[unisog] Content Monitoring and/or Filtering

Stephen John Smoogen smooge at unm.edu
Fri Nov 16 18:15:46 GMT 2007 

Michael Holstein wrote:
>> We have had some recent issues with Staff and we contemplating passive
>> monitoring on the administrative network like any business would.
> 
> 
> What you seek is a technical solution to a human-resources problem.
> 
> It's far easier (and cheaper) to say "No pr0n at work" than to implement 
> proxies, content filters, etc. The filtering game looks great on paper 
> until somebody tries to research "breast cancer" and gets blocked 
> (happens all the time, despite what Websense, et.al. will say in their 
> marketing-speak). Besides, depending on your jurisdiction, it's 
> generally a more legally-sound argument to say "we don't filter, thus 
> we're not responsible" as opposed to trying to explain how your inept 
> proxy "allowed" whatever $evil_of_the_day onto someone's PC.
> 

Actually places are having to put in proxies for the following reasons:

1) They have a HR policy
2) They get a un-safe(or whatever the term is) workplace lawsuit because
someone was surfing porn and it was hard for a manager to know that.
3) The lawyers try to work out a settlement where the first step is
usually lax enforcement, then another lawsuit, then draconian
enforcement, then a reverse lawsuit, and then general enforcement.



> I suspect that if you DO perform an "overview", you'll see that actual 
> time spent on the naughty stuff is a lot less than you'd think. Most 
> folks aren't so naive as to think nobody will notice if they use the 
> work PC to stock up on pr0n, and they behave accordingly.
> 

Yes it is a small percentage like any 'bad' behaviour.. however that 1
person in 100 who ends up getting the university/etc with a 10 million
dollar lawsuit makes it more expensive for everyone else :(.


> Cheers,
> 
> Michael Holstein CISSP GCIA
> Cleveland State University
> _______________________________________________
> unisog mailing list
> unisog at lists.dshield.org
> https://lists.sans.org/mailman/listinfo/unisog


-- 
Stephen Smoogen -- ITS/Linux Administrator
  MSC02 1520 1 University of New Mexico Albuquerque, NM  87131-0001
  Phone: (505) 277-8219  Email: smooge at unm.edu
 How far that little candle throws his beams! So shines a good deed
 in a naughty world. = Shakespeare. "The Merchant of Venice"

More information about the unisog mailing list