Haha beans!
Shaking fist at IH Wait. I don’t get it. 
helpz me makez it resolve plz?
Websense is a great appliance. I/we use St Bernard iPrism. I can see everything, everyone is doing. vtunnel is a common proxy site, which should be blocked by any smart company. I don’t necessarily care about specific email messages. My main concern is preventing kids from seeing unnecessary garbage. And bandwidth hogs 
[quote]debraD wrote:
[quote]theuofh wrote:
[quote]debraD wrote:
I have used wireshark to see what I’m putting on the network.
[/quote]
Interesting. So, I may be able to use wireshark to see if there is some sort of client on my computer logging keystrokes, taking screen shots, or doing something more active than just monitoring all incoming/outgoing packets at the server level?
[/quote]
It would only show you what it coming and going over your network interface. Keylogging or taking screenshots, unless it transmit messages, wouldn’t show up, if that’s what you meant. I can’t imagine it being useful for network administration to use keyloggers or screenshots though! That doesn’t seem efficient.
A lot of guys I know use a remote desktop connection or to connect to their home pc and do their inappropriate surfing and activities.
On a related note:
=D
[/quote]
LMAO. I don’t know if I found that so funny because I was drinking in Hoboken all night or because it’s the most retarded explanation I’ve heard in my life. Either way, I’m forwarding it to all my IT friends tomorrow. Thanks for that. HAHA!
Hehe…
Sometimes, when I’m bored, I use Wireshark at the library. People are lucky I’m not a bad person, cuz I could do some bad things with some of the data that comes across that network…
[quote]countingbeans wrote:
[quote]debraD wrote:
[quote]countingbeans wrote:
So is how I feel reading this, how you guys feel when I talk about taxes?
Because I lost Sam at: packet of data, and I still can’t tell if Deb talks on the phone all day or not…
[/quote]
I actually have a voice that sounds like a modem. [/quote]
well, beep beep, bop buup bop beep me up a youtube that actually works. I keep getting “unable to resolve” 
Note to self, control V doesn’t fucking paste in the command prompt window.
Gives you stupid ^V
EDIT: put in a so I don’t sound like an assface[/quote]
If you want to paste in the command prompt, just right click on the top of the command prompt window (the blue area that says “command prompt”) then click edit, then past. Always hated that it doesn’t just let you ctrl+V.
[quote]Squiggles wrote:
Hehe…
Sometimes, when I’m bored, I use Wireshark at the library. People are lucky I’m not a bad person, cuz I could do some bad things with some of the data that comes across that network…[/quote]
If it’s a switched network, your not going to get much out of it unless you have access to the actual switches (so you can mirror ports). You’ll only see broadcasts. Unless it was set up in 1998 with hubs.
If your talking about a library that’s stupid enough to use open wireless or WEP, then you pretty much have access to all unencrypted data.
[quote]debraD wrote:
I couldn’t live without it. A lot of my programming is on a low level and I’m building messages byte by byte rather than using an API and I’m using non-standard message formats so I really need to see the message. I check all messages on wireshark to make sure I’m not sending garbage. At least in the development and testing phase, the network is the last culprit for bugs! 
We also have some stuff that is proprietary and poorly documented and have used it to reverse engineer the communication portion of some devices while waiting for vendors to answer our support calls we often end up figuring it out ourselves.[/quote]
How long have you been doing network related programming for? I notice most of the new programmers are so used to using APIs that they have no clue about what goes on behind the scenes. What makes it worse is that we work at a college where they can take a network programming course for free and learn all this stuff in a couple months. Yet none of them bother. Damn shame.
Don’t forget ssl decryption on the edge devices or even in the proxy devices. It looks like you have a encrypted link and you do till you hit the device then it decrypts the traffic does deep packet inspection on it then encrypts it going out of the device. That way we can see everything you do and you are none the wiser.
I run multiple firewalls and ips/ids and proxy servers at my job as well as something that gathers all the log from all the devices and correlates this data so if I see you doing something wrong you get a call rather quick.
[quote]cryptik wrote:
Don’t forget ssl decryption on the edge devices or even in the proxy devices. It looks like you have a encrypted link and you do till you hit the device then it decrypts the traffic does deep packet inspection on it then encrypts it going out of the device. That way we can see everything you do and you are none the wiser. I run multiple firewalls and ips/ids and proxy servers at my job as well as something that gathers all the log from all the devices and correlates this data so if I see you doing something wrong you get a call rather quick. [/quote]
Ur Mean
V
[quote]Vegita wrote:
[quote]cryptik wrote:
Don’t forget ssl decryption on the edge devices or even in the proxy devices. It looks like you have a encrypted link and you do till you hit the device then it decrypts the traffic does deep packet inspection on it then encrypts it going out of the device. That way we can see everything you do and you are none the wiser. I run multiple firewalls and ips/ids and proxy servers at my job as well as something that gathers all the log from all the devices and correlates this data so if I see you doing something wrong you get a call rather quick. [/quote]
Ur Mean
V[/quote]
Hey that’s what pays the bills. I’m sure most people at my job don’t like me to much. But that is my job. I am not like that at home, well not much. I do have kids and need to protect them from bad stuff on the internet as well. I am the mean dad that will not allow the social networking and stuff like that. It is to easy for a predator to find where these kids are. They have no privacy concerns and do not realise the danger they put them selves in. It is ok though I will gladly be the mean dad, one day they will be there as well.
