Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Good Day All,
My company is installing a series of Linux desktops on a VPN WAN (yeah! no MS products here!) Internet access will be available on all of them for legit work related information. Of course, there is a fair bit of concern that they will be used for other, shall we say 'non work related' purposes.
What is a simple effective way to keep track of internet useage? The first thing that occured to me was some sort of shell script to review cache and cookie contents of each machine - is there a simpler or more elegant solution? Is there a log that could be activated that would tell us what we need to know? My linux experience is limited - maybe I'm missing something obvious. I'm not worried about experienced linux users/programmers - we don't have any - just average joes with some Windows background.
Any comments welcome,
Brian McKee
Muskoka Auto Parts
Hmm. I would imagine using a package like mrtg or ipacct for accounting, and restrict access to the bad, bad internet tru a proxy, prolly with some filtering. IIRC, like with Sendmail's RBL, there's bound to be some blacklists you could load into Squid to bloack domains, and later sort logs to produce some stats of who-went-where.
Personally I would consider "unauthorized" prying in ppl's cache at the same level of snooping emails, a breach of privacy, so you better make sure mgmnt makes it clear it's in the contracts or like that.
> Personally I would consider "unauthorized" prying in ppl's
> cache at the same level of snooping emails, a breach of privacy, > so you better make sure mgmnt makes it clear it's in the
> contracts or like that.
Absolutely - The management's attitude is "it's not your computer - it's our tool you can use for your work" - and it will be made clear up front *before* they are given a machine. While we won't tell them how they may be monitored, they will know it's possible. Same principle really as 'no personal long distance phone calls on company lines' or all those service desks with the "your call may be monitored for training (yeah right!) purposes". That being said - I'm the one likely to end up doing the monitoring, and really, we just don't want people surfing porn and downloading mp3's hours at a time. It will be spot checks here and there, and checking their Hotmail (although against the rules) is not going to be noticed :-) and I'm definately not trying to look at details (who wants to read other people's mail?)- just find gross violations.
I'll take a look at those packages you mentioned. Thanks for the input.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.