A Defininitive Web Filtering Solution - $400
-
I wouldn't call pre-installed subordinate wildcard certs a "gray area", that is definitely a black hat type thing to do and don't try to tell yourself that it is OK because you work for a fortune 500 company or something like that.
If they are using company equipment then you can simply install a certificate or have a client side based monitor solution which is entirely legal and ethical otherwise I see no real need for this besides spying on your users.
DNS/IP based filtering is more than good enough for any public AP legitimate use case; by doing this you are selling/using illegal private use surveillance equipment which violates the wiretap act and the stored communications act - you can be prosecuted and sued - it doesn't matter if you had your users agree to a massive click-through EULA that they didn't read any decent lawyer will tell you those are unenforceable.
-
what?? illegal ? once people agree to use my network and In the agreement i write that the network is monitored I have the right to know whats going on if they do not like it they do not accept and leave, if they accept they accepted that I have the right to monitor them, example in win 10 you cant do anything that MS is spying on you, why? cos you agreed. So utm that can monitor should be shutdown by law right? then why are they still around and improving everyday?
-
Dont forget its completly legit for private/home use as well..
-
Sure it is I have a untangle utm at home monitoring my guests , they accept they will be monitored they dont like it? they do not use my network, simple as that, I have all the right to know whats going on in my network, If they do something bad on my network I have the right to know who
-
I wouldn't call pre-installed subordinate wildcard certs a "gray area", that is definitely a black hat type thing to do and don't try to tell yourself that it is OK because you work for a fortune 500 company or something like that.
If they are using company equipment then you can simply install a certificate or have a client side based monitor solution which is entirely legal and ethical otherwise I see no real need for this besides spying on your users.
DNS/IP based filtering is more than good enough for any public AP legitimate use case; by doing this you are selling/using illegal private use surveillance equipment which violates the wiretap act and the stored communications act - you can be prosecuted and sued - it doesn't matter if you had your users agree to a massive click-through EULA that they didn't read any decent lawyer will tell you those are unenforceable.
Look at Trustwave. They happened to see a bit more flak but there wasn't any huge ramifications or press. Regardless, how you monitor your network in a private/enterprise environment is your own prerogative. This is why, at the end of the day, private is private.
BUT
This isn't a thread to discuss ethics, it's to show support for a pfSense bounty to get a better filtering solution.
-
…to show support for a pfSense bounty to get a better filtering solution.
I'm in for $50 if this results in a complete and workable solution that satisfies my needs..
-
This isn't about ethics, this is about not going to jail or being sued.
what?? illegal ? once people agree to use my network and In the agreement i write that the network is monitored I have the right to know whats going on if they do not like it they do not accept and leave, if they accept they accepted that I have the right to monitor them, example in win 10 you cant do anything that MS is spying on you, why? cos you agreed. So utm that can monitor should be shutdown by law right? then why are they still around and improving everyday?
Monitoring a public AP type network you own is entirely legal and ethical this isn't what I am referencing, I am simply letting everyone know that breaking someone elses crypto is illegal.
The way you see things isn't how contract law works in any sane country, if you want to do this you should be talking to a decent lawyer.
-
This is not a thread to break someones crypto, this is support for pfsense to have a good web filtering capability and have guest captive portal reports instead of by ip we can view the reports by username the guest has. So if you do not have anything useful to say please go play Judge Judy some place else
-
+1 for a defininitive web filtering solution
+1 for NXfilter -
+1 for NXfilter
-teddy