Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Security problem with user


  • Please log in to reply
8 replies to this topic

#1 Boban_William

Boban_William

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:09:46 AM

Posted 01 June 2016 - 03:49 PM

I have problem with a user on a network of computers. He manages to avoid some of the equipment FortiGate settings and certain restrictions. Since it uses different methods, although the user has only user rights, I would like to implement a secondary measure blocking the user with some restrictions I have a FortiGate machine which provides internet within the network computers and I want to introduce a system (Windows / Linux with some software restriction) between the firewall and the user by restricting certain things (Facebookm yahoo, cloud) restrictions for this user. Any suggestion is welcome....


Edited by Boban_William, 01 June 2016 - 03:49 PM.


BC AdBot (Login to Remove)

 


#2 johnmeehan

johnmeehan

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:01:46 AM

Posted 01 June 2016 - 05:08 PM

MIght be off topic.  If your network is in a business environment, and the user is surfing the net while he should be working, the powers that be in the organization may want to implement the ultimate filter and terminate his employment.



#3 RolandJS

RolandJS

  • Members
  • 4,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Austin TX metro area
  • Local time:01:46 AM

Posted 01 June 2016 - 05:22 PM

MIght be off topic.  If your network is in a business environment, and the user is surfing the net while he should be working, the powers that be in the organization may want to implement the ultimate filter and terminate his employment.

Definitely not off-topic!  One place I worked at...anyone caught doing certain bypasses got a pass to not let the door hit him/her on their way out.  Meanwhile, it's going to better in the long run to have nice, private, chat with that user, let the user know what you know, let the user know that certain operations will be brought to light upline.  Any filter you set up, can eventually be bypassed.


"Take care of thy backups and thy restores shall take care of thee."  -- Ben Franklin revisited.

http://collegecafe.fr.yuku.com/forums/45/Computer-Technologies/

Backup, backup, backup! -- Lady Fitzgerald (w7forums)

Clone or Image often! Backup... -- RockE (WSL)


#4 Smsec

Smsec

  • Members
  • 133 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:46 AM

Posted 01 June 2016 - 07:01 PM

You could configure your DNS server to point Facebook etc to an internal Web server and display a page saying "This site is not allowed by policy" or some statement like that.

 

Here's a couple of free content filtering solutions. I don't have any personal experience with these.

Untangle

DansGuardian

 

Open DNS (now part of Cisco) has service called Umbrella that combines predictive threat intelligence and content filtering but its not free. I've heard good things about it but have no personal experience with their Umbrella service.



#5 Crazy Cat

Crazy Cat

  • Members
  • 808 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Lunatic Asylum
  • Local time:06:46 PM

Posted 01 June 2016 - 07:34 PM

1. Using your router settings. http://www.digitaltrends.com/computing/how-to-block-a-website/3/
2. Block using Windows hosts file. http://www.digitaltrends.com/computing/how-to-block-a-website/

Your employee may know: Methods to circumvent site restrictions. https://www.isaumya.com/access-blocked-websites-isp/

Forgot to add, your employee may know to use the TOR bundled browser on a USB thumb drive to circumvent site restrictions.

Edited by Crazy Cat, 01 June 2016 - 10:23 PM.

 

Two things are infinite: the universe and human stupidity; and I'm not sure about the universe. ― Albert Einstein ― Insanity is doing the same thing, over and over again, but expecting different results.

 

InternetDefenseLeague-footer-badge.png


#6 Boban_William

Boban_William
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:09:46 AM

Posted 03 June 2016 - 04:04 PM

Thank you very much for your answers !!!!!



#7 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,596 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:46 AM

Posted 03 June 2016 - 06:30 PM

MIght be off topic.  If your network is in a business environment, and the user is surfing the net while he should be working, the powers that be in the organization may want to implement the ultimate filter and terminate his employment.


This.

If this employee is using methods to defeat the current security in place to access stuff he's not supposed, then he clearly deserves some kind of disciplinary action since he's going against the company policy. This should be brought up to his higher-ups, and they'll be the ones to deal with this employee. If they refuse to and he continues to do so, then you might want to talk about your higher-ups about reviewing the company browsing policy, since obviously it isn't being enforced, so why have it?

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#8 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,271 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:46 AM

Posted 04 June 2016 - 04:57 AM

In most work environments, the IT staff implements specific policies and procedures for the use of computer equipment and related resources. In fact, many companies will require employees to read those policies and sign a statement of understanding. These official procedures are designed and implemented to provide security and certain restrictions to protect the network. This allows all users to safely use business resources with minimum risk of malware infection, illegal software, and exposure to inappropriate Internet sites or other prohibited activity.

If any employee is disregarding or circumventing these polices, they should be reprimanded for doing so. In fact, in some organizations such actions are sufficient grounds for termination of employment.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#9 RolandJS

RolandJS

  • Members
  • 4,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Austin TX metro area
  • Local time:01:46 AM

Posted 04 June 2016 - 08:10 AM

"...If any employee is disregarding or circumventing these polices, they should be reprimanded for doing so. In fact, in some organizations such actions are sufficient grounds for termination of employment..."

Yep, where I used to work [I retired myself, got browned out] , if a friendly verbal reminder did not resolve the bypassing, sometimes, suddenly, a quiet tap on the shoulder on the way back from break or lunch, that person never makes it back to his/her cubicle, entry key taken up, badge taken up, don't let the door slam behind you please, and all the personal stuff belonging the NowGone would be shipped.    I hope a verbal reminder will suffice!  NonCompliance consequences - one does not want.


Edited by RolandJS, 04 June 2016 - 08:10 AM.

"Take care of thy backups and thy restores shall take care of thee."  -- Ben Franklin revisited.

http://collegecafe.fr.yuku.com/forums/45/Computer-Technologies/

Backup, backup, backup! -- Lady Fitzgerald (w7forums)

Clone or Image often! Backup... -- RockE (WSL)





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users