 Tue, 09 Sep 2008 07:25:25 EDT Re: do company servers know where you've been? http://www.dslreports.com/forum/remark,21080518 Maccawolf : Let's take this one step further. I'll start by saying that I go NOWHERE that impacts my job, or hinders my performance at work, I don't do anything illegal, I just don't need others snooping.
I use a flash drive and FF rather than IE which my company provides. They can still monitor that, right?
--

Mom and Crockett...... I miss you both!]]> http://www.dslreports.com/forum/remark,21080518 Tue, 09 Sep 2008 06:57:37 EDT Re: do company servers know where you've been? http://www.dslreports.com/forum/remark,21080179 EGeezer : There are several good monitoring applications out there - Websense is one. Watchguard, Wavecrest and other vendors also have excellent reporting tools. None require any information from the client PCs caches or logs, so removing them from your PC would not have any effect on the ability to monitor, log, classify and report your browsing when done on a company (or other) network that's not under your own control.
--
The greatest dangers to liberty lurk in insidious encroachment by men of zeal, well-meaning but without understanding. -- Justice Louis D. Brandeis]]> http://www.dslreports.com/forum/remark,21080179 Tue, 09 Sep 2008 02:10:44 EDT Re: do company servers know where you've been? http://www.dslreports.com/forum/remark,21079711 avd706 : No only that, but the logs can be kept forever, so if you bring attention to yourself,they can research what you have been doing.

The best defense against corporate logging is a small laptop and a evdo card (in someone else's name)]]> http://www.dslreports.com/forum/remark,21079711 Mon, 08 Sep 2008 23:47:45 EDT Re: do company servers know where you've been? http://www.dslreports.com/forum/remark,21078901 norky : A good sysadmin will not only know where you've been, he'll know what you've been running to hide where you've been.]]> http://www.dslreports.com/forum/remark,21078901 Mon, 08 Sep 2008 21:33:15 EDT Re: do company servers know where you've been? http://www.dslreports.com/forum/remark,21078873 DracoFelis :

said by sfogliatelle

:

Even though I take the sanitizing steps I do, am I deluding my self by presuming that the boss can't determine where I've been?

Yes, you are deluding yourself.

Assuming normal business level networking equipment, they can monitor/log as much of the traffic as they want to. And it doesn't matter how much you "clean" your PC, as the easiest place to monitor such traffic is at the network level (which you presumably don't control, even if you "control" your own work PC).

Now I'm not saying you are being monitored in this way, just that you easily could be.

NOTE: Another user mentioned that every site you visit (even if you only visit that site by IP address, and don't do a DNS lookup) can be monitored if your company uses an internet "proxy". However, while that might make the monitoring slightly easier, its not really necessary for their to be a "proxy" for you to be monitored, as a LOT of business level networking equipment has good "logging" abilities. As just one example of this, most companies are connected to the internet by one or more routers, and many routers have the ability to log date/time, and both internet addresses (for every single packet going over that router link). And while that might not technically tell a company it was you, they will know that on such and such a time your PC (identified by IP address) visited a specific location on the internet (and what that location was). And again, this is being done at the NETWORK LEVEL, so any "cleaning up of the PC" won't erase the evidence.

said by sfogliatelle

:

My question is: short of server sabotage (and abstinence towards my fave links), what can I do to either minimize or mask my browsing?

I suppose you could use a VPN to some other server not under the company's control. By doing that, you are encrypting your traffic, so they can't sniff the details.

OTOH that might not help you much, as their network logs will still be able to tell (possibly very easily) that you are setting up a VPN to a non-work server, and (while the VPN will mask the actual traffic contents) network monitoring can even tell approximately how much traffic is going over that VPN link (they presumably didn't "authorize" you to make).

Bottom line, the people that control the network can easily watch what goes over those network links. And if you are using your network link to violate the rules of your job, they are within their rights to use that evidence against you (as justification for firing you, for example). I'm not saying they will use this info against you (or even that they are monitoring things that much, as such things vary a lot between companies), just that they can easily do this level of internet monitoring if they wish.]]> http://www.dslreports.com/forum/remark,21078873 Mon, 08 Sep 2008 21:29:30 EDT Re: do company servers know where you've been? http://www.dslreports.com/forum/remark,21078838 sfogliatelle : So far, there's not been a single mention made of the non-work related sites I go to. Heck, for all I know, the boss doesn't have the tech savvy to read the server log files.

And besides, I'd put my computer up against any other in the building for running lean, mean and clean. Being a frequent reader of the forums here has taught me more than a thing or two about 'puter security and housekeeping. ]]> http://www.dslreports.com/forum/remark,21078838 Mon, 08 Sep 2008 21:24:26 EDT Re: do company servers know where you've been? http://www.dslreports.com/forum/remark,21078796 sfogliatelle : The tool I mainly use is CrapCleaner, and not for covering my tracks. Compared to what Windows offers, it's light years faster and more efficient. There are more than a few cookies I choose to save with it.

At work I do run as an Admin; installing, uninstalling, etc.

