I'd want to know how it worked before it went anywhere close to my network.
Not stop porn - just a one off report.
I'd want to know how it worked before it went anywhere close to my network.
Mitch has described the system as 'post occurrence', which means that it must be a log file analyser and report generator. If this is not the case then perhaps Mitch will tell us how it works? If he's not willing to give more details about how it works then it woud be difficult to assess it's suitability for use on any particular network,
I guess it's the overall service that makes the product unique.
A number of questions have arisen,
I will try and answer them briefly
It is not a log file analyser, it can also be used on individual computers as well as networked.
its not the overall service that makes this unique read below
I quite agree with your statement.
My sofware scans for files created by the operating system itself.
Your statement is the most common one i have found, not only does my service stop users accessing porn , we create a report of ALL innapropriate websites that have been accessed on the school network.
Therefore able to go to the ISP of the school and request that these are added to a black list.
You imagine mark this
I give you a report that shows the following
on the 27/03/06 at 12:07:42 SIMON went on google and searched for women F***ING
Then went on Google images and searched for the same
You now imagine having this data in your hand, you go to the pupil and ask them to explain this because this has happened EVERYTIME HE/SHE uses the network.
Its not the software that stops pupils from inappropriate behaviour on the network its the knowledge that, any misuse WILL BE detected, by an outside agency, the 98% reduction that we have proved during the pilot is a result of pupils not ATTEMPTING to view porn sites, the remaining 2% were pupils that had no regard to authority and accidental access.
Thanks for your comment, betatesters is not really required, I have proved that it works. what i need is us to do a Education Establishment, and the school network manager gives us a report of what we have done and achieved, for everyone to see.
And give us feedback if anything can be improved
I recieved this referance from a schools Head of ICT
"I have no hesitation stating that his work and the detail of his findings were remarkable.
He produced a detailed report of events going back to when the server was first introduced. His brief was to report on any interrogations by students that he thought was innapropriate. Again i can only emphasise that the detail was impressive.
In follow up he visited the school and took part in a number of meetings with the students and volunteered to do the same with parents. as a result of his work the amount of misuse by students has dropped dramatically, in addition the parents have been informed of our safety measures and we have recieved tremendous support.
without hesitation i reccomend his service to you."
I think what concerns members, is the methods used to find the data.
Most of the network configurations used scrub a lot of user settings at logoff or when the computer restarts. Users also have limited if any profiles.
If system files are inspected, how can you be sure that files are not being checked after pertinent details have been scrubbed?
Also, is this service limited to use of Internet Explorer, or will it work with other browers - Firefox, Opera...? Also, browsing within applications such as Office, StarOffice, OpenOffice, Explorer, etc. should also be considered.
Another question would be whether the service works for non-Windows based networks. Many members of EduGeek are implementing Linux and Mac clients on their networks.
Until all the above points can be addressed fully so that ALL Internet activity is guaranteed to be detected, can network managers contemplate spending money on such a service.
I am not knocking the service, as it could prove to be very time consuming to perform such a thorough search, however writing the proxy logs to a SQL server and running a couple of queries could produce similar results.
I already have this data though, and can produce reports for students when required. It doesn't stop them trying, nor does it stop them using others accounts. They are teenagers, there is nothing practical more I can do except change to a whilelist system.Originally Posted by Mitch
So you can actually identify what the pupils have actually searched for within any search engine, website ect.Originally Posted by DMcCoy
@mitch: All you have to do is look at the website URL. For instance if you use google to search for 'searchterm', the URL is:
yes i agree but that is for just google, the task would be massive, the way i do it is similar but its totaly automated i can fully report on a schools 1000+ users in 24hours since birth of the server.
For example you do me a report of all users, all sites, for the the past 5years of all internet misuse upon your network.
covering my eairlier post of violations
covering any pupil using french german, spanish or english
Including the ability to identify the user
in easy to read format
This is what i can do
the last school i produced over 10,000 pages of reports and i have 1,000 of urls that in my opinion the ISP's of schools should block.
How i do it really isnt the point
Protecting the Pupils, Schools, Headmasters, Governors, LEA's, ISP's is
Most of all the Kids
Wouldnt you all agree
@Mitch: Like I said in a previous post, the service you offer is no doubt of benefit as long as you can guarantee the accuracy of your results and that occurances aren't missed due to user settings, etc. being wiped.
The example I stated above was in reply to your question. Simply run a search across the proxy log and pull each line that contains the keywords. These line then contain the username, date, time, URL and PC.
I know that this would be time consuming and would undoubtably omit many potential areas of abuse. This is where your service comes in... as long as you can guarantee that it will work on heterogeneous networks comprising of Windows, Apple, *nix, etc. and including thin and fat client architectures.
Please don't take this as me 'slagging off' your service - this is simply what I would be asking for before employing you or recommending your service to any schools.
Just come back from a few days off and I'm picking up on this ...
Could you explain to me a few things?
1. Do you run a client on the local machine as part of this collection of activities or is it through existing logs and files?
2. How do you deal with non-windows systems?
3. There are already several similar systems on the market... what makes this different to things like Securus, etc?
4. There are certain requirements set out by BECTa and DfES as to connectivity in schools, one of these being filtering of internet access. Do you see your solution as an addition or a replacement of a content filtering system in schools?
I do see a need for services such as these, but only in context. If a school has a competant network manager\technician then there should be no problems at all as a suitable logging and filtering system will be in place. If a school has no such persons or systems in place then this kind of service can be of great help, but only if:
It records actual sites sucessfully visited, not attempted. I couldn't give a damm what they want to get to, so long as they don't get there. Trying to prevent 1000 pupils all in the throws of puberty from accessing unscholerly material on the internet is a hard job at the best of times and logging evey attempt to access a website then reviewing them is a waste of valuble time.
I have had previous experience of this kind of service being 'thrust' upon schools. In my region a certain company tried scare tactics to get us to allow them into schools. They told us of a school in which masses of pornographic material had been found on PC's and in user areas. They would not tell us which school, how the materials had got there or any other relevent information. In the end we sent them packing.
You may be offering it as a school security audit type service, but I would advise you also try and market yourself as a service schools can use in a more informal come-to-our-assembly-and-tell-the-kids-just-what-gets-recorded kind of way. Many school techies would be more tahn happy to see the kids getting a good lecture on the subject, even if no audit took place.
These are just my thoughts. Thanks for the PM's Mitch. I will reply tomorrow.
EduGeek regulars will know that I'm a pedantic SOB, so here goes.
Mitch, the service must by definition be a log analyser of some form. If detection is 'post-occurence' as you have stated, then the information must be retrievable after the event. The information must therefore be logged somewhere (wether it be in proxy logs, event logs or a database of some kind). Your service must be accessing this data and performing analysis/reporting upon it. QED - Log file analysis.
If your service can retrieve information which has not been stored then maybe you can also solve the Black Hole Information Loss problem
There are currently 1 users browsing this thread. (0 members and 1 guests)