hello all SuSe users, i have a small network consists of 12 pcs, windows 98, and one server, SuSe Linux 8.2. because of security and observation issues, i want to seize all key strokes coming from the other windows pcs as a log file that a small program generating automatically. my question is that is there any program that its function is like above or nearly like above? i am not an intruder, just a person who wants to see bad weather conditions beforehand. thanks in advance, hay
The 03.10.10 at 12:28, hay hay wrote:
i have a small network consists of 12 pcs, windows 98, and one server, SuSe Linux 8.2. because of security and observation issues, i want to seize all key strokes coming from the other windows pcs as a log file that a small program generating automatically. my question is that is there any program that its function is like above or nearly like above? i am not an intruder, just a person who wants to see bad weather conditions beforehand.
Mmmm... :-? In some countries, it can be easily illegal. You need to do the spy job in windows, with a windows program. I have seen some programs doing it, specially in school classes. -- Cheers, Carlos Robinson
On Wednesday 15 October 2003 09:17, Carlos E. R. wrote:
The 03.10.10 at 12:28, hay hay wrote:
i have a small network consists of 12 pcs, windows 98, and one server, SuSe Linux 8.2. because of security and observation issues, i want to seize all key strokes coming from the other windows pcs as a log file that a small program generating automatically. my question is that is there any program that its function is like above or nearly like above? i am not an intruder, just a person who wants to see bad weather conditions beforehand.
Mmmm... :-?
In some countries, it can be easily illegal.
You need to do the spy job in windows, with a windows program. I have seen some programs doing it, specially in school classes.
I've seen Windows programs which collect keystrokes, but never one which will log the keystrokes to a Linux box. I expect one could be modified - sources are available if you go to the right places. I wasn't going to help the OP in any way, but perhaps I should cut him some slack and ask exactly what he's worried about. If this is a genuine security concern there's almost certainly a better way to alleviate that concern than what he's asking. --
eatapple core dump
I have used the program "Spector Pro" which records log files. I haven't done so, but it might be possible to share a drive on the server and save the file there. The program has it's limitations tho, if you open a dos window or access dos mode, it can't record the keystrokes. You would need a license for each machine so you will have to inquire on bulk license packs. Buck
-----Original Message----- From: Derek Fountain [mailto:derekfountain@yahoo.co.uk] Sent: Wednesday, October 15, 2003 5:44 AM To: SuSE English Subject: Re: [SLE] automatically getting key strokes as log file
The 03.10.10 at 12:28, hay hay wrote:
i have a small network consists of 12 pcs, windows 98, and one server, SuSe Linux 8.2. because of security and observation issues, i want to seize all key strokes coming from the other windows pcs as a log file that a small program generating automatically. my question is that is there any program that its function is like above or nearly like above? i am not an intruder, just a
wants to see bad weather conditions beforehand.
Mmmm... :-?
In some countries, it can be easily illegal.
You need to do the spy job in windows, with a windows
On Wednesday 15 October 2003 09:17, Carlos E. R. wrote: person who program. I have
seen some programs doing it, specially in school classes.
I've seen Windows programs which collect keystrokes, but never one which will log the keystrokes to a Linux box. I expect one could be modified - sources are available if you go to the right places.
I wasn't going to help the OP in any way, but perhaps I should cut him some slack and ask exactly what he's worried about. If this is a genuine security concern there's almost certainly a better way to alleviate that concern than what he's asking.
--
eatapple core dump
-- Check the headers for your unsubscription address For additional commands send e-mail to suse-linux-e-help@suse.com Also check the archives at http://lists.suse.com Please read the FAQs: suse-linux-e-faq@suse.com
On Wednesday 15 October 2003 09:17, Carlos E. R. wrote:
The 03.10.10 at 12:28, hay hay wrote:
i have a small network consists of 12 pcs, windows 98, and one server, SuSe Linux 8.2. because of security and observation issues, i want to seize all key strokes coming from the other windows pcs as a log file that a small program generating automatically. my question is that is there any program that its function is like above or nearly like above? i am not an intruder, just a person who wants to see bad weather conditions beforehand.
Mmmm... :-?
In some countries, it can be easily illegal.
You need to do the spy job in windows, with a windows program. I have seen some programs doing it, specially in school classes.
I've seen Windows programs which collect keystrokes, but never one which will log the keystrokes to a Linux box. I expect one could be modified -
are available if you go to the right places.
I wasn't going to help the OP in any way, but perhaps I should cut him some slack and ask exactly what he's worried about. If this is a genuine security concern there's almost certainly a better way to alleviate that concern
We have a computer lab with internet-access at our private high school. With http proxy we could block the sites specializing in sexual or porno metarials. But internet is not completely http. Irc, telnet, email and a few protocols, which one we should observe fully. So, we want to log all keystrokes encrypted those will be opened and read only under school management permission whenever an undeserved event occurs. hay sources than
what he's asking.
--
eatapple core dump
On 10/16/2003 01:02 AM, hay hay wrote:
We have a computer lab with internet-access at our private high school. With http proxy we could block the sites specializing in sexual or porno metarials. But internet is not completely http. Irc, telnet, email and a few protocols, which one we should observe fully. So, we want to log all keystrokes encrypted those will be opened and read only under school management permission whenever an undeserved event occurs.
I would suggest using a firewall to block access to all services YOU do not want to offer, and filter those you do (as with web, via proxy + filter, i.e. Dan's Guardian). If the internal computer are NAT'ed, only masquerade the actual ports/protocols YOU want to allow. It is better than key logging, which basically relies only on some subjective enforcement to work. -- Joe Morris New Tribes Mission Email Address: Joe_Morris@ntm.org Web Address: http://www.mydestiny.net/~joe_morris Registered Linux user 231871 God said, I AM that I AM. I say, by the grace of God, I am what I am.
I doubt key-logging will stop the relentless search for excitement among the students! It is a worry though, I do understand. I'm not an expert, but I'm willing to bet there is a more sensible strategy. Jake On Wednesday 15 October 2003 18:02, hay hay wrote:
We have a computer lab with internet-access at our private high school. With http proxy we could block the sites specializing in sexual or porno metarials. But internet is not completely http. Irc, telnet, email and a few protocols, which one we should observe fully. So, we want to log all keystrokes encrypted those will be opened and read only under school management permission whenever an undeserved event occurs.
hay
On Wednesday 15 October 2003 09:17, Carlos E. R. wrote:
The 03.10.10 at 12:28, hay hay wrote:
i have a small network consists of 12 pcs, windows 98, and one server, SuSe Linux 8.2. because of security and observation issues, i want to seize all key strokes coming from the other windows pcs as a log file that a small program generating automatically. my question is that is there any program that its function is like above or nearly like
above? i
am not an intruder, just a person who wants to see bad weather
conditions
beforehand.
Mmmm... :-?
In some countries, it can be easily illegal.
You need to do the spy job in windows, with a windows program. I have
seen
some programs doing it, specially in school classes.
I've seen Windows programs which collect keystrokes, but never one which
will
log the keystrokes to a Linux box. I expect one could be modified -
sources
are available if you go to the right places.
I wasn't going to help the OP in any way, but perhaps I should cut him
some
slack and ask exactly what he's worried about. If this is a genuine
security
concern there's almost certainly a better way to alleviate that concern
than
what he's asking.
--
eatapple
core dump
We are a high school using squid, squidGuard and SuSEfirewall2. This auto-control is sufficient for us, and I don't have to read log files or even report summaries on a daily basis to see who's doing what! YRMD, of course. As far as e-mail goes, I have postfix with access, header and body checks to do heaps of filtering. postfix is set to discard mail over a certain size.On the client end we use Openwebmail with it's own default filters. It is set to disallow sending mail over a certain size. Upshot? All automatic, leaving me time to learn more about SUSE, the best thing since sliced bread and biltong (I'm a South African). HAG1 Darryl. ---- Edgemead High School (Northern Suburbs, Cape Town) Office Tel +27215581132 Office Fax +27215584407 Subject: Re: [SLE] automatically getting key strokes as log file
I doubt key-logging will stop the relentless search for excitement among the students! It is a worry though, I do understand. I'm not an expert, but I'm willing to bet there is a more sensible strategy. Jake
On Wednesday 15 October 2003 18:02, hay hay wrote:
We have a computer lab with internet-access at our private high school. With http proxy we could block the sites specializing in sexual or porno metarials. But internet is not completely http. Irc, telnet, email and a few protocols, which one we should observe fully. So, we want to log all keystrokes encrypted those will be opened and read only under school management permission whenever an undeserved event occurs.
hay
On Wednesday 15 October 2003 09:17, Carlos E. R. wrote:
The 03.10.10 at 12:28, hay hay wrote:
i have a small network consists of 12 pcs, windows 98, and one server, SuSe Linux 8.2. because of security and observation issues, i want to seize all key strokes coming from the other windows pcs as a log file that a small program generating automatically. my question is that is there any program that its function is like above or nearly like
above? i
am not an intruder, just a person who wants to see bad weather
conditions
beforehand.
Mmmm... :-?
In some countries, it can be easily illegal.
You need to do the spy job in windows, with a windows program. I have
seen
some programs doing it, specially in school classes.
I've seen Windows programs which collect keystrokes, but never one which
will
log the keystrokes to a Linux box. I expect one could be modified -
sources
are available if you go to the right places.
I wasn't going to help the OP in any way, but perhaps I should cut him
some
slack and ask exactly what he's worried about. If this is a genuine
security
concern there's almost certainly a better way to alleviate that concern
than
what he's asking.
--
eatapple
core dump
-- Check the headers for your unsubscription address For additional commands send e-mail to suse-linux-e-help@suse.com Also check the archives at http://lists.suse.com Please read the FAQs: suse-linux-e-faq@suse.com ------- End of Original Message -------
The 03.10.15 at 20:02, hay hay wrote:
We have a computer lab with internet-access at our private high school. With http proxy we could block the sites specializing in sexual or porno metarials. But internet is not completely http. Irc, telnet, email and a few protocols, which one we should observe fully. So, we want to log all keystrokes encrypted those will be opened and read only under school management permission whenever an undeserved event occurs.
Then what you need is to track internet traffic, not keyboard keystrokes. Programs like tcpdump or ethereal would do it, but the filtering and analysis you need is not included. And the volume could be huge. Tracking email, for example, in my country, would be illegal, even inside a company. Mail is considered private. On the other hand, addresses (From, to, subject, date) can be recorded - in fact, there is an obligation for servers (ISPs) to do so here, but I'm unsure whether they are actually doing so. In any case, they are not analyzing content. Well, the CIA would ;-/ -- Cheers, Carlos Robinson
Thank you all very much for your interest and reply.
hay
----- Original Message -----
From: "Carlos E. R."
The 03.10.15 at 20:02, hay hay wrote:
We have a computer lab with internet-access at our private high school.
With
http proxy we could block the sites specializing in sexual or porno metarials. But internet is not completely http. Irc, telnet, email and a few protocols, which one we should observe fully. So, we want to log all keystrokes encrypted those will be opened and read only under school management permission whenever an undeserved event occurs.
Then what you need is to track internet traffic, not keyboard keystrokes. Programs like tcpdump or ethereal would do it, but the filtering and analysis you need is not included. And the volume could be huge.
Tracking email, for example, in my country, would be illegal, even inside a company. Mail is considered private.
On the other hand, addresses (From, to, subject, date) can be recorded - in fact, there is an obligation for servers (ISPs) to do so here, but I'm unsure whether they are actually doing so. In any case, they are not analyzing content. Well, the CIA would ;-/
-- Cheers, Carlos Robinson
-- Check the headers for your unsubscription address For additional commands send e-mail to suse-linux-e-help@suse.com Also check the archives at http://lists.suse.com Please read the FAQs: suse-linux-e-faq@suse.com
On Wed, 2003-10-15 at 20:16, Carlos E. R. wrote:
The 03.10.15 at 20:02, hay hay wrote:
We have a computer lab with internet-access at our private high school. With http proxy we could block the sites specializing in sexual or porno metarials. But internet is not completely http. Irc, telnet, email and a few protocols, which one we should observe fully. So, we want to log all keystrokes encrypted those will be opened and read only under school management permission whenever an undeserved event occurs.
Then what you need is to track internet traffic, not keyboard keystrokes. Programs like tcpdump or ethereal would do it, but the filtering and analysis you need is not included. And the volume could be huge.
There are also programs that will let you see the pictures that are coming in over the connection. One such program is called Driftnet. You can do a google for it. It will also let one see any mpeg movies that are coming into the network.
Tracking email, for example, in my country, would be illegal, even inside a company. Mail is considered private.
Not sure about tracking but employers are allowed to read ones email here in the US.
On the other hand, addresses (From, to, subject, date) can be recorded - in fact, there is an obligation for servers (ISPs) to do so here, but I'm unsure whether they are actually doing so. In any case, they are not analyzing content. Well, the CIA would ;-/
Unfortunately, that is becoming more and more common :( -- Marshall "Nothing is impossible, we just do not have all the answers to make the impossible, possible."
The 03.10.16 at 06:29, Marshall Heartley wrote:
Tracking email, for example, in my country, would be illegal, even inside a company. Mail is considered private.
Not sure about tracking but employers are allowed to read ones email here in the US.
That has gone to court here (Spain), and the employer lost it. He was watching his employee use of internet, and fired him for improper use of internet while working, or some such thing. He was fined and forced to rehire paying the lost wages... this usually means he just pays a fair sum of money, and the employee looks for another place (if he accepts). The judge said that the email was private - even on company time, company computers and company servers, or some thing similar. It was a few years ago, I don't remember the details. -- Cheers, Carlos Robinson
On Thu, 2003-10-16 at 10:06, Carlos E. R. wrote:
The 03.10.16 at 06:29, Marshall Heartley wrote:
Tracking email, for example, in my country, would be illegal, even inside a company. Mail is considered private.
Not sure about tracking but employers are allowed to read ones email here in the US.
That has gone to court here (Spain), and the employer lost it. He was watching his employee use of internet, and fired him for improper use of internet while working, or some such thing. He was fined and forced to rehire paying the lost wages... this usually means he just pays a fair sum of money, and the employee looks for another place (if he accepts). The judge said that the email was private - even on company time, company computers and company servers, or some thing similar. It was a few years ago, I don't remember the details.
Well the last time I looked, it was enforceable here. I have seen companies do just that. Fire people for improper use of the internet. No kidding! -- Marshall "Nothing is impossible, we just do not have all the answers to make the impossible, possible."
The 03.10.16 at 20:14, Marshall Heartley wrote:
Well the last time I looked, it was enforceable here. I have seen companies do just that. Fire people for improper use of the internet.
No kidding!
I know... every country has different rules. Employee protections is higher here, perhaps (specially compared to the USA), or they assimilate it to surface mail, I don't know. The sentence was around 2000 or 2001, so I don't remember the details. And the law could have changed, our goverment has being active around 'information technologies'. -- Cheers, Carlos Robinson
On Wed, 2003-10-15 at 20:16, Carlos E. R. wrote:
The 03.10.15 at 20:02, hay hay wrote:
We have a computer lab with internet-access at our private high school. With http proxy we could block the sites specializing in sexual or porno metarials. But internet is not completely http. Irc, telnet, email and a few protocols, which one we should observe fully. So, we want to log all keystrokes encrypted those will be opened and read only under school management permission whenever an undeserved event occurs.
Then what you need is to track internet traffic, not keyboard keystrokes. Programs like tcpdump or ethereal would do it, but the filtering and analysis you need is not included. And the volume could be huge.
Tracking email, for example, in my country, would be illegal, even inside a company. Mail is considered private.
On the other hand, addresses (From, to, subject, date) can be recorded - in fact, there is an obligation for servers (ISPs) to do so here, but I'm unsure whether they are actually doing so. In any case, they are not analyzing content. Well, the CIA would ;-/
-- Cheers, Carlos Robinson
I've never used 'snort', but it is designed to monitor IP traffic and identify intrusions. That obviously includes a huge amount of pattern matching capability. Maybe it can somehow be configured to do what you want. Greg -- Greg Freemyer
On Wednesday 15 October 2003 09:02, hay hay wrote:
We have a computer lab with internet-access at our private high school. With http proxy we could block the sites specializing in sexual or porno metarials. But internet is not completely http. Irc, telnet, email and a few protocols, which one we should observe fully. So, we want to log all keystrokes encrypted those will be opened and read only under school management permission whenever an undeserved event occurs.
Zieg Heil!!! Why don't you just teach a few ethics courses instead. Start by teaching the staff. -- _____________________________________ John Andersen
On Thu, 2003-10-16 at 05:42, John Andersen wrote:
On Wednesday 15 October 2003 09:02, hay hay wrote:
We have a computer lab with internet-access at our private high school. With http proxy we could block the sites specializing in sexual or porno metarials. But internet is not completely http. Irc, telnet, email and a few protocols, which one we should observe fully. So, we want to log all keystrokes encrypted those will be opened and read only under school management permission whenever an undeserved event occurs.
Zieg Heil!!!
Why don't you just teach a few ethics courses instead. Start by teaching the staff.
Unfortunately, some people do not have any ethics. So the system administrators have to keep the rules enforced. Looking at keystrokes is a little extreme though. But I do know of instances that recording keystrokes helped some. I guess it will depend on the situation. -- Marshall "Nothing is impossible, we just do not have all the answers to make the impossible, possible."
participants (10)
-
Buck -
Carlos E. R. -
darryl penny -
Derek Fountain -
Greg Freemyer -
hay hay -
Jake Pumphrey -
Joe Morris (NTM) -
John Andersen -
Marshall Heartley