A log is a record. In this case I am recording traffic and not content. Regardless of semantics we play on the ethical side of the court.
Known Proxy: Squidguard and Dans Guardian blacklists are kept up to date so i don't have to chase them down myself. Blocking in the firewall is painful. It means i have to maintain a list of IP's or domains in more than 30 firewalls spread across the country. When i could just use Squid+DansG in one location Yes there are ways of obfuscating traffic to make it appear as something else. But i can count on 1 hand the number of times an individual has been smart enough to do that let alone spell the word. We block all outbound ports except mail, and web. But these days all you need is port 80 to connect to a proxy server that then opens playboy.com on port80 for you. I never know you are on playboy.com until the sexual harrasment lawsuit comes down the pipe or a visitor to one of our nursing facilities claims that an resident was busy watching porn in the dining room ... What to do? On Wed, May 23, 2012 at 3:02 AM, Benjamin Tayehanpour < [email protected]> wrote: > In that case, you are logging, not recording as you previously stated. > There is a difference, so please refrain from mixing those two terms in the > future. "Monitoring" is an umbrella word which could entail both logging > and recording or even none of them and instead other approaches. > > And, as long as you don't record, you are staying on the ethical side of > things, I suppose :) > > Although, I am a bit curious. What, exactly, entails "known proxy"? Do you > keep a list of them? In that case, why not block them outright in the > firewall? Also, there are ways of obfuscating traffic to make it > indistinguishable from "legitimate" traffic. How do you counter that? > > Wouldn't it be easier just to block all outgoing ports except the ones you > use in your line of work? That way you would blanket-block almost every > public proxy out there, and there would be less traffic to monitor. > > > On 23 May 2012 09:52, sanga collins <[email protected]> wrote: > >> The process of blocking requires monitoring. I believe blocking is acting >> on monitored traffic, is it not? >> >> I think there is a misunderstanding as to what my monitoring entails. I >> can not read a users email or view the website they are viewing live. All i >> can see is what site was visited, when, and from which computer. Basic >> information available in all routing equipment. On this basic information >> rules are set in the organization with penalties for violating the rules. >> If you access a known proxy or i determine you are circumventing the >> monitoring, i dont need to know why you did it, or where you went. The fact >> that you did, on a computer that isnt yours is grounds for termination >> >> >> >> On Wed, May 23, 2012 at 2:45 AM, Victor van Reijswoud < >> [email protected]> wrote: >> >>> How long are records kept? Who is able to access and examine them? >>> These are important issues when 'everything' is monitored. >>> >>> For medical information (as you refer to) this has been arranged by >>> law in most countries. Is this also arranged for data/information >>> related to computer use of individuals in your organisation? >>> >>> Un-ethical is a strong word but I feel it more transparent to block >>> than to monitor 'everything'. >>> >>> >>> On Wed, May 23, 2012 at 7:27 AM, Sanga Collins <[email protected]> >>> wrote: >>> > Why is it un ethical? You work in our office using our computers >>> handling patient medical information and financial data. The govt mandates >>> we keep a 'paper trail' of everything coming and going. We also clearly >>> state in the terms of employment that all Internet traffic is monitored. >>> > >>> > Don't see the unethical part. >>> > >>> > Besides most routers and networking equipment log all traffic anyway. >>> > >>> > Sent from my mobile device >>> > >>> > On May 23, 2012, at 9:19 AM, Victor van Reijswoud < >>> [email protected]> wrote: >>> > >>> >> +1 >>> >> >>> >> >>> >> On Wed, May 23, 2012 at 7:13 AM, Benjamin Tayehanpour >>> >> <[email protected]> wrote: >>> >>> Recording traffic is even worse than outright blocking it, from an >>> ethical >>> >>> point of view. It's quite fun, though :) >>> >>> >>> >>> >>> >>> On 22 May 2012 16:09, Sanga Collins <[email