RE: monitoring remote access

[Daniel Djundjek <daniel.djundjek () wickhill co uk>]

Now we're getting somewhere.  I have been updated with some information from
the person who requested the tool.

There is no remote VPN.  No RAS server or any type of proxy server which the
customer will be dialling in to.  No authentication to a central location.

The purpose of the web access is for staff of the organisation to have
internet access from home, for work purposes only(analogue modem or ISDN
connection).  The access is for non-specific work related browsing on the
internet(ie they can do anything), but if they happen to stumble on an
undesirable site, the organisation would like to be notified of the
unscrupulous activity.

I am in the process of evaluating the suggestions made by NFR, however I
don't think there is anything out there that will do what the customer is
asking for.  The only thing that would be viable is to have the co-operation
of the ISP to track the dialled in accounts.    But I'm sure none of us want
that.  And I'm sure ISP's do not want the hassle of babysitting the internet

If there is anything else, I'm sure you'll let us know....cheers


-----Original Message-----
From:   Jeff B Boles [SMTP:jboles () libfungrp com]
Sent:   09 November 1999 23:26
To:     firewall-wizards () nfr net
Subject:        RE: monitoring remote access

How many accounts?  Immediate thought is to employee service as some type of
managed vpn, accessing internet only via tunnelling first into your network,
using your gateway.  Control access from your network.  Seems more likely to
be easy to manage.


> -----Original Message-----
> From: Graham, Randy [SMTP:RGraham () NCIINC com]
> Sent: 11 November 1999 14:24
> To:   'Carric Dooley'; Daniel Djundjek
> Cc:   firewall-wizards () nfr net
> Subject:      RE: monitoring remote access
>
> I'm not sure how this would work based on what I think the original
> question
> was.  Let's put specifics in an example to see what was asked.  So, for
> example:
>
> --------
> My company is in Washington DC.  My company provides me with a national
> ISP
> account and a VPN client for accessing the company network while on the
> road.  I travel to California on business, take my laptop, and want to
> surf
> for porn.  If I connect to the local ISP number and am not running the VPN
> client and not connecting to the company network.  Can my company track my
> porn surfing?
> --------
>
> I don't think there is a way to track this without ISP cooperation, but I
> could be wrong.
>
> Randy Graham
>
> -----Original Message-----
> From: Carric Dooley [mailto:carric () com2usa com]
> Sent: Tuesday, November 09, 1999 11:01 PM
> To: Daniel Djundjek
> Cc: firewall-wizards () nfr net
> Subject: Re: monitoring remote access
>
>
> Well... yes.  I would use Radius to track the users activity (as far as
> when they are online), some kind of http proxy to track their web site
> profile(and it would use authentication, not just track by IP), and an
> intrusion detection system to catch the hacking and other company
> privilege abuse.
>
> Easy..   =)
>
>
> Carric Dooley CNE
> COM2:Interactive Media
> http://www.com2usa.com
>
> "Luck is the residue of design." 
> - Branch Rickey - former owner of the Brooklyn Dodger Baseball Team 
>
> On Tue, 9 Nov 1999, Daniel Djundjek wrote:
>
> > Dear all,
> >
> > A strange request was put to me....
> >
> > A company is setting up a number of dial up accounts via an isp for
> their
> > employees able to work at home.  Now since they are dialing in via an
> isp
> > and not directly in to the main office, the company would like to
> monitor
> > the employees activity to ensure they are not doing anything
> unsavoury(porn,
> > hacking, abusing company privelidges).
> >
> > Does anyone know of any 3rd party tools which can send alerts to a
> central
> > location for users on a dial up account.  The dynamic ip allocation
> would
> be
> > a problem but is there anything which can cope with this type of
> request??
> >