Solved

Network spying and reporting software..

Posted on 2006-11-08
8
270 Views
Last Modified: 2013-12-07
Hi Network Admins..

Does anyone have any ideas about possible software, I can purchase, that will spy on employee PC's, record and report the outcome of web usage, sites visited, time spent on internet and a list of chats or emails, etc.

We have 4 offices locations and use windows 2003 servers (AD, exchange server) and XP pro client machines.

Thank you!

0
Comment
Question by:afoedit
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
8 Comments
 
LVL 39

Accepted Solution

by:
redseatechnologies earned 168 total points
ID: 17901963
Hi afoedit,

http://www.webspy.com did a pretty good job for us.

Of course, this was mainly for browsing habits.  For emails and chat, you are going to get sued for invasion of privacy.  Company emails and chat programs would be subject to monitoring, but PERSONAL gmail or such emails and chat programs would get you into all kinds of trouble.

Generally, I make it so that these sites/services cannot be used (block Messenger for going out, deny access to hotmail.com, etc), then the users will have no alternative but to use the company email or messenging client, meaning it will be monitored.

This is quite extreme though, and is a sure fire way to upset your users - assuming that is important :)

Hope that helps,

-red
0
 
LVL 16

Assisted Solution

by:AdamRobinson
AdamRobinson earned 166 total points
ID: 17901987
Do you by chance have an external firewall?  Most firewalls come with an option to do what you are asking (usually for an extra fee, as in the case of Sonicwall), in a package, as you seem to want.

For chats and e-mails, you could use a packet sniffer, as long as they aren't encrypting their messages.  

For e-mails, you should already have access as the administrator to almost any user's mailbox, especially in a smaller business wherein the IT person usually has all of the user passwords for the company.

You probably shouldn't use the word "spy," though.  It's a legitimate business purpose to be able to determine what you employees are actually doing.

Be aware, you may actually do more harm than good.  A certain amount of leniency has become expected nowadays, especially in a small business.  If you truly want them to stop doing these things, though, rather than "spying" on them, you should just block their ability to do it.  The first step is to take away user administrator rights so they can't install messenging programs and chat clients to begin with.  Push out a hosts file to drop any web queries to online chat places to localhost.  

You could also turn on auditing through whatever functions to pass your requests to DNS to determine what pages are attempted to be viewed.

0
 
LVL 16

Expert Comment

by:AdamRobinson
ID: 17902010
Redseat:

Where have you seen precedent on personal e-mail / chat longs being an invasion of privacy?  Most of the cases I've seen recently have shown that if a work resource is being used, it is fair game, insofar as you are not logging their passwords and then logging into their mailboxes after the fact.

Are there any specific cases you know of off the top of your head wherein this has been ruled illegal?  

And I agree 100% on the upset user warning.  I try if at all possible to avoid doing anything along these lines to my users, and instead let them know there's a certain amount I'm willing to tolerate without informing the bosses, but after a certain point I have to shut them down entirely (deliberate porn/hate sites/etc. = automatic loss of all resources with their having to go to the higher ups to request is back).   I'm in a smaller organization, but the users seem to be more respectful when you extend them a little bit of trust.  Then again, none of them have administrative rights, so I have a little less to worry about ;)

0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 39

Expert Comment

by:redseatechnologies
ID: 17902094
>>Where have you seen precedent on personal e-mail / chat longs being an invasion of privacy?  Most of the cases I've seen recently have shown that if a work resource is being used, it is fair game, insofar as you are not logging their passwords and then logging into their mailboxes after the fact.

That all depends on the country you are in.

Off the top of my head I can remember a very recent case here in Australia where an employee managed to sue for this exact reason.  Using the company internet during their lunch break was deemed to not be a work resource (as it wasn't specified as such in the employment contract).  Therefore, it was invasion of privacy.

Personally, I hate the privacy laws here - our airport baggage handlers smuggle drugs and weapons, yet we can't put video cameras in their areas due to invasion of privacy.  Obviously the unions are on the take as well :)

Of course, I dislike the privacy laws because they mostly work against me - if I had something to hide I would probably love them

-red
0
 
LVL 16

Expert Comment

by:AdamRobinson
ID: 17903755
Redseat,

:)  Didn't realize you were an Aussie.  Obviously over here in the US things are a tad bit different.  No comment on why that is though. :)
0
 
LVL 3

Assisted Solution

by:mhts
mhts earned 166 total points
ID: 17903780
We've installed Spector CNE (http://www.spectorcne.com/) and Pearl Echo*Suite (http://www.pearlsw.com/products/pearlEcho/index.html) at several client sites. We've been happy with both apps (from an installation and initial configuration perspective) and our clients have been happy with both too (for their respective needs and management requirements).

Before you install and implement any blocking or (more importantly) monitoring software, it is very strongly advised that you write and distribute an AUP (Acceptable Use Policy) for Company Resources to all employees that covers each resource that you intend to block and/or monitor. It should apply to all employees (from the top down) - no exceptions. And it is a good idea to get a signature of receipt from each employee who receives the AUP and put that in each employee's file.

As is always the case in these kinds of things, it would also be a wise idea to consult with your business attorney to make sure that your AUP follows all laws and regulations that may apply to your specific business (type) and/or location (city/state).

The sites for both apps referenced above have information about AUPs, and at least one of them has a sample AUP you can use as a starting point.

Hope the information helps.

-mike
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Even if you have implemented a Mobile Device Management solution company wide, it is a good idea to make sure you are taking into account all of the major risks to your electronic protected health information (ePHI).
This article is a collection of issues that people face from time to time and possible solutions to those issues. I hope you enjoy reading it.
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question