Security Basics mailing list archives
Re: chat logs
From: Times Enemy <times () krr org>
Date: Mon, 16 May 2005 10:24:03 -0700
Greetings.In the school environment, similar policies to that of a corporation, perhaps akin to those of a public library, should exist. Privacy should not be a right on such a network, and IDS/IPS systems could include rules to scan IM sessions for various keywords, or traffic and act accordingly.
In the home environment, a higher level of trust, in regards to privacy, should exist, with the users, but they should not have Admin./root privileges, and the understanding that parents have the unquestionable right to do spot checks, in/visible to the children/users should exist. I liked one suggestion to have computers in a high traffic area, but that is not very realistic, especially with wireless devices and such. (FWIW, as a security professional, it would be remiss of me to not have IDS/IPS actively watching my home network, especially if i work from home with any amount of frequency. Also, every box should be locked down as much as possible, and if necessary, separate gaming boxes should exist, which are also locked down though with exceptions for the games.) However, despite such preparations, most issues are not best resolved with technological fixes, but rather user education, understanding, and knowledge; this is perhaps more obvious/?easier? in a home network vs. a corporate network. Maybe the politics of educating users can be tested on a home network, before implementing various tactics on a corporate network?
I like the question, "What is the policy if something unrelated is found that the authorities think is a problem?" My thoughts are that such instances should be addressed with common sense, and case-by-case. In regards to formal policy, within guidelines, issues should be taken to some form of group, panel, counsel, round-table, oracle, et cetera. There should already exist some sort of "catch-all" policy which addresses how to handle new threats. What happens if a student accesses bomb making instructions? What about manuals showing how to overthrow a government? What about detailed manuals on urban warfare strategy and tactics, perhaps SWAT methods for securing a school? Or what about methods for evading IDS/IPS? This can quickly get too thick for just IT, and should involve other layers of administration and decision makers.
So basically, the answer is 42. .times enemy Zaven wrote:
Keller, Tim wrote:The one thing you've got going for you is all of these protocols are unencrypted.I'm not going to get into the details because this email would get a littlelong, but this is how I'd do it.I'd take a port on the router and configure it to mirror all the traffic to this port. I'd then take a Linux box plug it into said port, install snort and configure it to trap all AIM/MSN/Yahoo/email/IRC and record all URL'sthat are accessed.I think she was talking about parents doing this kind of thing, at will, in their own homes. Spying on all chat communication seems, to me, to be a drastic invasion of privacy. School children are people too, and I certainly hope all the officials involved will respect their privacy to the greatest possible extent.Consider that kids use IM a lot these days, and for many it is probably one of their main forms of communication with friends.I think the police would rarely if ever be granted the authority to capture and monitor ALL chat/email/whatever traffic just in hopes of finding a single "suspicious" comment.In any case, if this setup was implemented, say on the school network, who would be entrusted to snoop through every child's conversations? How much time would this take? What is the policy if something unrelated is found that the authorities think is a problem? What are the legal implications for the school district?Zaven
Current thread:
- Fwd: Re: chat logs, (continued)
- Fwd: Re: chat logs Melissa Fischer (May 13)
- RE: Re: chat logs Stephen Alford (May 16)
- RE: Re: chat logs David (May 17)
- Re: Re: chat logs Greg Stiavetti (May 16)
- RE: Re: chat logs Bob Beck (May 17)
- Re: chat logs - moderator's note Kelly Martin (May 18)
- Re: Re: chat logs Steve (May 17)
- RE: Re: chat logs Stephen Alford (May 16)
- Fwd: Re: chat logs Melissa Fischer (May 13)
- RE: chat logs Nick Kriger (May 13)
- RE: chat logs Keller, Tim (May 13)
- Re: chat logs Zaven (May 16)
- Re: chat logs Times Enemy (May 16)
- Re: chat logs Zaven (May 16)
- RE: chat logs aixroot (May 16)
- RE: Re: chat logs Beauford, Jason (May 17)
- Re: chat logs Dave Aronson (May 18)
- Re: chat logs Alexander Klimov (May 18)
- RE: chat logs Steve Bostedor (May 17)
- Re: chat logs Stian Øvrevåge (May 18)
- RE: Re: chat logs Joshua Berry (May 18)
- RE: Re: chat logs Melissa Fischer (May 18)
- Re: FW: Re: chat logs Jeff Smith (May 18)
- RE: Re: chat logs Stephen Alford (May 18)