Re: [gentoo-user] way off-topic - is it possible to log webmail messages content in an enterprise network
On Wed, Aug 6, 2008 at 3:45 AM, Francisco Ares [EMAIL PROTECTED] wrote: Hi, guys. Sorry to post such off-topic message, but I didn't know where I could ask this question. I know that things such as address, trafic, bandwith are easy to be tracked and logged, but what about, say, my gmail messages - is it possible to log them also? Which package should I use or look for? Thanks Francisco -- If you have an apple and I have an apple and we exchange apples then you and I will still each have one apple. But if you have an idea and I have one idea and we exchange these ideas, then each of us will have two ideas. - George Bernard Shaw Look at beagle. I know they have a gmail backend that can index your gmail emails. Alternatively you can setup a mail client to download the email from the webmail and then index/log/track it locally. Regards Dirk
Re: [gentoo-user] way off-topic - is it possible to log webmail messages content in an enterprise network
On Tue, Aug 5, 2008 at 10:45 PM, Francisco Ares [EMAIL PROTECTED] wrote: Hi, guys. Sorry to post such off-topic message, but I didn't know where I could ask this question. I know that things such as address, trafic, bandwith are easy to be tracked and logged, but what about, say, my gmail messages - is it possible to log them also? Which package should I use or look for? Comparing network statistics with webmail messages is not that simple. The only way I can think for you to keep track of your messages is to sniff unencrypted packages (https wouldn't work), look for specific patterns and use that to estimate usage, of course, I'm considering your statement about bandwidth, traffic, address and the fact that something like that would be a hard, complex and not NEAR fail proof concept, along with the privacy issues, of course. Now, if you wanna keep track of YOUR messages, the best way is to activate IMAP on gmail, and use a client, configure it to store messages locally, and that's about it... Beagle would index this kinda content very easily, and your mail client too. -- Daniel da Veiga
Re: [gentoo-user] way off-topic - is it possible to log webmail messages content in an enterprise network
On 6 Aug 2008, at 14:28, Daniel da Veiga wrote: On Tue, Aug 5, 2008 at 10:45 PM, Francisco Ares [EMAIL PROTECTED] wrote: ... I know that things such as address, trafic, bandwith are easy to be tracked and logged, but what about, say, my gmail messages - is it possible to log them also? Which package should I use or look for? ... The only way I can think for you to keep track of your messages is to sniff unencrypted packages (https wouldn't work), look for specific patterns and use that to estimate usage, of course, I'm considering your statement about bandwidth, traffic, address and the fact that something like that would be a hard, complex and not NEAR fail proof concept, along with the privacy issues, of course. I read OP's question that he isn't interested in the *bandwidth* of the Hotmail messages, per-se - I thought he was just giving bandwidth monitoring as an example of a routine network management task that is easy obvious to undertake in establishing the background to his question. In some companies it is indeed necessary to have a handle on this sort of thing. AIUI to meet certain financial regulations intended to prevent insider-trading (Sarbanes-Oxley?) one must have facilities in place to monitor all communications in out the building. I suppose that at one time recording all telephone calls would have required a prohibitive quantity of cassette tapes, so a supervisor listening in randomly would be acceptable, but leaving webmail accounts ignored is a huge hole. Privacy issues should be covered by a company IT usage policy. I think that stating that all traffic is logged would cover this - see your lawyer as to how you phrase this exactly. Ensure that auditing is undertaken in a documented and regimented manner - it should probably be a separate role from IT admin and or a boss probably shouldn't be looking at his employees emails; you should probably have a person randomly looking at messages for *specific* infractions (and they should probably be trained to ignore anything naughty that isn't specifically within their remit). I have played with wireshark /or etherreal in the past and have been AMAZED at how clearly interactions can be logged when filtering is set correctly. Daniel: might it not be possible to have the firewall drop https connections to hotmail / gmail / yahoo mail domains, thus forcing the users back to unencrypted http? That begs the question: if you can do that, why not just completely block access to webmail sites? Stroller.
