• Welcome to Overclockers Forums! Join us to reply in threads, receive reduced ads, and to customize your site experience!

monitoring internet usage and emails - how to tell?

Overclockers is supported by our readers. When you click a link to make a purchase, we may earn a commission. Learn More.
A

Albigger

Member
Joined
Sep 22, 2002
Hello everyone -

In a small domain-based system, probably around 10 client computers or so, how can I tell if my internet usage/emails are being monitored/logged etc...

any way to do this? Particularly without having admin control/acess to the server. I do have admin rights on the client computer of course.

Thanks.
 
If you are not the admin, then I guess you wont know. You should always assume they are.




Are you doing something you are not supposed to? Why are you asking?
 
Most servers are logged, otherwise there would be no way to know what the problem was (if there is one). Most servers are (or should be) monitored as that way you can see a long time trend when facing problems (as in when did this change happen). Monitoring usually also covers reporting to the maintainance if there is a problem so they can (maby) fix it before users even notice.
 
AMD Phreak said:
Are you doing something you are not supposed to? Why are you asking?
Click to expand...

Maybe he just feels like someone ready all of his personal emails is wrong. You dont have to be a criminal/pervert to not want an invasion of privacy.
 
My router has a option of emailing me logs of what websites computers on my network vists, id look into that perhaps.
 
No, I'm not doing anything wrong. I spend my lunch breaks online, and maybe 10-15 other minutes of my (11 hour) day. And most of that is for work-related purpose, or at the least, on work-related forums.

A supervisor of mine actually asked if there was a way to tell, as he usually checks his email a couple times a day.

It's really not that I'm doing anything wrong, or that I care that they monitor me. Its just that if they are, I think I should told or I should know they are. That's all.

Thanks for the suggestions so far. Still listening for other ideas.
 
There will be terms and conditions for use of the company internet connection. Check them?

I know my employer tells me specifically that my usage of all computing systems is tracked and monitored, either for company use (eg internet sites visited) or for regulatory use (eg Lab information management system, electronic library, chromatographic data systems).
 
FireMogle said:
Maybe he just feels like someone ready all of his personal emails is wrong. You dont have to be a criminal/pervert to not want an invasion of privacy.
Click to expand...

I am pretty sure if you do it on their computers they have the right to monitor it, and I would always assume they were monitoring it.
 
If the company you work for is publicly owned, I believe the Sarbanes-Oxley thing would require your company to keep logs of stuff like that.
 
Not a publicly owned company, nor are there any internet usage terms/conditions that I'm aware of (we are a pretty small company, and only the engineering/programming/accounting/office/managers have access to internet).

Good suggestions though, but I was more looking for a way or a program to install on my workstation that would let me know what, if anything, is being logged.
 
Well, I think you would have to install something in order to tell. And in most networks, or atleast the few Ive been on, you require administrative rights, and if you had those, you wouldnt need a program.
 
freakdiablo said:
Well, I think you would have to install something in order to tell. And in most networks, or atleast the few Ive been on, you require administrative rights, and if you had those, you wouldnt need a program.
Click to expand...


Ok, maybe I didn't explain this clearly enough. I HAVE admin rights on my workstation, and free reign to install any programs I want.

I DO NOT have access/admin rights to the server computer.
 
Bump.

So no programs that will let you know for sure if someone is logging you or not?

--Jay
 
FireMogle said:
Maybe he just feels like someone ready all of his personal emails is wrong. You dont have to be a criminal/pervert to not want an invasion of privacy.
Click to expand...
Tough cookies. That's too bad, because at work, it isn't your e-mail, it's a company asset.

(Not saying I like it, that's just how it is.)

If the company you work for is publicly owned, I believe the Sarbanes-Oxley thing would require your company to keep logs of stuff like that.
Click to expand...
Prudence dictates that all companies, not just publicly traded ones, will comply with SOX for the sole purpose of covering their collective asses. :)

So no programs that will let you know for sure if someone is logging you or not?
Click to expand...
Not really. Assume that everything you do at work is under surveillance. Consult your Internet acceptable use policy for details.

(Most places where I have worked consider you installing security software a violation of the IAUP, whether you have admin rights or not.)
 
Captain Newbie said:
Tough cookies. That's too bad, because at work, it isn't your e-mail, it's a company asset.

(Not saying I like it, that's just how it is.)
Click to expand...

I am not arguing it either, I just hate how almost everytime someone asks a question like this everyone jumps at them saying that they are doing somthing wrong. If someone asks a question and noone knows, noone should answer.

Although I dont like it if your on company time its company time and they own what you do during that time. If its done server side there most likely wont be a way to check on if they are monitoring anything, however im sure they have to tell you if they do if they are going to be doing it.
 
