Tilted Forum Project Discussion Community  

Go Back   Tilted Forum Project Discussion Community > Chatter > General Discussion


 
 
LinkBack Thread Tools
Old 10-30-2003, 05:51 AM   #1 (permalink)
Overreactor
 
Location: South Ca'lina
Busted surfing at work? How?

The "TFP while at work" thread got me thinking, how does the IT group know you're doing too much TFP'ing? I'm one of the merely functionally computer literate here at TFP. So, I'm unfamiliar with how networks and filters and such REALLY work. How would my boss find out if I was surfing too much at work? Does all my surfing set off some sort of alarm at the server? Please fill me in, O computer gurus out there.

Thanks,
JM
__________________
"I'm disinclined to acquiesce to your request." - Capt. Barbossa
johnnymysto is offline  
Old 10-30-2003, 06:12 AM   #2 (permalink)
Junkie
 
Location: Louisville, KY
There are several things that can be done to monitor your surfing. Probably the easiest is to install a program on your workstation which will record all websites you visit.

Another thing that can be done is recording your internet movements on the office router, through which you probably connect.

I am sure there are other methods, and I wouldn't be surprized if your surfing was on record somewhere. Whether or not they'll bother to check or even care, you'd be able to answer better than I
__________________
You do not use a Macintosh, instead you use a Tandy
Kompressor break your glowstick, Kompressor eat your candy
Kompressor open jaws, Kompressor release ants
Kompressor watch you scream, Because Kompressor does not dance
Nefir is offline  
Old 10-30-2003, 06:13 AM   #3 (permalink)
Junkie
 
Location: NJ
I'm interested in hearing this as well. The way that I figure it, if they haven't hassled me about it at this point, then no one is really looking to closely.
__________________
Strive to be more curious than ignorant.
onetime2 is offline  
Old 10-30-2003, 06:16 AM   #4 (permalink)
ARRRRRRRRRR
 
shalafi's Avatar
 
Location: Stuart, Florida
that can change onetime. all it takes is one incident (complaint etc.) for them to decide they need to protect themselves and start looking at that stuff
shalafi is offline  
Old 10-30-2003, 06:19 AM   #5 (permalink)
paranoid
 
Silvy's Avatar
 
Location: The Netherlands
First of all, I'm not very up-to-date on the filtering techniques that are generally used.... but I'll give it a go:

All external traffic (mail, www, telnet, etc) passes through the central gateway between your comapnies network and the Internet. At the gateway, monitoring software can be installed.

Most protocols (like http) allow monitors to read exactly what is going on, which server is being accessed, and what the request was.
So if you make 2000 http requests a day (to yahoo, google, TFP, whatever) and 1000 of those go to TFP, then the software might sound an alarm.

If the monitoring software is a little smarter it can also keep track of 'sessions', which are consistent connections to HTTP servers. So if you browse TFP constantly, your browser re-uses the same connection. The monitoring software sees this, and can calculate the time you spend surfing...

Many possibilities exist, and many tricks are involved, but this is the general idea.
__________________
"Do not kill. Do not rape. Do not steal. These are principles which every man of every faith can embrace. "
- Murphy MacManus (Boondock Saints)
Silvy is offline  
Old 10-30-2003, 06:38 AM   #6 (permalink)
Junkie
 
Location: NJ
Quote:
Originally posted by shalafi
that can change onetime. all it takes is one incident (complaint etc.) for them to decide they need to protect themselves and start looking at that stuff
Oh, no doubt about it. That's always been my thinking. It's recorded but seldom if ever looked at. If there's a complaint they do a check.
onetime2 is offline  
Old 10-30-2003, 08:40 AM   #7 (permalink)
Insane
 
Location: Newcastle-Australia
I work for one of the biggest computer software companies and get on really well with the I.T people, so that every now and then they come and totally clean my computer for me.Very nice of them I thought
monty121052 is offline  
Old 10-30-2003, 12:03 PM   #8 (permalink)
Banned
 
As long as you do your work efficiently, I dont think anyone will care.
Doesn't Matter is offline  
Old 10-30-2003, 04:46 PM   #9 (permalink)
Crazy
 
Location: Canada
yes it is done thru the gate way.

remember when u make a request for a web page your not asking tfp.org directly you actually asking your companies gateway(just another computer with just more network plugs) to get it for you.

the gate way can record what you requested, and when tfp.org or anysite answers back it can record what you recieved.

the gate way is also keeping track how much information your are asking it to send for you as well as how much it is receiving for you.

thus its pretty easy to determine who is messing about.

a couple of redflags are
1) massive amount of data being transfered (movies, music, porn images)
2) massive ammounts of http page request(your surfing all the tfp topics of the day, fark.com, /. , etc.)

as to what determines massive , its normally any one who is above the average for your company/deparment.

also make note that anything you send (tfp post etc) are sent as pure simple text and can be looked at from ANY computer in your sourouding network.

how the tcp/ip network works is in this manner.

your send your nice tfp post talking about who knows what. your actually just sending a small letter to EVERY ONE in your sourrouding network then every one checks if its for them(if its not they normally disregard). then the gateway picks it up and reads its and passes it on to tfp.org for posting.

take not that even if the message is not addresed to them your coworkers computers can be set to pick up anything coming from your own computer.


i run a small network(27 comps)
and at any time from any computer i can check what is being sent and received to any of the computers under my charge.

and yes we have fired 4 people in the last 3 years for wasting time surfing, waching porn, downloading mp3s and such.

