The guy that gave this LISA talk isn't a complete idiot, and even though it was
2010, you might still find some applicable ideas in there:
Enterprise-scale Employee Monitoring | USENIX
| |
| | | | | | | |
| Enterprise-scale Employee Monitoring | USENIXSince June 2009, I have been th
> Suppose a company has a policy about permitted use of the company laptops
> and internet, but you have suspicion that some user(s) are using it for
> illicit purposes such as porn. You've already taken measures to prevent
> accidental access - content filtering firewall, dns filtering, etc.
>
>
>
[mailto:tech-boun...@lists.lopsa.org] On
Behalf Of Graham Dunn
Sent: Friday, February 19, 2016 9:51 AM
To: tech@lists.lopsa.org; Edward Ned Harvey (lopser)
Subject: Re: [lopsa-tech] Identify illicit behavior
We use OpenDNS Umbrella, with only the malware deny mode on, but everything is
logged and
On Fri, Feb 19, 2016 at 03:12:54PM +, Edward Ned Harvey (lopser) wrote:
> Suppose a company has a policy about permitted use of the company laptops and
> internet, but you have suspicion that some user(s) are using it for illicit
> purposes such as porn. You've already taken measures to preve
We use OpenDNS Umbrella, with only the malware deny mode on, but everything is
logged and OpenDNS will generate a report of flagged URLs, so it's possible to
go back to your own systems (we send all DNS/DHCP activity into ELK) and
correlate who it was. OpenDNS will also sell you a box that does