Here's a clue, most of the time, if we have the capabilities of remote monitoring, we're not using them. Unless you do something to draw the Evil Eye of a Sysadmin, we just don't care, we've got other things to worry about.
Now that being said, if you DO happen to do something to draw our attention, you're dead in the water if you're doing something wrong.
Here is a list of things that most Sysadmins don't really care about:
- Light Porn surfing (if it's playboy type stuff) up to say 10-15 minutes a day, we just don't care. We might be a bit entertained by your old woman or tranny fetish, but chances are, nothing to really worry about. Unless you owe us money. Just be aware, we know what you're doing.
- Reading news sites, or shopping online. Again, we just don't care. Most of our days are spent in one of two modes; putting out fires, or preventing fires.
- Circumventing the proxy to go watch that really funny YouTube video your brother sent you in your corporate email. If you're smart enough to do it, more power to you. If you didn't do it exactly right, the Evil Eye is turning your way right now. If it's just a funny YouTube video, no big deal. If you're logging into hardcore pr0n sites to download videos, and eating all the T1 bandwith, your fapping is about to be seriously interrupted. It might even be something like total computer failure, which we will conveniently be able to pin to the pr0n you were downloading.
If you have thus far managed to evade the Evil Eye, good job! Here are some things that will draw down the Striking Hammer Of God:
- Illegal pr0n. If she could be your daughter, or our kid sister, you are toast. We don't just get you fired, we call the FBI and let them arrest you. If you (sick bastards) are unlucky enough to get a Sysadmin like me, you first get the living shit beat out of you, then you get to deal with the Feds.
- Illegal pr0n. If the "man" of the pr0n is named fido, we call the FBI and again, probably beat the crap out of you for good measure. We definitely make sure that EVERYONE in the company (and likely your spouse, and/or family) know what you were doing, and why the men in suits have come to take you away.
- Downloading illegal music. Not cool man. Not at work. Yeah we have a T1, but it's not your personal playground. Expect to have the music mysteriously disappear from your machine overnight, and forget being able to do anything like that in the future, we just demoted you to the Guest account.
- Listening to streaming music. Ok, so yeah it's not illegal. But you and your 10 brethren have just filled our T1, and effectively DoS'd the email server. If you want music, bring it from home on a portable hard drive, and don't copy it to the machines. Just play it from the hard drive.
- Installing or running any port scanners, or downloading anything that might be considered a "hack" tool. Congratulations, you just pissed IT off, and will likely be locked out of the network shortly. I've got enough to do without wrangling your script kiddie ass too.
- Heavy pr0n surfing. Like 5-6 hours a day heavy. Dude, just stop. You are likely going to be visiting some websites that are, ummm, less than legit, to get in that amount of pr0n every day. You are going to end up getting that machine infested with virii and spyware. You might even actually inadvertently compromise the corporate network. If that happens, do you really think that anyone is going to let that slide? I've actually had to explain to the boss why you need to be fired before your little problem destroys the network, and I don't really care to discuss what you've been looking at (you mean there's more than one person that looks at THAT?!?!?) with my boss.
Even if I've been cool enough not to filter out web content, the boss is going to want to know how you were able to view this stuff. Rather than blow it for everyone, I am going to do the right thing. I am going to lie my ass off. You must be a hacker, because you've been able to circumvent every filtering method I've set up, and I have logs to prove it (believe me, I have logs to prove ANYTHING).
The short answer is, if we're watching you, there is no escape. Between hardware keyloggers, and specialty software that is designed to be undetectable (which is extremely hard to find even to buy), we will catch you.
If you are doing something that is in a grey area, take your Sysadmin out for lunch a couple times, or for a beer, and find out what the real policy is (the one that gets enforced, not the one in the manual). Hell if we like you, we'll let you get away with alot more than if you're a dick to us in the hall.
[Jglessner via the comments on LifeHacker]