protected]> wrote: >>> >>>> >>> >>>> We don't block apps or websites we haut record everything. HR has >>> new >>> >>>> employees sign terms of use. If they are violated the employee is >>> >>>> terminated. Use of proxies or circumvention techniques counts as 2 >>> >>>> violations. Leaving 1 violation for termination. >>> >>>> >>> >>>> Each year your violations reset to zero and all cases are >>> investigated >>> >>>> since spam, spyware or viruses can also cause traffic to be >>> recorded that is >>> >>>> not allowed. >>> >>>> >>> >>>> Btw we allow far book twitter and social networking sites. But if >>> you >>> >>>> spend majority of your day 'networking' then that counts as a >>> violation :) >>> >>>> >>> >>>> Sent from my mobile device >>> >>>> >>> >>>> On May 22, 2012, at 4:02 PM, erias swraggy <[email protected]> >>> wrote: >>> >>>> >>> >>>>> I think its a total waste of time especially with the existence and >>> >>>>> free use of Bennett Haselton's circumventors such as >>> >>>>> https://jellykey.info/ and many more others. >>> >>>>> >>> >>>>> On 5/22/12, Victor van Reijswoud <[email protected]> >>> wrote: >>> >>>>>> Indeed OT but interesting. From a technical perspective blocking >>> is >>> >>>>>> easy, but from a human perspective this is more difficult. I >>> created a >>> >>>>>> very bad situation when I first blocked FB in an organisation (on >>> >>>>>> request of the management). Blocking working hours was the >>> solution >>> >>>>>> (interesting to see how many people liked to stay after working >>> >>>>>> hours). >>> >>>>>> >>> >>>>>> What about blocking hotmail, gmail and other freemail when all >>> people >>> >>>>>> have office mail? I tend to block these as well in office hours. >>> >>>>>> >>> >>>>>> >>> >>>>>> >>> >>>>>> On Tue, May 22, 2012 at 9:55 AM, Kyle Spencer <[email protected] >>> > >>> >>>>>> wrote: >>> >>>>>>> Hi Joseph, >>> >>>>>>> >>> >>>>>>> This is slightly OT, but I've always been of the opinion that -- >>> in >>> >>>>>>> general >>> >>>>>>> -- business networks shouldn't blacklist content. There's a few >>> >>>>>>> reasons >>> >>>>>>> for >>> >>>>>>> this: >>> >>>>>>> >>> >>>>>>> 1) Blacklisting applications and websites quickly (and >>> inevitably) >>> >>>>>>> becomes >>> >>>>>>> a >>> >>>>>>> wild goose chase. New sites, services, and workarounds pop up >>> all the >>> >>>>>>> time >>> >>>>>>> and your users will find them (unless you white-list). If >>> bandwidth >>> >>>>>>> is >>> >>>>>>> your >>> >>>>>>> concern, just implement per-host throttling. >>> >>>>>>> >>> >>>>>>> 2) Office Internet connections are many people's only access to >>> the >>> >>>>>>> Internet >>> >>>>>>> in Uganda. Therefore, I believe we should ensure they have >>> access to >>> >>>>>>> the >>> >>>>>>> full (undiluted) experience. >>> >>>>>>> >>> >>>>>>> 3) People need mental down-time in order to be fully productive. >>> If >>> >>>>>>> my >>> >>>>>>> staff are doing their jobs well, why should I care if they browse >>> >>>>>>> Facebook >>> >>>>>>> or watch Youtube videos from time-to-time? >>> >>>>>>> >>> >>>>>>> 4) This is ultimately an HR/management issue, not a technical >>> one. If >>> >>>>>>> your >>> >>>>>>> staff spend all of their time on Facebook and Youtube, the >>> problem is >>> >>>>>>> the >>> >>>>>>> behavior and not the sites themselves. If you simply ban >>> Facebook and >>> >>>>>>> Youtube, your staff will find something else to waste their time >>> on. >>> >>>>>>> It's >>> >>>>>>> better to focus your efforts on finding ways to inspire a strong >>> >>>>>>> work-ethic >>> >>>>>>> in your staff -- ideally through an atmosphere of trust (see >>> items #1, >>> >>>>>>> #2, >>> >>>>>>> and #3). >>> >>>>>>> >>> >>>>>>> Regards, >>> >>>>>>> Kyle Spencer >>> >>>>>>> >>> >>>>>>> >>> >>>>>>> >>> >>>>>>> On Tue, May 22, 2012 at 11:28 AM, KIYINI JOSEPH < >>> [email protected]> >>> >>>>>>> wrote: >>> >>>>>>>> >>> >>>>>>>> I Dont think we all use these but,...................... >>> >>>>>>>> >>> >>>>>>>> >>> >>>>>>>> >>> >>>>>>>> >>> http://www.techrepublic.com/blog/10things/the-top-10-apps-being-blacklisted-in-the-enterprise/3228?tag=mantle_skin;content >>> >>>>>>>> -- >>> >>>>>>>> KyaiJoe >>> >>>>>>>> _______________________________________________ >>> >>>>>>>> The Uganda Linux User Group: http://linux.or.ug >>> >>>>>>>> >>> >>>>>>>> Send messages to this mailing list by addressing e-mails to: >>> >>>>>>>> [email protected] >>> >>>>>>>> Mailing list archives: >>> http://www.mail-archive.com/[email protected]/ >>> >>>>>>>> Mailing list settings: http://kym.net/mailman/listinfo/lug >>> >>>>>>>> To unsubscribe: http://kym.net/mailman/options/lug >>> >>>>>>>> >>> >>>>>>>> The Uganda LUG mailing list is generously hosted by INFOCOM: >>> >>>>>>>> http://www.infocom.co.ug/ >>> >>>>>>>> >>> >>>>>>>> The above comments and data are owned by whoever posted them >>> >>>>>>>> (including >>> >>>>>>>> attachments if any). The mailing list host is not responsible >>> for >>> >>>>>>>> them >>> >>>>>>>> in >>> >>>>>>>> any way. >>> >>>>>>> >>> >>>>>>> >>> >>>>>>> >>> >>>>>>> _______________________________________________ >>> >>>>>>> The Uganda Linux User Group: http://linux.or.ug >>> >>>>>>> >>> >>>>>>> Send messages to this mailing list by addressing e-mails to: >>> >>>>>>> [email protected] >>> >>>>>>> Mailing list archives: >>> http://www.mail-archive.com/[email protected]/ >>> >>>>>>> Mailing list settings: http://kym.net/mailman/listinfo/lug >>> >>>>>>> To unsubscribe: http://kym.net/mailman/options/lug >>> >>>>>>> >>> >>>>>>> The Uganda LUG mailing list is generously hosted by INFOCOM: >>> >>>>>>> http://www.infocom.co.ug/ >>> >>>>>>> >>> >>>>>>> The above comments and data are owned by whoever posted them >>> >>>>>>> (including >>> >>>>>>> attachments if any). The mailing list host is not responsible >>> for them >>> >>>>>>> in >>> >>>>>>> any way. >>> >>>>>> _______________________________________________ >>> >>>>>> The Uganda Linux User Group: http://linux.or.ug >>> >>>>>> >>> >>>>>> Send messages to this mailing list by addressing e-mails to: >>> >>>>>> [email protected] >>> >>>>>> Mailing list archives: >>> http://www.mail-archive.com/[email protected]/ >>> >>>>>> Mailing list settings: http://kym.net/mailman/listinfo/lug >>> >>>>>> To unsubscribe: http://kym.net/mailman/options/lug >>> >>>>>> >>> >>>>>> The Uganda LUG mailing list is generously hosted by INFOCOM: >>> >>>>>> http://www.infocom.co.ug/ >>> >>>>>> >>> >>>>>> The above comments and data are owned by whoever posted them >>> (including >>> >>>>>> attachments if any). The mailing list host is not responsible for >>> them >>> >>>>>> in >>> >>>>>> any way. >>> >>>>>> >>> >>>>> _______________________________________________ >>> >>>>> The Uganda Linux User Group: http://linux.or.ug >>> >>>>> >>> >>>>> Send messages to this mailing list by addressing e-mails to: >>> >>>>> [email protected] >>> >>>>> Mailing list archives: >>> http://www.mail-archive.com/[email protected]/ >>> >>>>> Mailing list settings: http://kym.net/mailman/listinfo/lug >>> >>>>> To unsubscribe: http://kym.net/mailman/options/lug >>> >>>>> >>> >>>>> The Uganda LUG mailing list is generously hosted by INFOCOM: >>> >>>>> http://www.infocom.co.ug/ >>> >>>>> >>> >>>>> The above comments and data are owned by whoever posted them >>> (including >>> >>>>> attachments if any). The mailing list host is not responsible for >>> them in >>> >>>>> any way. >>> >>>> _______________________________________________ >>> >>>> The Uganda Linux User Group: http://linux.or.ug >>> >>>> >>> >>>> Send messages to this mailing list by addressing e-mails to: >>> >>>> [email protected] >>> >>>> Mailing list archives: http://www.mail-archive.com/[email protected]/ >>> >>>> Mailing list settings: http://kym.net/mailman/listinfo/lug >>> >>>> To unsubscribe: http://kym.net/mailman/options/lug >>> >>>> >>> >>>> The Uganda LUG mailing list is generously hosted by INFOCOM: >>> >>>> http://www.infocom.co.ug/ >>> >>>> >>> >>>> The above comments and data are owned by whoever posted them >>> (including >>> >>>> attachments if any). The mailing list host is not responsible for >>> them in >>> >>>> any way. >>> >>> >>> >>> >>> >>> >>> >>> _______________________________________________ >>> >>> The Uganda Linux User Group: http://linux.or.ug >>> >>> >>> >>> Send messages to this mailing list by addressing e-mails to: >>> [email protected] >>> >>> Mailing list archives: http://www.mail-archive.com/[email protected]/ >>> >>> Mailing list settings: http://kym.net/mailman/listinfo/lug >>> >>> To unsubscribe: http://kym.net/mailman/options/lug >>> >>> >>> >>> The Uganda LUG mailing list is generously hosted by INFOCOM: >>> >>> http://www.infocom.co.ug/ >>> >>> >>> >>> The above comments and data are owned by whoever posted them >>> (including >>> >>> attachments if any). The mailing list host is not responsible for >>> them in >>> >>> any way. >>> >> _______________________________________________ >>> >> The Uganda Linux User Group: http://linux.or.ug >>> >> >>> >> Send messages to this mailing list by addressing e-mails to: >>> [email protected] >>> >> Mailing list archives: http://www.mail-archive.com/[email protected]/ >>> >> Mailing list settings: http://kym.net/mailman/listinfo/lug >>> >> To unsubscribe: http://kym.net/mailman/options/lug >>> >> >>> >> The Uganda LUG mailing list is generously hosted by INFOCOM: >>> http://www.infocom.co.ug/ >>> >> >>> >> The above comments and data are owned by whoever posted them >>> (including attachments if any). The mailing list host is not responsible >>> for them in any way. >>> > _______________________________________________ >>> > The Uganda Linux User Group: http://linux.or.ug >>> > >>> > Send messages to this mailing list by addressing e-mails to: >>> [email protected] >>> > Mailing list archives: http://www.mail-archive.com/[email protected]/ >>> > Mailing list settings: http://kym.net/mailman/listinfo/lug >>> > To unsubscribe: http://kym.net/mailman/options/lug >>> > >>> > The Uganda LUG mailing list is generously hosted by INFOCOM: >>> http://www.infocom.co.ug/ >>> > >>> > The above comments and data are owned by whoever posted them >>> (including attachments if any). The mailing list host is not responsible >>> for them in any way. >>> _______________________________________________ >>> The Uganda Linux User Group: http://linux.or.ug >>> >>> Send messages to this mailing list by addressing e-mails to: >>> [email protected] >>> Mailing list archives: http://www.mail-archive.com/[email protected]/ >>> Mailing list settings: http://kym.net/mailman/listinfo/lug >>> To unsubscribe: http://kym.net/mailman/options/lug >>> >>> The Uganda LUG mailing list is generously hosted by INFOCOM: >>> http://www.infocom.co.ug/ >>> >>> The above comments and data are owned by whoever posted them (including >>> attachments if any). The mailing list host is not responsible for them in >>> any way. >>> >> >> >> >> -- >> Sanga M. Collins >> Network Engineering >> ~~~~~~~~~~~~~~~~~~~~~~~ >> Google Voice: (954) 324-1365 >> E- fax: (435) 578 7411 >> >> _______________________________________________ >> The Uganda Linux User Group: http://linux.or.ug >> >> Send messages to this mailing list by addressing e-mails to: >> [email protected] >> Mailing list archives: http://www.mail-archive.com/[email protected]/ >> Mailing list settings: http://kym.net/mailman/listinfo/lug >> To unsubscribe: http://kym.net/mailman/options/lug >> >> The Uganda LUG mailing list is generously hosted by INFOCOM: >> http://www.infocom.co.ug/ >> >> The above comments and data are owned by whoever posted them (including >> attachments if any). The mailing list host is not responsible for them in >> any way. >> > > > _______________________________________________ > The Uganda Linux User Group: http://linux.or.ug > > Send messages to this mailing list by addressing e-mails to: > [email protected] > Mailing list archives: http://www.mail-archive.com/[email protected]/ > Mailing list settings: http://kym.net/mailman/listinfo/lug > To unsubscribe: http://kym.net/mailman/options/lug > > The Uganda LUG mailing list is generously hosted by INFOCOM: > http://www.infocom.co.ug/ > > The above comments and data are owned by whoever posted them (including > attachments if any). The mailing list host is not responsible for them in > any way. > -- Sanga M. Collins Network Engineering ~~~~~~~~~~~~~~~~~~~~~~~ Google Voice: (954) 324-1365 E- fax: (435) 578 7411
_______________________________________________ The Uganda Linux User Group: http://linux.or.ug Send messages to this mailing list by addressing e-mails to: [email protected] Mailing list archives: http://www.mail-archive.com/[email protected]/ Mailing list settings: http://kym.net/mailman/listinfo/lug To unsubscribe: http://kym.net/mailman/options/lug The Uganda LUG mailing list is generously hosted by INFOCOM: http://www.infocom.co.ug/ The above comments and data are owned by whoever posted them (including attachments if any). The mailing list host is not responsible for them in any way.
