Stealth surfing at work isn't going to save you.

**nickel** · 07-11-2006, 11:36 AM

Risky Business: Stealth Surfing at Work
Not long after I told my buddy about Anonymizer, I heard from another friend, an IT director for a fairly large company. It may not be such a good idea to surf anonymously at the office:

I recently had an employee, an MIS employee at that, fired. He was using Anonymizer at work. We have a tracking system (Web Inspector) and I kept noticing that he was leaving no tracks.

I consulted with my supervisor and he decided that I should analyze the employee's system. I found footprints, hacking, and a batch file he used to delete all Internet traces. So I sent the system off to forensics and they found all the bits, each and every one. We're now in legal limbo. The employee is being fired, not for the hacking or the batch file, but for using the Anonymizer.

Thought maybe you'd be interested in hearing about the dangers of using the Anonymizer in the workplace. They claim the Anonymizer hides your tracks at work--but I guess not all of them.
--Name Withheld, Network and Computer Systems Administrator

I asked George Siegel, my network guru, what he thought. Here's what he said: "It's interesting to note how the user was initially discovered--by the absence of anything incriminating. Network professionals have logs showing just about everything that goes on and they look for any deviation from the norm. I can always tell who is up to no good... their computers are scrupulously clean."

http://www.pcworld.com/howto/article...,126155,00.asp

So even if you "clean up" afterwards you still are at risk.
as DF would say, "Dayum!"

Do you use a proxy server at all?

**Cubsfan** · 07-11-2006, 11:51 AM

I'd probably say that if I'm not comfortable looking at something non-anonymously at work, I shouldn't be looking at it at all at work. Doesn't seem like that hard of a concept.

**gwilks98** · 07-11-2006, 07:03 PM

Originally Posted by Cubsfan

I'd probably say that if I'm not comfortable looking at something non-anonymously at work, I shouldn't be looking at it at all at work. Doesn't seem like that hard of a concept.

I agree with you to a certain extent. Some employers are rediculously strict on webuse, and I feel you should treat your employees like you trust them. Act like you don't trust them and they're likely to act like they don't trust you.

**InfiniteNothing** · 07-11-2006, 08:13 PM

Originally Posted by nickel

http://www.pcworld.com/howto/article...,126155,00.asp

So even if you "clean up" afterwards you still are at risk.
as DF would say, "Dayum!"

Do you use a proxy server at all?

So next time make sure the batch file wipes the internet info?

**Houdini** · 07-12-2006, 02:42 AM

Sounds kinda weird that their evidence was that the guy HADN'T been seen using traffic, etc. So NOT making noise will get you in trouble too I guess.

**Jeffbx** · 07-12-2006, 05:02 AM

If an employer wants to find out what you're doing, they will.

I've been part of a few internal investigations (on the invetigating side, fortunately!), and it's relatively trivial to catch someone doing something they shouldn't be, even if they think they're fooling everyone.

For example:

- Doing a google image search for dirty pictures WILL show up on the log files
- Running an FTP server from your work PC to trade MP3s stands out pretty clearly as well
- If you're connected to the LAN at work, pretty much any traffic you send - whether it goes through an anonymizer or not - can be monitored
- If you think you've cleaned up after yourself, just remember that files CAN be recovered, and there may be some places you forget to clean

and one important tip:

- If you have a laptop & you must watch inappropriate movies on it, PLEASE delete them before you give the machine to IT for service. I like a good porno as much as the next guy, but I *really* don't need to picture the older, bald salesguy sitting in his hotel enjoying 'Romancing the Bone' or 'On Golden Blonde' (shudder)