Website tracking

[anthdci]

My girlfriend has just informed me that she has been told her work has implemented a strict internet usage policy. They have blocked facebook, msn, and say they can now monitor what websites each person visits. Now I know there are arguments for and against this being a good or bad thing, I really don't want to get into that. I know it is very easy to block websites and the port msn uses on the router. My wonder is that, is that website monitoring an empty threat, or is that quite easy to implement?

I used to work at the same place as their ICT technician, so know their network (as of a year ago) was a simple domain, ran of a single small business server 2008, with about 25-30 client PCs, I cant see it having changed that much. The router was connected directly to the main switch, rather than the server.

[Seizure1990]

it is extremely easy to monitor network activity, and even if you are unsure, why test your luck?

[+BudMan MVC]

Its a no brainer to put in a transparent proxy to track..

example -- this took 5 minutes to setup squid proxy with lightsquid reporting.. This some of my wifes traffic from the 22nd

This is a FREE method of doing it ;) Company can put much better options.. Websense, Webwasher, Microsoft has their ISA, and now their forefront TMG, etc.. There is prob a 100 different products out there to do content filtering/blocking/tracking. Its literally childs play to track/block users internet traffic leaving your network be it use any of the FREE methods or pay. Sure if you want you can track exact time of every single thing requested, images, sites - if you want you could even capture everything they post, search for, etc. If you really want to you could do man in the middle stuff with the SSL and even track info that is in a SSL tunnel -- now this a bit more complicated, and user would prob notice that issues with the SSL, but since the machines are under company control they could work around that as well.

[JoeyF]

Very easy to implement. Usually there is a transparent proxy that sits in line, and it has some way of identifying the users. We do some very detailed logging at work, the basic topology looks like:

Various schools --> Core Router --> Web Filter/Logger --> Firewall --> Internet

So every bit of traffic flows through the filter. Physically, there is no way around it. There are various ways for the filter to recognize who's generating traffic as well, including logging via IP address, client software on the computers, etc.

[+John Teacake MVC]

Very Easy to set up infact I would say its common place now. Big Business in Web filtering. Check out Company's like Websense/Bloxx.