Re: [gentoo-user] way off-topic - is it possible to log webmail messages content in an enterprise network
On Wed, Aug 6, 2008 at 11:30 AM, Stroller [EMAIL PROTECTED] wrote: On 6 Aug 2008, at 14:28, Daniel da Veiga wrote: On Tue, Aug 5, 2008 at 10:45 PM, Francisco Ares [EMAIL PROTECTED] wrote: ... I know that things such as address, trafic, bandwith are easy to be tracked and logged, but what about, say, my gmail messages - is it possible to log them also? Which package should I use or look for? ... The only way I can think for you to keep track of your messages is to sniff unencrypted packages (https wouldn't work), look for specific patterns and use that to estimate usage, of course, I'm considering your statement about bandwidth, traffic, address and the fact that something like that would be a hard, complex and not NEAR fail proof concept, along with the privacy issues, of course. I read OP's question that he isn't interested in the *bandwidth* of the Hotmail messages, per-se - I thought he was just giving bandwidth monitoring as an example of a routine network management task that is easy obvious to undertake in establishing the background to his question. In some companies it is indeed necessary to have a handle on this sort of thing. AIUI to meet certain financial regulations intended to prevent insider-trading (Sarbanes-Oxley?) one must have facilities in place to monitor all communications in out the building. I suppose that at one time recording all telephone calls would have required a prohibitive quantity of cassette tapes, so a supervisor listening in randomly would be acceptable, but leaving webmail accounts ignored is a huge hole. Privacy issues should be covered by a company IT usage policy. I think that stating that all traffic is logged would cover this - see your lawyer as to how you phrase this exactly. Ensure that auditing is undertaken in a documented and regimented manner - it should probably be a separate role from IT admin and or a boss probably shouldn't be looking at his employees emails; you should probably have a person randomly looking at messages for *specific* infractions (and they should probably be trained to ignore anything naughty that isn't specifically within their remit). I have played with wireshark /or etherreal in the past and have been AMAZED at how clearly interactions can be logged when filtering is set correctly. Daniel: might it not be possible to have the firewall drop https connections to hotmail / gmail / yahoo mail domains, thus forcing the users back to unencrypted http? That begs the question: if you can do that, why not just completely block access to webmail sites? Yeah, maybe I misunderstood the OP question. If we are talking about an enterprise network, of course, you can even transparently redirect the request, if a proxy is configured at the gateway. Completely blocking webmail is an option, as you correctly stated, security and network policies apply, and there are laws (at least in my country) that say a employer CAN read its employees mails (of their enterprise account, of course). Anyway, a company CAN keep their network (and/or communications in general) clean, reduce security exploits, and keep track of their employees, if they take the time and pay someone to do it (and of course, provide the hardware). I play with sniffers, but never to the extent of analysing package contents, only to create statistics, and its good to know you can do that with filtering (may talk to the boss about that, too much streaming sites eating our bandwidth). PS: I'm almost completing law school. Too bad my english is not THAT good to translate that... lol -- Daniel da Veiga
Re: [gentoo-user] way off-topic - is it possible to log webmail messages content in an enterprise network
Doesn't Gmail support SSL? My email provider provides support for SSL connections (via HTTP, LDAP, POP). If that's the case then it would be extremely difficult (you will need to fake the server's host keys). Furthermore, the ethics of such a practice is questionable. For which case I would side on blocking outside emails altogether rather than get into a situation where you have to justify sniffing someone's personal bank transactions, e.g. -a
Re: [gentoo-user] way off-topic - is it possible to log webmail messages content in an enterprise network
