Tracking users

Scot L. Harris webid at cfl.rr.com
Tue Aug 9 21:55:32 UTC 2005 

On Tue, 2005-08-09 at 17:40, Scot L. Harris wrote:
> On Tue, 2005-08-09 at 17:00, AragonX wrote:
> > I recently had a problem with some employees and now management wants to
> > track just about everything.  There are two things that I really need:
> > 
> > 1)  We use Squirrelmail for both local and remote email.  Now management
> > wants to track where all emails are sent from and even to keep a copy of
> > all emails for a set period of time.
> > 
> > Is this easy to do and how would I go about it?
> > 
> 
> Have not done that with squirrelmail but did implement milter-bcc on a
> sendmail system.  This copied all messages going out to a designated
> mailbox.
> 
> Depending on the MTA used this may be easier or more difficult.
> 
> Also understand that this only covers email sent through your MTA
> server.  If users utilize email clients that bypass your MTA you won't
> be able to copy those messages.  You can attempt to block usage of
> things like gmail or yahoo mail but users can still use anonymous
> proxies to get to such systems.  
> 
> Make sure you have addressed the HR type issues by having this policy
> placed in the company employee guide and passed by legal.  Doing this
> may present problems in certain states or countries.
> 
> > 2)  We have been having a large problem with spyware.  So, they now want
> > to track where users are going on the internet.
> > 
> > We use Samba for file/print sharing.  Is there a way we can log internet
> > usage by IP and somehow tie that in to their Samba logon ID?
> > 
> 
> What you want to do is implement a proxy server such as squid.  You then
> setup your company firewall to only allow connections through from the
> proxy server.  This will allow you to log all connections going out.  I
> know this will allow you to tie the connection back to the IP address of
> the client but I am not sure it can be tied to a user name.  Although
> you should be able to take the IP and determine which machine which
> should tie back to a user.
> 

I forgot to mention in my first email on this topic that you should
deploy adaware and spybot search and destroy to clear up your spyware
problems.  Also make sure you are using a good antivirus such as AVG or
something similar.  This will do more to resolve spyware issues than
trying to track where people go on the Internet.

More information about the fedora-list mailing list