Security Basics mailing list archives
RE: centrally monitored "keylogger"
From: xyberpix <xyberpix () xyberpix com>
Date: Sat, 16 Oct 2004 13:20:40 +0100
Hi All, Can we please stop this thread now, a simple question was asked, which I stand corrected has still not been answered. This is not a question of whether or not we agree with this, as some of our ethics differ, but let's not get into an ethical war on this one, there is a time and place for that. Just my 2p's worth xyberpix On Thu, 2004-10-14 at 17:03, Andrew Shore wrote:
I agree that as a sys admin ensuring that systems are secure should be a high priority. However, I feel that monitoring every key stoke goes beyond the pale. Just because we can, morally and ethically, should we. If staff were followed to the rest room or escorted out to the car park every night there would be a justified outcry. Yet when every action they perform during their normal daily job on a computer is scrutinised users don't appear to care, or is it that they don't know. Don't get me wrong, I'm not bleeding heart liberal but ask your MD one question; are you going to monitor him? Or the other directors? I'll bet my house, car and cat on the answer. When there is reasonable grounds to monitor some one then fine do it but not until. I've seen this type of monitoring turn to abuse. I'm not for 1 second suggestion that is your intent but I've been in this game 25 years and seen a lot abuse of power. Try tapping someone phone line, see where that get you. Anti virus and web content filters are one thing and should be encouraged. Let me put one last question to you. Who monitors the monitors? What's to stop you logging my password to bank then transferring money form my account? At that point what is the company's liability? (Legally and morally) It's a can of worms I wouldn't want to open. Just My 2cents and hey what do I know :) I'm just stirring the pot. -----Original Message----- From: Jantz, EJ [mailto:EJantz () bswintl com] Sent: 14 October 2004 15:59 To: Andrew Shore Subject: RE: centrally monitored "keylogger" Andy, while I am sensitive to the privacy concerns, I am in a position, as a sysadmin, of being somewhat responsible to make sure that our employees don't steal the company blind. While I don't 'own' any of the company, I do get to share when it losses business or has it stolen out from under it. We try very hard to trust our employees, they are mostly on the honor system. Occasionally, HR will get a request from a manager or VP and trigger some intense scrutiny of a users' activity. Some times it's just the workstation that's monitored, sometimes it's the activity across the domain. It would be nice to have a handful of tools that do the job correctly and efficiently. Currently it takes resources we need for routine production offline, and leaves the rest of us to take up the slack until the chore is done. (I just love that when we are having a virus storm.) Email--The Privacy of a Postcard, The Half Life of Styrofoam. 'EJ' Jantz, IST Dept. BSW International One West Third St, Suite 800 Tulsa, OK 74103-3520 918-582-8771 ejantz () bswintl com 918.295.4166 918.587.3594 FAX -----Original Message----- From: Andrew Shore [mailto:andrew.shore () holistecs com] Sent: Wednesday, October 13, 2004 3:22 AM To: tito.basa; security-basics () securityfocus com Subject: RE: centrally monitored "keylogger" You know, some time we go too far. Just my 2 cents. 1984? Andy -----Original Message----- From: tito.basa [mailto:mochafrap () mix ph] Sent: 11 October 2004 08:30 To: security-basics () securityfocus com Subject: centrally monitored "keylogger" guys, I'm looking for a monitoring tool sort of a keylogger installed on every PC (but logs not just keystrokes but screenshots as in some advanced "keyloggers") deploying keyloggers on every PC is easy but monitoring them is not due to the volume of records we have to parse and keep. This is in conjunction with strong authentication we'll also implement. anybody here with experience in Verint Systems ULTRA solutions for contact centers? http://www.verintsystems.com/contact_center/ this seems to be something I need although their agent still has to contact me for details. other similar suggestions/recommendtions are welcome thanks tito --- CONFIDENTIALITY NOTICE --- The information in this email may be privileged, confidential, proprietary and exempt from disclosure. This email is intended to be reviewed by only the individual or organization named above. If you are not the intended recipient or an authorized representative of the intended recipient, you are hereby notified that any review, dissemination or copying of this email and its attachments, if any, or the information contained herein is prohibited. If you have received this email in error, please immediately notify the sender by return email and delete this email from your system. --- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.776 / Virus Database: 523 - Release Date: 10/12/2004 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.776 / Virus Database: 523 - Release Date: 10/12/2004
-- For Security and Open Source news: http://xyberpix.demon.co.uk
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- Re: centrally monitored "keylogger", (continued)
- Re: centrally monitored "keylogger" Atom 'Smasher' (Oct 15)
- RE: centrally monitored "keylogger" David Gillett (Oct 15)
- RE: centrally monitored "keylogger" Atom 'Smasher' (Oct 15)
- Re: centrally monitored "keylogger" Atom 'Smasher' (Oct 15)
- RE: centrally monitored "keylogger" Andrew Shore (Oct 13)
- RE: centrally monitored "keylogger" Andrew Shore (Oct 14)
- Re: centrally monitored "keylogger" Jason Coombs (Oct 15)
- Re: centrally monitored "keylogger" Atom 'Smasher' (Oct 15)
- Re: centrally monitored "keylogger" Jonathan Loh (Oct 18)
- Re: centrally monitored "keylogger" Greg (Oct 18)
- Re: centrally monitored "keylogger" tito.basa (Oct 15)
- RE: centrally monitored "keylogger" xyberpix (Oct 18)
- Re: centrally monitored "keylogger" Jason Coombs (Oct 15)
- RE: centrally monitored "keylogger" adisegna (Oct 15)
- RE: centrally monitored "keylogger" Sadler, Connie (Oct 15)