Unlike the network I'm on when I perform Reserve duty (government network: lotsa no-nos there), I get no warnings nor alerts if I attempt to navigate on to potentially questionable sites. Which is just fine with me, as I've read too many horror stories on this forum here of what an unthinking, errant click can do. ]]> http://www.dslreports.com/forum/remark,21078796 Mon, 08 Sep 2008 21:19:08 EDT Re: do company servers know where you've been? http://www.dslreports.com/forum/remark,21078614 angelique : I'm not in IT at the company I work for but I do know they monitor all traffic and actually prohibit access to certain sites. If you access a prohibited site (porn sites, video such as you tube, game sites) a message is displayed on your monitor with user name and internal IP address giving the reason for blocking you from the site. So yes, as previous posters have said, if setup correctly the company knows. We're not even allowed to use Firefox because of security flaws.]]> http://www.dslreports.com/forum/remark,21078614 Mon, 08 Sep 2008 20:49:48 EDT Re: do company servers know where you've been? http://www.dslreports.com/forum/remark,21078525 Link Logger : Does your company have an Acceptable Use Policy as it is possible every site your system goes to is logged (even Link Logger can do that).

My favorite AUP story was one company I was helping out had a very well written policy that every employee agreed and signed, but one day I was walking down the hall when I looked in one of the developers office there was some major hard core porn on his screen, so I asked him if that perhaps violated the AUP, and he said no, so I asked him to explain and he said it was his on his personal laptop and he was using an open wireless network connection from the apartment building next to our building so he was totally outside the agreement (he had even reconfigure that open wireless connection so he could use P2P software with it). Some people seem to have a hard time grasping the concept of a work environment, so the AUP was amended to handle use of personal or 'borrowed/stolen' hardware and network facilities within the company office (what you do on your time with your personal equipment and network connection is your business as long as it doesn't impact your job or work performance).

Blake
--
Vendor: Author of Link Logger which is a traffic analysis and firewall logging tool]]> http://www.dslreports.com/forum/remark,21078525 Mon, 08 Sep 2008 20:34:54 EDT Re: do company servers know where you've been? http://www.dslreports.com/forum/remark,21078496 Kilroy : If you go through a proxy server that requires authorization they know every dirty little secret, if they care to look.
--
When will the people realize that with DRM they aren't purchasing anything?]]> http://www.dslreports.com/forum/remark,21078496 Mon, 08 Sep 2008 20:29:43 EDT Re: do company servers know where you've been? http://www.dslreports.com/forum/remark,21078436 Kiwi :

said by dave

said by sfogliatelle

:

Even though I take the sanitizing steps I do, am I deluding my self by presuming that the boss can't determine where I've been?

Yes. Every piece of equipment your bits pass through on their way out of the building is potentially in a position to log what you do.

I'll back that up, on the whole reasonable use is acceptable and it should not haunt you. People sometimes find an unfiltered site and get out, the time stamp also reflects that lack of interest.

If you have workable 'Tools' and not an Admin, it's probably a poorly managed network.]]> http://www.dslreports.com/forum/remark,21078436 Mon, 08 Sep 2008 20:22:01 EDT Re: do company servers know where you've been? http://www.dslreports.com/forum/remark,21077683 dave :

said by sfogliatelle

:

Even though I take the sanitizing steps I do, am I deluding my self by presuming that the boss can't determine where I've been?

Yes. Every piece of equipment your bits pass through on their way out of the building is potentially in a position to log what you do.]]> http://www.dslreports.com/forum/remark,21077683 Mon, 08 Sep 2008 17:37:26 EDT Re: do company servers know where you've been? http://www.dslreports.com/forum/remark,21077223 WeenieBoy : Besides DNS, you may have a corporate proxy and are being tracked there. Of course you could use a public proxy to by pass the corporate one. That is detectable to. There are ways but all are detectable. Trying to bypass security will surely bring a more watchfull eye on you.]]> http://www.dslreports.com/forum/remark,21077223 Mon, 08 Sep 2008 16:07:46 EDT Re: do company servers know where you've been? http://www.dslreports.com/forum/remark,21077176 nwrickert :

Even though I take the sanitizing steps I do, am I deluding my self by presuming that the boss can't determine where I've been?

I can tell which users have been visiting porn sites, by checking the DNS query logs. Similarly, I can tell which users have been visiting anti-war sites.

I don't actually bother to do that. But the information is all there in the DNS query logs (assuming the DNS server is set to log queries).
--
AT&T dsl; Westell 327w modem/router; openSuSE 11.0; firefox 3.0.1]]> http://www.dslreports.com/forum/remark,21077176 Mon, 08 Sep 2008 16:00:18 EDT Re: do company servers know where you've been? http://www.dslreports.com/forum/remark,21076989 anon : Without your sabotage most likely nothing. If the server/ internet connection is setup correctly you are tracked. The tracking is not done by your computer so you could destroy your desktop and the record will still exist.]]> http://www.dslreports.com/forum/remark,21076989 Mon, 08 Sep 2008 15:27:12 EDT do company servers know where you've been? http://www.dslreports.com/forum/remark,21076961 sfogliatelle : Pardon my naiveté in advance.

I have and use a number of programs/utilities on a regular basis to remove most all digital detritus which accumulates with ordinary browsing.

Not that I visit unsavory or questionable sites (I don't; really), but there are a few which may not be classified as 'work related'.

Even though I take the sanitizing steps I do, am I deluding my self by presuming that the boss can't determine where I've been?

My question is: short of server sabotage (and abstinence towards my fave links), what can I do to either minimize or mask my browsing?]]> http://www.dslreports.com/forum/remark,21076961 Mon, 08 Sep 2008 15:20:09 EDT