Solved

Network spying and reporting software..

Posted on 2006-11-08
8
256 Views
Last Modified: 2013-12-07
Hi Network Admins..

Does anyone have any ideas about possible software, I can purchase, that will spy on employee PC's, record and report the outcome of web usage, sites visited, time spent on internet and a list of chats or emails, etc.

We have 4 offices locations and use windows 2003 servers (AD, exchange server) and XP pro client machines.

Thank you!

0
Comment
Question by:afoedit
  • 3
  • 2
8 Comments
 
LVL 39

Accepted Solution

by:
redseatechnologies earned 168 total points
ID: 17901963
Hi afoedit,

http://www.webspy.com did a pretty good job for us.

Of course, this was mainly for browsing habits.  For emails and chat, you are going to get sued for invasion of privacy.  Company emails and chat programs would be subject to monitoring, but PERSONAL gmail or such emails and chat programs would get you into all kinds of trouble.

Generally, I make it so that these sites/services cannot be used (block Messenger for going out, deny access to hotmail.com, etc), then the users will have no alternative but to use the company email or messenging client, meaning it will be monitored.

This is quite extreme though, and is a sure fire way to upset your users - assuming that is important :)

Hope that helps,

-red
0
 
LVL 16

Assisted Solution

by:AdamRobinson
AdamRobinson earned 166 total points
ID: 17901987
Do you by chance have an external firewall?  Most firewalls come with an option to do what you are asking (usually for an extra fee, as in the case of Sonicwall), in a package, as you seem to want.

For chats and e-mails, you could use a packet sniffer, as long as they aren't encrypting their messages.  

For e-mails, you should already have access as the administrator to almost any user's mailbox, especially in a smaller business wherein the IT person usually has all of the user passwords for the company.

You probably shouldn't use the word "spy," though.  It's a legitimate business purpose to be able to determine what you employees are actually doing.

Be aware, you may actually do more harm than good.  A certain amount of leniency has become expected nowadays, especially in a small business.  If you truly want them to stop doing these things, though, rather than "spying" on them, you should just block their ability to do it.  The first step is to take away user administrator rights so they can't install messenging programs and chat clients to begin with.  Push out a hosts file to drop any web queries to online chat places to localhost.  

You could also turn on auditing through whatever functions to pass your requests to DNS to determine what pages are attempted to be viewed.

0
 
LVL 16

Expert Comment

by:AdamRobinson
ID: 17902010
Redseat:

Where have you seen precedent on personal e-mail / chat longs being an invasion of privacy?  Most of the cases I've seen recently have shown that if a work resource is being used, it is fair game, insofar as you are not logging their passwords and then logging into their mailboxes after the fact.

Are there any specific cases you know of off the top of your head wherein this has been ruled illegal?  

And I agree 100% on the upset user warning.  I try if at all possible to avoid doing anything along these lines to my users, and instead let them know there's a certain amount I'm willing to tolerate without informing the bosses, but after a certain point I have to shut them down entirely (deliberate porn/hate sites/etc. = automatic loss of all resources with their having to go to the higher ups to request is back).   I'm in a smaller organization, but the users seem to be more respectful when you extend them a little bit of trust.  Then again, none of them have administrative rights, so I have a little less to worry about ;)

0
Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

 
LVL 39

Expert Comment

by:redseatechnologies
ID: 17902094
>>Where have you seen precedent on personal e-mail / chat longs being an invasion of privacy?  Most of the cases I've seen recently have shown that if a work resource is being used, it is fair game, insofar as you are not logging their passwords and then logging into their mailboxes after the fact.

That all depends on the country you are in.

Off the top of my head I can remember a very recent case here in Australia where an employee managed to sue for this exact reason.  Using the company internet during their lunch break was deemed to not be a work resource (as it wasn't specified as such in the employment contract).  Therefore, it was invasion of privacy.

Personally, I hate the privacy laws here - our airport baggage handlers smuggle drugs and weapons, yet we can't put video cameras in their areas due to invasion of privacy.  Obviously the unions are on the take as well :)

Of course, I dislike the privacy laws because they mostly work against me - if I had something to hide I would probably love them

-red
0
 
LVL 16

Expert Comment

by:AdamRobinson
ID: 17903755
Redseat,

:)  Didn't realize you were an Aussie.  Obviously over here in the US things are a tad bit different.  No comment on why that is though. :)
0
 
LVL 3

Assisted Solution

by:mhts
mhts earned 166 total points
ID: 17903780
We've installed Spector CNE (http://www.spectorcne.com/) and Pearl Echo*Suite (http://www.pearlsw.com/products/pearlEcho/index.html) at several client sites. We've been happy with both apps (from an installation and initial configuration perspective) and our clients have been happy with both too (for their respective needs and management requirements).

Before you install and implement any blocking or (more importantly) monitoring software, it is very strongly advised that you write and distribute an AUP (Acceptable Use Policy) for Company Resources to all employees that covers each resource that you intend to block and/or monitor. It should apply to all employees (from the top down) - no exceptions. And it is a good idea to get a signature of receipt from each employee who receives the AUP and put that in each employee's file.

As is always the case in these kinds of things, it would also be a wise idea to consult with your business attorney to make sure that your AUP follows all laws and regulations that may apply to your specific business (type) and/or location (city/state).

The sites for both apps referenced above have information about AUPs, and at least one of them has a sample AUP you can use as a starting point.

Hope the information helps.

-mike
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Fiber Patch Panel 6 42
CISCO refresh sheets 2 35
How computer Arp Table gets populated. 21 36
Read-only SNMP string example ? 7 35
Load balancing is the method of dividing the total amount of work performed by one computer between two or more computers. Its aim is to get more work done in the same amount of time, ensuring that all the users get served faster.
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now