A 16 year old teen was recently arrested for bringing a partially completed bomb to school. It is alleged that that the crude bomb was one out of four he planned to detonate at his high school in Florida.

The teen’s locker was searched after school administrators were alerted about his internet activity on the school’s computers. Investigators said the teen’s online search for “dry ice bombs”, “how to make a grenade” and subsequent bomb making websites triggered the school’s monitoring system and school officials acted quickly to get the police involved.

The teen was in possession of three out of four materials necessary to complete the bomb. The one missing element was gasoline, which was accessible in his second-period marine mechanics class. Police said he wrote out elaborate maps and locations on school grounds that would cause maximum damage to students and faculty. Watch police press conference

This case clearly highlights the importance of ad-hoc AND real-time internet reporting abilities. If you’re a WebSpy Live user you can set up customizable triggers to receive alerts on online behavior you deem inappropriate. Once a users does something online to activate a trigger you can use WebSpy Vantage or Analyzer to further investigate the user’s browsing behavior and search queries to determine if there is a genuine need to be concerned. Triggers can be set on anything from long browsing sessions, large downloads, large emails, certain file types and, in this case, based on website content.

Create an Alert Trigger in WebSpy Live based on Website Content

There’s two pretty straightforward ways to create triggers to alert on website content using WebSpy Live; setting up triggers based on ‘Keywords’ and setting up triggers based on ‘Profiles’. The main difference between the two is that ‘Profiles’ allows you to exclude certain keywords. For example, let’s say you want to be alerted on users visiting websites that contain keywords related to making bombs but not on keywords or URLs that simply include the the letter string bomb. Setting up a profile allows you to exclude these words, for example ‘bombastic’.

In addition, WebSpy Live already contains a default set of keywords and URLs relating to default ‘Profiles’ such as Adult, Gambling, Entertainment and Piracy.

(If you don’t have version of WebSpy Live you can download a free 14 day trial here. Please follow the instructions in the ‘Inputs’ view to specify the proxy server or gateway products you use to log traffic.)

Setting up Triggers based on Keywords

1. Open WebSpy Live
2. Click ‘Triggers’ view
3. Click ‘Add New Trigger
4. The ‘Triggar Wizard’ will appear, click ‘Next’
   

 

5. Tick ‘Single Hit Trigger’ and click ‘Next’
   

 

6. Tick ‘Keywords’ and click ‘Next’
   

 

7. Click ‘Add’ to enter each keyword followed by ‘OK’
   

 

8. Name your Trigger and give it a Low, Medium or High Priority
   

 

9. Specify email address(es) to send alert notifications to and click ‘Next’
   

 

10. Click ‘Finish’ and you’re done!

From now on, each time a user access any web resources containing the keywords you just specified an email will be sent out alerting you as it happens. Any alert triggers will also immediately be displayed on the WebSpy Live status display.

See also:

• What Are Profiles?
• How to Categorize Search Terms Typed Into Search Engines
• Government sanctioned ISP Filtering & Monitoring – Is Australia going Orweillian?
• The Best Way To Report On Websites
• Notes on E-Security Development