[ILUG] Controlling Internet Access

Chris Higgins chris.higgins at horizon.ie
Fri Nov 16 16:07:12 GMT 2001 

> My main point is/was that the "monitoring" mindset is inconsistent in my
> opinion with what I perceive to be the culture of this group.

I actually think that it's probably the other way around, that Unix
people ( and good admin's especially) crave logs, they *must* have
the ability to track back through the activities that lead up to
an event so that they can identify the real cause of the problem
and not just reboot and hope it doesn't re-occur... 

I know that this isn't the same monitoring that you talk about,
but one of the things that I love about Unix (and VMS for that matter)
is my ability to build an environment that I understand - and then
identify the source of problems and implement the correct and hopefully
final resolution for those problems.

Now - If a company wants to use the logs from its systems to monitor
the activities of its staff, then while I'm not comfortable with it
 - if it's part of the job , what can I do..
As a employee who exists in a network where my activities are monitored,
and an internal policy on acceptable usage exists (and is enforced),
I continually push the boundaries of the system to ensure that it is
not used as a blunt tool for random victimisation ....

Having been on the ISP end of the network I had many visits from
the Garda teams who were investigating illegal activities which
involved Irish Internet users. In those cases my logs proved
essential in identifying sources of activities (all legally provided
to the gardai, when they produced all the necessary docs).
I know of some companies who were the source of these activities,
and they were able to identify the originator because they had
logs.

So personally - logging is fine, in fact, logging is good... 
The use and abuse of that is a different matter, and I expect
that such information is kept as confidential - I would expect
any employer to take as much care with any logs of my WWW browsing
as they would with other information they keep on me... indeed
if the information could be used to identify me - then I would expect
that it's covered under the DPA - and as such the company has 
an obligation to ensure it is secure.

> 
> (Anonymous monitoring is fine - I am referring to tracking people's
> web access by name of employee.)
> 
> This is of course a matter of opinion (mine) and I would fight to the
> death (blah, blah) for the right of others to hold other positions and
> post messages exhibiting them.
> 
> IMHO, such monitoring is pointless (as Chris implicitly concedes below).
> It may be legal but would irritate me almost as much as microphones in
> office to monitor conversations. (After all, my employer pays for the
> office, electricity, heating etc. so why not?).

The microphone is next to the camera - just turn around and wave ..
You'll recognise the ILUG people because we're the people waving
back at you :)
> 
> John
-- 
-- 
** Chris Higgins                         e: chris.higgins at horizon.ie **
** Technical Business Development        tel: +353-1-6204916            **
** Horizon Technology Group              fax: +353-1-6204949            **
** CCSI# 23364                                                          **

More information about the ILUG mailing list