I don't know how you could use DNS to reliably figure out what webQuote:>or what tools are available to report on the websites that my users are
>visiting. I am running internal and external DNS on separate boxes on a
>Solaris 8 x86 platform.
If you really want to (or need to, such as because of company mandate)
monitor web traffic, you'll need to either monitor HTTP traffic on your
firewall / router, or you'll need to force all web requests to go
through a proxy server.
A little anecdote: At one place where I worked, the company policy
prohibited employees from visiting (ahem) certain kinds of web sites.
My boss, though he did not like it, was charged with enforcing this
His solution was to log all web access at the web proxy. He then ran a
little tool (a shell script he wrote, I think) on his workstation to
constantly monitor the logs and compare them against two lists: one of
sites known to be O.K. and the other of sites known not to be. He'd
get an alert if the site was unknown (in which case he'd determine
which list to add it to) and of course an alert if a site was known to
All desktop machines at the site were running some form of Unix or
another, all with static IP addresses, so it was easy to determine
whose account was used to access the site. Since this system worked in
real time, he would often be able to look up the offending person in
the company phone directory and call them while they were still looking
at the web site. He'd then ask them to come to his office and have a
talk about company policy.
This was very effective. He said he had only ever had one person do it
twice, and zero people more than twice. And these results were
achieved without actually blocking traffic to certain web sites.
whose? my your his her our their _its_
who's? I'm you're he's she's we're they're _it's_
Ha ha ha :) Was his name George? George Orwell perhaps?Quote:> A little anecdote: At one place where I worked, the company policy
> prohibited employees from visiting (ahem) certain kinds of web sites.
> My boss, though he did not like it, was charged with enforcing this
An equally funny story from the life and times of Dennis Clarke :
I was contracted into a large Godless heathen insurance company that
shall go nameless. Something or other to do with a piece of the rock
but the name escapes me now :). In any case, the HR department was on a
witch hunt and they wanted to know WHAT was in the content of all these
email attachments being sent about. Since it was my job to ensure that
all internet mail flowed with ease I was paid a visit by some niave and
young HR lady who smiled and then dumped the task on me. She actually
told me to keep it quiet and just give her the report. God I love HR
people. I told her I'd like to speak with her manager and after a bit
of verbal sparing I just simply gave up. A few hot emails were flung
about between myself and the HR manager with the key question being "Do
you know what you're asking for? Have you thought about it?". DAMN the
torpedoes and get the report, Corporate wants to know. Fine. I gave
them what they wanted by using some scripts that dug into messages as
they flew through the SMTP gateway. Within a few days after handing
over the report I was called to the office of the IT director who
informed me that I was being walked out the door instantly for violating
the privacy of employees email. I told him that he had better talk with
HR before going too far or a lawsuit was pending. After all, I had
given the IT department three years of zero downtime on the corporate
email system; I could push back a little and the Godless heathen were
paying very well. I survived the incident with a bit of * lost but
the IT director was on the short list of people to be "let go" because
of some * email content. About 75Mb of it in his email. The CEO
had a fit when he found out what was going on and decided that I was
some dumb knuckle-dragging smuck IT guy that simply did what HR wanted.
To say the least, the amount of email attachments flowing through the
SMTP gateway dropped off to virtually nil with the exception of .doc
attachments. I left as quickly as possible with a pile of other
people. I left volentarily however. The IT director as well as a few
other management types were given notice. Ugly. Really an ugly
situation. I'm sure it was all educational for the young HR lady, whose
name escapes me.
Any comments on the setup of the Matrox Mystique, with Xfree86 would be