Security Basics mailing list archives

RE: web monitoring tool

From: "Burton M. Strauss III" <BStrauss () acm org>
Date: Thu, 10 Apr 2003 12:09:16 -0500

Anything that has been recorded is subject to retention policies and legal
proceedings.  The very act of deleting a log may be construed as deleting
evidence UNLESS it is done in accordance with a written retention policy,
reasonable (after the fact to some court) and consistently applied.  Same
probably goes for excluding them from the normal logging you have in place.
Unless you have a written log policy and retention policy.

For your own protection, I'd get it clearly in writing:

"Recognizing that senior management may exchange privileged information,
e.g. attorney-client work product, corporate policy is to exclude from
logging all Directors and Officers of the corporation and individuals at the
VP or higher level."

The safest thing to go may be to get them a separate, unmonitored network
connection and a second PC.  Use some piece of commercial low end gear that
physically doesn't log anything and create a private (NAT) space using a
second connection to your ISP.  I.e. do it like the Military - unclassified
systems and classifies systems never touch.

-----Burton


-----Original Message-----
From: Trevor Cushen [mailto:Trevor.Cushen () sysnet ie]
Sent: Wednesday, April 09, 2003 11:45 AM
To: security-basics () securityfocus com
Subject: RE: web monitoring tool


Give them direct access with personal firewalls for security and delete
the logs for them.

Strange request from senior management?

-----Original Message-----
From: Imran Khan [mailto:ikhan () eudoramail com]
Sent: 09 April 2003 13:11
To: security-basics () securityfocus com
Subject: Re: web monitoring tool


couldn't find any matter on this one on the security focus website...

I am looking for an application to block net utilization at the desktop
level.

My boss wants to keep a select group's (mostly senior managers) internet
use confidential. She wants this to be done locally (desktop
application), so no logs are generated on the network admin end.

Is this doable?

Thanks for all the responses...

Imran



-------------------------------------------------------------------
Is SPAM over-loading your e-mail server, disk space or bandwidth?
SurfControl E-Mail Filter is flexible, intelligent and policy-driven
protection.
http://www.securityfocus.com/SurfControl-security-basics2
Download your free fully functional trial, complete with 30-days of free technical support.
Stop SPAM before it stops you.
-------------------------------------------------------------------

Current thread:

Re: web monitoring tool Imran Khan (Apr 09)
- Re: web monitoring tool brian_carpio (Apr 10)
- Re: web monitoring tool Justin F. Knox (Apr 10)
- <Possible follow-ups>
- RE: web monitoring tool Michael Parker (Apr 10)
  - RE: web monitoring tool Tim Heagarty (Apr 10)
  - Re: web monitoring tool Kenzo (Apr 10)
    - Re: web monitoring tool Peter Pandev (Apr 12)
- RE: web monitoring tool Trevor Cushen (Apr 10)
  - RE: web monitoring tool Burton M. Strauss III (Apr 10)
- RE: web monitoring tool Robinson, Sonja (Apr 10)
- Re: web monitoring tool Imran Khan (Apr 10)
  - RE: web monitoring tool David Gillett (Apr 10)
    - RE: web monitoring tool Douglas K. Fischer (Apr 12)
    - Re: web monitoring tool Jon Pastore (Apr 14)
    - RE: web monitoring tool Ken Kousky (Apr 14)
- RE: web monitoring tool Chris Berry (Apr 10)
- RE: web monitoring tool Chris Santerre (Apr 11)
- RE: web monitoring tool Imran Khan (Apr 14)