Albert Hopkins wrote: Doesn't Gmail support SSL? My email provider provides support for SSL connections (via HTTP, LDAP, POP). If that's the case then it would be extremely difficult (you will need to fake the server's host keys). Furthermore, the ethics of such a practice is questionable. For which case I would side on blocking outside emails altogether rather than get into a situation where you have to justify sniffing someone's personal bank transactions, e.g. -a gmail is only ssl on sign in if you go through webmail. After that it's all in the clear. POP and IMAP are running securely however (which is why I check my stuff via imap) -- Eric Martin Key fingerprint = D1C4 086E DBB5 C18E 6FDA B215 6A25 7174 A941 3B9F signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] way off-topic - is it possible to log webmail messages content in an enterprise network
On Wed, Aug 6, 2008 at 8:59 AM, Eric Martin [EMAIL PROTECTED] wrote: Albert Hopkins wrote: Doesn't Gmail support SSL? My email provider provides support for SSL connections (via HTTP, LDAP, POP). If that's the case then it would be extremely difficult (you will need to fake the server's host keys). Furthermore, the ethics of such a practice is questionable. For which case I would side on blocking outside emails altogether rather than get into a situation where you have to justify sniffing someone's personal bank transactions, e.g. -a gmail is only ssl on sign in if you go through webmail. After that it's all in the clear. POP and IMAP are running securely however (which is why I check my stuff via imap) If you simply change the URL to https on gmail, you are using SSL. The default is not to use it, so, you gotta type it yourself. https://mail.google.com/mail -- Daniel da Veiga
Re: [gentoo-user] way off-topic - is it possible to log webmail messages content in an enterprise network
Daniel da Veiga wrote: On Wed, Aug 6, 2008 at 8:59 AM, Eric Martin [EMAIL PROTECTED] wrote: Albert Hopkins wrote: Doesn't Gmail support SSL? My email provider provides support for SSL connections (via HTTP, LDAP, POP). If that's the case then it would be extremely difficult (you will need to fake the server's host keys). Furthermore, the ethics of such a practice is questionable. For which case I would side on blocking outside emails altogether rather than get into a situation where you have to justify sniffing someone's personal bank transactions, e.g. -a gmail is only ssl on sign in if you go through webmail. After that it's all in the clear. POP and IMAP are running securely however (which is why I check my stuff via imap) If you simply change the URL to https on gmail, you are using SSL. The default is not to use it, so, you gotta type it yourself. https://mail.google.com/mail Has it always been that way? I could have sworn that only the login was SSL and everything else was in the clear (granted, I don't think I ever tried to change it to https). Live Learn
Re: [gentoo-user] way off-topic - is it possible to log webmail messages content in an enterprise network
On Wed, Aug 6, 2008 at 3:18 PM, Eric Martin [EMAIL PROTECTED] wrote: Daniel da Veiga wrote: On Wed, Aug 6, 2008 at 8:59 AM, Eric Martin [EMAIL PROTECTED] wrote: Albert Hopkins wrote: Doesn't Gmail support SSL? My email provider provides support for SSL connections (via HTTP, LDAP, POP). If that's the case then it would be extremely difficult (you will need to fake the server's host keys). Furthermore, the ethics of such a practice is questionable. For which case I would side on blocking outside emails altogether rather than get into a situation where you have to justify sniffing someone's personal bank transactions, e.g. -a gmail is only ssl on sign in if you go through webmail. After that it's all in the clear. POP and IMAP are running securely however (which is why I check my stuff via imap) If you simply change the URL to https on gmail, you are using SSL. The default is not to use it, so, you gotta type it yourself. https://mail.google.com/mail Has it always been that way? I could have sworn that only the login was SSL and everything else was in the clear (granted, I don't think I ever tried to change it to https). Live Learn I don't know if it was always that way, what I know is that maybe 2 years ago some machines with IE6 couldn't reach gmail, and a quick search showed that switching to HTTPS would solve it. As I knew that was also giving me encryption, I began to type the complete address with s wherever I use my account. -- Daniel da Veiga
Re: [gentoo-user] way off-topic - is it possible to log webmail messages content in an enterprise network
Thanks a lot, guys, I will be looking for all those programs and will also look for a lawyer ;-) Francisco -- If you have an apple and I have an apple and we exchange apples then you and I will still each have one apple. But if you have an idea and I have one idea and we exchange these ideas, then each of us will have two ideas. - George Bernard Shaw