[quote]countingbeans wrote:
[quote]debraD wrote:
[quote]countingbeans wrote:
So is how I feel reading this, how you guys feel when I talk about taxes?
Because I lost Sam at: packet of data, and I still can’t tell if Deb talks on the phone all day or not…
[/quote]
I actually have a voice that sounds like a modem. [/quote]
well, beep beep, bop buup bop beep me up a youtube that actually works. I keep getting “unable to resolve”
Note to self, control V doesn’t fucking paste in the command prompt window.
Gives you stupid ^V
EDIT: put in a so I don’t sound like an assface[/quote]
copy something and then right click in the command prompt
If you are inside the network its really tough to get around IT snooping, but it is possible
[quote]cryptik wrote:
Don’t forget ssl decryption on the edge devices or even in the proxy devices. It looks like you have a encrypted link and you do till you hit the device then it decrypts the traffic does deep packet inspection on it then encrypts it going out of the device. That way we can see everything you do and you are none the wiser.
I run multiple firewalls and ips/ids and proxy servers at my job as well as something that gathers all the log from all the devices and correlates this data so if I see you doing something wrong you get a call rather quick. [/quote]
What do you guys use for the correlation? MARS?
When you read our posts, I can see why some people could think that the network guy is a dick that is spying on people and trying to be big brother. But the main reason I have these things in place is when some idiot student is looking at kiddy porn or hacking our or other people’s computers, we need find them ASAP and be able to give the police accurate logs so they can prosecute.
We actually had a kid wacking off in the computer lab… To anime… On security camera.
[quote]sam_sneed wrote:
[quote]debraD wrote:
I have used wireshark to see what I’m putting on the network.
I am permitted to use wireshark because much of the nature of my job and I use it regularly for debugging already.
[/quote]
I wish our programmers were smart enough to use wireshark for their debugging. It’d save me alot of time and grief when their network applications aren’t even leaving their servers. Yet they blame the network every time. [/quote]
Well, it might be they are smart enough but lazy as hell.
“All right, let Eddie the Network Engineer worry about that. Hehehe…”
TBH, I never did that.
[quote]sam_sneed wrote:
[quote]cryptik wrote:
Don’t forget ssl decryption on the edge devices or even in the proxy devices. It looks like you have a encrypted link and you do till you hit the device then it decrypts the traffic does deep packet inspection on it then encrypts it going out of the device. That way we can see everything you do and you are none the wiser.
I run multiple firewalls and ips/ids and proxy servers at my job as well as something that gathers all the log from all the devices and correlates this data so if I see you doing something wrong you get a call rather quick. [/quote]
What do you guys use for the correlation? MARS?
When you read our posts, I can see why some people could think that the network guy is a dick that is spying on people and trying to be big brother. But the main reason I have these things in place is when some idiot student is looking at kiddy porn or hacking our or other people’s computers, we need find them ASAP and be able to give the police accurate logs so they can prosecute.
We actually had a kid wacking off in the computer lab… To anime… On security camera. [/quote]
We use ARCSIGHT ESM but there are other products that don’t cost that much like logrythm and splunk.
In a recent overhauling of our IT Policy (at a school), I discovered that the HR person and I are on the same page, but for different reasons. We’re both against frivolous use of the network/Internet, but she cares about liability. All I care about is having plenty of bandwidth for legitimate academic uses. There’s a lot of useful streaming video out there, and I want teachers to be able to use it. Teachers watching Hulu when they are supposed to be in their “planning periods” can interfere with others doing a job.
[quote]FattyFat wrote:
[quote]sam_sneed wrote:
[quote]debraD wrote:
I have used wireshark to see what I’m putting on the network.
I am permitted to use wireshark because much of the nature of my job and I use it regularly for debugging already.
[/quote]
I wish our programmers were smart enough to use wireshark for their debugging. It’d save me alot of time and grief when their network applications aren’t even leaving their servers. Yet they blame the network every time. [/quote]
Well, it might be they are smart enough but lazy as hell.
“All right, let Eddie the Network Engineer worry about that. Hehehe…”
TBH, I never did that.
[/quote]
Yeah, you’re right. They’re definitely intelligent people. But they’re all over 40 and really aren’t to keen on learning new things. Even if it’s free.