Ok....my work is due to switch in the very near future to 'WebController' instead of the current 'NovellBorderManagement'

Anyone within IT or large business IT networks know whether I should be more cautious?

This new one will apparently allow them to enforce company internet usuage policy, where as the old one didnt really, evidently.

In short, yes. But that depends on the configuration, like with any security software.

Basically, WebController is pretty much the only solution on the market that filters HTTP/HTTPS/FTP in both directions, looking for URLs/content that shouldn't be allowed, and pretty much logging anything & everything (config dependant).

Another one to watch out for, is MailController (written by the same people, Opal). That catches so many people out.

Pretty much the only solution, is SSH tunnels or similar. But then firewalls may rule that out.

Bye. Enjoy logging on at home only :)

So if I was to say check my online banking.....the new system would log everything I typed such as passwords etc?

Have to start doing some work instead :rolleyes:

I think they are bringing it in so that they can catch people out and sack them rather than making redundancies........should probably watch what I say now though :rolleyes: they might be watching lol :smt047

We have "WebMarshal" here - but as I am the administrator of it its of no consequence to me as I circumvent it :p

But if its a similar thing then yes I would watch your back! Our Ops Managers here arent so much interested in the sites that are visited but the amount of time spent on the internet...

And thats why I have a proxy server set up so that it looks like encrypted POP3 mail.........

So if I was to say check my online banking.....the new system would log everything I typed such as passwords etc?

Have to start doing some work instead :rolleyes:

I think they are bringing it in so that they can catch people out and sack them rather than making redundancies........should probably watch what I say now though :rolleyes: they might be watching lol :smt047

Well, again, that's config dependent. WebController can be configured to log all outbound HTTP/HTTPS traffic, including GET/POST variables etc. Most employers don't go to that level though, as they start running into legal issues, such as accidentally capturing someones online banking details. Most will stop at logging the URL, the IP that requested it, and more importantly, the NTLM username logged into that IP at the time.

Make sure no-one else uses your Windows account - assuming you work in a 'hot desk' environment - they do something naughty on your account, you get the blame.

WebController has pretty comprehensive reporting capabilities too (including output to .CSV), and a live monitoring system. The reports can generate lists of accessed sites, blocked sites, uncatagorsied sites (so the policy can be changed), and sort them all by frequency of hits.

And thats why I have a proxy server set up so that it looks like encrypted POP3 mail.........

Man, thats so '90's. Use SSH over DNS Tunneling =P~

And thats why I have a proxy server set up so that it looks like encrypted POP3 mail.........
I did mention SSH tunnels already didn't I? :p :lol:

I too have a setup where I can encrypt everything between me & a proxy, then do what the hell I please.

WebController has pretty comprehensive reporting capabilities too (including output to .CSV), and a live monitoring system. The reports can generate lists of accessed sites, blocked sites, uncatagorsied sites (so the policy can be changed), and sort them all by frequency of hits.

That there is pretty much what I need to be careful of then......how much time and how many hits I have on here lol

So duly noted

Internet checking will have to be done at home from october 31st onwards :smt090

Might be worth downloading a copy of Slax Linux live cd, got round all the security at my last school regarding internet.

Steve

Might be worth downloading a copy of Slax Linux live cd, got round all the security at my last school regarding internet.

Steve
Two words...

Transparent Proxy.

I'd be careful what you do... most internet monitors wont record password etc etc, unless set to, but then I'd be speaking to my HR department if they were recording that as its going way to far.

I'd also be careful about trying to bypass your proxy server by installing stuff onto your work PC. You might if you get caught end up getting fired for it....

Anyways from my point of view it quite interesting as to what people find acceptable to look at when they oughta be working....

I always find the double standards of some IT depts to be quite interesting. I used to work in our IT dept and often pop back up there for a chat, to find that they are on Facebook and have Messenger running. They're also a bit dim, blocking www.somerandomwebsite.com, but not somerandomwebsite.com or the IP address :p

my work seem pretty on top of all things IT related. i think i managed to get the org banned by using it way too much! infact most sites now seem banned.

but i did have a week spent in IT on internal training and they showed me all the filters etc... and how they control it. what i was told was the machines record the sites/time spent online/e-mails etc.. but the IT department would never flag it up to Hr. it would only be looked into if HR asked for the info

It would only be looked into if HR asked for the info

Thats what we do. Everything gets logged, but we only investigate it with the say so of HR, in fact we have to wait for HR to ask us we cant go delving around without the express permission of the HR manager.

No blocks at our company, cant realy have them as anything could be news for us to sell.

Is there any want on the forum to have SSL enabled, would be on a self cert though, just for the parranoied.

Is there any want on the forum to have SSL enabled, would be on a self cert though, just for the parranoied.

Whenever I browse the .Org, it's all RSA2048 encrypted anyhow - just like right now. :) Things load a little slower, but thats fine by me.

Whenever I browse the .Org, it's all RSA2048 encrypted anyhow - just like right now. :) Things load a little slower, but thats fine by me.

ssh tunnels, still shows as a company IP, so they just capture packets on the last hop out of the office and see what you are doing

ssh tunnels, still shows as a company IP, so they just capture packets on the last hop out of the office and see what you are doing
All they see if the fact that I'm tunneling from the office to home. From there, they have no clue what happens. They also have no clue as to what port on the home computer I'm accessing, as it's all passed through SSH.

(But that's as I VNC with XDMCP over SSH).

Anyhow, getting a little O/T now. :oops: