Do they look for keywords?
Large GIF/JPEG files?
Does an actual human view various web pages throughout the day?
Do they check for “troubling” internet addresses? If so, would a Japanese symbol/name address fool them? (No, I’m not hunting the stuff).
How does this work?
Are they reading this post, right now? 
The server your internet traffic is passing through keeps a log of every single file your browser requests from the web site you’re looking at. This includes the file name of every image on that page. So, there are some simple filters that will block things or set of alerts: looking for “xxx”, for example.
Methods vary. They can easily monitor the sites you visit withouth any tipoff to you. One company I worked for had an internal web site showing the top 10 Internet sites being visited by employees for a rolling time interval. I seem to remember Dilbert was very popular. The idea was not to rule with an iron fist and play a game of Gotcha, but just to let us know they could find out what they wanted to find out. Employers can even record your exact keystrokes if software to do so is installed on your computer. I am not aware of any successful legal challenges to the practice. As for how they identify forbidden sites, I’m not as sure, but the keyword method would be pretty reliable. Porn sites typically load up their HTML keywords with all the juicy words to draw people who are doing searches on stuff. Not likely that this is driven by human control except for possibly reviewing exception logs.
There are all sorts of possible ways to do it. Relatively high bandwidth usage, a proxy server looking for keywords, even a simple look through the logs for suspicious domain names. It’s gonna be mostly automatic, of course, perhaps with a warning sent to an admin when something suspicious is going on so he can check it out manually.
As for how they actually do it, I’m sure it varies from company to company, but having never been an IT guy myself, I can’t tell you for sure.
With some software packages as Timbuktu, Net Octopus, and Apple Network Administrator, we geeks can sit back and watch what you are doing on your computer, on our own monitor. Without you even knowing.
For the most part, we’re too damn busy to do that kinda crap, and most people I know in my field feel that it is not their duty to police others internet usage. Our server logs around 500k websites A DAY. We really have no time nor interest to sort through all of that. That said, if we are tipped off by HR or directed by our boss, we can’t really argue. We can see and log everthing.
They’ll have some sort of software filter installed, which will probably look at a combination of things to determine what’s forbidden. It probably has a “black list” of sites, updated regularly. These packages can also be set up to look for combination of words, and raise flags based on that.
Most of the tools out there can be set up in a couple of different modes, for instance it can be set up to block a site, flash a screen telling you that the site is blocked, and log the instance. Some companies choose to implement a “gotcha” mode, which essentially blocks the site, doesn’t tell you about it and notifies someone, usually the security or network person.
When I was at my last company, they used a service from a company called Websense that blocked sites based on what type of content they had and certain key words. I gather Websense has a lot of people constantly classifying websites to keep their database active.
I think a service like this causes as many problems as it solves. I remember I was asked at one point to do some research on breast cancer and couldn’t get any of the information because the filter assumed the word ‘breast’ meant you were trying to look for porn.
We see every IP you go to. We don’t really care. What happens is when you abuse your terms of service (whatever they may be) we then look into your account. If they see a bunch of IPs or mass mailings that go to illegal stuff or stuff contrary to your contract, then you get cancelled, billed more, or worse.
I meant from work.
Pretty much the same deal as broccoli! describes for ISPs. As others has said, there are a lot of tools the company can use. They log and possibly filter everything in the pipe. They use software installed on each workstation to monitor applications used so they can see where time is being spent. There are even screen scraping apps that will grab an image of your monitor every few minutes and store them in a central server so someone can see a freeze-frame animation of your day’s work. However, as others have also said, there’s too much data there for most companies to bother with outside of having a published policy and doing some basic filtering. In many cases, all this logged data is just used to document cause of termination if they decide someone is not doing their job.
My response addressed that situation, the point to remember is that every site you visit gets logged somewhere. Most companies do not keep very close tabs on that, some are downright fascist about it.
At my company its almost laughable.
Our IT people log into our machine with a little proxy program and look at our browsing history and temp internet files.
I would never have believed it except for watching them do it one day when I came into work early.
They couldn’t catch me if…huh…my manager wants me?..:eek:
Uh oh…
The library I work at will be getting a bandwidth management device very shortly. I don’t know loads about it’s configuration, but I do know that it sits near the router and will monitor all the traffic on our T1 line. Theoretically, I would be able to see where people are going on every machine in the library–staff and public. I don’t have the time to be an Internet Cop. We just want to prioritize the bandwidth so that our circulation department doesn’t feel a slow down because some geeks in the computer lab are playing Doom all day long.
A few libraries I know of use Websense as a filter for their Internet service. I’m personally opposed to filtering in libraries, but have heard that Websense is considered the best one around.
Oh, and if you’re really curious about the bandwidth management thing, you can find more info on the Packet Shaper here:
http://www.packeteer.com/
Heh… here I am answering a GQ with anecdotal information. Well, I guess it’s better than being dropped down an elevator shaft.
In the first incident, the NT Administrators noticed that we were running uncharacteristically low on file space on one of our NT servers. Determined to get to the root cause, they examined the structure of the file system and found huge globs of disk space were hogged up by a few directories alloted to users. This wouldn’t have been unusual, as we developers commonly keep huge compiled programs, software application patches, core dumps, tools, and what have you in our private disk space and occasionally forget just how much we’re using.
Just for kicks, they took a look into some of the bigger ones, and found horrifyingly large stashes of porn in several of them! Naturally, they contacted HR with the proof, those employees were terminated, and the disk space was returned to its pre-porn levels.
In the second incident, the network guys noticed a tremendous spike in HTTP activity going through the firewall - most of it coming from a single workstation. It lasted an entire day and made them curious, so they dragged out the incriminating log file (see Ethilrist’s post, above), and there was a 35 page chunk of proof that the employee had done little more than peruse pornographic websites the entire day.
He was terminated; I now do my job and his. 
Tip: For your own sake, and for the sake of any family members that rely on you to be the breadwinner, please do this kinda stuff at home if ya gotta do it.
:smack:
"Are they reading this post, right now? "
Who knows? They do probably have a log file somewhere listing this visit 
I once asked my ISP if they knew what I was doing & they said yes, but they don’t pay attention. Maybe a court order would make them pay attention…