Firewall Wizards mailing list archives
RE: monitoring remote access
From: Daniel Djundjek <daniel.djundjek () wickhill co uk>
Date: Thu, 11 Nov 1999 15:30:45 -0000
Now we're getting somewhere. I have been updated with some information from the person who requested the tool. There is no remote VPN. No RAS server or any type of proxy server which the customer will be dialling in to. No authentication to a central location. The purpose of the web access is for staff of the organisation to have internet access from home, for work purposes only(analogue modem or ISDN connection). The access is for non-specific work related browsing on the internet(ie they can do anything), but if they happen to stumble on an undesirable site, the organisation would like to be notified of the unscrupulous activity. I am in the process of evaluating the suggestions made by NFR, however I don't think there is anything out there that will do what the customer is asking for. The only thing that would be viable is to have the co-operation of the ISP to track the dialled in accounts. But I'm sure none of us want that. And I'm sure ISP's do not want the hassle of babysitting the internet If there is anything else, I'm sure you'll let us know....cheers -----Original Message----- From: Jeff B Boles [SMTP:jboles () libfungrp com] Sent: 09 November 1999 23:26 To: firewall-wizards () nfr net Subject: RE: monitoring remote access How many accounts? Immediate thought is to employee service as some type of managed vpn, accessing internet only via tunnelling first into your network, using your gateway. Control access from your network. Seems more likely to be easy to manage.
-----Original Message----- From: Graham, Randy [SMTP:RGraham () NCIINC com] Sent: 11 November 1999 14:24 To: 'Carric Dooley'; Daniel Djundjek Cc: firewall-wizards () nfr net Subject: RE: monitoring remote access I'm not sure how this would work based on what I think the original question was. Let's put specifics in an example to see what was asked. So, for example: -------- My company is in Washington DC. My company provides me with a national ISP account and a VPN client for accessing the company network while on the road. I travel to California on business, take my laptop, and want to surf for porn. If I connect to the local ISP number and am not running the VPN client and not connecting to the company network. Can my company track my porn surfing? -------- I don't think there is a way to track this without ISP cooperation, but I could be wrong. Randy Graham -----Original Message----- From: Carric Dooley [mailto:carric () com2usa com] Sent: Tuesday, November 09, 1999 11:01 PM To: Daniel Djundjek Cc: firewall-wizards () nfr net Subject: Re: monitoring remote access Well... yes. I would use Radius to track the users activity (as far as when they are online), some kind of http proxy to track their web site profile(and it would use authentication, not just track by IP), and an intrusion detection system to catch the hacking and other company privilege abuse. Easy.. =) Carric Dooley CNE COM2:Interactive Media http://www.com2usa.com "Luck is the residue of design." - Branch Rickey - former owner of the Brooklyn Dodger Baseball Team On Tue, 9 Nov 1999, Daniel Djundjek wrote:Dear all, A strange request was put to me.... A company is setting up a number of dial up accounts via an isp fortheiremployees able to work at home. Now since they are dialing in via anispand not directly in to the main office, the company would like tomonitorthe employees activity to ensure they are not doing anythingunsavoury(porn,hacking, abusing company privelidges). Does anyone know of any 3rd party tools which can send alerts to acentrallocation for users on a dial up account. The dynamic ip allocationwould bea problem but is there anything which can cope with this type ofrequest??
Current thread:
- Re: monitoring remote access, (continued)
- Re: monitoring remote access Carric Dooley (Nov 10)
- Re: monitoring remote access Saravana Ram (Nov 10)
- Re: monitoring remote access Jack Dingler (Nov 10)
- RE: monitoring remote access Robert Driscoll (Nov 11)
- Re: monitoring remote access Jack Dingler (Nov 11)
- RE: monitoring remote access Randy Grimshaw (Nov 14)
- RE: monitoring remote access Robert Driscoll (Nov 11)
- RE: monitoring remote access sholden (Nov 10)
- RE:monitoring remote access Tom Steele (Nov 10)
- RE: monitoring remote access Jeff B Boles (Nov 10)
- RE: monitoring remote access Graham, Randy (Nov 11)
- RE: monitoring remote access Daniel Djundjek (Nov 11)
- monitoring remote access Yar Magma (Nov 11)