Re: [squid-users] squid usage

From: Christoph Haas <email@dont-contact.us>
Date: Thu, 3 Nov 2005 00:05:59 +0100

On Wed, Nov 02, 2005 at 02:43:22PM -0800, Pat Brown wrote:
> My boss said he wanted something to report who
> (internally) is going where on the internet.

I wonder why bosses want to know that. Do they have no private life
themselves?

> Can and should Squid be used for this?

Can, yes. Should? Well, that's a matter of ethics. I personally would not
do that. At least make sure all employees are properly informed and agree
to such practise. In some countries (like where I'm living) it is even
illegal to spy on users. If your boss forces you to do so then make sure
you get that order in written form. I have seen users go to court because
of such surveillance measures and you want to be sure your boss is going to
jail without you. Admins have great responsibility here. If your boss is
deaf to arguments... tell him that's technically impossible. ;)

> "web-based reporting?"

You can use an Apache compatibility mode to write the Squid access.log.
That allows you to analyze the log files just like any other web server.
Or you use tools like sarg or calamaris to get that statistics from the
native Squid log file.

> URL hand shaking?

Pardon? You mean which URLs are accessed? -> access.log

> silent authentication ?

Like how? You will see the source IP addresses of the clients. You could
also run ident daemons on all the clients and use that to get their user
names.

> These are some of the buzz phrases he used to task me with finding a
> solution.

Buzzwords seem to increasingly replace smartness in today's managers.
They just do whatever is technically possible without thinking about it.

No offense intended. Just want to make you aware of what trouble you may
run into.

Regards
 Christoph

-- 
    |\      _,,,---,,_        Famous last words of a sysadmin:
    /,`.-'`'    -.  ;-;;,_    "We'll do the backup tomorrow."
  <|,4-  ) )-,_..;\ (  `'-'
    '---''(_/--'  `-'\_)
Received on Wed Nov 02 2005 - 16:06:01 MST

This archive was generated by hypermail pre-2.1.9 : Thu Dec 01 2005 - 12:00:09 MST