Announcement

Collapse
No announcement yet.

Need help finding a network tap invisible to network administrator

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Need help finding a network tap invisible to network administrator

    Hi everyone,

    A family member who owns a small business has asked me if there is any appliance that could be added to his network to monitor the network activity of his employees, including his network administrator.

    I know there are software solutions out there, but his admin works on all the computers in the office and so the solution must be invisible to him as well.

    As I was thinking about the problem, I thought an in-line tap type of appliance could work, but I have been unable to find the right solution, if it exists.

    My idea (which may be flawed or not the best) was to reroute the wiring between a router and the workstations, so that it passes through a tap, and that the tap can provide reports on an ip address on the network, how much time surfing, where surfing etc. Assuming that the admin CANNOT see the wiring in the walls, this type of solution would work if the device was in another location, which the admin does not have access to.

    Ideally, a simple solution would be for the tap to collect and report on the data, either through a USB connection to the device or through access via an internal IP address.

    My idea:
    Router -> patch panel -> hidden patch panel -> DEVICE?? -> hidden patch panel -> computer(s)

    The "DEVICE??" should have multiple pass through ports, so that all the computers can pass through the device, and all traffic monitored.

    A requirement is that no additional computer be permanently attached to the "device" for monitoring. An acceptable solution is to have the device connect to another device which does the reporting/monitoring.

    So my questions are:
    Is this legal if for his own business?
    Does a device like this exist?
    If so, what are the best devices to look at?
    What are the best devices/reports for reasonable cost?
    Can this be done for a under a few thousand dollars?

    Please keep in mind that my idea may be flawed, or over complicated, and any suggestions are welcome. I am admittedly brand new to this and have little idea what I am talking about other than the web research I have done.

    Any help is appreciated.

    Thanks!
    Last edited by NetworkNewbee; 29th September 2010, 03:52.

  • #2
    Re: Need help finding a network tap invisible to network administrator

    Originally posted by NetworkNewbee View Post
    So my questions are:
    Is this legal if for his own business?
    Does a device like this exist?
    If so, what are the best devices to look at?
    What are the best devices/reports for reasonable cost?
    Can this be done for a under a few thousand dollars?
    1. Depends on the country.
    2. There are network monitoring hardware appliances out there, but the network admin will know it's there.
    ** Remember to give credit where credit is due and leave reputation points where appropriate **

    Comment


    • #3
      Re: Need help finding a network tap invisible to network administrator

      What are you trying to monitor?
      File access -- use Windows Auditing
      Internet Access -- get a Proxy server
      Email -- Exchange Journalling

      Why are you monitoring it?
      Legal Compliance -- make it visible to users
      Inappropriate Activity --- have an AUP and tell users they are being watched
      Tom Jones
      MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
      PhD, MSc, FIAP, MIITT
      IT Trainer / Consultant
      Ossian Ltd
      Scotland

      ** Remember to give credit where credit is due and leave reputation points where appropriate **

      Comment


      • #4
        Re: Need help finding a network tap invisible to network administrator

        If you're having concerns regarding the trustability of your network administrator, a technical solution may not be the best answer....
        Please do show your appreciation to those who assist you by leaving Rep Point https://www.petri.com/forums/core/im.../icon_beer.gif

        Comment


        • #5
          Re: Need help finding a network tap invisible to network administrator

          Originally posted by tehcamel View Post
          If you're having concerns regarding the trustability of your network administrator, a technical solution may not be the best answer....
          My thoughts exactly.

          If you don't trust him/her then fire them and employ someone you do trust.

          As to the other questions:

          1. Legality is dependent on country.
          2. Your network admin will find any device you install on the network pretty quickly if he/she is doing there job correctly.

          Already been mentioned though.

          Comment


          • #6
            Re: Need help finding a network tap invisible to network administrator

            And if you do fire the Administrator, give NO warning of it and escourt the ex-Administrator from the premises. Also make sure you have all appropriate Usernames and Passwords before committing the final act.
            1 1 was a racehorse.
            2 2 was 1 2.
            1 1 1 1 race 1 day,
            2 2 1 1 2

            Comment


            • #7
              Re: Need help finding a network tap invisible to network administrator

              Thanks for the replies. I agree 100%, and suggested as much. Unfortunately, it is not my company, so I don't make that call. Apparently, he wears many hats, and net work admin is just one of them.

              He isn't all that technical, as I offer advice at times when they need help, and I am far from an admin. He likely would not detect something in the lines, though he would detect monitoring software on the computers.

              I was thinking that a regeneration tap and the Indigo Pro device could do the trick, but not sure if that would work.

              The intent is to determine how much time surfing, and to where, not to monitor email or chat. What devices are out there?

              Thanks again!

              - dan

              Comment


              • #8
                Re: Need help finding a network tap invisible to network administrator

                Install a proxy device in transparent mode.

                We use iPrism in our office.

                Comment

                Working...
                X