Slashdot Mirror
Ask Slashdot: Low-Cost Tools To Track Employees' Web Use?
First time accepted submitter red-nz writes "I come from New Zealand where new anti-piracy laws have come into effect that prosecute the owner of the internet connection for copyright violations. This is now a major issue for businesses, as they of course don't want to be liable for employee infringements. We have some good firewalls that are capable of doing basic filtering by 'category,' e.g. P2P sites, etc., but ideally would love to find a low-cost or even better Open Source alternative to expensive reporting tools (such as WebMarshal or Websense) that is capable of reporting on individual employees' usage with friendly reports (i.e. dont just show the URLs of the 3000 items their browser requested that day). It may be too much to ask but if the software could also show how long they spent on each site, it would be fantastic. Anyone got any winners out there they can share?"
True - but then it would be the person at home (or who runs the proxy) who would appear to be sending the traffic. So it would not be the business's problem.
Every time you post an article on Slashdot, I kill a server. Think of the servers!
Check out the zScaler proxy. Lots of good benefits, including what you need. I use it for all my employees and love it, especially the reporting and fine-grained control.
A year spent in artificial intelligence is enough to make one believe in God.
Back many years ago when I had concerns like this, I used the ACID network monitor that allows for complete tracking of all activity. It doesn't do any blocking but it does make report generation of all network activity very simple. However, it sounds like the solution to go for is something like Squid doing transparent proxying with content filtering. Also, block any ports in AND out that arent used for HTTP (80 and 443) to completely nix the chance of P2P working in any reasonable way. But alas, if the submitter were after a good filter why should they care what the users are doing; they surely aren't doing it on any illicit sites (assuming the filtering rules are effective?)
Seems like this should be two questions: one is what free/open ruleset can be trusted (as there are many good free tools at hand to enforce the rules) and two what additional inspection should take place to all content that might not be blocked, to find employees that spend too much time doing stuff on the "edge" of permissibility?
Is to get the law repealed.
If business owners are on the hook for the behavior of their employees, they should get together and get this law repealed. If enough do, it sounds like a slam-dunk to me. The reason why it hasn't already been done is that probably too many business owners don't know that they're on the hook.
--
BMO
http://sourceforge.net/projects/ttracker/
Basically, it does nothing but track the titlebars of every window that's open, and which one is in focus at any given time. And since every browser lists the URL in the title bar, it works like magic.
And it writes everything to a simple CSV file, so you can analyze it any way you choose. But it also has some nifty reporting screens, if you really care.
If you're only interested in web access, there's something else that you can do. Look into ".pac" files on windows. Basically, think a javascript file that gets run every time any URL is accessed by anything in all of windows. As in "return null" will make everything die, and "return slashdot.org" will make every URL return the slashdot homepage. You can easily write a five-line jscript file to log everything to a file through the FSO.