The nice young woman across the hall from me was recently presented with 'streaming screenshots' of her daily computer usage. This included embarassing personal emails, ebay browsing, questionable website, etc. Using the clock in the taskbar, I'd say about 6 or 7 hours of her day involved this stuff. I totally understand workplaces enforcing better behavior and cracking down on abuse and I understand that what they did was completely legal. I also am not embarassed about my behavior throughout the day. Having said that:

1. Can this be done on any random network without specific software? My understanding of 'monitoring' was to screen the data transfers for problematic words and images, not necessarily grab entire images all day.

2. If this does involve special software, can I detect if they are monitoring my machine?

3. If I can detect it, how do I disable it? :D I say this not to hide what I do all day, but in protest to the IT whistle-blower in the above case whom I know has a bit of a pron addiction.

Thanks

For screenshots of the desktop you'll need software on that client machine and likely a server side piece as well.

As far as detecting it, not sure. You could look at services that are started and running processes and google them. Keep in mind that there is likely a written policy against disabling this software and it may not be worth the consequences if found out, and if they are routinely checking logs they'll notice if they didn't get an update from you. However chances are her quality of work was down or something was going on so they took a closer look.

When I was the network admin of my old company I used to audit for movie files on all the workstations to find out the pornoholics. Just for shits and giggles, didn't turn anyone in.

Edit: Meant to clarify, they don't need anything installed on the computers to detect web and email use.

It really depends on what your company has invested in this sort of thing. If they really want to crack down, they can force the monitoring software onto your PC, and there's NOTHING you can do about it.

My advice is don't do anything on your computer at work that you wouldn't want your mother to see. And keep the rest of the goofing off within moderate limits. Chances are, nobody will notice what you're up to unless you've given them reason to start watching you.

Yeah, I am a choir boy at work. No worries there. I just wondered if I could tell 1) if they were taking my screenshots and 2) when they were doing it.

Not likely unless you noticed your cpu utilization spike on a certain process every once and awhile. You'd have to be staring at the process list, so it's not probable.

Not likely unless you noticed your cpu utilization spike on a certain process every once and awhile. You'd have to be staring at the process list, so it's not probable.
Yep. Your best way to find out is to befriend some IT people and ask them.

Yep. Your best way to find out is to befriend some IT people and ask them.
Fom a non-IT perspective, this is very, very valuable advice (both for this situation and for other "issues").

Such issues may or may not include having your firewall broken down so you can listen to streaming football broadca...errr...continuing legal education programs.

Tracking internet usage doesn't require any special hardware on their part, they simply need to store their web server logs and set them to record the specific machine every request is made from. This date in a simple database can give them second by second reports of every single thing you do online.

No, you can't disable it and just assume its happening, beause it is.

As others have said, don't do anything online that you have any reservations would jeapordize your job.

3. If I can detect it, how do I disable it? :D I say this not to hide what I do all day, but in protest to the IT whistle-blower in the above case whom I know has a bit of a pron addiction.


the easiest way to get yourself on a shitlist is to try to circumvent their monitoring stuff.

Well you do need a proxy server of some sort set up to do Web monitoring without a client piece, not all companies do this. But any company of decent size do and some small companies depending on how much money they want to spend on the network. On top of that you need to block outgoing traffic on port 80 at the router, switch or firewall.

If this is the case, in Internet Explorer if you go to tools - internet options - connections - lan settings, the proxy server fields will be configured. If you clear it out no web pages will work(unless they failed to block port 80). If you have no connections tab it's safe to assume it's being remotely configured and blocked.

the easiest way to get yourself on a shitlist is to try to circumvent their monitoring stuff.

Quoted for truth, I had an IT manager who would LOVE it when people did this, just so he could fuck him over.

He was a dick, I told him and everyone around me that.

I got fired :).

Well you do need a proxy server of some sort set up to do Web monitoring without a client piece, not all companies do this. But any company of decent size do and some small companies depending on how much money they want to spend on the network. On top of that you need to block outgoing traffic on port 80 at the router, switch or firewall.

If this is the case, in Internet Explorer if you go to tools - internet options - connections - lan settings, the proxy server fields will be configured. If you clear it out no web pages will work(unless they failed to block port 80). If you have no connections tab it's safe to assume it's being remotely configured and blocked.

we have 2 networks that we can access.

first is our regular internal network that everyone is on, and that does go through a proxy server. they are blocking more and more stuff - gmail and yahoo mail, and more recently, my beloved fark. From time to time, someone gets all excited and blocks some of the sports sites - ESPN was gone for a while, but those generally don't last. I can understand fark, as there's nsfw content there, but the mail thing bugs me because they don't block hotmail. I think I managed to get aimexpress blocked - I was the only one I know of using that, and it suddenly got shut off one day.

we also have a wireless network in place for visitors and vendors and stuff, which several of us access with laptops. It's basically just web access - not connected to any internal networks at all. But the weird thing is nothing is blocked on it - I can surf all the blocked sites from it. Recently I've been having trouble with all IM software at work (ask vtbub) getting randomly disconnected, but I can't tell if that's a router/firewall messing things up, or just a temporary glitch, because it seems to have cleared itself up. I still keep my surfing on that network clean, but I'm curious as to just how closely it's being watched.

I'm guessing that wireless connection is a direct connect to the internet, outside the firewall. The idea being the main network will be isloated from any viruses and crap visitors bring in. The fact they let you connect to it, then connect to the main empoyee network is rather odd, defeats the whole purpose.

If they wanted to and your IT people are smart enough they could easily install the software onto your machine without needing to physically touch it AND do so in a way that would be pretty much undetectable to even a pretty advanced user. They could also make it nearly impossible for you to disable the software if you did manage to detect it.

I'm guessing that wireless connection is a direct connect to the internet, outside the firewall. The idea being the main network will be isloated from any viruses and crap visitors bring in. The fact they let you connect to it, then connect to the main empoyee network is rather odd, defeats the whole purpose.

well, I'm not 100% sure we're really supposed to be connecting to the wireless one at all. But you can't really connect to both - our work PCs connect to the internal network (only) and only if you also have your own laptop can you connect to the other one - there's no (easy) way to access the internal network from the visitor network.