Thanks. Ok another question: What exactly can be logged?

1. The web addresses I visit?
2. Work email (the body of the email)?
3. Web-based email (yahoo)?
etc...

EDIT: And thanks FireMogle. I expected a lot of harsh replies to be honest, but most have been pretty calm.

I definately understand that its company time and resources. But in all honesty, I'm sure the company doesn't expect that every employee be 100% productive when they are on company time (not when working 11-12 hour days, anyway). Not that I have to justify, but browsing the net is no different than machine operators talkin' it up with one another. And at least I'm browsing for work-related material 4 times out of 5.
 
Albigger said:
Thanks. Ok another question: What exactly can be logged?

1. The web addresses I visit?
2. Work email (the body of the email)?
3. Web-based email (yahoo)?
etc...
Click to expand...

Every single packet you toss over their network. If you really want to find out if you're being monitored, send and email saying "Joe is an asshat!" or something and see if anything happens :p

If you work for a not-so-high profile company, chances are the head guy of the networking department probably doesn't read every log entry or every site all employees go too. They probably have things logged so incase something bad happens, they can go back and get evidence, or information about what might have caused this bad thing to happen. For example, lets say another employee complains of being sexually harassed through netsend or emails. Since everything is logged, it wouldn't be too difficult for the network admin to dig up the logs and find out who's doing the harassing.

So if you're not doing anything really stupid, you prolly don't have to worry about Big Brother. If you're just going to some harmless site that's not work related, you'll probably only get a verbal warning, if anything.
 
Anything not ecrypted can be monitored if they want to. If you are worried about emails I would use a web based email service with https. gmail for example can be used with that and because its encrypted they cant tell if you are plotting the burn down the building or going to donate your next check to them. :) That is unless they use somthing on your machine.
 
FireMogle said:
Anything not ecrypted can be monitored if they want to. If you are worried about emails I would use a web based email service with https. gmail for example can be used with that and because its encrypted they cant tell if you are plotting the burn down the building or going to donate your next check to them. :) That is unless they use somthing on your machine.
Click to expand...
It's called a sniffer. :D And 'encrypted' traffic could, eventually, be decrypted, but the majority of inet/tcp traffic is sent in the clear so there's no need to bother with trying to break SSL.

Logging is a sound security practice. Period. So just get used to it.

If it goes over the wire your IS Security folks can read it with no legal hoops to jump through. MORALLY speaking, we (we, IS Security) will not do so unless there's a damned good reason since we like our privacy too. Some companies will have corporate compliance policy requiring signatures from, say, Legal, and the HR investigative department before the information security group can even crack a file or fire up a sniffer. So you're probably alright.

As for acceptable use of company systems, it depends on how anal-retentive they are and what precisely your job function is. For me, "acceptable use" includes going to the website for, say, nmap, or The Register, because I'm in the information security business and those sites are directly related to my job function. I've been in environments where web-based email is prohibited, mostly because that stuff can bypass every defensive measure in place on the network, straight through the firewalls and anti-virus boxen.

If you work for a not-so-high profile company, chances are the head guy of the networking department probably doesn't read every log entry or every site all employees go too.
Click to expand...
Yes, that's what the junior members of the team are for. :) They do the heavy lifting while the senior members of the team work on fun and cool projects. :cool:
 
We do alot of logging, but nobody reads them. They are collected incase of security problems, so they can be read afterwards. What we do not log is webpages people visit, but the router does log every single opened and closed connection (that is alot of log for a company with over 200 workers).

We are not intrested in what people do during their work time, it's up to everyones own bosses to take care of the people under them. Actually according to local laws we probably would not even be allowed to identify what specific people are doing online. We however want to have all the info we could possibly need if we suspect a break into our network (or something similar).

What I mean is, that even if things are being logged, it does not mean anyone is watching you.
 
You must log in or register to reply here.

Similar threads

ZetaRevan
How-to: Linux Gaming Explained (2023 version)
Replies
0
Views
2K
ZetaRevan
ZetaRevan
habbajabba
VPN for privacy
Replies
9
Views
2K
habbajabba
habbajabba
F
A rookie's trip through watercooling: Getting to glass.
Replies
7
Views
930
GTXJackBauer
GTXJackBauer
'Cuda340
  • Locked
Net Neutrality: President Obama's Plan for a Free and Open Internet
2 3
Replies
53
Views
7K
hokiealumnus
hokiealumnus
M
FX-8350 @ 4.5 Show/Story/Struggle Thread
2
Replies
34
Views
4K
MstrRoshi
M
Back