+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 21
How do you do....it? Thread, Tracking abusive usage? in Technical; I wasn't expecting to ever have to post this sort of thing up but last night someone with access to ...
  1. #1
    contink's Avatar
    Join Date
    Jul 2006
    Location
    South Yorkshire
    Posts
    3,791
    Thank Post
    303
    Thanked 327 Times in 233 Posts
    Rep Power
    118

    Tracking abusive usage?

    I wasn't expecting to ever have to post this sort of thing up but last night someone with access to one of my schools made the mistake of using the schools PC's to access some inappropropriate content on the web and then print it off..

    Perhaps their biggest mistake was doing it just as I was logged in remotely to check out a few printer queue problems and other admin else I might not have noticed.

    Now, I've dealt with the issue as best I can in terms of informing the relevant head, collecting what evidence I can, and closing a rather glaring loophole in our filter etc... but I'm aware that what I have in terms of info' is sketchy at best.

    So, can anyone suggest a pro-active approach that would allow me to track who, where and when someone has used/abused the system in future.

    Just to note.. what I have at present is:
    - auditing turned on (which gives me login/off, time, etc..)
    - PaperCut print logging (gives me username, time, file, etc)

  2. #2
    mark's Avatar
    Join Date
    Jun 2005
    Posts
    3,958
    Thank Post
    248
    Thanked 49 Times in 45 Posts
    Blog Entries
    2
    Rep Power
    46

    Re: Tracking abusive usage?

    Forensic software that auto sceen grabs as flagged content is viewed? - Securus or Policy Central.

  3. #3

    TechMonkey's Avatar
    Join Date
    Dec 2005
    Location
    South East
    Posts
    3,286
    Thank Post
    225
    Thanked 405 Times in 302 Posts
    Rep Power
    162

    Re: Tracking abusive usage?

    Proxy logging? We have a smartcache box that logs everywhere the kids try and go. I do a report everyday to check what people are hitting against and spot any potential trouble makers. Also allows us to check where someone has been if we hear of anything dodgy, check who else has used a site when we find something dodgy and who was around when someone looked at something.

  4. #4
    contink's Avatar
    Join Date
    Jul 2006
    Location
    South Yorkshire
    Posts
    3,791
    Thank Post
    303
    Thanked 327 Times in 233 Posts
    Rep Power
    118

    Re: Tracking abusive usage?

    Thanks for those...

    I've realised that part of my problem is that the staff member used a childs account to get online so part of what I need to do is lock down childrens accounts such that they can only be used during a normal school day. That and take the attitude that I'm working in a secondary and tighten up the security significantly..

  5. #5
    mark's Avatar
    Join Date
    Jun 2005
    Posts
    3,958
    Thank Post
    248
    Thanked 49 Times in 45 Posts
    Blog Entries
    2
    Rep Power
    46

    Re: Tracking abusive usage?

    As it happens we allow only logins student logins between 8:30am and 4pm. Could be a problem when we move to 24hr access tho'.

    Seems a really dangerous thing to do by the teacher - that kids account now has that site in their history!

  6. #6


    Join Date
    Oct 2006
    Posts
    3,411
    Thank Post
    184
    Thanked 356 Times in 285 Posts
    Rep Power
    148

    Re: Tracking abusive usage?

    Quote Originally Posted by contink
    Thanks for those...

    I've realised that part of my problem is that the staff member used a childs account to get online so part of what I need to do is lock down childrens accounts such that they can only be used during a normal school day. That and take the attitude that I'm working in a secondary and tighten up the security significantly..

    Can your proxy not integrate with AD? If so theres no way anyone could use someone elses logon. Saves them having 2 passwords aswell. Get it sorted!


    Sawmill is a peice of software designed to make up for the terrible logging facilities in the child like proxies like equinet cachepilot.
    Seems the business for what it is, although its nothing more than what a proper proxy does as standard. Only around £60 so worth it if you have been forced to use an inadiquate proxy.

  7. #7

    bossman's Avatar
    Join Date
    Nov 2005
    Location
    England
    Posts
    3,905
    Thank Post
    1,186
    Thanked 1,057 Times in 749 Posts
    Rep Power
    328

    Re: Tracking abusive usage?

    contink: Has this teacher been disciplined by any chance? and how did the teacher know the childs password for their login.

    Are they fixed passwords?
    If they are i would ensure that only the child knows their password by allowing them to change them frequently.

    Same goes for staff every thirty days: they may well moan but it keeps them on their toes and the network security a little safer.

  8. #8
    ICT_GUY's Avatar
    Join Date
    Feb 2007
    Location
    Weymouth
    Posts
    2,261
    Thank Post
    646
    Thanked 283 Times in 204 Posts
    Rep Power
    104

    Re: Tracking abusive usage?

    As for the printers, I have them set to not delete the spool file after its printed, and I have the print cue restricted to admins. Basicaly anything that is printed, I can reprint at a later date along with the time and date it was printed. It helps and costs nowt. It also puts the fear of admin into people who would otherwise print their holiday snaps off on the colour laser printer.

  9. #9
    contink's Avatar
    Join Date
    Jul 2006
    Location
    South Yorkshire
    Posts
    3,791
    Thank Post
    303
    Thanked 327 Times in 233 Posts
    Rep Power
    118

    Re: Tracking abusive usage?

    Quote Originally Posted by mark
    As it happens we allow only logins student logins between 8:30am and 4pm. Could be a problem when we move to 24hr access tho'.
    That's my first port of call... All pupils accounts have been set to have access between 8am and 4pm and the GPO updated to enforce this with a logoff if outside the hours.

