Jump to content

Open Source user monitoring software


Recommended Posts

I am looking for a program that we can use in our lab that can do things like take screenshots, and show running processes. I was thinking of possibly installing view only VNC sessions but I still not sure about showing running processes, we are also looking for something to block websites, as of now I just used the hosts file.

Link to comment
Share on other sites

Blocking websites - Ive used DansGuardian in the past as a filtering proxy.

List running processes - depends on your OS, but Windows Powershell can do this on recent versions of Windows; on Unix systems you can use basic shell scripting and ssh-agent.

Link to comment
Share on other sites

I am going to agree wtih you Ducky, DansGuardian, but I will take it a step further.

For my "current" enviroment I am using ClearOS(uses DansGuardian) as my proxy, content filter, and ids & ips. I am not sure how scalable it is but it can tie into AD if you pay for the module... Currently only using for about 20 developers.

I don't know of any off the shelf software for process monitoring and the likes.. however I do have some PowerShell Scripts that might point you in the right direction, I'll try and share some when I get back into the "lab" tomorrow. Of course I can't have svn accessible outside...

Link to comment
Share on other sites

#Grabs user in current domain.

Trap {"Error: $_"; Break;}

$D = [System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain()
$Domain = [ADSI]"LDAP://$D"
$Searcher = New-Object System.DirectoryServices.DirectorySearcher
$Searcher.PageSize = 200
$Searcher.SearchScope = "subtree"

$Searcher.Filter = "(&(objectCategory=person)(objectClass=user))"
$Searcher.PropertiesToLoad.Add("distinguishedName") > $Null
$Searcher.PropertiesToLoad.Add("lastLogon") > $Null

# Create hash table of users and their last logon dates.
$arrUsers = @{}

# Enumerate all Domain Controllers.
ForEach ($DC In $D.DomainControllers)
{
    $Server = $DC.Name
    $Searcher.SearchRoot = "LDAP://$Server/" + $Domain.distinguishedName
    $Results = $Searcher.FindAll()
    ForEach ($Result In $Results)
    {
        $DN = $Result.Properties.Item("distinguishedName")
        $LL = $Result.Properties.Item("lastLogon")
        If ($LL.Count -eq 0)
        {
            $Last = [DateTime]0
        }
        Else
        {
            $Last = [DateTime]$LL.Item(0)
        }
        If ($Last -eq 0)
        {
            $LastLogon = $Last.AddYears(1600)
        }
        Else
        {
            $LastLogon = $Last.AddYears(1600).ToLocalTime()
        }
        If ($arrUsers.ContainsKey("$DN"))
        {
            If ($LastLogon -gt $arrUsers["$DN"])
            {
                $arrUsers["$DN"] = $LastLogon
            }
        }
        Else
        {
            $arrUsers.Add("$DN", $LastLogon)
        }
    }
}

# Output latest last logon date for each user.
$Users = $arrUsers.Keys
ForEach ($DN In $Users)
{
    $Date = $arrUsers["$DN"]
    "$Date;$DN"
}

I wrote this to grab the last time a user authenticated with any of the domain controllers in the domain. You can use | sort etc or what not viewing the data.

Hope this helps!

Link to comment
Share on other sites

  • 3 weeks later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...