Last edited by tokaok; 10-30-2003 at 04:51 PM..
tokaok is offline  
Old 10-30-2003, 04:58 PM   #10 (permalink)
Crazy
 
Location: Canada
here are some screens of one of the many applications
that do this.

http://www.ethereal.com/introduction.html#screens

tokaok is offline  
Old 10-31-2003, 06:15 AM   #11 (permalink)
Overreactor
 
Location: South Ca'lina
Thank you tokaok. I am now afraid for my life.
__________________
"I'm disinclined to acquiesce to your request." - Capt. Barbossa
johnnymysto is offline  
Old 11-01-2003, 01:33 AM   #12 (permalink)
Junkie
 
Location: San Diego
I have seen a program which if installed on the computer can monitor every single action you do. I don't know what it is called, but there is one out there so be careful.
__________________
If something seems too good to be true, then it probably is....
punx1325 is offline  
Old 11-01-2003, 03:11 AM   #13 (permalink)
dnd
Psycho
 
Location: London...no longer a student
Quote:
Originally posted by tokaok

also make note that anything you send (tfp post etc) are sent as pure simple text and can be looked at from ANY computer in your sourouding network.

how the tcp/ip network works is in this manner.

your send your nice tfp post talking about who knows what. your actually just sending a small letter to EVERY ONE in your sourrouding network then every one checks if its for them(if its not they normally disregard). then the gateway picks it up and reads its and passes it on to tfp.org for posting.

This was easier with the old skool Hub networks but now with switches being dropping in price and being far safer, it has now become harder for everyone on the network to read all the packets because a switch opens a direct connection between itself and the computer its contacting as opposed to just dumping the packet on the network and letting it find its way.
Although admin can set up the switches to send the packets to the intended recipient plus their own computer. THis is probably what they are doing to monitor the traffic.
__________________
"Never underestimate a dumb question"-- Brandon Boyd

Last edited by dnd; 11-01-2003 at 03:14 AM..
dnd is offline  
Old 11-01-2003, 05:12 AM   #14 (permalink)
Addict
 
Location: Wisconsin, USA
At my old place, we used to get a good laugh looking at who's been surfing what. You learn some very interesting things about people. Don't forget your email too. Who ever is in charge of it IS browsing thru your emails, even if only for private interest.
mtsgsd is offline  
Old 11-01-2003, 10:02 AM   #15 (permalink)
Insane
 
Location: Rio Grande Valley, Texas
The above posters are mostly correct. However, the TCP/IP protocol section above is horribly flawed.

1) TCP/IP is not responsible for the requests being mirrored to all computers on a network...that's the physical link and data link layers.

2) The "gateway" does not go out and get pages for you. The gateway just tells your computer where to go next in the network. A proxy would actually go out and get pages, then re-serve them (like...you know....a proxy).

But essentially, if someone takes an interest in your browsing habits, they can look at everything that your system transmits and receives. This is why most browsers initially give you a prompt like "you are sending data unsecured, do you want to continue?". There are a few protocols that are encrypted, and thus impossible to sniff (admin can tell that you are doing something, but can't read it) Among these are https, and ssh.
__________________
"I can't understand why people are frightened of new ideas. I'm frightened of the old ones." -- John Cage (1912 - 1992)
strcrssd is offline  
Old 11-01-2003, 05:54 PM   #16 (permalink)
Loser
 
I blame it all on ECHELON
WarWagon is offline  
Old 11-01-2003, 07:49 PM   #17 (permalink)
Junkie
 
james t kirk's Avatar
 
Location: Toronto
Get the internet at home and solve the problem.

Don't give them any amo to use against you in the future ever.
james t kirk is offline  
Old 11-01-2003, 08:02 PM   #18 (permalink)
Tone.
 
shakran's Avatar
 
Simple explanation of one way this can be done:

Internet data is sent in chunks, called packets.

The packets all go through the same "doorway" at work - the link between your office and the internet.

If you drop a monitor, called a packet sniffer, on that doorway, it can look at every packet that goes through and see what's in it. The packet will tell the packet sniffer what computer sent the packet, and where it's sending it. (or if it's an incoming packet it'll tell the packet sniffer where it's from and what computer it's heading for).

So if you visit a page here on TFP, the packet sniffer can see that.

As far as the idea of "I've never been caught yet, so it's nothing to worry about. . . "

Well that depends. The packet sniffer itself has no way of determining whether what you're doing is work or play. It takes a human to do that. So not having been caught yet only means no one's seen the report on you. Yet. There are a lot of people in a typical office, so it takes awhile to get around to snooping on everyone. Saying that is just like saying "I've never been caught speeding yet, therefore there are no cops, so I can speed all I want." Doesn't work that way
shakran is offline  
 

Tags
busted, surfing, work


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT -8. The time now is 11:16 PM.

Tilted Forum Project

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
Search Engine Optimization by vBSEO 3.6.0 PL2
© 2002-2012 Tilted Forum Project

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76