    Thankfully I don't have to worry about 24 hour access.

    Seems a really dangerous thing to do by the teacher - that kids account now has that site in their history!
    Dangerous isn't the half of it... I'm not in a position to prove anything until we get CCTV footage checked but I'm reasonably certain this isn't teaching staff.

    On the up side this has highlighted deficiencies in the security setup and taught me a number of valuable lessons, thankfully before the kids worked anything out, so I'm seeing the silver lining.


    As to the proxy side of things.. that's the next stage.. part of the problem is that we're using 2 different net connections and I'm still tweaking things on the filtering side of things before I go further.. Something for the summer though, definitely!

  10. #10

    Join Date
    Aug 2005
    Location
    London
    Posts
    3,154
    Thank Post
    114
    Thanked 527 Times in 450 Posts
    Blog Entries
    2
    Rep Power
    123

    Re: Tracking abusive usage?

    Quote Originally Posted by bossman
    Are they fixed passwords?
    If they are i would ensure that only the child knows their password by allowing them to change them frequently.

    Same goes for staff every thirty days: they may well moan but it keeps them on their toes and the network security a little safer.
    There's plenty of evidence that forcing regular password changes does no such thing, particularly if you try and enforce strong passwords. What generally happens is that users either use a password stem and just stick a number on the end or they write their password down and stick it on the monitor!

    http://www.microsoft.com/emea/itssho...px?videoid=540 has some info on the tradeoffs between tight security and making it possible to do the job.

  11. #11
    mrforgetful's Avatar
    Join Date
    May 2006
    Posts
    1,637
    Thank Post
    7
    Thanked 15 Times in 15 Posts
    Rep Power
    22

    Re: Tracking abusive usage?

    If it's very serious (ie. we had a student look at some nudity of people who were a very questionable age) then report it to the authorities, we had one of our computers taken away for investigation.

  12. #12
    contink's Avatar
    Join Date
    Jul 2006
    Location
    South Yorkshire
    Posts
    3,791
    Thank Post
    303
    Thanked 327 Times in 233 Posts
    Rep Power
    118

    Re: Tracking abusive usage?

    Quote Originally Posted by mrforgetful
    If it's very serious (ie. we had a student look at some nudity of people who were a very questionable age) then report it to the authorities, we had one of our computers taken away for investigation.
    Thankfully it's not THAT serious... low-ish grade stuff that didn't trigger the DansGuardian. But for all that serious enough given that we have primary age children here.

    Password security is always an issue but in this instance I'm opting to use this as a real world example for next year.. The clincher being that staff need to remember and keep their password safe or they may be seen as a suspect if it happens again.

    @srochford:
    Thanks for the trade off link... useful stuff

  13. #13
    tosca925's Avatar
    Join Date
    Aug 2005
    Location
    Midlands
    Posts
    1,547
    Thank Post
    4
    Thanked 4 Times in 4 Posts
    Rep Power
    22

    Re: Tracking abusive usage?

    We recently installed Policy Central (again) and it is now far better. I am the first to put my hands up and say that i did slag it off over 12 -18 months ago has it caused all sorts of grief with educational software (Smartboard, Promethean, etc etc,)

    I recently installed the ltest version and it is far better nad have had no problems what soever. Yu can deploy the client via GPO or via the software’s own deployment tool.

    It does catch the kids and staff out when you can reproduce colour pictures of their wrong doings.


    Just thought i would mention them again as i also like to praise software vendors as well as slag them off.

  14. #14
    originofsymmetry's Avatar
    Join Date
    Jun 2007
    Posts
    186
    Thank Post
    9
    Thanked 14 Times in 11 Posts
    Rep Power
    17

    Re: Tracking abusive usage?

    Quote Originally Posted by ICT_GUY
    As for the printers, I have them set to not delete the spool file after its printed, and I have the print cue restricted to admins. Basicaly anything that is printed, I can reprint at a later date along with the time and date it was printed. It helps and costs nowt. It also puts the fear of admin into people who would otherwise print their holiday snaps off on the colour laser printer.
    How does one do this? I would like to know please thnx Dont mean to steal his thread btw just a quick question.

  15. #15
    mrforgetful's Avatar
    Join Date
    May 2006
    Posts
    1,637
    Thank Post
    7
    Thanked 15 Times in 15 Posts
    Rep Power
    22

    Re: Tracking abusive usage?

    Quote Originally Posted by originofsymmetry
    Quote Originally Posted by ICT_GUY
    As for the printers, I have them set to not delete the spool file after its printed, and I have the print cue restricted to admins. Basicaly anything that is printed, I can reprint at a later date along with the time and date it was printed. It helps and costs nowt. It also puts the fear of admin into people who would otherwise print their holiday snaps off on the colour laser printer.
    How does one do this? I would like to know please thnx Dont mean to steal his thread btw just a quick question.
    Go to Printer Properties, Advanced Tab and select 'Keep Printed Documents'.

    Check the Security on the printer to make sure only the people and groups you want to be able to delete the queue have 'Manage Documents' permission.

SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. Asset Tracking
    By manick in forum Hardware
    Replies: 3
    Last Post: 19th September 2007, 10:16 AM
  2. Tracking Bittorent
    By binky in forum Wireless Networks
    Replies: 1
    Last Post: 7th September 2007, 12:40 AM
  3. Tracking email abuse
    By blackcat in forum How do you do....it?
    Replies: 2
    Last Post: 21st August 2007, 12:02 PM
  4. Asset Management/Tracking
    By Scotmk in forum How do you do....it?
    Replies: 13
    Last Post: 7th June 2007, 08:54 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •