Topic25

Topic 26
Ability to monitor users (surveillance); concerns of people regarding monitoring by Taro Kondo

Monitoring, which is an essential factor for efficiency through network, can take several forms. Before explaining the numerous types, it is important to note more specificlly the reason behind monitoring.

As the internet started getting widely used, the network became more and more complex, which caused malfunctions once in a while. This included system failure or decrease in speed of running computers. An event which relates to this occurred at the time when people around the world were expecting a millenium. When the timer changed to year 2000, some of the transimissions of data went to wrong directions and a temporary disorder spread. Another case which was rather common, (still happening today) was when numbers of users accessed to the same site, and consequently there was a 'traffic' within the network. This slowed down the transimmisions. In more worse events, there were 'overloads' and servers crashed. That explains why sometimes when you go to certain websites, a page with a white background stating 'access denied' or 'connection cannot be established' pops up.

In order to solve these matters, an idea of 'network monitoring' arose. The concept was that periodically, the monitoring system checks the network and if there is anything wierd going on, it informs the network administrator by either sending an email or some other alarm messege to him/her.

Besides these issues however, other applications of monitoring should be taken into account. The terminology is 'intrusion detection system' (IDS) and what this does is also monitoring, but concentrating more on outside threats to the network. The system activates at times when there are attacks that cannot be blocked by firewall, such as manipulations to computer systems by hackers or automated tools through unauthorized access. The attackers might target vulnerable services and steal private information, set viruses, etc.

For monitoring these kinds of situations, the system used is more complicated than the system for preventing traffics. It has three major components, which are sensors, console and engine. Sensors create security events, console monitors the events, and engine keeps track of the events. The reactive state of IDS due to attacks, is resetting connections and reprogramming the firewall. In addition, it alerts the operators. If the attacks are not apparent and there are just 'holes' in the security, the system records them and sends alerts.

Monitoring without the use of systems is not rare. For example in Limewire, which is a peer-to-peer file sharing program, occasionally members of the police do what is called a 'net-patrol' and they search for any malicious files that are uploaded. These may be files which have spywares attached to them. Not only those, the police look for files which disregard copyrights, such as music created by famous artists or televised movies. The sharing of such files is one of the greatest problems occuring today through the network.

The ethical issue relating to monitoring as a whole, is that people are concerned about their privacy. Especially in the case of manually operated monitoring, the people who monitor are able to see exactly who is sending or receiving what, even the things they are not intending to investigate. So these days under certain laws, the users are set to anonymity, unless they do something bad. Again Limewire as an example, if the police notices an infringement, he contacts most likely the programmer of Limewire to track down the person who violated. Although anonymous, the users will be distinguished somehow, probably by IP, so that in this sort of situation they can be identified. In the entire network, this measure is commonly practiced.