I feel compelled to explain my position on this, even though it is not
quite as sinister as you make it out to be.
I need this solution for the following reasons:
1. Grant access to the net using domain username + password, because we are
currently using IP address to do so, and wish to change to DHCP.
2. Restrict what sites can be visited, because we have a large portion of
PC's on warehouse floors, where giving unrestricted 'net access when only
one or two sites are required is asking for all sorts of trouble.
3. Be able to view visited sites, trace 'net use, for legal reasons. As
another site member mentioned, the company providing the 'net connection is
responsible (at least in part) for whatever it is used for. This has
recently become a serious issue for a fellow sys admin in another company
after defamatory material was posted on bulletin boards and traced back his
company's network. Not being able to even remotely trace this activity
back to at least the site in question, is also, asking for trouble.
4. Use a web cache, so that we can speed up the net connection and release
I am sure that you can tell me of a dozen other ways to do this, but don't
bother, unless it's extremely difficult to either implement or administer a
Linux based solution for the above, then this is what we have chosen to do.
I suppose you'll have to take my word for it when I tell you that neither
I, nor my team, have the time or intention to watch the daily activity of
our companies 'net users.
Furthermore, I believe it is standard company policy in most places,
including here, that all users are given a copy of the Internet Usage
policy which informs them clearly that such monitoring is possible if
necessary, so they would have to be very foolish to carry out such activity
in the first place.
I hope I've justified my covert activities, I understood that the list was
also here to serve the benefits of anyone attempting to increase the use of
Linux in general.
No users where killed in the writing of this email
>>From: ilug-admin at linux.ie [mailto:ilug-admin at linux.ie]On Behalf Of John
Sent: Friday, November 16, 2001 3:18 PM
To: Chris Higgins
Cc: John A. Kinsella; Irish Linux Users Group
Subject: Re: [ILUG] Controlling Internet Access
My main point is/was that the "monitoring" mindset is inconsistent in my
opinion with what I perceive to be the culture of this group.
(Anonymous monitoring is fine - I am referring to tracking people's
web access by name of employee.)
This is of course a matter of opinion (mine) and I would fight to the
death (blah, blah) for the right of others to hold other positions and
post messages exhibiting them.
IMHO, such monitoring is pointless (as Chris implicitly concedes below).
It may be legal but would irritate me almost as much as microphones in
office to monitor conversations. (After all, my employer pays for the
office, electricity, heating etc. so why not?).
Today Chris Higgins spoke, saying:
CH> > Has it occurred to anyone (including originator of this thread) that
CH> > he is planning is an egregious invasion of (sombodies) privacy? (Even
CH> How come ? You assume that the users are unaware of the intent / or
CH> they disagree with it - or that they have no choice ...
CH> The question is a valid question, regardless of your beliefs into it's
CH> privacy impact...
CH> *Every* company that I've ever worked for has kept the proxy logs,
CH> and the administrators have run reports (identities not published)
CH> of the type of usage which has been the greatest waste of bandwidth.
CH> This is perfectly valid under the DPA, and I can't see why any employee
CH> would have any objections (the information is anonymous)....
CH> Now - abuse of that information is something else, the use of it to
CH> track an employees activities is a whole different story - and I can
CH> see why you could raise an objection..
CH> But it's dead easy to mess with the administrators head - simply cron
CH> linux box to wget slashdot at odd hours of the days - it'll jump all
CH> the place - especially interesting when it happens at two in the
CH> All that overtime - and never appreciated :)
CH> As to restricting access by user - what's wrong by that - it's not
CH> very nice if you expect full and free internet access as a perk
CH> of your job - but if it's not a perk of your job - what rights do
CH> you have to claim it ?
CH> > he has been asked to do it by an employer.) IMHO it seems rather
CH> > inconsistent with the general culture of this user group.
CH> To provide cool ways to get linux into every organisation ?
CH> We'll stop at nothing ! :0)
CH> > Or maybe it is a wind-up.... :-/
CH> > John
CH> > John A. Kinsella Ph: +353-61-202148 (Direct)
CH> > +353-61-333644 x 2148 (Switch)
CH> > Mathematics Dept. e-mail: John.Kinsella at ul.ie
CH> > University of Limerick FAX: +353-61-334927
CH> > IRELAND Web: http://jkcray.maths.ul.ie
Important Email Information
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!